Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ask.com aol.com and conduit.com results in adwcleaner. Don't know how to fix


  • This topic is locked This topic is locked
11 replies to this topic

#1 bellliam

bellliam

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 26 April 2014 - 07:30 PM

Hi there, 
 
As the title says I have a bit of a problem with my PC..... I noticed the download speed was incredibly slow and when I ran my Eset or Malwarebytes it picked nothing up. I was sure something was wrong so I found this Adwcleaner and ran it. I am still not sure if this is a genuine problem but any help would be greatly appreciated.
 
Here is the adwcleaner log, I noticed people post it for you.
 
Thanks again,
 
Liam
 

# AdwCleaner v3.200 - Report created 22/04/2014 at 22:38:58
# Updated 22/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Liams Desktop - LIAMSDESKTOP
# Running from : C:\Users\Liams Desktop\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
-\\ Google Chrome v34.0.1847.116
 
[ File : C:\Users\Liams Desktop\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [795 octets] - [11/04/2014 15:25:38]
AdwCleaner[R1].txt - [952 octets] - [20/04/2014 11:14:50]
AdwCleaner[R2].txt - [1770 octets] - [22/04/2014 22:21:54]
AdwCleaner[R3].txt - [1149 octets] - [22/04/2014 22:26:32]
AdwCleaner[R4].txt - [891 octets] - [22/04/2014 22:38:58]
AdwCleaner[S0].txt - [855 octets] - [11/04/2014 15:26:01]
AdwCleaner[S1].txt - [1016 octets] - [20/04/2014 11:15:26]
AdwCleaner[S2].txt - [1845 octets] - [22/04/2014 22:22:33]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1129 octets] ##########
# AdwCleaner v3.204 - Report created 27/04/2014 at 12:20:50
# Updated 26/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Liams Desktop - LIAMSDESKTOP
# Running from : C:\Users\Liams Desktop\Downloads\adwcleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
-\\ Google Chrome v34.0.1847.116
 
[ File : C:\Users\Liams Desktop\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Found [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Found [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN22463350592632318&UM=1
 
*************************
 
AdwCleaner[R0].txt - [795 octets] - [11/04/2014 15:25:38]
AdwCleaner[R1].txt - [3784 octets] - [20/04/2014 11:14:50]
AdwCleaner[R2].txt - [3331 octets] - [22/04/2014 22:21:54]
AdwCleaner[R3].txt - [2710 octets] - [22/04/2014 22:26:32]
AdwCleaner[R4].txt - [2391 octets] - [22/04/2014 22:38:58]
AdwCleaner[S0].txt - [855 octets] - [11/04/2014 15:26:01]
AdwCleaner[S1].txt - [2584 octets] - [20/04/2014 11:15:26]
AdwCleaner[S2].txt - [3413 octets] - [22/04/2014 22:22:33]
AdwCleaner[S3].txt - [1271 octets] - [22/04/2014 22:40:55]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [2690 octets] ##########



And also ran combofix before being asked to not do anything until a reply was made. Will not run any other programs now.

ComboFix 14-04-26.01 - Liams Desktop 04/27/2014 12:11:54.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16267.13834 [GMT 12:00]
Running from: c:\users\Liams Desktop\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2014-03-27 to 2014-04-27 )))))))))))))))))))))))))))))))
.
.
2014-04-27 00:14 . 2014-04-27 00:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-26 21:35 . 2014-04-26 21:35 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2342B6CF-B06E-41B9-A4A6-E827210A416F}\offreg.dll
2014-04-26 16:24 . 2010-08-29 20:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-04-26 14:01 . 2010-06-01 16:55 239960 ----a-w- c:\windows\SysWow64\xactengine3_7.dll
2014-04-26 14:01 . 2010-06-01 16:55 176984 ----a-w- c:\windows\system32\xactengine3_7.dll
2014-04-26 14:01 . 2010-05-25 23:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-04-26 14:01 . 2010-05-25 23:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-04-26 14:01 . 2010-05-25 23:41 1907552 ----a-w- c:\windows\system32\d3dcsx_43.dll
2014-04-26 14:01 . 2010-05-25 23:41 1868128 ----a-w- c:\windows\SysWow64\d3dcsx_43.dll
2014-04-26 04:23 . 2014-04-26 04:23 -------- d-----w- c:\programdata\Creative Labs
2014-04-26 03:55 . 2014-04-26 04:23 -------- d-----w- c:\programdata\Creative
2014-04-26 03:52 . 2013-03-26 23:59 1903104 ------w- c:\windows\system32\Sens_oal.dll
2014-04-26 03:52 . 2013-03-26 23:56 2906589 ------w- c:\windows\SysWow64\Sens_oal.dll
2014-04-26 03:52 . 2014-04-26 03:56 -------- d-----w- c:\users\Liams Desktop\AppData\Roaming\Creative
2014-04-26 03:52 . 2013-04-02 21:55 79360 ------w- c:\windows\SysWow64\CTOPT399.dll
2014-04-26 03:52 . 2013-04-02 21:54 88576 ------w- c:\windows\system32\CTOPT399.dll
2014-04-26 03:52 . 2008-12-22 08:13 61440 ------w- c:\windows\SysWow64\CTChkAud.dll
2014-04-26 03:52 . 2008-12-22 08:13 49664 ------w- c:\windows\system32\CTChkAud.dll
2014-04-26 03:52 . 2006-10-06 06:17 53248 ------w- c:\windows\Ctregrun.exe
2014-04-26 03:52 . 2000-05-22 08:58 647872 ------w- c:\windows\SysWow64\Mscomct2.ocx
2014-04-26 03:52 . 2003-06-12 11:25 7062 ----a-w- c:\windows\SysWow64\audiopid.vxd
2014-04-26 03:51 . 2014-04-26 03:51 -------- d-----w- c:\program files (x86)\Common Files\Creative Labs Shared
2014-04-26 03:51 . 2014-04-26 03:53 -------- d-----w- c:\program files\Creative
2014-04-25 13:22 . 2014-04-16 17:31 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2342B6CF-B06E-41B9-A4A6-E827210A416F}\mpengine.dll
2014-04-25 09:22 . 2008-10-26 22:04 518480 ----a-w- c:\windows\system32\XAudio2_3.dll
2014-04-25 08:55 . 2014-04-26 02:28 -------- d-----w- c:\windows\SysWow64\RTCOM
2014-04-25 08:55 . 2014-04-25 08:55 -------- d-----w- c:\program files\Realtek
2014-04-25 08:54 . 2005-11-13 11:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2014-04-25 08:35 . 2014-04-25 08:35 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2014-04-25 08:35 . 2014-04-25 08:35 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2014-04-25 08:35 . 2006-02-07 03:45 757760 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2014-04-25 08:35 . 2006-02-07 03:40 204800 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2014-04-25 08:35 . 2006-02-07 03:40 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2014-04-25 08:35 . 2006-02-07 03:40 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2014-04-25 08:01 . 2000-05-10 13:00 90112 ------w- c:\windows\Updreg.EXE
2014-04-25 08:01 . 2011-05-13 00:30 26624 ------w- c:\windows\system32\THXCfg64.dll
2014-04-25 08:01 . 2010-07-21 04:51 11264 ------w- c:\windows\SysWow64\ResDefA.exe
2014-04-25 08:01 . 2009-10-01 04:42 141312 ------w- c:\windows\system32\THXCfg64.exe
2014-04-25 08:01 . 2011-05-18 21:58 246784 ----a-w- c:\windows\system32\APOMgr64.DLL
2014-04-25 08:01 . 2011-05-18 21:56 190464 ----a-w- c:\windows\SysWow64\APOMngr.DLL
2014-04-25 08:01 . 2009-12-29 04:53 89088 ----a-w- c:\windows\system32\CmdRtr64.DLL
2014-04-25 08:01 . 2009-12-29 04:52 73728 ----a-w- c:\windows\SysWow64\CmdRtr.DLL
2014-04-25 08:00 . 2014-04-26 04:59 -------- d-----w- c:\program files (x86)\Creative
2014-04-25 08:00 . 2003-11-10 06:14 729088 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2014-04-25 08:00 . 2003-11-10 06:13 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2014-04-25 08:00 . 2003-11-10 06:12 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2014-04-25 08:00 . 2003-11-10 06:12 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2014-04-25 08:00 . 2003-11-10 06:11 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2014-04-25 08:00 . 2014-04-25 08:00 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2014-04-25 08:00 . 2014-04-25 08:00 188548 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2014-04-25 07:53 . 2014-04-26 03:49 -------- d-----w- c:\program files (x86)\Realtek
2014-04-23 22:55 . 2014-04-23 22:55 -------- d-sh--w- c:\programdata\SecuROM
2014-04-23 22:55 . 2014-04-23 22:55 -------- d--h--r- c:\users\Liams Desktop\AppData\Roaming\SecuROM
2014-04-23 09:00 . 2014-04-24 18:15 -------- d-----w- c:\users\Liams Desktop\AppData\Roaming\NCSOFT
2014-04-23 09:00 . 2014-04-23 09:00 -------- d-----w- c:\users\Liams Desktop\AppData\Local\NCSOFT
2014-04-22 21:53 . 2014-04-26 21:59 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-22 21:53 . 2014-04-02 21:51 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-22 21:53 . 2014-04-22 21:53 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-04-22 21:53 . 2014-04-02 21:51 63192 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-22 21:53 . 2014-04-02 21:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-22 11:45 . 2014-04-22 11:45 -------- d-----w- c:\programdata\Hewlett-Packard
2014-04-22 11:45 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2014-04-22 03:53 . 2014-04-22 03:53 -------- d-----w- c:\users\Liams Desktop\AppData\Roaming\HP
2014-04-22 03:31 . 2014-04-22 03:31 -------- d-----w- c:\users\Liams Desktop\AppData\Roaming\Yahoo!
2014-04-22 03:31 . 2014-04-22 03:31 -------- d-----w- c:\programdata\Yahoo! Companion
2014-04-22 03:31 . 2014-04-22 11:41 -------- d-----w- c:\program files (x86)\Yahoo!
2014-04-22 03:30 . 2014-04-22 03:30 -------- d-----w- c:\program files (x86)\Common Files\Hewlett-Packard
2014-04-22 03:30 . 2014-04-22 11:41 -------- d-----w- c:\program files (x86)\HP
2014-04-22 03:30 . 2014-04-22 11:41 -------- d-----w- c:\programdata\HP
2014-04-22 03:13 . 2014-04-22 11:41 -------- d-----w- c:\users\Liams Desktop\AppData\Local\gtk-2.0
2014-04-22 03:13 . 2014-04-22 03:13 -------- d-----w- c:\users\Liams Desktop\.thumbnails
2014-04-22 03:12 . 2014-04-22 03:12 -------- d-----w- c:\users\Liams Desktop\AppData\Local\fontconfig
2014-04-22 03:12 . 2014-04-22 04:44 -------- d-----w- c:\users\Liams Desktop\.gimp-2.8
2014-04-22 03:12 . 2014-04-22 03:12 -------- d-----w- c:\users\Liams Desktop\AppData\Local\gegl-0.2
2014-04-18 00:32 . 2014-04-18 00:32 -------- d-----w- c:\programdata\Intel® Update Manager
2014-04-17 23:33 . 2014-04-17 23:33 -------- d-----w- c:\users\Liams Desktop\AppData\Roaming\Warner Bros. Interactive Entertainment
2014-04-16 09:39 . 2014-04-16 09:39 -------- d-sh--w- c:\users\Liams Desktop\AppData\Local\EmieUserList
2014-04-16 09:39 . 2014-04-16 09:39 -------- d-sh--w- c:\users\Liams Desktop\AppData\Local\EmieSiteList
2014-04-13 06:40 . 2014-04-18 02:55 -------- d-----w- c:\programdata\Oracle
2014-04-13 06:40 . 2014-04-13 06:40 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-04-13 06:40 . 2014-04-14 08:13 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-13 06:40 . 2014-04-18 02:55 -------- d-----w- c:\program files (x86)\Java
2014-04-12 06:47 . 2014-04-12 08:31 -------- d-----w- c:\users\Liams Desktop\AppData\Local\dxhr
2014-04-12 06:45 . 2014-04-12 06:45 -------- d-----w- c:\users\Liams Desktop\AppData\Local\238010
2014-04-11 03:25 . 2014-04-27 00:06 -------- d-----w- C:\AdwCleaner
2014-04-07 06:08 . 2014-04-07 07:00 -------- d-----w- c:\users\Liams Desktop\AppData\Local\Darksiders2
2014-04-06 07:41 . 2014-04-06 07:41 -------- d-----w- c:\users\Liams Desktop\AppData\Roaming\fltk.org
2014-04-06 07:41 . 2014-04-06 07:41 -------- d-----w- c:\programdata\fltk.org
2014-04-05 22:26 . 2010-06-01 16:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2014-04-05 22:26 . 2010-06-01 16:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2014-04-05 22:26 . 2010-06-01 16:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2014-04-05 22:26 . 2010-06-01 16:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2014-04-05 22:26 . 2010-05-25 23:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2014-04-05 22:26 . 2010-05-25 23:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2014-04-05 22:26 . 2010-05-25 23:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-04-05 22:26 . 2010-05-25 23:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-04-05 22:26 . 2010-05-25 23:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-04-05 22:26 . 2010-05-25 23:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-04-05 22:26 . 2010-02-03 22:01 24920 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2014-04-05 22:26 . 2010-02-03 22:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-26 03:52 . 2014-02-28 05:33 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2014-04-26 03:52 . 2014-02-28 05:33 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2014-04-26 03:52 . 2014-02-28 05:33 123480 ----a-w- c:\windows\system32\OpenAL32.dll
2014-04-26 03:52 . 2014-02-28 05:33 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2014-04-25 09:11 . 2013-12-12 07:14 3707864 ----a-w- c:\windows\system32\RTKVHD64.sys
2014-04-18 02:52 . 2014-01-17 22:48 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-18 02:52 . 2014-01-17 22:48 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-09 15:00 . 2014-01-15 07:50 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-03-30 21:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-24 06:09 . 2014-03-24 06:09 2829 ----a-w- c:\windows\DiabUnin.pif
2014-03-24 06:09 . 2014-03-24 06:09 118784 ----a-w- c:\windows\DiabUnin.exe
2014-03-15 01:57 . 2014-02-24 22:12 282512 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-03-15 01:57 . 2014-02-24 22:12 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-03-08 07:23 . 2014-03-08 07:23 283032 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-03-08 02:21 . 2014-02-24 22:12 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-03-04 09:17 . 2014-04-09 04:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-03-01 03:19 . 2014-03-08 02:21 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe
2014-02-08 18:34 . 2014-02-20 08:51 9690424 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-02-08 18:34 . 2014-02-20 08:51 947296 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-02-08 18:34 . 2014-02-20 08:51 892192 ----a-w- c:\windows\system32\NvIFR64.dll
2014-02-08 18:34 . 2014-02-20 08:51 875296 ----a-w- c:\windows\system32\NvFBC64.dll
2014-02-08 18:34 . 2014-02-20 08:51 863520 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-02-08 18:34 . 2014-02-20 08:51 844576 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-02-08 18:34 . 2014-02-20 08:51 832424 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-02-08 18:34 . 2014-02-20 08:51 483104 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2014-02-08 18:34 . 2014-02-20 08:51 408352 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2014-02-08 18:34 . 2014-02-20 08:51 378656 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2014-02-08 18:34 . 2014-02-20 08:51 353504 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-02-08 18:34 . 2014-02-20 08:51 333600 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2014-02-08 18:34 . 2014-02-20 08:51 31432480 ----a-w- c:\windows\system32\nvoglv64.dll
2014-02-08 18:34 . 2014-02-20 08:51 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-02-08 18:34 . 2014-02-20 08:51 23683360 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-02-08 18:34 . 2014-02-20 08:51 1885472 ----a-w- c:\windows\system32\nvdispco6433489.dll
2014-02-08 18:34 . 2014-02-20 08:51 18257576 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-02-08 18:34 . 2014-02-20 08:51 17715784 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-02-08 18:34 . 2014-02-20 08:51 174296 ----a-w- c:\windows\system32\nvinitx.dll
2014-02-08 18:34 . 2014-02-20 08:51 15740232 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-02-08 18:34 . 2014-02-20 08:51 1515296 ----a-w- c:\windows\system32\nvdispgenco6433489.dll
2014-02-08 18:34 . 2014-02-20 08:51 148528 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-02-08 18:34 . 2014-02-20 08:51 14669032 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-02-08 18:34 . 2014-02-20 08:51 12324640 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-02-08 18:34 . 2014-02-20 08:51 11589272 ----a-w- c:\windows\system32\nvopencl.dll
2014-02-08 18:34 . 2014-02-20 08:50 9728064 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-02-08 18:34 . 2014-02-20 08:50 3142432 ----a-w- c:\windows\system32\nvcuvid.dll
2014-02-08 18:34 . 2014-02-20 08:50 3090184 ----a-w- c:\windows\system32\nvapi64.dll
2014-02-08 18:34 . 2014-02-20 08:50 2956576 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-02-08 18:34 . 2014-02-20 08:50 2782496 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-02-08 18:34 . 2014-02-20 08:50 2713728 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-02-08 18:34 . 2014-02-20 08:50 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2014-02-08 18:34 . 2014-02-20 08:50 2410784 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2014-02-08 18:34 . 2014-02-20 08:50 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-02-08 18:34 . 2014-02-20 08:50 11636176 ----a-w- c:\windows\system32\nvcuda.dll
2014-02-08 17:42 . 2014-02-20 08:58 6712608 ----a-w- c:\windows\system32\nvcpl.dll
2014-02-08 17:42 . 2014-02-20 08:58 3498272 ----a-w- c:\windows\system32\nvsvc64.dll
2014-02-08 17:42 . 2014-02-20 08:58 923936 ----a-w- c:\windows\system32\nvvsvc.exe
2014-02-08 17:42 . 2014-02-20 08:58 63776 ----a-w- c:\windows\system32\nvshext.dll
2014-02-08 17:42 . 2014-02-20 08:58 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-02-07 01:23 . 2014-03-12 05:54 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-02-05 17:52 . 2014-02-20 08:58 3573739 ----a-w- c:\windows\system32\nvcoproc.bin
2014-02-04 02:32 . 2014-03-12 05:51 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:32 . 2014-03-12 05:51 624128 ----a-w- c:\windows\system32\qedit.dll
2014-02-04 02:04 . 2014-03-12 05:51 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-12 05:51 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-02-01 02:55 . 2014-02-01 02:55 8161 ----a-w- c:\users\Liams Desktop\AppData\Roaming\TheHunterSettings_live.bin
2014-01-31 20:30 . 2014-01-31 20:30 94208 ----a-w- c:\windows\DIIUnin.exe
2014-01-31 20:30 . 2014-01-31 20:30 2829 ----a-w- c:\windows\DIIUnin.pif
2014-01-29 02:32 . 2014-03-12 05:54 484864 ----a-w- c:\windows\system32\wer.dll
2014-01-29 02:06 . 2014-03-12 05:54 381440 ----a-w- c:\windows\SysWow64\wer.dll
2014-01-28 02:32 . 2014-03-12 05:54 228864 ----a-w- c:\windows\system32\wwansvc.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dxtory Update Checker 2.0"="g:\dxtory2.0\UpdateChecker.exe" [2010-10-17 93696]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-26 291608]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-01 254336]
"THX TruStudio NB Settings"="c:\program files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" [2011-05-18 909824]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe" [2010-12-07 241757]
"Module Loader"="c:\program files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" [2007-07-23 57344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AsrCDDrv;AsrCDDrv;c:\windows\SysWOW64\Drivers\AsrCDDrv.sys;c:\windows\SysWOW64\Drivers\AsrCDDrv.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 iumsvc;Intel® Update Manager;c:\program files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys;c:\windows\SYSNATIVE\DRIVERS\AsrRamDisk.sys [x]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 ISCT;Intel® Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 ksaud;Creative USB Audio Driver;c:\windows\system32\drivers\ksaud.sys;c:\windows\SYSNATIVE\drivers\ksaud.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Pro Webcam C920(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.sys;c:\program files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMWEBACCESSCONTROL
*Deregistered* - MBAMWebAccessControl
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-22 13:03 1077576 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-22 13:01]
.
2014-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-22 13:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-09-21 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-09-21 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-09-21 441152]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-01-21 1179576]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-09-11 5618456]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-01-21 2234144]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2011-05-13 26624]
"Creative SB Monitoring Utility"="sbavmon.dll" [2010-07-29 115712]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-CMIUSB&1B1C&1C00 - c:\program files (x86)\Silabs\MCU\USBXpress\DriverUninstaller.exe USBXpress\CMIUSB&1B1C&1C00
AddRemove-The Elder Scrolls Online Beta_is1 - f:\zenimax online\Launcher\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_182.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_182.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_182.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_182.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-04-27 12:15:10
ComboFix-quarantined-files.txt 2014-04-27 00:15
ComboFix2.txt 2014-04-07 19:47
.
Pre-Run: 124,528,336,896 bytes free
Post-Run: 124,232,228,864 bytes free
.
- - End Of File - - 1EC3F44EBBA5AA86271F380C1EF95ED0
5FB38429D5D77768867C76DCBDB35194

