Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows failing to start,System repair doesn't help


  • This topic is locked This topic is locked
37 replies to this topic

#1 Mateyto

Mateyto

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:22 PM

Posted 30 May 2014 - 08:25 AM

Hi guys,I got weird problem for a week already,every time I try shutdown my pc I noticed shutdown time is increased,takes way too much time,and then when i start pc next time,after windows logo message my screen turns black,nothing there not even cursor,then I need restart it manually and run system repair(system repair need just to start then I restart it again and it boots normally),but when I let it go to end,I gets this message

 

The Windows Repair Problem Signature
Problem Event Name: Startup Repair Offline
Problem Signature 1: 6.1.7600.16385
Problem Signature 2: 6.1.7600.16385
Problem Signature 3: Unknown
Problem Signature 4: 21200770
Problem Signature 5: AutoFailover
Problem Signature 6: 4
Problem Signature 7: BadDriver
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 1033

 

Also I noticed when I put my pc in sleep mode,and when I wake it up,my monitor doesn't seem to respond,led signal stays orange n don't turn blue,so I need restart pc again,I tried reinstall graphic card drivers but doesn't help....so if u got any way to help me I would appreciate it

 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:22 PM

Posted 04 June 2014 - 08:30 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/536010 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Mateyto

Mateyto
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:22 PM

Posted 04 June 2014 - 05:14 PM

Problem is still there,I usually don't turn off my PC just putting it on sleep mode mostly,so I wanna focus on fixing it

 

Here is DDS log

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16545  BrowserJavaVersion: 10.51.2
Run by Mateo at 0:08:55 on 2014-06-05
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.44.1033.18.2046.160 [GMT 2:00]
.
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Opera\21.0.1432.67\opera.exe
C:\Program Files (x86)\Opera\21.0.1432.67\opera_crashreporter.exe
C:\Program Files (x86)\Opera\21.0.1432.67\opera.exe
C:\Program Files (x86)\Opera\21.0.1432.67\opera.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Opera\21.0.1432.67\opera.exe
C:\Program Files (x86)\Opera\21.0.1432.67\opera.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Opera\21.0.1432.67\opera.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.hr/
mWinlogon: Userinit = userinit.exe,
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
TCP: NameServer = 212.91.97.4 212.91.97.3
TCP: Interfaces\{37544160-4D1D-48A3-919A-4F1E61708CB3} : DHCPNameServer = 212.91.97.4 212.91.97.3
SSODL: WebCheck - <orphaned>
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mateo\AppData\Roaming\Mozilla\Firefox\Profiles\9qn2vz74.default\
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
.
============= SERVICES / DRIVERS ===============
.
R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2014-4-4 150256]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-5-30 413128]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
R3 ZTEusbnet;ZTE USB-NDIS miniport;C:\Windows\System32\drivers\ZTEusbnet.sys [2014-3-8 167424]
R3 ZTEusbvoice;ZTE VoUSB Port;C:\Windows\System32\drivers\zteusbvoice.sys [2014-3-8 150656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 massfilter;ZTE Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter.sys [2008-12-8 11776]
S4 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2014-5-20 241728]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S4 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-5-25 5024576]
S4 VMCService;Vodafone Mobile Connect Service;C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-11-4 14336]
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-06-04 19:43:14 -------- d-----w- C:\Program Files\Realtek
2014-06-04 19:43:13 -------- d-----w- C:\Windows\SysWow64\RTCOM
2014-06-04 18:23:02 -------- d-----w- C:\Users\Mateo\AppData\Local\ElevatedDiagnostics
2014-06-04 14:27:16 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-06-03 12:19:30 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2014-06-03 12:19:22 99840 ----a-w- C:\Windows\System32\wudriver.dll
2014-06-03 12:19:13 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-06-03 12:19:13 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2014-05-31 16:15:42 -------- d-----w- C:\Users\Mateo\AppData\Roaming\NVIDIA
2014-05-30 23:35:50 -------- d-----w- C:\FRST
2014-05-30 15:21:36 601432 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-05-30 15:21:23 927520 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-05-30 15:21:23 6769096 ----a-w- C:\Windows\System32\nvcpl.dll
2014-05-30 15:21:23 62808 ----a-w- C:\Windows\System32\nvshext.dll
2014-05-30 15:21:23 387528 ----a-w- C:\Windows\System32\nvmctray.dll
2014-05-30 15:21:23 3774821 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-05-30 15:21:23 3514144 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-05-30 15:21:17 61216 ----a-w- C:\Windows\System32\OpenCL.dll
2014-05-30 15:21:17 52056 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-05-30 12:52:00 -------- d-----w- C:\Users\Mateo\AppData\Local\NVIDIA Corporation
2014-05-30 10:24:59 -------- d-----w- C:\temp
2014-05-30 10:13:00 -------- d-----w- C:\NVIDIA
2014-05-25 20:57:34 -------- d-----w- C:\Program Files (x86)\TeamViewer
2014-05-22 13:54:37 -------- d-----w- C:\Users\Mateo\AppData\Roaming\Maxthon3
2014-05-22 13:53:55 -------- d-----w- C:\Program Files (x86)\Maxthon
2014-05-22 09:22:00 -------- d-----w- C:\Users\Mateo\AppData\Local\Opera Software
2014-05-22 09:21:59 -------- d-----w- C:\Users\Mateo\AppData\Roaming\Opera Software
2014-05-22 08:12:33 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-22 08:12:19 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-22 08:12:19 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-22 08:12:19 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-22 08:12:19 -------- d-----w- C:\ProgramData\Malwarebytes
2014-05-22 08:12:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-20 13:35:26 -------- d-----w- C:\Users\Mateo\AppData\Roaming\Foxit Software
2014-05-20 13:32:19 -------- d-----w- C:\Program Files (x86)\Foxit Software
2014-05-17 16:56:34 1540384 ----a-w- C:\Windows\System32\nvdispgenco6433781.dll
2014-05-17 16:56:33 1890080 ----a-w- C:\Windows\System32\nvdispco6433781.dll
2014-05-17 15:34:08 -------- d-----w- C:\Users\Mateo\AppData\Local\Innovative Solutions
2014-05-17 15:31:56 -------- d--h--w- C:\ProgramData\Common Files
2014-05-14 21:39:24 -------- d-----r- C:\Program Files (x86)\Skype
.
==================== Find3M  ====================
.
2014-06-04 14:27:16 902656 ----a-w- C:\Windows\System32\d2d1.dll
2014-05-20 02:44:03 9735256 ----a-w- C:\Windows\SysWow64\nvcuda.dll
2014-05-14 16:37:38 3962840 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2014-05-13 22:36:50 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-13 22:36:50 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-09 09:17:44 628952 ----a-w- C:\Windows\System32\RtDataProc64.dll
2014-04-30 09:34:18 948952 ----a-w- C:\Windows\System32\RCoInstII64.dll
2014-04-28 13:48:48 2800344 ----a-w- C:\Windows\System32\RltkAPO64.dll
2014-04-25 11:51:10 2834648 ----a-w- C:\Windows\System32\RtPgEx64.dll
2014-04-25 11:23:36 1022168 ----a-w- C:\Windows\System32\RtkApi64.dll
2014-04-15 14:20:47 1024 ---h--w- C:\AMTAG.BIN
2014-04-10 10:19:56 2101848 ----a-w- C:\Windows\System32\WavesGUILib64.dll
2014-04-10 10:19:54 2041432 ----a-w- C:\Windows\System32\MaxxAudioEQ64.dll
2014-04-10 10:19:52 1063512 ----a-w- C:\Windows\System32\MaxxAudioAPOShell64.dll
2014-04-04 13:18:03 13602 ----a-w- C:\ProgramData\1396611335.3504.bin
2014-04-04 12:17:59 298249 ----a-w- C:\ProgramData\1396611335.2452.bin
2014-04-04 12:03:14 135730 ----a-w- C:\ProgramData\1396611335.944.bin
2014-04-04 11:48:58 118244 ----a-w- C:\ProgramData\1396611335.4052.bin
2014-04-04 11:48:26 17807 ----a-w- C:\ProgramData\1396611335.2188.bin
2014-04-04 11:48:12 2247 ----a-w- C:\ProgramData\1396611335.1840.bin
2014-04-04 11:44:54 1545 ----a-w- C:\ProgramData\1396611335.3596.bin
2014-04-04 11:42:14 1090 ----a-w- C:\ProgramData\1396611335.2856.bin
2014-04-04 11:41:56 1090 ----a-w- C:\ProgramData\1396611335.2708.bin
2014-04-04 11:36:30 9466 ----a-w- C:\ProgramData\1396611335.3904.bin
2014-04-04 11:36:22 17891 ----a-w- C:\ProgramData\1396611335.4040.bin
2014-04-04 11:36:22 0 ----a-w- C:\Windows\System32\BDSandBoxUISkin32.dll
2014-04-04 11:36:22 0 ----a-w- C:\Windows\System32\BDSandBoxUISkin.dll
2014-04-04 11:36:22 0 ----a-w- C:\Windows\System32\BDSandBoxUH.dll
2014-04-04 11:36:12 2959 ----a-w- C:\ProgramData\1396611335.1816.bin
2014-03-08 23:54:04 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-03-08 16:03:59 319456 ----a-w- C:\Windows\DIFxAPI.dll
2014-03-08 16:03:00 20544 ----a-w- C:\Windows\gdrv.sys
.
============= FINISH:  0:10:03.36 ===============
 