Edited by quietman7, 26 April 2014 - 09:00 PM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:54 PM

Posted 01 May 2014 - 07:01 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the log in your next reply DO NOT ATTACH THEM unless specified.

#3 bellliam

bellliam
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 02 May 2014 - 01:55 AM

Here is the log and the addition is in the attachment. Thank you
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014
Ran by Liams Desktop (administrator) on LIAMSDESKTOP-PC on 02-05-2014 18:52:27
Running from C:\Users\Liams Desktop\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dxtory Software) C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Creative SB Monitoring Utility] => C:\Windows\system32\sbavmon.dll [115712 2010-07-29] (Creative Technology Ltd.)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\THXCfg64.dll [26624 2011-05-13] (Creative Technology Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe [241757 2010-12-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [Module Loader] => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [57344 2007-07-23] (Creative Technology Ltd.)
HKLM-x32\...\Run: [THX TruStudio NB Settings] => C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-649156701-4253695833-617214561-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-649156701-4253695833-617214561-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-649156701-4253695833-617214561-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-649156701-4253695833-617214561-1000\...\MountPoints2: {7618c19b-ce7b-11e3-9ad8-806e6f6e6963} - D:\install.EXE id= ver=1.0.0.0
HKU\S-1-5-21-649156701-4253695833-617214561-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-649156701-4253695833-617214561-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-649156701-4253695833-617214561-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-649156701-4253695833-617214561-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7618c19b-ce7b-11e3-9ad8-806e6f6e6963} - D:\install.EXE id= ver=1.0.0.0
Startup: C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://iat.msn.co.nz/tickler/default.aspx?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x497D6AFCEF61CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-04-27]
 
Chrome: 
=======
CHR DefaultSearchKeyword: google.co.nz
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U55) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
CHR Extension: (Google Docs) - C:\Users\Liams Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-01]
CHR Extension: (Google Drive) - C:\Users\Liams Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-01]
CHR Extension: (YouTube) - C:\Users\Liams Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-01]
CHR Extension: (Google Search) - C:\Users\Liams Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-01]
CHR Extension: (Google Wallet) - C:\Users\Liams Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-01]
CHR Extension: (Gmail) - C:\Users\Liams Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-01]
 
==================== Services (Whitelisted) =================
 
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET)
S2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R3 ksaud; C:\Windows\System32\drivers\ksaud.sys [1588480 2013-04-08] (Creative Technology Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [X]
R3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-02 18:52 - 2014-05-02 18:52 - 00014891 _____ () C:\Users\Liams Desktop\Downloads\FRST.txt
2014-05-02 18:52 - 2014-05-02 18:52 - 00000000 ____D () C:\FRST
2014-05-02 18:51 - 2014-05-02 18:52 - 02062336 _____ (Farbar) C:\Users\Liams Desktop\Downloads\FRST64.exe
2014-05-01 23:24 - 2014-05-02 18:50 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf652fe04b2782.job
2014-05-01 23:24 - 2014-05-01 23:29 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf652fe08b8cd4.job
2014-05-01 23:24 - 2014-05-01 23:24 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf652fe08b8cd4
2014-05-01 23:24 - 2014-05-01 23:24 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf652fe04b2782
2014-05-01 23:18 - 2014-05-01 23:18 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-01 23:18 - 2014-05-01 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-01 22:54 - 2014-05-01 22:54 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Wizards of the Coast
2014-05-01 22:54 - 2014-05-01 22:54 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Witcher 2
2014-05-01 22:54 - 2014-05-01 22:54 - 00000000 ____D () C:\Users\Liams Desktop\Documents\WBGames
2014-05-01 22:54 - 2014-05-01 22:54 - 00000000 ____D () C:\Users\Liams Desktop\Documents\WB Games
2014-05-01 22:54 - 2014-02-18 17:45 - 00000082 _____ () C:\Users\Liams Desktop\Documents\Games I own.txt
2014-05-01 22:54 - 2014-02-01 14:50 - 00000000 ____D () C:\Users\Liams Desktop\Documents\theHunter
2014-05-01 22:54 - 2014-01-03 16:19 - 00000169 _____ () C:\Users\Liams Desktop\Documents\Credit Card.txt
2014-05-01 22:54 - 2013-07-08 21:45 - 06220866 _____ () C:\Users\Liams Desktop\Documents\kenshi_STEAM 2013-07-08 21-45-35-67.bmp
2014-05-01 22:54 - 2013-06-03 15:35 - 00000040 _____ () C:\Users\Liams Desktop\Documents\Dads Wants.txt
2014-05-01 22:54 - 2013-05-08 23:23 - 06220866 _____ () C:\Users\Liams Desktop\Documents\kenshi_STEAM 2013-05-08 23-23-09-47.bmp
2014-05-01 22:54 - 2013-05-08 23:22 - 06220866 _____ () C:\Users\Liams Desktop\Documents\kenshi_STEAM 2013-05-08 23-22-27-26.bmp
2014-05-01 22:54 - 2013-05-08 22:52 - 06220866 _____ () C:\Users\Liams Desktop\Documents\kenshi_STEAM 2013-05-08 22-51-58-65.bmp
2014-05-01 22:54 - 2013-04-11 21:37 - 00000272 _____ () C:\Users\Liams Desktop\Documents\Internet.txt
2014-05-01 22:53 - 2014-05-01 22:54 - 00000000 ____D () C:\Users\Liams Desktop\Documents\The Witcher
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Square Enix
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Sniper - Ghost Warrior
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\SavedGames
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Rockstar Games
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Riptide
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Reus
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Remedy
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Red Alert 3 Uprising
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\PlanetExplorers
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\PCSX2
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Monolith Productions
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Max Payne Savegames
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Max Payne 2 Savegames
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Layout
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\JustCause
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Hitman Blood Money
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Guacamelee
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\GTA3 User Files
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\GTA Vice City User Files
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Giana Sisters - Twisted Dreams
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Facepalm Games
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Electronic Arts
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Eidos
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Egosoft
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\EA Games
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Dungeon Siege
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Diablo III
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Deus Ex
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\DayZ
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Command and Conquer Generals Zero Hour Data
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Command and Conquer Generals Data
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Command & Conquer
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\capcom
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Call of Juarez - Bound in Blood
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\BioWare
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Bioshock2
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Bioshock
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Battlefield 3
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Amnesia
2014-05-01 22:53 - 2014-03-15 08:30 - 00000166 _____ () C:\Users\Liams Desktop\Documents\New Passwords.txt
2014-05-01 22:53 - 2014-02-18 22:04 - 00090289 _____ () C:\Users\Liams Desktop\Documents\Untitled3.wma
2014-05-01 22:53 - 2014-01-05 11:47 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Nexus Mod Manager
2014-05-01 22:53 - 2014-01-04 13:22 - 00265399 _____ () C:\Users\Liams Desktop\Documents\Untitled2.wma
2014-05-01 22:53 - 2013-12-15 12:06 - 00000000 ____D () C:\Users\Liams Desktop\Documents\DisplayFusion Backups
2014-05-01 22:53 - 2013-07-08 21:46 - 06220866 _____ () C:\Users\Liams Desktop\Documents\kenshi_STEAM 2013-07-08 21-46-16-66.bmp
2014-05-01 22:53 - 2013-06-24 20:05 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Guild Wars
2014-05-01 22:53 - 2013-04-06 20:57 - 00000396 _____ () C:\Users\Liams Desktop\Documents\Nintendo Gamecube.txt
2014-05-01 22:53 - 2013-03-30 23:26 - 00000100 _____ () C:\Users\Liams Desktop\Documents\Top 25 Games 2012.txt
2014-05-01 22:53 - 2013-03-30 23:05 - 00000042 _____ () C:\Users\Liams Desktop\Documents\Movies to Watch.txt
2014-05-01 22:53 - 2013-03-29 23:38 - 00000357 _____ () C:\Users\Liams Desktop\Documents\Wishlist.txt
2014-05-01 20:14 - 2014-05-01 20:14 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Adobe
2014-04-30 18:42 - 2014-04-30 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-04-30 17:56 - 2014-04-30 17:56 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-04-30 17:56 - 2014-04-30 17:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-04-30 17:56 - 2014-04-30 17:56 - 00000000 ____D () C:\Program Files (x86)\CapsuleGames
2014-04-30 17:56 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-04-30 17:56 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-04-30 17:56 - 2009-03-16 14:18 - 00069448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-04-30 17:56 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-04-30 17:56 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-04-30 17:56 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-04-30 15:57 - 2014-05-01 22:54 - 00000000 ____D () C:\Users\Liams Desktop\Documents\shadow warrior
2014-04-30 14:18 - 2014-04-30 14:18 - 00000000 ____D () C:\Users\Liams Desktop\Documents\4a games
2014-04-29 23:14 - 2014-04-29 23:14 - 00000000 __SHD () C:\Users\Liams Desktop\AppData\Local\EmieUserList
2014-04-29 23:14 - 2014-04-29 23:14 - 00000000 __SHD () C:\Users\Liams Desktop\AppData\Local\EmieSiteList
2014-04-29 22:56 - 2014-04-29 22:56 - 00007602 _____ () C:\Users\Liams Desktop\AppData\Local\Resmon.ResmonCfg
2014-04-29 22:54 - 2014-03-06 20:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-29 19:44 - 2014-04-29 19:45 - 01310621 _____ () C:\Users\Liams Desktop\Downloads\adwcleaner.exe
2014-04-28 21:09 - 2014-05-01 20:29 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\vlc
2014-04-28 21:06 - 2014-04-28 21:08 - 58615209 _____ () C:\Users\Liams Desktop\Downloads\JoeKowan_2013S-480p.mp4
2014-04-28 21:05 - 2014-04-28 21:05 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Oracle
2014-04-28 21:04 - 2014-04-28 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-28 21:04 - 2014-04-28 21:04 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-28 21:04 - 2014-04-28 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-28 21:04 - 2014-04-28 21:04 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-28 21:04 - 2014-04-28 21:04 - 00000000 ____D () C:\ProgramData\Sun
2014-04-28 21:04 - 2014-04-28 21:04 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-28 21:04 - 2014-04-28 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-28 21:04 - 2014-04-28 21:04 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-28 21:03 - 2014-04-28 21:03 - 00921512 _____ (Oracle Corporation) C:\Users\Liams Desktop\Downloads\chromeinstall-7u55.exe
2014-04-28 17:56 - 2014-04-28 17:57 - 01054064 _____ (Amazon Services LLC) C:\Users\Liams Desktop\Downloads\Transformers_War_for_Cybertron_Downloader.exe
2014-04-28 17:38 - 2014-04-30 02:50 - 00000000 ____D () C:\Users\Liams Desktop\Downloads\LOST ALPHA v1.3000 DEZOWAVE
2014-04-28 17:36 - 2014-04-28 17:36 - 00000801 _____ () C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-04-28 17:35 - 2014-04-30 07:44 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\uTorrent
2014-04-28 17:35 - 2014-04-28 17:35 - 01270352 _____ (BitTorrent Inc.) C:\Users\Liams Desktop\Downloads\utorrent.exe
2014-04-28 17:34 - 2014-04-28 17:34 - 00016675 _____ () C:\Users\Liams Desktop\Downloads\LOST ALPHA v1.3000 DEZOWAVE.torrent
2014-04-28 15:18 - 2014-04-27 19:22 - 00000000 ____D () C:\Windows\Panther
2014-04-28 14:20 - 2014-04-28 14:20 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-04-28 14:20 - 2014-04-28 14:20 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-04-28 14:20 - 2014-04-28 14:20 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-04-28 14:20 - 2014-04-28 14:20 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-04-28 14:19 - 2014-04-28 14:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-04-28 14:16 - 2014-04-28 14:16 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Blizzard
2014-04-28 13:54 - 2013-12-25 11:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-28 13:54 - 2013-12-25 10:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-28 13:54 - 2013-11-26 20:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-28 13:54 - 2013-11-23 10:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-28 13:54 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-04-28 13:54 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-04-28 13:54 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-04-28 13:54 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-04-28 13:54 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-04-28 13:54 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-04-28 13:54 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-04-28 13:33 - 2014-05-01 22:54 - 00000000 ____D () C:\Users\Liams Desktop\Documents\my games
2014-04-28 12:48 - 2014-02-04 14:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-28 12:48 - 2014-02-04 14:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-28 12:43 - 2013-11-24 06:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-04-28 12:43 - 2013-11-24 05:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-04-28 12:12 - 2011-03-11 18:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-04-28 12:12 - 2011-03-11 18:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-04-28 12:12 - 2011-03-11 18:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-04-28 12:12 - 2011-03-11 18:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-04-28 12:12 - 2011-03-11 18:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-04-28 12:12 - 2011-03-11 18:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-04-28 12:12 - 2011-03-11 18:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-04-28 12:12 - 2011-03-11 17:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-04-28 12:12 - 2011-03-11 17:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-04-28 12:12 - 2011-03-11 16:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-04-28 11:41 - 2011-02-25 18:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-04-28 11:41 - 2011-02-25 17:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-04-28 11:24 - 2014-04-28 11:24 - 00301688 _____ (Thesycon GmbH) C:\Users\Liams Desktop\Downloads\dpclat.exe
2014-04-28 11:07 - 2012-02-11 18:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-04-28 11:07 - 2012-02-11 18:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-04-28 10:38 - 2014-04-28 22:33 - 00773536 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-28 10:34 - 2014-04-28 10:35 - 00688992 ____R (Swearware) C:\Users\Liams Desktop\Downloads\dds.scr
2014-04-28 03:52 - 2013-05-10 17:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-28 03:52 - 2013-05-10 17:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-28 03:52 - 2013-05-10 16:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-04-28 03:52 - 2013-05-10 16:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-28 03:43 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-04-28 03:40 - 2014-04-28 03:40 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-28 03:40 - 2014-04-28 03:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-28 03:40 - 2014-04-28 03:40 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-28 03:40 - 2014-04-28 03:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-28 03:40 - 2014-04-28 03:40 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-28 03:40 - 2014-04-28 03:40 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-28 03:40 - 2014-04-28 03:40 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-28 03:40 - 2014-04-28 03:40 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-28 03:40 - 2014-04-28 03:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-28 03:40 - 2014-04-28 03:40 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-28 03:40 - 2014-04-28 03:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-28 03:24 - 2014-04-28 03:43 - 00013169 _____ () C:\Windows\IE11_main.log
2014-04-28 03:03 - 2012-07-26 15:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-04-28 03:03 - 2012-07-26 15:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-04-28 03:03 - 2012-07-26 15:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-04-28 03:03 - 2012-07-26 15:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-04-28 03:03 - 2012-07-26 15:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-04-28 03:03 - 2012-07-26 14:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-04-28 03:03 - 2012-07-26 14:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-04-28 03:03 - 2012-06-03 02:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-04-28 03:01 - 2014-04-28 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-28 03:01 - 2014-03-31 03:51 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-28 03:00 - 2012-03-01 18:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-04-28 03:00 - 2012-03-01 18:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-04-28 03:00 - 2012-03-01 17:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-04-28 01:42 - 2014-05-01 22:54 - 00000000 ____D () C:\Users\Liams Desktop\Documents\StarCraft II
2014-04-28 01:42 - 2014-04-30 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-04-28 00:24 - 2014-04-28 00:24 - 00000479 _____ () C:\Users\Liams Desktop\Desktop\Steam Backups (H) - Shortcut.lnk
2014-04-28 00:17 - 2014-04-28 01:24 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Green Man Gaming
2014-04-28 00:17 - 2014-04-28 00:17 - 00000749 _____ () C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Capsule.lnk
2014-04-28 00:17 - 2014-04-28 00:17 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Capsule Utilities
2014-04-28 00:00 - 2014-04-28 01:24 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Origin
2014-04-28 00:00 - 2014-04-28 00:01 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Origin
2014-04-27 23:57 - 2014-04-27 23:57 - 00000906 _____ () C:\Users\Liams Desktop\Desktop\common - Shortcut.lnk
2014-04-27 23:56 - 2014-05-01 20:32 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Battle.net
2014-04-27 23:56 - 2014-04-28 18:17 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\NVIDIA
2014-04-27 23:56 - 2014-04-28 10:45 - 00000000 ____D () C:\ProgramData\Origin
2014-04-27 23:56 - 2014-04-28 01:43 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-04-27 23:56 - 2014-04-27 23:57 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Battle.net
2014-04-27 23:56 - 2014-04-27 23:56 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Blizzard Entertainment
2014-04-27 23:56 - 2014-04-27 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-04-27 23:56 - 2014-04-27 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-04-27 23:56 - 2014-04-27 23:56 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-04-27 23:54 - 2014-04-28 00:04 - 13092824 _____ (Green Man Gaming Limited) C:\Users\Liams Desktop\Downloads\capsulesetup-v2.33.exe
2014-04-27 23:54 - 2014-04-27 23:55 - 17009768 _____ (Electronic Arts, Inc.) C:\Users\Liams Desktop\Downloads\OriginThinSetup.exe
2014-04-27 23:52 - 2014-04-27 23:52 - 06902224 _____ (Blizzard Entertainment) C:\Users\Liams Desktop\Downloads\Battle.net-Setup-enGB.exe
2014-04-27 23:52 - 2014-04-27 23:52 - 00000000 ____D () C:\ProgramData\Battle.net
2014-04-27 23:28 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-04-27 23:27 - 2014-05-02 18:50 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-27 23:27 - 2014-04-28 17:34 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Audacity
2014-04-27 23:23 - 2014-04-27 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-27 23:23 - 2014-04-27 23:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-27 23:23 - 2014-04-27 23:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-27 23:23 - 2014-04-03 10:33 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-27 23:23 - 2014-04-03 10:33 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-27 23:23 - 2014-04-03 10:33 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-27 23:19 - 2014-04-27 23:19 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-27 23:19 - 2014-04-27 23:19 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-27 23:19 - 2014-04-27 23:19 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-27 23:17 - 2014-04-27 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-04-27 23:17 - 2014-04-27 23:17 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-27 23:11 - 2014-04-27 23:11 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-04-27 23:11 - 2014-04-27 23:11 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-04-27 23:06 - 2014-05-01 23:17 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-27 23:06 - 2013-12-04 14:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-04-27 23:06 - 2013-12-04 14:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-04-27 23:06 - 2013-12-04 14:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-04-27 23:06 - 2013-12-04 14:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-04-27 23:06 - 2013-12-04 14:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-04-27 23:06 - 2013-12-04 14:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-04-27 23:06 - 2013-12-04 14:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-04-27 23:06 - 2013-12-04 14:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-04-27 23:06 - 2013-12-04 14:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-04-27 23:06 - 2013-12-04 14:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-04-27 23:06 - 2013-12-04 14:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-04-27 23:06 - 2013-12-04 14:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-04-27 23:06 - 2013-12-04 14:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-04-27 23:06 - 2013-12-04 14:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-04-27 23:06 - 2013-12-04 13:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-04-27 23:06 - 2013-12-04 13:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-04-27 23:06 - 2013-12-04 13:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-04-27 23:06 - 2013-12-04 13:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-04-27 23:06 - 2013-08-02 14:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-04-27 23:06 - 2013-08-02 14:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-04-27 23:06 - 2013-08-02 13:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-04-27 23:06 - 2013-08-02 12:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-04-27 23:06 - 2013-02-27 18:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-04-27 23:06 - 2013-02-27 17:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-04-27 23:06 - 2012-12-08 01:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-04-27 23:06 - 2012-12-08 01:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-04-27 23:06 - 2012-12-08 00:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-04-27 23:06 - 2012-12-08 00:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-04-27 23:06 - 2012-12-07 23:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-04-27 23:06 - 2012-12-07 23:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-04-27 23:06 - 2012-12-07 23:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-04-27 23:06 - 2012-12-07 23:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-04-27 23:06 - 2012-12-07 23:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-04-27 23:06 - 2012-12-07 23:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-04-27 23:06 - 2012-12-07 23:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-04-27 23:06 - 2012-12-07 23:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-04-27 23:06 - 2012-12-07 23:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-04-27 23:06 - 2012-12-07 23:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-04-27 23:06 - 2012-12-07 23:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-04-27 23:06 - 2012-12-07 23:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-04-27 23:06 - 2012-12-07 23:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-04-27 23:06 - 2012-12-07 23:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-04-27 23:06 - 2012-12-07 22:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-04-27 23:06 - 2012-12-07 22:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-04-27 23:06 - 2012-12-07 22:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-04-27 23:06 - 2012-12-07 22:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-04-27 23:06 - 2012-12-07 22:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-04-27 23:06 - 2012-12-07 22:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-04-27 23:06 - 2012-12-07 22:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-04-27 23:06 - 2012-12-07 22:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-04-27 23:06 - 2012-12-07 22:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-04-27 23:06 - 2012-12-07 22:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-04-27 23:06 - 2012-12-07 22:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-04-27 23:06 - 2012-12-07 22:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-04-27 23:06 - 2012-12-07 22:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-04-27 23:06 - 2012-12-07 22:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-04-27 23:06 - 2012-10-10 06:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-04-27 23:06 - 2012-10-10 06:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-04-27 23:06 - 2012-10-10 05:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-04-27 23:06 - 2012-10-10 05:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-04-27 23:06 - 2012-01-04 22:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-04-27 23:06 - 2012-01-04 20:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-04-27 23:05 - 2014-05-01 23:16 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Deployment