 

Attached Files



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,381 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:22 PM

Posted 07 June 2014 - 12:25 PM

Greetings Mateyto and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • Attached System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Mateyto

Mateyto
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:22 PM

Posted 08 June 2014 - 10:08 AM

Hi Gary,thx for ur assisstance,my name is Mateo and u can call me so :) ,here is Farbar scan
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-06-2014
Ran by Mateo (administrator) on MATEO-PC on 08-06-2014 16:58:15
Running from C:\Users\Mateo\Desktop
Platform: Windows 7 Ultimate (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe
(http://www.autoclickersoft.com/) C:\Program Files (x86)\AC Color Clicker\ColorClicker.exe
(Opera Software) C:\Program Files (x86)\Opera\21.0.1432.67\opera.exe
() C:\Program Files (x86)\Opera\21.0.1432.67\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\21.0.1432.67\opera.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKU\S-1-5-21-2371166680-4290356488-3413895344-1000\...\MountPoints2: E - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2371166680-4290356488-3413895344-1000\...\MountPoints2: {dbdd4464-a6d9-11e3-847a-001fd08b3841} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2371166680-4290356488-3413895344-1000\...\MountPoints2: {dbdd4521-a6d9-11e3-847a-001fd08b3841} - E:\setup_vmc_lite.exe /checkApplicationPresence
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.hr/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5F5C7799EA3ACF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={69D36076-7AD8-4886-AA1B-DEA709E39B93}&mid=b7b3b33cd3eb47d2a5c6d1e980e4e9f3-b420b69babb5253fbe02efd1b9cefa1155493e84&lang=en&ds=is015&coid=avgtbdisis&cmpid=&pr=sa&d=2014-05-17 16:33:33&v=18.1.0.443&pid=safeguard&sg=&sap=dsp&q={searchTerms}
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Tcpip\Parameters: [DhcpNameServer] 212.91.97.4 212.91.97.3
 
FireFox:
========
FF ProfilePath: C:\Users\Mateo\AppData\Roaming\Mozilla\Firefox\Profiles\9qn2vz74.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
 
==================== Services (Whitelisted) =================
 
S4 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [241728 2014-03-11] (Foxit Corporation)
S4 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [14336 2008-11-04] (Vodafone)
 
==================== Drivers (Whitelisted) ====================
 
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-08 16:58 - 2014-06-08 16:58 - 00007241 _____ () C:\Users\Mateo\Desktop\FRST.txt
2014-06-08 16:57 - 2014-06-08 16:57 - 02072576 _____ (Farbar) C:\Users\Mateo\Desktop\FRST64.exe
2014-06-05 00:10 - 2014-06-05 00:10 - 00011279 _____ () C:\Users\Mateo\Desktop\dds.txt
2014-06-05 00:10 - 2014-06-05 00:10 - 00008322 _____ () C:\Users\Mateo\Desktop\attach.txt
2014-06-05 00:08 - 2014-06-05 00:08 - 00688992 ____R (Swearware) C:\Users\Mateo\Desktop\dds.com
2014-06-04 21:43 - 2014-06-04 21:43 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-06-04 21:43 - 2014-06-04 21:43 - 00000000 ____D () C:\Program Files\Realtek
2014-06-04 21:42 - 2014-06-04 21:45 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-06-04 21:42 - 2014-06-04 21:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-04 21:42 - 2014-06-04 21:42 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-04 21:42 - 2014-05-14 18:37 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-06-04 21:42 - 2014-05-14 16:00 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-06-04 21:42 - 2014-05-09 11:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-06-04 21:42 - 2014-04-30 11:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-06-04 21:42 - 2014-04-28 15:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-06-04 21:42 - 2014-04-25 13:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-06-04 21:42 - 2014-04-25 13:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-06-04 21:42 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-06-04 21:42 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-06-04 21:42 - 2014-04-10 12:19 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-06-04 21:42 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-06-04 21:42 - 2014-02-26 15:16 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-06-04 21:42 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-06-04 21:42 - 2014-01-28 11:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-06-04 21:42 - 2014-01-08 15:25 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2014-06-04 21:42 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-06-04 21:42 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-06-04 21:42 - 2012-06-08 16:21 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2014-06-04 21:42 - 2012-06-08 16:21 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2014-06-04 21:42 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-06-04 21:42 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-06-04 21:42 - 2011-12-16 14:57 - 00065112 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld64.dll
2014-06-04 21:42 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-06-04 21:42 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-06-04 21:42 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-06-04 21:42 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-06-04 21:42 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-06-04 21:42 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-06-04 21:42 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-06-04 21:42 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-06-04 21:42 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-06-04 21:42 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-06-04 21:42 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-06-04 21:42 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-06-04 21:42 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-06-04 21:42 - 2009-11-18 07:13 - 00060504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn64.dll
2014-06-04 21:29 - 2014-06-04 21:41 - 125683715 _____ (Realtek Semiconductor Corp.) C:\Users\Mateo\Downloads\64bit_Win7_Win8_Win81_R275.exe
2014-06-04 16:48 - 2014-06-04 16:48 - 00000000 ____D () C:\Users\Mateo\Downloads\Windows 7 Loader + Activator v2.0.6 Reloaded - DAZ [Team Rjaa]
2014-06-04 16:31 - 2014-06-04 16:31 - 17848832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-06-04 16:31 - 2014-06-04 16:31 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-04 16:31 - 2014-06-04 16:31 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-04 16:31 - 2014-06-04 16:31 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-04 16:31 - 2014-06-04 16:31 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-04 16:31 - 2014-06-04 16:31 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-04 16:31 - 2014-06-04 16:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-04 16:31 - 2014-06-04 16:31 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-06-04 16:31 - 2014-06-04 16:31 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-04 16:31 - 2014-06-04 16:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-06-04 16:31 - 2014-06-04 16:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-04 16:27 - 2014-06-04 16:27 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 03181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-06-04 16:27 - 2014-06-04 16:27 - 01863680 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-06-04 16:27 - 2014-06-04 16:27 - 01540608 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-06-04 16:27 - 2014-06-04 16:27 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00283648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-06-04 16:27 - 2014-06-04 16:27 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2014-06-04 16:23 - 2014-06-04 16:31 - 00003797 _____ () C:\Windows\IE9_main.log