2014-04-27 23:05 - 2014-04-27 23:05 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Apps\2.0
2014-04-27 23:05 - 2014-02-07 13:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-27 23:05 - 2014-02-04 14:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-27 23:05 - 2014-02-04 14:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-27 23:05 - 2014-02-04 14:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-27 23:05 - 2014-02-04 14:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-27 23:05 - 2014-02-04 14:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-27 23:05 - 2014-01-29 14:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-04-27 23:05 - 2014-01-29 14:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-04-27 23:05 - 2014-01-28 14:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-04-27 23:05 - 2014-01-01 11:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-04-27 23:05 - 2014-01-01 11:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-04-27 23:05 - 2013-12-06 14:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-27 23:05 - 2013-12-06 14:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-04-27 23:05 - 2013-12-06 14:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-27 23:05 - 2013-12-06 14:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-04-27 23:05 - 2013-11-12 14:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-27 23:05 - 2013-11-12 14:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-27 23:05 - 2013-10-30 14:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-04-27 23:05 - 2013-10-30 14:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-04-27 23:05 - 2013-10-19 14:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-27 23:05 - 2013-10-19 13:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-04-27 23:05 - 2013-10-06 08:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-04-27 23:05 - 2013-10-06 07:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-04-27 23:05 - 2013-10-04 14:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-04-27 23:05 - 2013-10-04 14:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-04-27 23:05 - 2013-10-04 14:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-04-27 23:05 - 2013-10-04 13:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-04-27 23:05 - 2013-10-04 13:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-04-27 23:05 - 2013-10-04 13:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-04-27 23:05 - 2013-09-28 13:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-04-27 23:05 - 2013-09-25 14:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-04-27 23:05 - 2013-09-25 14:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-04-27 23:05 - 2013-09-25 14:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-04-27 23:05 - 2013-09-25 14:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-04-27 23:05 - 2013-09-25 14:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-04-27 23:05 - 2013-09-25 14:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-27 23:05 - 2013-09-25 14:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-04-27 23:05 - 2013-09-25 14:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-04-27 23:05 - 2013-09-25 13:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-04-27 23:05 - 2013-09-25 13:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-04-27 23:05 - 2013-09-25 13:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-04-27 23:05 - 2013-09-25 13:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-04-27 23:05 - 2013-09-25 13:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-04-27 23:05 - 2013-09-08 14:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-04-27 23:05 - 2013-09-08 14:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-04-27 23:05 - 2013-08-29 14:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-27 23:05 - 2013-08-29 14:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-27 23:05 - 2013-08-29 14:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-04-27 23:05 - 2013-08-29 14:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-04-27 23:05 - 2013-08-29 13:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-04-27 23:05 - 2013-08-29 13:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-04-27 23:05 - 2013-08-29 13:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-04-27 23:05 - 2013-08-29 13:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-04-27 23:05 - 2013-08-29 13:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-04-27 23:05 - 2013-07-26 14:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-27 23:05 - 2013-07-26 14:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-04-27 23:05 - 2013-07-26 13:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-27 23:05 - 2013-07-26 13:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-04-27 23:05 - 2013-07-25 21:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-04-27 23:05 - 2013-07-25 20:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-04-27 23:05 - 2013-07-12 22:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-04-27 23:05 - 2013-07-12 22:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-04-27 23:05 - 2013-07-12 22:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2014-04-27 23:05 - 2013-07-09 17:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-04-27 23:05 - 2013-07-09 17:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-04-27 23:05 - 2013-07-09 17:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-04-27 23:05 - 2013-07-09 16:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-04-27 23:05 - 2013-07-09 16:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-04-27 23:05 - 2013-07-09 16:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-04-27 23:05 - 2013-07-05 00:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-04-27 23:05 - 2013-07-05 00:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-04-27 23:05 - 2013-07-04 23:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-04-27 23:05 - 2013-07-03 16:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2014-04-27 23:05 - 2013-07-03 16:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-04-27 23:05 - 2013-07-03 16:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-04-27 23:05 - 2013-06-26 10:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-04-27 23:05 - 2013-06-06 17:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-04-27 23:05 - 2013-06-06 17:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-04-27 23:05 - 2013-06-06 17:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-04-27 23:05 - 2013-06-06 17:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-04-27 23:05 - 2013-06-06 16:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-04-27 23:05 - 2013-06-06 16:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-04-27 23:05 - 2013-06-06 16:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-04-27 23:05 - 2013-06-06 15:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-04-27 23:05 - 2013-06-06 15:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-04-27 23:05 - 2013-06-06 15:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-04-27 23:05 - 2013-04-26 11:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-04-27 23:05 - 2013-04-01 10:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-04-27 23:05 - 2013-03-19 17:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-04-27 23:05 - 2013-02-15 18:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-27 23:05 - 2013-02-15 18:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-27 23:05 - 2013-02-15 18:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-04-27 23:05 - 2013-02-15 16:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-27 23:05 - 2013-02-15 16:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-04-27 23:05 - 2013-02-15 15:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-27 23:05 - 2012-11-29 10:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-04-27 23:05 - 2012-11-29 10:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-04-27 23:05 - 2012-11-29 10:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-04-27 23:05 - 2012-10-04 05:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-04-27 23:05 - 2012-10-04 05:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-04-27 23:05 - 2012-10-04 05:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-04-27 23:05 - 2012-10-04 05:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-04-27 23:05 - 2012-10-04 05:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-04-27 23:05 - 2012-10-04 05:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-04-27 23:05 - 2012-10-04 04:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-04-27 23:05 - 2012-10-04 04:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-04-27 23:05 - 2012-10-04 04:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-04-27 23:05 - 2012-10-04 04:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-04-27 23:05 - 2012-09-26 10:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-04-27 23:05 - 2012-09-26 10:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-04-27 23:05 - 2012-08-23 06:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-04-27 23:05 - 2012-08-22 09:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-04-27 23:05 - 2012-07-05 08:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-04-27 23:05 - 2012-04-08 00:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-04-27 23:05 - 2012-04-07 23:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-04-27 23:05 - 2012-01-13 19:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-04-27 23:05 - 2011-11-17 18:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-04-27 23:05 - 2011-11-17 17:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-04-27 23:05 - 2011-10-26 17:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-04-27 23:05 - 2011-10-26 17:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-04-27 23:05 - 2011-10-26 16:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-04-27 23:05 - 2011-10-26 16:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-04-27 23:05 - 2011-07-09 14:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-04-27 23:05 - 2011-06-16 17:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-04-27 23:05 - 2011-06-16 16:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-04-27 23:05 - 2011-06-15 22:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-04-27 23:05 - 2011-06-15 22:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-04-27 23:05 - 2011-06-15 22:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-04-27 23:05 - 2011-06-15 22:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-04-27 23:05 - 2011-06-15 20:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-04-27 23:05 - 2011-06-15 20:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-04-27 23:05 - 2011-06-15 20:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-04-27 23:05 - 2011-06-15 20:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-04-27 23:05 - 2011-06-15 20:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-04-27 23:05 - 2011-05-04 17:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-04-27 23:05 - 2011-05-04 17:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-04-27 23:05 - 2011-05-04 17:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-04-27 23:05 - 2011-05-04 17:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-04-27 23:05 - 2011-05-04 17:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-04-27 23:05 - 2011-05-04 17:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-04-27 23:05 - 2011-05-04 17:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-04-27 23:05 - 2011-05-04 17:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-04-27 23:05 - 2011-05-04 17:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-04-27 23:05 - 2011-05-04 16:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-04-27 23:05 - 2011-05-04 16:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-04-27 23:05 - 2011-05-04 16:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-04-27 23:05 - 2011-05-04 16:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-04-27 23:05 - 2011-05-04 16:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-04-27 23:05 - 2011-05-04 16:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-04-27 23:05 - 2011-05-04 16:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-04-27 23:05 - 2011-05-04 16:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-04-27 23:05 - 2011-05-04 16:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-04-27 23:05 - 2011-04-29 15:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-04-27 23:05 - 2011-04-29 15:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-04-27 23:05 - 2011-04-29 15:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-04-27 23:05 - 2011-04-27 14:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-04-27 23:05 - 2011-04-27 14:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-04-27 23:05 - 2011-04-09 18:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-04-27 23:05 - 2011-04-09 17:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-04-27 23:05 - 2011-03-11 18:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-04-27 23:05 - 2011-03-11 18:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-04-27 23:05 - 2011-03-11 17:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-04-27 23:05 - 2011-03-11 17:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-04-27 23:05 - 2010-12-23 22:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-04-27 23:05 - 2010-12-23 22:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-04-27 23:05 - 2010-12-23 22:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-04-27 23:05 - 2010-12-23 17:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-04-27 23:05 - 2010-12-23 17:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-04-27 23:05 - 2010-12-23 17:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-04-27 23:04 - 2013-11-27 13:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-04-27 23:04 - 2013-11-27 13:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-04-27 23:04 - 2013-11-27 13:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-04-27 23:04 - 2013-11-27 13:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-04-27 23:04 - 2013-11-27 13:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-04-27 23:04 - 2013-11-26 23:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-04-27 23:04 - 2013-10-04 14:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-04-27 23:04 - 2013-10-04 13:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-04-27 23:04 - 2013-09-08 14:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-27 23:04 - 2013-08-05 14:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-04-27 23:04 - 2013-07-09 17:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-04-27 23:04 - 2013-07-09 16:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-04-27 23:04 - 2013-07-05 00:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-04-27 23:04 - 2013-07-05 00:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-04-27 23:04 - 2013-07-04 23:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-04-27 23:04 - 2013-07-04 23:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-04-27 23:04 - 2013-07-04 22:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-04-27 23:04 - 2013-06-15 16:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-04-27 23:04 - 2013-02-12 16:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-04-27 23:04 - 2012-11-22 17:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-04-27 23:04 - 2012-11-22 16:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-04-27 23:04 - 2012-11-02 17:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-04-27 23:04 - 2012-11-02 17:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-04-27 23:04 - 2012-11-01 17:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-04-27 23:04 - 2012-11-01 16:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-04-27 23:04 - 2012-05-01 17:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-04-27 23:04 - 2012-04-26 17:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-04-27 23:04 - 2012-04-26 17:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-04-27 23:04 - 2012-04-26 17:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-04-27 23:04 - 2011-12-30 18:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-04-27 23:04 - 2011-12-30 17:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-04-27 23:04 - 2011-03-03 18:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-04-27 23:04 - 2011-03-03 18:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-04-27 23:04 - 2011-03-03 18:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-04-27 23:04 - 2011-03-03 17:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-04-27 23:04 - 2011-03-03 17:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-04-27 23:03 - 2012-08-11 12:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-04-27 23:03 - 2012-08-11 11:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-04-27 23:03 - 2012-04-28 15:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-04-27 23:03 - 2012-03-17 19:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-04-27 23:03 - 2011-08-17 17:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-04-27 23:03 - 2011-08-17 17:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-04-27 23:03 - 2011-08-17 16:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-04-27 23:03 - 2011-08-17 16:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-04-27 23:02 - 2014-03-04 21:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-27 23:02 - 2014-03-04 21:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-27 23:02 - 2014-03-04 21:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-27 23:02 - 2014-03-04 21:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-27 23:02 - 2014-03-04 21:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-27 23:02 - 2014-03-04 21:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-27 23:02 - 2014-03-04 21:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-27 23:02 - 2014-03-04 21:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-27 23:02 - 2014-03-04 21:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-27 23:02 - 2014-03-04 20:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-27 23:02 - 2014-03-04 20:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-27 23:02 - 2014-01-24 14:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-27 23:02 - 2013-08-02 14:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-27 23:02 - 2013-08-02 14:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 13:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-27 23:02 - 2013-08-02 12:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 12:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 12:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-04-27 23:02 - 2013-08-02 12:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-04-27 23:02 - 2013-05-13 17:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-04-27 23:02 - 2013-05-13 15:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-04-27 23:02 - 2013-05-13 15:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-04-27 23:02 - 2013-05-13 15:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-04-27 23:02 - 2013-01-03 18:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-04-27 23:02 - 2012-06-06 18:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-04-27 23:02 - 2012-06-06 17:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-04-27 23:02 - 2011-10-15 18:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-04-27 23:02 - 2011-10-15 17:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-04-27 23:02 - 2011-02-06 05:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-04-27 23:02 - 2011-02-06 05:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-04-27 23:02 - 2011-02-06 05:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-04-27 23:02 - 2011-02-06 05:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-04-27 23:02 - 2011-02-06 05:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-04-27 23:02 - 2011-02-06 05:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-04-27 23:02 - 2011-02-06 05:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-04-27 23:01 - 2014-02-04 14:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-27 23:01 - 2014-02-04 14:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-27 23:01 - 2013-10-12 14:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-04-27 23:01 - 2013-10-12 14:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-04-27 23:01 - 2013-10-12 14:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-04-27 23:01 - 2013-10-12 14:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-04-27 23:01 - 2013-10-12 14:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-04-27 23:01 - 2013-10-12 14:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-04-27 23:01 - 2013-10-12 14:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-04-27 23:01 - 2013-10-12 14:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-04-27 23:01 - 2013-10-12 14:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-04-27 23:01 - 2013-10-12 13:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-04-27 23:01 - 2013-10-12 13:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-04-27 23:01 - 2013-10-12 13:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-04-27 23:01 - 2013-10-12 13:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-04-27 23:01 - 2013-10-03 14:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-04-27 23:01 - 2013-10-03 14:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-04-27 23:01 - 2013-08-28 13:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-04-27 23:01 - 2013-08-02 00:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-04-27 23:01 - 2013-07-20 22:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-04-27 23:01 - 2013-07-20 22:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-04-27 23:01 - 2013-05-10 17:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-04-27 23:01 - 2013-05-10 15:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-04-27 23:01 - 2013-04-26 17:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-04-27 23:01 - 2013-04-26 16:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-04-27 23:01 - 2013-04-10 18:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-04-27 23:01 - 2013-01-24 18:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-04-27 23:01 - 2012-11-23 15:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-04-27 23:01 - 2012-07-05 10:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-04-27 23:01 - 2012-07-05 10:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-04-27 23:01 - 2012-07-05 10:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-04-27 23:01 - 2012-07-05 09:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-04-27 23:01 - 2012-07-05 09:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-04-27 23:01 - 2012-05-14 17:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-04-27 23:01 - 2012-05-05 20:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-04-27 23:01 - 2012-05-05 19:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-04-27 23:01 - 2011-12-16 20:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-04-27 23:01 - 2011-12-16 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-04-27 23:01 - 2011-11-20 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-04-27 23:01 - 2011-11-20 02:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-04-27 23:01 - 2011-08-27 17:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-04-27 23:01 - 2011-08-27 17:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-04-27 23:01 - 2011-08-27 16:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-04-27 23:01 - 2011-08-27 16:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-04-27 23:01 - 2011-05-24 23:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-04-27 23:01 - 2011-05-24 22:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-04-27 23:01 - 2011-05-24 22:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-04-27 23:01 - 2011-05-24 22:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-04-27 23:01 - 2011-05-24 22:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-04-27 23:01 - 2011-05-03 17:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-04-27 23:01 - 2011-05-03 16:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-04-27 23:01 - 2011-02-23 16:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-04-27 23:01 - 2011-02-18 22:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-04-27 23:01 - 2011-02-18 17:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-04-27 23:01 - 2011-02-12 23:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-04-27 23:01 - 2011-02-03 23:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-04-27 22:52 - 2014-04-27 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-04-27 22:52 - 2014-04-27 22:52 - 00000000 ____D () C:\Program Files\7-Zip
2014-04-27 22:47 - 2014-04-27 22:47 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Dxtory Software
2014-04-27 22:47 - 2014-04-27 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2014-04-27 22:47 - 2014-04-27 22:47 - 00000000 ____D () C:\Program Files (x86)\ExKode
2014-04-27 22:47 - 2013-02-15 22:44 - 08300544 _____ (Dxtory Software) C:\Windows\SysWOW64\DxtoryCodec.dll
2014-04-27 22:47 - 2013-02-15 22:44 - 08043008 _____ (Dxtory Software) C:\Windows\system32\DxtoryCodec.dll
2014-04-27 22:46 - 2014-04-27 22:46 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\SplitMediaLabs
2014-04-27 22:46 - 2014-04-27 22:46 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Macromedia
2014-04-27 22:46 - 2014-04-27 22:46 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\SplitMediaLabs
2014-04-27 22:46 - 2014-04-27 22:46 - 00000000 ____D () C:\ProgramData\SplitMediaLabs
2014-04-27 22:46 - 2014-04-27 22:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2014-04-27 22:46 - 2014-04-27 22:46 - 00000000 ____D () C:\Program Files (x86)\SplitMediaLabs
2014-04-27 22:45 - 2014-05-01 23:25 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-27 22:45 - 2014-05-01 20:25 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-27 22:45 - 2014-05-01 20:25 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-27 22:45 - 2014-05-01 20:25 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-27 22:45 - 2014-04-27 22:45 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Adobe
2014-04-27 22:43 - 2014-04-27 22:43 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-04-27 22:43 - 2014-04-27 22:43 - 00000000 ____D () C:\Windows\system32\Macromed
2014-04-27 22:41 - 2014-05-02 18:52 - 00000021 _____ () C:\Users\Liams Desktop\AppData\Roaming\config_data.dat
2014-04-27 22:41 - 2014-04-27 22:41 - 00003164 _____ () C:\Windows\System32\Tasks\Start CorsairLINK Hardware Monitor
2014-04-27 22:41 - 2014-04-27 22:41 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Corsair
2014-04-27 22:41 - 2014-04-27 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corsair
2014-04-27 22:41 - 2014-04-27 22:41 - 00000000 ____D () C:\Program Files (x86)\Silabs
2014-04-27 22:41 - 2014-04-27 22:41 - 00000000 ____D () C:\Program Files (x86)\Corsair
2014-04-27 22:40 - 2014-05-02 18:51 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Skype
2014-04-27 22:40 - 2014-04-27 22:40 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-27 22:40 - 2014-04-27 22:40 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Skype
2014-04-27 22:40 - 2014-04-27 22:40 - 00000000 ____D () C:\ProgramData\Skype
2014-04-27 22:40 - 2014-04-27 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-27 22:34 - 2014-04-27 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2014-04-27 22:34 - 2014-04-27 22:34 - 00000000 ____D () C:\Program Files\ASRock Utility
2014-04-27 22:34 - 2014-04-27 22:34 - 00000000 ____D () C:\Program Files (x86)\ASRock Utility
2014-04-27 22:34 - 2012-01-13 12:52 - 00031016 _____ (ASRock Inc.) C:\Windows\system32\Drivers\AsrRamDisk.sys
2014-04-27 22:33 - 2014-04-27 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-04-27 22:33 - 2014-04-27 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mionix
2014-04-27 22:32 - 2014-04-27 22:32 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Mionix
2014-04-27 22:32 - 2014-04-27 22:32 - 00000000 ____D () C:\Program Files (x86)\Mionix
2014-04-27 22:31 - 2014-04-27 22:31 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Downloaded Installations
2014-04-27 22:31 - 2014-04-27 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-04-27 22:31 - 2014-04-27 22:31 - 00000000 ____D () C:\ProgramData\ESET
2014-04-27 22:31 - 2014-04-27 22:31 - 00000000 ____D () C:\Program Files\ESET
2014-04-27 21:27 - 2014-04-27 21:27 - 00000000 ____D () C:\ProgramData\Creative Labs
2014-04-27 21:03 - 2014-04-27 21:42 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-04-27 21:03 - 2014-04-27 21:18 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-04-27 21:03 - 2014-04-27 21:03 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Logitech® Webcam Software
2014-04-27 21:03 - 2014-04-27 21:03 - 00000000 ____D () C:\Program Files\Realtek
2014-04-27 21:03 - 2012-01-31 19:14 - 04739304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-04-27 21:03 - 2012-01-31 17:32 - 02652264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-04-27 21:03 - 2012-01-31 17:02 - 00223608 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-04-27 21:03 - 2012-01-20 13:07 - 03845736 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-04-27 21:03 - 2012-01-10 14:48 - 00958296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-04-27 21:03 - 2012-01-03 15:25 - 00626264 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2014-04-27 21:03 - 2012-01-03 15:25 - 00561752 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2014-04-27 21:03 - 2011-12-23 13:30 - 00823912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-04-27 21:03 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-04-27 21:03 - 2011-12-18 17:58 - 02603864 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2014-04-27 21:03 - 2011-12-18 17:58 - 02131288 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-04-27 21:03 - 2011-12-16 14:57 - 00894040 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2014-04-27 21:03 - 2011-12-16 14:57 - 00750680 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2014-04-27 21:03 - 2011-12-15 12:39 - 00100968 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-04-27 21:03 - 2011-12-13 20:22 - 02528832 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-04-27 21:03 - 2011-12-13 16:58 - 01560168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-04-27 21:03 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-04-27 21:03 - 2011-07-22 19:35 - 01247848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-04-27 21:03 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-04-27 21:03 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-04-27 21:03 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-04-27 21:03 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-04-27 21:03 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-04-27 21:03 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-04-27 21:03 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-04-27 21:03 - 2010-10-15 19:20 - 02261764 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-04-27 21:03 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-04-27 21:03 - 2010-07-22 16:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-04-27 21:03 - 2010-07-02 19:40 - 00080984 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2014-04-27 21:03 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-04-27 21:03 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-04-27 21:03 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-04-27 21:03 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-04-27 21:03 - 2009-11-18 07:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2014-04-27 21:03 - 2009-11-17 18:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-04-27 20:59 - 2014-04-27 20:59 - 00000000 ____D () C:\ProgramData\LogiShrd
2014-04-27 20:58 - 2014-04-27 20:58 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Leadertech
2014-04-27 20:58 - 2014-04-27 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-04-27 20:58 - 2014-04-27 20:58 - 00000000 ____D () C:\ProgramData\Logitech
2014-04-27 20:58 - 2014-04-27 20:58 - 00000000 ____D () C:\Program Files (x86)\Logitech
2014-04-27 20:54 - 2014-04-28 11:01 - 00058400 _____ () C:\Users\Liams Desktop\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-27 20:51 - 2014-05-01 23:30 - 00013381 _____ () C:\Windows\system32\lvcoinst.log
2014-04-27 20:51 - 2014-05-01 23:18 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Google
2014-04-27 20:51 - 2014-04-27 22:58 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-04-27 20:51 - 2011-05-19 15:39 - 00007195 ____N () C:\Windows\system32\THXCfgUninstall64.ini
2014-04-27 20:51 - 2011-05-19 15:39 - 00006925 ____N () C:\Windows\system32\THXCfg64.ini
2014-04-27 20:51 - 2011-05-19 15:39 - 00001424 ____N () C:\Windows\THXCfg_SP_APOIM.ini
2014-04-27 20:51 - 2011-05-19 15:39 - 00001323 ____N () C:\Windows\THXCfg_HP_APOIM.ini
2014-04-27 20:51 - 2011-05-19 15:39 - 00001323 ____N () C:\Windows\THXCfg_APOIM.ini
2014-04-27 20:51 - 2011-05-13 12:30 - 00026624 ____N (Creative Technology Ltd.) C:\Windows\system32\THXCfg64.dll
2014-04-27 20:51 - 2010-07-21 16:51 - 00011264 ____N (Creative Technology Ltd.) C:\Windows\SysWOW64\ResDefA.exe
2014-04-27 20:51 - 2009-10-01 16:42 - 00141312 ____N (Creative Technology Ltd.) C:\Windows\system32\THXCfg64.exe
2014-04-27 20:51 - 2000-05-11 01:00 - 00090112 ____N (Creative Technology Ltd.) C:\Windows\Updreg.EXE
2014-04-27 20:49 - 2014-04-27 20:49 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Creative
2014-04-27 20:48 - 2014-04-27 20:48 - 00000000 ____D () C:\ProgramData\Creative
2014-04-27 20:46 - 2014-04-27 20:46 - 00000000 ___HD () C:\Program Files (x86)\Creative Installation Information
2014-04-27 20:46 - 2013-04-03 14:06 - 00044895 ____R () C:\Windows\system32\kschimp.ini
2014-04-27 20:46 - 2011-05-19 09:58 - 00246784 _____ () C:\Windows\system32\APOMgr64.DLL
2014-04-27 20:46 - 2011-05-19 09:56 - 00190464 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-04-27 20:46 - 2010-07-22 16:46 - 00237056 _____ () C:\Windows\system32\APOMgr64.DLL.tmp
2014-04-27 20:46 - 2010-07-22 16:45 - 00181760 _____ () C:\Windows\SysWOW64\APOMngr.DLL.tmp
2014-04-27 20:46 - 2009-12-29 16:53 - 00089088 _____ () C:\Windows\system32\CmdRtr64.DLL
2014-04-27 20:46 - 2009-12-29 16:52 - 00089088 _____ () C:\Windows\system32\CmdRtr64.DLL.tmp
2014-04-27 20:46 - 2009-12-29 16:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-04-27 20:46 - 2009-12-29 16:50 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL.tmp
2014-04-27 20:45 - 2013-04-08 15:36 - 01588480 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\ksaud.sys
2014-04-27 20:45 - 2013-04-05 22:45 - 00057856 _____ (Creative Technology Ltd.) C:\Windows\system32\KSppld64.dll
2014-04-27 20:45 - 2013-04-05 22:44 - 01086464 _____ (Creative Technology Ltd.) C:\Windows\system32\KSAPO64.dll
2014-04-27 20:45 - 2013-04-05 22:44 - 00904192 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\KSAPO32.dll
2014-04-27 20:45 - 2013-04-03 16:50 - 00001772 _____ () C:\ProgramData\cfSB1095A.ini
2014-04-27 20:45 - 2013-04-03 14:06 - 00034778 _____ () C:\Windows\system32\ksaud.ini
2014-04-27 20:45 - 2013-04-03 14:06 - 00013084 _____ () C:\Windows\system32\MixerDefault.reg
2014-04-27 20:45 - 2010-07-29 23:44 - 00262656 _____ (Creative Technology Ltd.) C:\Windows\system32\KSVSPI64.dll
2014-04-27 20:45 - 2010-07-29 23:44 - 00195584 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\KSVSPI32.dll
2014-04-27 20:45 - 2010-07-29 23:36 - 00115712 _____ (Creative Technology Ltd.) C:\Windows\system32\SBAVMon.dll
2014-04-27 20:45 - 2010-07-22 22:13 - 00631428 _____ (Creative Technology Ltd) C:\Windows\KSAIM64.exe
2014-04-27 20:45 - 2010-07-08 13:42 - 00053760 _____ (Creative Technology Ltd.) C:\Windows\system32\KSPPCn64.dll
2014-04-27 20:45 - 2010-07-08 13:41 - 00074240 _____ (Creative Technology Ltd.) C:\Windows\system32\KSWrap64.dll
2014-04-27 20:45 - 2010-06-29 19:04 - 00001772 _____ () C:\ProgramData\cfSB1095.ini
2014-04-27 20:45 - 2010-05-06 15:16 - 00067584 _____ (Creative Technology Ltd.) C:\Windows\system32\KSDGFX64.dll
2014-04-27 20:45 - 2009-11-11 17:43 - 00235520 _____ (Creative Technology Limited) C:\Windows\system32\KsDvInst.dll
2014-04-27 20:45 - 2009-11-10 14:42 - 00479232 _____ (Creative Technology Ltd.) C:\Windows\system32\JDetect.exe
2014-04-27 20:44 - 2014-04-27 20:51 - 00000286 ___RH () C:\Windows\ctfile.rfc
2014-04-27 20:44 - 2014-04-27 20:49 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Creative
2014-04-27 20:44 - 2014-04-27 20:44 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-04-27 20:44 - 2014-04-27 20:44 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-04-27 20:44 - 2014-04-27 20:44 - 00123480 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-04-27 20:44 - 2014-04-27 20:44 - 00109144 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-04-27 20:44 - 2013-04-25 16:07 - 00006505 ____N () C:\Windows\SysWOW64\CTOPT399.cat
2014-04-27 20:44 - 2013-04-03 14:01 - 00006601 ____N () C:\Windows\system32\CTOPT399.cat
2014-04-27 20:44 - 2013-04-03 09:55 - 00079360 ____N (Creative Technology Ltd) C:\Windows\SysWOW64\CTOPT399.dll
2014-04-27 20:44 - 2013-04-03 09:54 - 00088576 ____N (Creative Technology Ltd) C:\Windows\system32\CTOPT399.dll
2014-04-27 20:44 - 2013-03-27 11:59 - 01903104 ____N (Creative) C:\Windows\system32\Sens_oal.dll
2014-04-27 20:44 - 2013-03-27 11:56 - 02906589 ____N (Creative) C:\Windows\SysWOW64\Sens_oal.dll
2014-04-27 20:44 - 2009-12-24 14:49 - 00809560 ____R (Creative Labs Inc.) C:\Windows\SysWOW64\tmp1DEC.tmp
2014-04-27 20:44 - 2008-12-22 20:13 - 00061440 ____N (Creative Technology Ltd) C:\Windows\SysWOW64\CTChkAud.dll
2014-04-27 20:44 - 2008-12-22 20:13 - 00049664 ____N (Creative Technology Ltd) C:\Windows\system32\CTChkAud.dll
2014-04-27 20:44 - 2007-07-05 14:27 - 00002630 ____R () C:\Windows\MixerName.reg
2014-04-27 20:44 - 2006-10-06 18:17 - 00053248 ____N (Creative Technology Ltd ) C:\Windows\Ctregrun.exe
2014-04-27 20:44 - 2003-06-12 23:25 - 00007062 _____ () C:\Windows\SysWOW64\audiopid.vxd
2014-04-27 20:44 - 2000-05-22 20:58 - 00647872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Mscomct2.ocx
2014-04-27 20:43 - 2014-04-27 20:54 - 00000000 ____D () C:\Program Files (x86)\Creative
2014-04-27 20:43 - 2014-04-27 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2014-04-27 20:43 - 2014-04-27 20:46 - 00000000 ____D () C:\Program Files\Creative
2014-04-27 20:39 - 2014-04-27 20:39 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2014-04-27 20:38 - 2014-04-27 20:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-04-27 20:37 - 2014-04-27 20:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-04-27 20:37 - 2012-02-27 03:00 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2014-04-27 20:07 - 2014-04-27 20:39 - 00012718 _____ () C:\Windows\DPINST.LOG
2014-04-27 20:07 - 2014-04-27 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
2014-04-27 20:07 - 2014-04-27 20:07 - 00000000 ____D () C:\Program Files (x86)\ASM106xSATA
2014-04-27 19:57 - 2012-02-17 18:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-04-27 19:57 - 2012-02-17 17:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-04-27 19:57 - 2012-02-17 16:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-04-27 19:54 - 2012-06-03 10:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-27 19:54 - 2012-06-03 10:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-04-27 19:54 - 2012-06-03 10:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-27 19:54 - 2012-06-03 10:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-04-27 19:54 - 2012-06-03 10:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-04-27 19:54 - 2012-06-03 10:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-27 19:54 - 2012-06-03 10:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-04-27 19:54 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-04-27 19:54 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-04-27 19:48 - 2014-04-27 19:48 - 00000000 ____D () C:\Program Files\Broadcom
2014-04-27 19:47 - 2014-04-27 19:47 - 00000000 _____ () C:\Users\Liams Desktop\agent.log
2014-04-27 19:37 - 2014-05-02 18:50 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-04-27 19:37 - 2014-05-01 16:36 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-04-27 19:37 - 2014-04-27 19:37 - 00003492 _____ () C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2014-04-27 19:37 - 2014-04-27 19:37 - 00003188 _____ () C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2014-04-27 19:37 - 2014-04-27 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-04-27 19:37 - 2014-04-27 19:37 - 00000000 ____D () C:\Program Files\Intel
2014-04-27 19:37 - 2014-04-27 19:37 - 00000000 _____ () C:\Windows\SysWOW64\agent.log
2014-04-27 19:37 - 2012-07-18 06:57 - 00015168 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2014-04-27 19:36 - 2014-04-27 22:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-27 19:36 - 2014-04-27 19:36 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\InstallShield
2014-04-27 19:36 - 2012-07-02 10:16 - 00062784 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2014-04-27 19:34 - 2014-04-27 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-04-27 19:34 - 2011-12-06 15:55 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-04-27 19:32 - 2014-05-02 18:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-27 19:32 - 2014-04-27 19:32 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-27 19:32 - 2014-04-27 19:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-27 19:32 - 2014-04-27 19:32 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-04-27 19:32 - 2014-03-05 02:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-04-27 19:32 - 2014-03-05 02:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-04-27 19:32 - 2014-03-05 02:35 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-04-27 19:32 - 2014-03-05 01:06 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-04-27 19:32 - 2014-03-05 01:06 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-04-27 19:32 - 2014-03-05 01:05 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-04-27 19:32 - 2014-03-05 01:05 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-04-27 19:32 - 2014-03-05 01:05 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-04-27 19:32 - 2014-03-05 01:05 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-04-27 19:32 - 2014-03-04 23:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-04-27 19:32 - 2013-11-29 01:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-04-27 19:32 - 2013-11-29 01:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-04-27 19:32 - 2013-11-22 20:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-04-27 19:30 - 2014-04-27 19:32 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-04-27 19:30 - 2014-04-27 19:30 - 00020668 _____ () C:\Windows\system32\results.xml
2014-04-27 19:30 - 2014-04-27 19:30 - 00000000 ____D () C:\NVIDIA
2014-04-27 19:29 - 2014-04-27 20:37 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-04-27 19:29 - 2014-04-27 19:37 - 00000000 ____D () C:\ProgramData\Intel
2014-04-27 19:29 - 2014-04-27 19:29 - 00000000 ____D () C:\Intel
2014-04-27 19:29 - 2012-09-17 16:24 - 00056832 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2014-04-27 19:29 - 2012-09-17 16:24 - 00056320 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2014-04-27 19:23 - 2014-05-01 23:13 - 00000000 ____D () C:\AdwCleaner
2014-04-27 19:22 - 2014-05-02 18:51 - 01392108 _____ () C:\Windows\WindowsUpdate.log
2014-04-27 19:22 - 2014-04-30 00:05 - 00000000 ___RD () C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-27 19:22 - 2014-04-28 04:14 - 00001413 _____ () C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-27 19:22 - 2014-04-28 04:14 - 00000000 ___RD () C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-27 19:22 - 2014-04-27 19:22 - 00000020 ___SH () C:\Users\Liams Desktop\ntuser.ini
2014-04-27 19:22 - 2014-04-27 19:22 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\VirtualStore
2014-04-27 19:22 - 2009-07-14 16:54 - 00000000 ___RD () C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-27 19:22 - 2009-07-14 16:49 - 00000000 ___RD () C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 
==================== One Month Modified Files and Folders =======
 
2014-05-02 18:52 - 2014-05-02 18:52 - 00014891 _____ () C:\Users\Liams Desktop\Downloads\FRST.txt
2014-05-02 18:52 - 2014-05-02 18:52 - 00000000 ____D () C:\FRST
2014-05-02 18:52 - 2014-05-02 18:51 - 02062336 _____ (Farbar) C:\Users\Liams Desktop\Downloads\FRST64.exe
2014-05-02 18:52 - 2014-04-27 22:41 - 00000021 _____ () C:\Users\Liams Desktop\AppData\Roaming\config_data.dat
2014-05-02 18:51 - 2014-04-27 22:40 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Skype
2014-05-02 18:51 - 2014-04-27 19:22 - 01392108 _____ () C:\Windows\WindowsUpdate.log
2014-05-02 18:50 - 2014-05-01 23:24 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf652fe04b2782.job
2014-05-02 18:50 - 2014-04-27 23:27 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-02 18:50 - 2014-04-27 19:37 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-05-02 18:50 - 2014-04-27 19:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-02 18:50 - 2009-07-14 17:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-02 18:50 - 2009-07-14 16:51 - 00041378 _____ () C:\Windows\setupact.log
2014-05-01 23:35 - 2009-07-14 17:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-01 23:30 - 2014-04-27 20:51 - 00013381 _____ () C:\Windows\system32\lvcoinst.log
2014-05-01 23:29 - 2014-05-01 23:24 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf652fe08b8cd4.job
2014-05-01 23:29 - 2010-11-21 15:47 - 00065474 _____ () C:\Windows\PFRO.log
2014-05-01 23:25 - 2014-04-27 22:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-01 23:24 - 2014-05-01 23:24 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf652fe08b8cd4
2014-05-01 23:24 - 2014-05-01 23:24 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf652fe04b2782
2014-05-01 23:21 - 2009-07-14 16:45 - 00021920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-01 23:21 - 2009-07-14 16:45 - 00021920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-01 23:18 - 2014-05-01 23:18 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-01 23:18 - 2014-05-01 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-01 23:18 - 2014-04-27 20:51 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Google
2014-05-01 23:17 - 2014-04-27 23:06 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-01 23:16 - 2014-04-27 23:05 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Deployment
2014-05-01 23:13 - 2014-04-27 19:23 - 00000000 ____D () C:\AdwCleaner
2014-05-01 22:54 - 2014-05-01 22:54 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Wizards of the Coast
2014-05-01 22:54 - 2014-05-01 22:54 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Witcher 2
2014-05-01 22:54 - 2014-05-01 22:54 - 00000000 ____D () C:\Users\Liams Desktop\Documents\WBGames
2014-05-01 22:54 - 2014-05-01 22:54 - 00000000 ____D () C:\Users\Liams Desktop\Documents\WB Games
2014-05-01 22:54 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\The Witcher
2014-05-01 22:54 - 2014-04-30 15:57 - 00000000 ____D () C:\Users\Liams Desktop\Documents\shadow warrior
2014-05-01 22:54 - 2014-04-28 13:33 - 00000000 ____D () C:\Users\Liams Desktop\Documents\my games
2014-05-01 22:54 - 2014-04-28 01:42 - 00000000 ____D () C:\Users\Liams Desktop\Documents\StarCraft II
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Square Enix
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Sniper - Ghost Warrior
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\SavedGames
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Rockstar Games
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Riptide
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Reus
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Remedy
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Red Alert 3 Uprising
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\PlanetExplorers
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\PCSX2
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Monolith Productions
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Max Payne Savegames
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Max Payne 2 Savegames
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Layout
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\JustCause
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Hitman Blood Money
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Guacamelee
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\GTA3 User Files
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\GTA Vice City User Files
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Giana Sisters - Twisted Dreams
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Facepalm Games
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Electronic Arts
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Eidos
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Egosoft
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\EA Games
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Dungeon Siege
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Diablo III
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Deus Ex
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\DayZ
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Command and Conquer Generals Zero Hour Data
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Command and Conquer Generals Data
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Command & Conquer
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\capcom
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Call of Juarez - Bound in Blood
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\BioWare
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Bioshock2
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Bioshock
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Battlefield 3
2014-05-01 22:53 - 2014-05-01 22:53 - 00000000 ____D () C:\Users\Liams Desktop\Documents\Amnesia
2014-05-01 20:32 - 2014-04-27 23:56 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Battle.net
2014-05-01 20:29 - 2014-04-28 21:09 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\vlc
2014-05-01 20:25 - 2014-04-27 22:45 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 20:25 - 2014-04-27 22:45 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-01 20:25 - 2014-04-27 22:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-01 20:14 - 2014-05-01 20:14 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Adobe
2014-05-01 16:36 - 2014-04-27 19:37 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-04-30 18:57 - 2014-04-28 01:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-04-30 18:42 - 2014-04-30 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-04-30 17:56 - 2014-04-30 17:56 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-04-30 17:56 - 2014-04-30 17:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-04-30 17:56 - 2014-04-30 17:56 - 00000000 ____D () C:\Program Files (x86)\CapsuleGames
2014-04-30 14:18 - 2014-04-30 14:18 - 00000000 ____D () C:\Users\Liams Desktop\Documents\4a games
2014-04-30 07:44 - 2014-04-28 17:35 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\uTorrent
2014-04-30 07:33 - 2009-07-14 17:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-04-30 02:50 - 2014-04-28 17:38 - 00000000 ____D () C:\Users\Liams Desktop\Downloads\LOST ALPHA v1.3000 DEZOWAVE
2014-04-30 00:05 - 2014-04-27 19:22 - 00000000 ___RD () C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-29 23:14 - 2014-04-29 23:14 - 00000000 __SHD () C:\Users\Liams Desktop\AppData\Local\EmieUserList
2014-04-29 23:14 - 2014-04-29 23:14 - 00000000 __SHD () C:\Users\Liams Desktop\AppData\Local\EmieSiteList
2014-04-29 22:56 - 2014-04-29 22:56 - 00007602 _____ () C:\Users\Liams Desktop\AppData\Local\Resmon.ResmonCfg
2014-04-29 19:45 - 2014-04-29 19:44 - 01310621 _____ () C:\Users\Liams Desktop\Downloads\adwcleaner.exe
2014-04-29 00:11 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\rescache
2014-04-28 22:33 - 2014-04-28 10:38 - 00773536 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-28 21:08 - 2014-04-28 21:06 - 58615209 _____ () C:\Users\Liams Desktop\Downloads\JoeKowan_2013S-480p.mp4
2014-04-28 21:05 - 2014-04-28 21:05 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Oracle
2014-04-28 21:04 - 2014-04-28 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-28 21:04 - 2014-04-28 21:04 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-28 21:04 - 2014-04-28 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-28 21:04 - 2014-04-28 21:04 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-28 21:04 - 2014-04-28 21:04 - 00000000 ____D () C:\ProgramData\Sun
2014-04-28 21:04 - 2014-04-28 21:04 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-28 21:04 - 2014-04-28 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-28 21:04 - 2014-04-28 21:04 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-28 21:03 - 2014-04-28 21:03 - 00921512 _____ (Oracle Corporation) C:\Users\Liams Desktop\Downloads\chromeinstall-7u55.exe
2014-04-28 18:17 - 2014-04-27 23:56 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\NVIDIA
2014-04-28 17:57 - 2014-04-28 17:56 - 01054064 _____ (Amazon Services LLC) C:\Users\Liams Desktop\Downloads\Transformers_War_for_Cybertron_Downloader.exe
2014-04-28 17:36 - 2014-04-28 17:36 - 00000801 _____ () C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-04-28 17:35 - 2014-04-28 17:35 - 01270352 _____ (BitTorrent Inc.) C:\Users\Liams Desktop\Downloads\utorrent.exe
2014-04-28 17:34 - 2014-04-28 17:34 - 00016675 _____ () C:\Users\Liams Desktop\Downloads\LOST ALPHA v1.3000 DEZOWAVE.torrent
2014-04-28 17:34 - 2014-04-27 23:27 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Audacity
2014-04-28 15:18 - 2009-07-14 17:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-04-28 15:18 - 2009-07-14 17:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-04-28 14:20 - 2014-04-28 14:20 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-04-28 14:20 - 2014-04-28 14:20 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-04-28 14:20 - 2014-04-28 14:20 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-04-28 14:20 - 2014-04-28 14:20 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-04-28 14:20 - 2009-07-14 17:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-28 14:20 - 2009-07-14 16:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-04-28 14:20 - 2009-07-14 15:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-28 14:20 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-04-28 14:19 - 2014-04-28 14:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-04-28 14:19 - 2011-04-12 20:28 - 00000000 ____D () C:\Windows\CSC
2014-04-28 14:16 - 2014-04-28 14:16 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Blizzard
2014-04-28 11:24 - 2014-04-28 11:24 - 00301688 _____ (Thesycon GmbH) C:\Users\Liams Desktop\Downloads\dpclat.exe
2014-04-28 11:01 - 2014-04-27 20:54 - 00058400 _____ () C:\Users\Liams Desktop\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-28 10:45 - 2014-04-27 23:56 - 00000000 ____D () C:\ProgramData\Origin
2014-04-28 10:35 - 2014-04-28 10:34 - 00688992 ____R (Swearware) C:\Users\Liams Desktop\Downloads\dds.scr
2014-04-28 04:14 - 2014-04-27 19:22 - 00001413 _____ () C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-28 04:14 - 2014-04-27 19:22 - 00000000 ___RD () C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-28 04:12 - 2009-07-14 16:45 - 00268856 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-28 04:11 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-04-28 04:11 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-04-28 04:11 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-04-28 04:11 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-04-28 04:11 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-28 04:11 - 2009-07-14 15:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-04-28 04:10 - 2011-04-12 20:28 - 00000000 ____D () C:\Program Files\Windows Journal
2014-04-28 04:10 - 2009-07-14 17:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-28 04:10 - 2009-07-14 17:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-04-28 03:43 - 2014-04-28 03:24 - 00013169 _____ () C:\Windows\IE11_main.log
2014-04-28 03:40 - 2014-04-28 03:40 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-28 03:40 - 2014-04-28 03:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-28 03:40 - 2014-04-28 03:40 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-28 03:40 - 2014-04-28 03:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-28 03:40 - 2014-04-28 03:40 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-28 03:40 - 2014-04-28 03:40 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-28 03:40 - 2014-04-28 03:40 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-28 03:40 - 2014-04-28 03:40 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-28 03:40 - 2014-04-28 03:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-28 03:40 - 2014-04-28 03:40 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-28 03:40 - 2014-04-28 03:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-28 03:40 - 2014-04-28 03:40 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-28 03:40 - 2014-04-28 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-28 03:25 - 2014-04-28 03:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-28 03:02 - 2014-04-28 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-28 01:43 - 2014-04-27 23:56 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-04-28 01:24 - 2014-04-28 00:17 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Green Man Gaming
2014-04-28 01:24 - 2014-04-28 00:00 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Origin
2014-04-28 00:24 - 2014-04-28 00:24 - 00000479 _____ () C:\Users\Liams Desktop\Desktop\Steam Backups (H) - Shortcut.lnk
2014-04-28 00:17 - 2014-04-28 00:17 - 00000749 _____ () C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Capsule.lnk
2014-04-28 00:17 - 2014-04-28 00:17 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Capsule Utilities
2014-04-28 00:04 - 2014-04-27 23:54 - 13092824 _____ (Green Man Gaming Limited) C:\Users\Liams Desktop\Downloads\capsulesetup-v2.33.exe
2014-04-28 00:01 - 2014-04-28 00:00 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Origin
2014-04-27 23:57 - 2014-04-27 23:57 - 00000906 _____ () C:\Users\Liams Desktop\Desktop\common - Shortcut.lnk
2014-04-27 23:57 - 2014-04-27 23:56 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Battle.net
2014-04-27 23:56 - 2014-04-27 23:56 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Blizzard Entertainment
2014-04-27 23:56 - 2014-04-27 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-04-27 23:56 - 2014-04-27 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-04-27 23:56 - 2014-04-27 23:56 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-04-27 23:55 - 2014-04-27 23:54 - 17009768 _____ (Electronic Arts, Inc.) C:\Users\Liams Desktop\Downloads\OriginThinSetup.exe
2014-04-27 23:52 - 2014-04-27 23:52 - 06902224 _____ (Blizzard Entertainment) C:\Users\Liams Desktop\Downloads\Battle.net-Setup-enGB.exe
2014-04-27 23:52 - 2014-04-27 23:52 - 00000000 ____D () C:\ProgramData\Battle.net
2014-04-27 23:23 - 2014-04-27 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-27 23:23 - 2014-04-27 23:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-27 23:23 - 2014-04-27 23:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-27 23:19 - 2014-04-27 23:19 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-27 23:19 - 2014-04-27 23:19 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-27 23:19 - 2014-04-27 23:19 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-27 23:17 - 2014-04-27 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-04-27 23:17 - 2014-04-27 23:17 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-27 23:11 - 2014-04-27 23:11 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-04-27 23:11 - 2014-04-27 23:11 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-04-27 23:05 - 2014-04-27 23:05 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Apps\2.0
2014-04-27 22:58 - 2014-04-27 20:51 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-04-27 22:52 - 2014-04-27 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-04-27 22:52 - 2014-04-27 22:52 - 00000000 ____D () C:\Program Files\7-Zip
2014-04-27 22:47 - 2014-04-27 22:47 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Dxtory Software
2014-04-27 22:47 - 2014-04-27 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2014-04-27 22:47 - 2014-04-27 22:47 - 00000000 ____D () C:\Program Files (x86)\ExKode
2014-04-27 22:46 - 2014-04-27 22:46 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\SplitMediaLabs
2014-04-27 22:46 - 2014-04-27 22:46 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Macromedia
2014-04-27 22:46 - 2014-04-27 22:46 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\SplitMediaLabs
2014-04-27 22:46 - 2014-04-27 22:46 - 00000000 ____D () C:\ProgramData\SplitMediaLabs
2014-04-27 22:46 - 2014-04-27 22:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2014-04-27 22:46 - 2014-04-27 22:46 - 00000000 ____D () C:\Program Files (x86)\SplitMediaLabs
2014-04-27 22:45 - 2014-04-27 22:45 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Adobe
2014-04-27 22:43 - 2014-04-27 22:43 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-04-27 22:43 - 2014-04-27 22:43 - 00000000 ____D () C:\Windows\system32\Macromed
2014-04-27 22:41 - 2014-04-27 22:41 - 00003164 _____ () C:\Windows\System32\Tasks\Start CorsairLINK Hardware Monitor
2014-04-27 22:41 - 2014-04-27 22:41 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Corsair
2014-04-27 22:41 - 2014-04-27 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corsair
2014-04-27 22:41 - 2014-04-27 22:41 - 00000000 ____D () C:\Program Files (x86)\Silabs
2014-04-27 22:41 - 2014-04-27 22:41 - 00000000 ____D () C:\Program Files (x86)\Corsair
2014-04-27 22:41 - 2014-04-27 19:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-27 22:40 - 2014-04-27 22:40 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-27 22:40 - 2014-04-27 22:40 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Skype
2014-04-27 22:40 - 2014-04-27 22:40 - 00000000 ____D () C:\ProgramData\Skype
2014-04-27 22:40 - 2014-04-27 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-27 22:34 - 2014-04-27 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2014-04-27 22:34 - 2014-04-27 22:34 - 00000000 ____D () C:\Program Files\ASRock Utility
2014-04-27 22:34 - 2014-04-27 22:34 - 00000000 ____D () C:\Program Files (x86)\ASRock Utility
2014-04-27 22:33 - 2014-04-27 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-04-27 22:33 - 2014-04-27 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mionix
2014-04-27 22:32 - 2014-04-27 22:32 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Mionix
2014-04-27 22:32 - 2014-04-27 22:32 - 00000000 ____D () C:\Program Files (x86)\Mionix
2014-04-27 22:31 - 2014-04-27 22:31 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Downloaded Installations
2014-04-27 22:31 - 2014-04-27 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-04-27 22:31 - 2014-04-27 22:31 - 00000000 ____D () C:\ProgramData\ESET
2014-04-27 22:31 - 2014-04-27 22:31 - 00000000 ____D () C:\Program Files\ESET
2014-04-27 21:42 - 2014-04-27 21:03 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-04-27 21:27 - 2014-04-27 21:27 - 00000000 ____D () C:\ProgramData\Creative Labs
2014-04-27 21:18 - 2014-04-27 21:03 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-04-27 21:03 - 2014-04-27 21:03 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\Logitech® Webcam Software
2014-04-27 21:03 - 2014-04-27 21:03 - 00000000 ____D () C:\Program Files\Realtek
2014-04-27 20:59 - 2014-04-27 20:59 - 00000000 ____D () C:\ProgramData\LogiShrd
2014-04-27 20:58 - 2014-04-27 20:58 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Leadertech
2014-04-27 20:58 - 2014-04-27 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-04-27 20:58 - 2014-04-27 20:58 - 00000000 ____D () C:\ProgramData\Logitech
2014-04-27 20:58 - 2014-04-27 20:58 - 00000000 ____D () C:\Program Files (x86)\Logitech
2014-04-27 20:54 - 2014-04-27 20:43 - 00000000 ____D () C:\Program Files (x86)\Creative
2014-04-27 20:51 - 2014-04-27 20:44 - 00000286 ___RH () C:\Windows\ctfile.rfc
2014-04-27 20:51 - 2014-04-27 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2014-04-27 20:49 - 2014-04-27 20:49 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Creative
2014-04-27 20:49 - 2014-04-27 20:44 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\Creative
2014-04-27 20:48 - 2014-04-27 20:48 - 00000000 ____D () C:\ProgramData\Creative
2014-04-27 20:46 - 2014-04-27 20:46 - 00000000 ___HD () C:\Program Files (x86)\Creative Installation Information
2014-04-27 20:46 - 2014-04-27 20:43 - 00000000 ____D () C:\Program Files\Creative
2014-04-27 20:44 - 2014-04-27 20:44 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-04-27 20:44 - 2014-04-27 20:44 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-04-27 20:44 - 2014-04-27 20:44 - 00123480 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-04-27 20:44 - 2014-04-27 20:44 - 00109144 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-04-27 20:39 - 2014-04-27 20:39 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2014-04-27 20:39 - 2014-04-27 20:07 - 00012718 _____ () C:\Windows\DPINST.LOG
2014-04-27 20:39 - 2014-04-27 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
2014-04-27 20:38 - 2014-04-27 20:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-04-27 20:37 - 2014-04-27 20:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-04-27 20:37 - 2014-04-27 19:29 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-04-27 20:07 - 2014-04-27 20:07 - 00000000 ____D () C:\Program Files (x86)\ASM106xSATA
2014-04-27 19:48 - 2014-04-27 19:48 - 00000000 ____D () C:\Program Files\Broadcom
2014-04-27 19:47 - 2014-04-27 19:47 - 00000000 _____ () C:\Users\Liams Desktop\agent.log
2014-04-27 19:41 - 2009-07-14 17:32 - 00000000 ____D () C:\Windows\system32\restore
2014-04-27 19:37 - 2014-04-27 19:37 - 00003492 _____ () C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2014-04-27 19:37 - 2014-04-27 19:37 - 00003188 _____ () C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2014-04-27 19:37 - 2014-04-27 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-04-27 19:37 - 2014-04-27 19:37 - 00000000 ____D () C:\Program Files\Intel
2014-04-27 19:37 - 2014-04-27 19:37 - 00000000 _____ () C:\Windows\SysWOW64\agent.log
2014-04-27 19:37 - 2014-04-27 19:29 - 00000000 ____D () C:\ProgramData\Intel
2014-04-27 19:37 - 2009-07-14 15:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-27 19:36 - 2014-04-27 19:36 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Roaming\InstallShield
2014-04-27 19:34 - 2014-04-27 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-04-27 19:32 - 2014-04-27 19:32 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-27 19:32 - 2014-04-27 19:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-27 19:32 - 2014-04-27 19:32 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-04-27 19:32 - 2014-04-27 19:30 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-04-27 19:32 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\Help
2014-04-27 19:30 - 2014-04-27 19:30 - 00020668 _____ () C:\Windows\system32\results.xml
2014-04-27 19:30 - 2014-04-27 19:30 - 00000000 ____D () C:\NVIDIA
2014-04-27 19:29 - 2014-04-27 19:29 - 00000000 ____D () C:\Intel
2014-04-27 19:22 - 2014-04-28 15:18 - 00000000 ____D () C:\Windows\Panther
2014-04-27 19:22 - 2014-04-27 19:22 - 00000020 ___SH () C:\Users\Liams Desktop\ntuser.ini
2014-04-27 19:22 - 2014-04-27 19:22 - 00000000 ____D () C:\Users\Liams Desktop\AppData\Local\VirtualStore
2014-04-03 10:33 - 2014-04-27 23:23 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 10:33 - 2014-04-27 23:23 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 10:33 - 2014-04-27 23:23 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
 
Some content of TEMP:
====================
C:\Users\Liams Desktop\AppData\Local\Temp\InstHelper.exe
C:\Users\Liams Desktop\AppData\Local\Temp\qc_e3f0f3ef_27e6_4ca8_8a7c_a3d761aa54bb_64.exe
C:\Users\Liams Desktop\AppData\Local\Temp\Quarantine.exe
C:\Users\Liams Desktop\AppData\Local\Temp\uninstall_flash_player.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-04-29 00:31
 
==================== End Of Log ============================

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:54 PM

Posted 02 May 2014 - 06:37 AM

 
If you still want to be prompted to register your Logitech product at start up remove these item from the code box before saving the Fixlog.txt file.
Startup: C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
 
 
Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start
HKU\S-1-5-21-649156701-4253695833-617214561-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-649156701-4253695833-617214561-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ASRockXTU] => [X]
Startup: C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
S3 AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [X]
R3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.sys [X]
C:\Users\Liams Desktop\AppData\Local\Temp\InstHelper.exe
C:\Users\Liams Desktop\AppData\Local\Temp\qc_e3f0f3ef_27e6_4ca8_8a7c_a3d761aa54bb_64.exe
C:\Users\Liams Desktop\AppData\Local\Temp\uninstall_flash_player.exe.
End
 
Save the files as fixlist.txt in to the same folder as FRST
 
Run FRST and click Fix only once and wait
 
The tool will create a log (Fixlog.txt) please post it to your reply.
 
===
 
Download Security Check by screen317 from here.
  •  
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===
 
Let me know of any remaining issues with this computer.


#5 bellliam

bellliam
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 02 May 2014 - 06:56 AM

Here are the Fix results
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-05-2014
Ran by Liams Desktop at 2014-05-02 23:53:56 Run:1
Running from C:\Users\Liams Desktop\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
HKU\S-1-5-21-649156701-4253695833-617214561-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-649156701-4253695833-617214561-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ASRockXTU] => [X]
Startup: C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
S3 AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [X]
R3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.sys [X]
C:\Users\Liams Desktop\AppData\Local\Temp\InstHelper.exe
C:\Users\Liams Desktop\AppData\Local\Temp\qc_e3f0f3ef_27e6_4ca8_8a7c_a3d761aa54bb_64.exe
C:\Users\Liams Desktop\AppData\Local\Temp\uninstall_flash_player.exe.
End
*****************
 
HKU\S-1-5-21-649156701-4253695833-617214561-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockXTU => Value deleted successfully.
HKU\S-1-5-21-649156701-4253695833-617214561-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockXTU => Value not found.
C:\Users\Liams Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk => Moved successfully.
C:\Program Files (x86)\Logitech\Ereg\eReg.exe => Moved successfully.
AsrCDDrv => Service deleted successfully.
WinRing0_1_2_0 => Unable to stop service
WinRing0_1_2_0 => Service deleted successfully.
C:\Users\Liams Desktop\AppData\Local\Temp\InstHelper.exe => Moved successfully.
C:\Users\Liams Desktop\AppData\Local\Temp\qc_e3f0f3ef_27e6_4ca8_8a7c_a3d761aa54bb_64.exe => Moved successfully.
C:\Users\Liams Desktop\AppData\Local\Temp\uninstall_flash_player.exe. => Moved successfully.
 
==== End of Fixlog ====
 Results of screen317's Security Check version 0.99.82  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
ESET NOD32 Antivirus 7.0   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 55  
 Adobe Flash Player 13.0.0.206  
 Adobe Reader XI  
 Google Chrome 34.0.1847.131  
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 8% 
````````````````````End of Log`````````````````````` 


#6 bellliam

bellliam
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 02 May 2014 - 06:58 AM

 Results of screen317's Security Check version 0.99.82  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
ESET NOD32 Antivirus 7.0   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 55  
 Adobe Flash Player 13.0.0.206  
 Adobe Reader XI  
 Google Chrome 34.0.1847.131  
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 8% 
````````````````````End of Log`````````````````````` 


#7 bellliam

bellliam
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 02 May 2014 - 07:23 AM

I don't think there is a problem, although there is some strange ding sounds when I click things instead of the usual windows sound. My friend ran TDSSKILLER and COMBOFIX on my PC while I was out cooking so I don't know if that damaged it more.

 

I could find the Combofix log for you to see but he can't find the tsddkiller log and neither can I sorry

 

ComboFix 14-04-30.01 - Liams Desktop 05/03/2014   0:13.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.16267.14018 [GMT 12:00]
Running from: c:\users\Liams Desktop\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\APOMngr.DLL.tmp
c:\windows\SysWow64\CmdRtr.DLL.tmp
c:\windows\SysWow64\tmp1C27.tmp
c:\windows\SysWow64\tmp1DEC.tmp
H:\install.exe
.
.
(((((((((((((((((((((((((   Files Created from 2014-04-02 to 2014-05-02  )))))))))))))))))))))))))))))))
.
.
2014-05-02 12:15 . 2014-05-02 12:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-02 12:03 . 2014-05-02 12:03 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E3ED3CFF-FDF5-4692-BA2E-81087673DBCB}\offreg.dll
2014-05-02 12:00 . 2014-05-02 12:00 -------- d-s---w- c:\windows\system32\CompatTel
2014-05-02 11:59 . 2014-04-14 02:24 465408 ----a-w- c:\windows\system32\aepdu.dll
2014-05-02 11:59 . 2014-04-14 02:19 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-05-02 06:52 . 2014-04-16 17:31 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E3ED3CFF-FDF5-4692-BA2E-81087673DBCB}\mpengine.dll
2014-05-02 06:52 . 2014-05-02 11:54 -------- d-----w- C:\FRST
2014-04-30 05:56 . 2009-03-16 02:18 69448 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2014-04-30 05:56 . 2009-03-16 02:18 517448 ----a-w- c:\windows\SysWow64\XAudio2_4.dll
2014-04-30 05:56 . 2009-03-16 02:18 235352 ----a-w- c:\windows\SysWow64\xactengine3_4.dll
2014-04-30 05:56 . 2009-03-16 02:18 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_6.dll
2014-04-30 05:56 . 2007-03-12 04:42 3495784 ----a-w- c:\windows\SysWow64\d3dx9_33.dll
2014-04-30 05:56 . 2006-09-28 04:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2014-04-30 05:56 . 2014-04-30 05:56 -------- d-----w- c:\program files (x86)\Microsoft XNA
2014-04-30 05:56 . 2014-04-30 05:56 -------- d-----w- c:\program files (x86)\CapsuleGames
2014-04-29 10:54 . 2014-03-06 08:15 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-04-28 09:04 . 2014-04-28 09:04 -------- d-----w- c:\programdata\Oracle
2014-04-28 09:04 . 2014-04-28 09:04 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-04-28 09:04 . 2014-04-28 09:04 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-28 09:04 . 2014-04-28 09:04 -------- d-----w- c:\program files (x86)\Java
2014-04-28 03:18 . 2014-04-27 07:22 -------- d-----w- c:\windows\Panther
2014-04-28 02:20 . 2014-04-28 02:20 -------- d-----w- c:\programdata\Hewlett-Packard
2014-04-28 02:20 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2014-04-28 01:54 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-04-28 01:54 . 2013-12-24 22:48 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-04-28 01:54 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-04-28 01:54 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
2014-04-28 01:54 . 2010-06-01 16:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2014-04-28 01:54 . 2010-06-01 16:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2014-04-28 01:54 . 2010-05-25 23:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-04-28 01:54 . 2010-05-25 23:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2014-04-28 01:54 . 2010-05-25 23:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-04-28 01:54 . 2010-02-03 22:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2014-04-28 01:54 . 2007-04-04 06:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2014-04-28 00:48 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-04-28 00:48 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-04-28 00:43 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-04-28 00:43 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-04-28 00:12 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2014-04-28 00:12 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2014-04-28 00:12 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2014-04-28 00:12 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2014-04-28 00:12 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2014-04-28 00:12 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2014-04-28 00:12 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2014-04-28 00:12 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2014-04-28 00:12 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2014-04-28 00:12 . 2011-03-11 04:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2014-04-27 23:41 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2014-04-27 23:41 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2014-04-27 23:07 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-04-27 23:07 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-04-27 22:38 . 2014-04-27 22:38 -------- d-----w- c:\windows\Migration
2014-04-27 16:10 . 2014-04-27 16:10 -------- d-----w- c:\windows\SysWow64\Wat
2014-04-27 16:10 . 2014-04-27 16:10 -------- d-----w- c:\windows\system32\Wat
2014-04-27 15:52 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-04-27 15:52 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-04-27 15:52 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-04-27 15:52 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-04-27 15:52 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-04-27 15:43 . 2013-10-14 06:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-04-27 15:25 . 2014-04-27 15:25 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-27 15:17 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2014-04-27 15:03 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-04-27 15:03 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-04-27 15:03 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-04-27 15:03 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-04-27 15:03 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-04-27 15:03 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-04-27 15:03 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-04-27 15:01 . 2014-04-27 15:02 -------- d-----w- c:\windows\system32\MRT
2014-04-27 15:00 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-04-27 15:00 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2014-04-27 15:00 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2014-04-27 11:56 . 2014-04-27 22:45 -------- d-----w- c:\programdata\Origin
2014-04-27 11:56 . 2014-04-27 11:56 -------- d-----w- c:\programdata\Electronic Arts
2014-04-27 11:56 . 2014-04-30 06:57 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2014-04-27 11:56 . 2014-04-27 13:43 -------- d-----w- c:\programdata\Blizzard Entertainment
2014-04-27 11:52 . 2014-04-27 11:52 -------- d-----w- c:\programdata\Battle.net
2014-04-27 11:28 . 2010-08-29 20:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-04-27 11:27 . 2014-05-02 11:44 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-27 11:23 . 2014-04-27 11:23 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-04-27 11:23 . 2014-04-27 11:23 -------- d-----w- c:\programdata\Malwarebytes
2014-04-27 11:23 . 2014-04-02 22:33 63192 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-27 11:23 . 2014-04-02 22:33 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-27 11:23 . 2014-04-02 22:33 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-27 11:19 . 2014-04-27 11:19 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-04-27 11:17 . 2014-04-27 11:17 -------- d-----w- c:\program files (x86)\VideoLAN
2014-04-27 11:11 . 2014-04-27 11:11 -------- d-----w- c:\program files (x86)\Audacity
2014-04-27 11:05 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll
2014-04-27 11:04 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-04-27 11:03 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2014-04-27 11:03 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-04-27 11:03 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-04-27 11:03 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2014-04-27 11:03 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2014-04-27 11:03 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2014-04-27 11:03 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2014-04-27 11:03 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2014-04-27 11:03 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-04-27 11:03 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-04-27 11:03 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-04-27 11:03 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-04-27 11:03 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-04-27 11:01 . 2011-02-12 11:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2014-04-27 10:52 . 2014-04-27 10:52 -------- d-----w- c:\program files\7-Zip
2014-04-27 10:47 . 2013-02-15 10:44 8300544 ----a-w- c:\windows\SysWow64\DxtoryCodec.dll
2014-04-27 10:47 . 2013-02-15 10:44 8043008 ----a-w- c:\windows\system32\DxtoryCodec.dll
2014-04-27 10:47 . 2014-04-27 10:47 -------- d-----w- c:\program files (x86)\ExKode
2014-04-27 10:46 . 2014-04-27 10:46 -------- d-----w- c:\programdata\SplitMediaLabs
2014-04-27 10:46 . 2014-04-27 10:46 -------- d-----w- c:\program files (x86)\SplitMediaLabs
2014-04-27 10:45 . 2014-05-01 08:25 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-27 10:45 . 2014-05-01 08:25 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-27 10:43 . 2014-04-27 10:43 -------- d-----w- c:\windows\SysWow64\Macromed
2014-04-27 10:43 . 2014-04-27 10:43 -------- d-----w- c:\windows\system32\Macromed
2014-04-27 10:41 . 2014-04-27 10:41 -------- d-----w- c:\program files (x86)\Silabs
2014-04-27 10:41 . 2014-04-27 10:41 -------- d-----w- c:\program files (x86)\Corsair
2014-04-27 10:40 . 2014-04-27 10:40 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-04-27 10:40 . 2014-04-27 10:40 -------- d-----w- c:\programdata\Skype
2014-04-27 10:40 . 2014-04-27 10:40 -------- d-----r- c:\program files (x86)\Skype
2014-04-27 10:39 . 2014-04-27 10:39 -------- d-----w- c:\program files (x86)\Microsoft.NET
2014-04-27 10:34 . 2014-04-27 10:34 -------- d-----w- c:\program files\ASRock Utility
2014-04-27 10:34 . 2012-01-13 00:52 31016 ----a-w- c:\windows\system32\drivers\AsrRamDisk.sys
2014-04-27 10:34 . 2014-04-27 10:34 -------- d-----w- c:\program files (x86)\ASRock Utility
2014-04-27 10:33 . 2014-04-27 11:02 -------- d-----w- c:\program files (x86)\Common Files\Steam
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-30 21:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-04 09:17 . 2014-04-27 11:02 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"Dxtory Update Checker 2.0"="c:\program files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe" [2010-10-17 93696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-26 291608]
"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe" [2010-12-07 241757]
"Module Loader"="c:\program files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" [2007-07-23 57344]
"THX TruStudio NB Settings"="c:\program files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" [2011-05-18 909824]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-01 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 36265448
*NewlyCreated* - 86219524
*Deregistered* - 36265448
*Deregistered* - 86219524
*Deregistered* - MBAMWebAccessControl
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-01 11:17 1078088 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-05-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-27 08:25]
.
2014-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf652fe04b2782.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-01 11:16]
.
2014-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf652fe08b8cd4.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-01 11:16]
.
2014-05-02 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-15 23:54]
.
2014-05-01 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-15 23:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-09-21 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-09-21 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-09-21 441152]
"Creative SB Monitoring Utility"="sbavmon.dll" [2010-07-29 115712]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2011-05-13 26624]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-31 12446824]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-09-12 5618456]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-CMIUSB&1B1C&1C00 - c:\program files (x86)\Silabs\MCU\USBXpress\DriverUninstaller.exe USBXpress\CMIUSB&1B1C&1C00
AddRemove-Steam - f:\steam\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-05-03  00:16:06
ComboFix-quarantined-files.txt  2014-05-02 12:16
.
Pre-Run: 182,944,538,624 bytes free
Post-Run: 184,242,085,888 bytes free
.
- - End Of File - - D57FC58C4450685B04EA805CE88C59DC
5FB38429D5D77768867C76DCBDB35194


#8 bellliam

bellliam
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 02 May 2014 - 07:26 AM

also adwcleaner is still showing aol in it's chrome part of the log

 

# AdwCleaner v3.205 - Report created 03/05/2014 at 00:25:09
# Updated 28/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Liams Desktop - LIAMSDESKTOP-PC
# Running from : C:\Users\Liams Desktop\Downloads\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
-\\ Google Chrome v34.0.1847.131
 
[ File : C:\Users\Liams Desktop\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [630 octets] - [27/04/2014 19:23:34]
AdwCleaner[R10].txt - [1315 octets] - [27/04/2014 22:27:28]
AdwCleaner[R11].txt - [1426 octets] - [27/04/2014 22:54:59]
AdwCleaner[R12].txt - [1497 octets] - [27/04/2014 22:59:14]
AdwCleaner[R13].txt - [1691 octets] - [27/04/2014 23:28:49]
AdwCleaner[R14].txt - [1899 octets] - [27/04/2014 23:30:48]
AdwCleaner[R15].txt - [1960 octets] - [27/04/2014 23:34:02]
AdwCleaner[R16].txt - [1935 octets] - [27/04/2014 23:35:19]
AdwCleaner[R17].txt - [2056 octets] - [27/04/2014 23:39:58]
AdwCleaner[R18].txt - [2117 octets] - [28/04/2014 00:04:13]
AdwCleaner[R19].txt - [2178 octets] - [28/04/2014 01:00:57]
AdwCleaner[R1].txt - [776 octets] - [27/04/2014 19:47:56]
AdwCleaner[R20].txt - [2240 octets] - [28/04/2014 09:10:02]
AdwCleaner[R21].txt - [2301 octets] - [28/04/2014 10:48:19]
AdwCleaner[R22].txt - [2422 octets] - [28/04/2014 14:54:14]
AdwCleaner[R23].txt - [2483 octets] - [28/04/2014 17:06:49]
AdwCleaner[R24].txt - [2544 octets] - [28/04/2014 17:34:23]
AdwCleaner[R25].txt - [2605 octets] - [28/04/2014 17:37:56]
AdwCleaner[R26].txt - [2666 octets] - [28/04/2014 20:12:34]
AdwCleaner[R27].txt - [2727 octets] - [28/04/2014 22:14:39]
AdwCleaner[R28].txt - [2790 octets] - [29/04/2014 19:46:18]
AdwCleaner[R29].txt - [2851 octets] - [29/04/2014 23:03:19]
AdwCleaner[R2].txt - [835 octets] - [27/04/2014 19:54:08]
AdwCleaner[R30].txt - [2912 octets] - [29/04/2014 23:57:04]
AdwCleaner[R31].txt - [2973 octets] - [30/04/2014 00:02:19]
AdwCleaner[R32].txt - [3094 octets] - [01/05/2014 20:15:10]
AdwCleaner[R33].txt - [3155 octets] - [01/05/2014 20:18:01]
AdwCleaner[R34].txt - [3216 octets] - [01/05/2014 22:46:50]
AdwCleaner[R35].txt - [3277 octets] - [01/05/2014 22:59:56]
AdwCleaner[R36].txt - [3544 octets] - [01/05/2014 23:11:19]
AdwCleaner[R37].txt - [3519 octets] - [01/05/2014 23:13:23]
AdwCleaner[R38].txt - [3786 octets] - [03/05/2014 00:24:51]
AdwCleaner[R3].txt - [894 octets] - [27/04/2014 20:11:52]
AdwCleaner[R4].txt - [953 octets] - [27/04/2014 20:38:20]
AdwCleaner[R5].txt - [1012 octets] - [27/04/2014 20:50:23]
AdwCleaner[R6].txt - [1072 octets] - [27/04/2014 20:52:42]
AdwCleaner[R7].txt - [1133 octets] - [27/04/2014 20:59:28]
AdwCleaner[R8].txt - [1193 octets] - [27/04/2014 21:03:09]
AdwCleaner[R9].txt - [1254 octets] - [27/04/2014 21:26:24]
AdwCleaner[S0].txt - [690 octets] - [27/04/2014 19:23:54]
AdwCleaner[S1].txt - [1489 octets] - [27/04/2014 22:56:40]
AdwCleaner[S2].txt - [2024 octets] - [27/04/2014 23:34:13]
AdwCleaner[S3].txt - [1995 octets] - [27/04/2014 23:35:36]
AdwCleaner[S4].txt - [2361 octets] - [28/04/2014 10:48:36]
AdwCleaner[S5].txt - [3033 octets] - [30/04/2014 00:02:36]
AdwCleaner[S6].txt - [3337 octets] - [01/05/2014 23:00:14]
AdwCleaner[S7].txt - [3608 octets] - [01/05/2014 23:11:32]
AdwCleaner[S8].txt - [3579 octets] - [01/05/2014 23:13:34]
AdwCleaner[S9].txt - [3710 octets] - [03/05/2014 00:25:09]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S9].txt - [3770 octets] ##########


#9 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:54 PM

Posted 02 May 2014 - 09:57 AM

I don't think there is a problem, although there is some strange ding sounds when I click things instead of the usual windows sound.

You can change the sound.
Open your Control Panel, select the Sound link.
Under the Sound tab
Reset the default.
You can also change the sound for many applications.
Make sure you click the Apply button.
====

Click on "Customize and control Google Chrome":
 p22003758.gif
Click setting
Under the On Start up section.
Select Set Pages.
Remove any references to AOL.

Close chrome and restart it.

How is it now?

#10 bellliam

bellliam
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 02 May 2014 - 09:59 AM

ok, thanks. Do all the logs seem ok to you?



#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:54 PM

Posted 02 May 2014 - 12:45 PM

All the logs are clean.

If all is well:

Time for some housekeeping
  • The following will implement some cleanup procedures as well as reset System Restore points:
  • Click Start > Run and copy/paste the following bold text into the Run box and click OK:
  • ComboFix /Uninstall
===

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful add-ons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===

#12 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:54 PM

Posted 08 May 2014 - 07:38 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users