2014-06-03 14:19 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-06-03 14:19 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-06-03 14:19 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-06-03 14:19 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-06-03 14:19 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-06-03 14:19 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-06-03 14:19 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-06-03 14:19 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-06-03 14:19 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-06-03 14:06 - 2014-06-04 16:22 - 00002422 _____ () C:\Windows\IE11_main.log
2014-06-03 14:06 - 2014-06-03 14:06 - 02077392 _____ (Microsoft Corporation) C:\Users\Mateo\Desktop\IE11-Windows6.1.exe
2014-05-31 18:15 - 2014-05-31 18:15 - 00000000 ____D () C:\Users\Mateo\AppData\Roaming\NVIDIA
2014-05-31 01:35 - 2014-06-08 16:58 - 00000000 ____D () C:\FRST
2014-05-30 17:35 - 2014-05-30 17:35 - 00281800 _____ () C:\Windows\Minidump\053014-13665-01.dmp
2014-05-30 17:26 - 2014-05-30 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-30 17:21 - 2014-05-20 04:44 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-05-30 17:21 - 2014-05-20 04:44 - 00052056 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-05-30 17:21 - 2014-05-20 03:25 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-30 17:21 - 2014-05-20 03:25 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-30 17:21 - 2014-05-20 03:25 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-30 17:21 - 2014-05-20 03:25 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-30 17:21 - 2014-05-20 03:25 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-30 17:21 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-30 17:21 - 2014-05-15 01:49 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-05-30 17:19 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-30 17:19 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-30 17:19 - 2014-05-20 04:44 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-30 14:52 - 2014-05-30 17:19 - 00000000 ____D () C:\Users\Mateo\AppData\Local\NVIDIA Corporation
2014-05-30 14:39 - 2014-05-30 14:39 - 00344506 _____ () C:\Windows\PFRO.log
2014-05-30 12:24 - 2014-05-30 12:24 - 00000000 ____D () C:\temp
2014-05-30 12:13 - 2014-05-30 12:13 - 00000000 ____D () C:\NVIDIA
2014-05-30 11:36 - 2014-05-30 12:12 - 283793864 _____ (NVIDIA Corporation) C:\Users\Mateo\Desktop\337.88-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-05-29 13:22 - 2014-05-29 13:22 - 00281592 _____ () C:\Windows\Minidump\052914-22464-01.dmp
2014-05-25 22:57 - 2014-05-25 22:57 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-05-25 22:57 - 2014-05-25 22:57 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-05-25 22:57 - 2014-05-25 22:57 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-05-25 22:56 - 2014-05-25 22:57 - 06211936 _____ (TeamViewer GmbH) C:\Users\Mateo\Desktop\TeamViewer_Setup_hr.exe
2014-05-23 11:26 - 2014-05-30 17:35 - 159881267 _____ () C:\Windows\MEMORY.DMP
2014-05-23 11:26 - 2014-05-23 11:26 - 00282240 _____ () C:\Windows\Minidump\052314-14274-01.dmp
2014-05-22 22:48 - 2014-06-08 14:36 - 00000613 _____ () C:\Users\Mateo\Desktop\AutoClick.ini
2014-05-22 22:43 - 2014-05-22 22:43 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-22 22:43 - 2014-05-22 22:43 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-22 22:43 - 2014-05-22 22:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-22 17:27 - 2014-06-07 19:05 - 00006056 _____ () C:\Windows\setupact.log
2014-05-22 17:27 - 2014-05-22 17:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-22 15:54 - 2014-05-22 15:55 - 00000000 ____D () C:\Users\Mateo\AppData\Roaming\Maxthon3
2014-05-22 15:54 - 2014-05-22 15:54 - 00003578 _____ () C:\Windows\System32\Tasks\Maxthon Update
2014-05-22 15:54 - 2014-05-22 15:54 - 00001085 _____ () C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2014-05-22 15:54 - 2014-05-22 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2014-05-22 15:53 - 2014-05-22 15:54 - 00000000 ____D () C:\Program Files (x86)\Maxthon
2014-05-22 11:22 - 2014-05-22 11:22 - 00000000 ____D () C:\Users\Mateo\AppData\Local\Opera Software
2014-05-22 11:21 - 2014-05-22 11:21 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-05-22 11:21 - 2014-05-22 11:21 - 00000000 ____D () C:\Users\Mateo\AppData\Roaming\Opera Software
2014-05-22 11:21 - 2014-05-22 11:21 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-22 10:12 - 2014-06-08 14:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-22 10:12 - 2014-05-22 10:12 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-22 10:12 - 2014-05-22 10:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-22 10:12 - 2014-05-22 10:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-22 10:12 - 2014-05-22 10:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-22 10:12 - 2014-05-12 08:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-22 10:12 - 2014-05-12 08:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-22 10:12 - 2014-05-12 08:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-20 15:35 - 2014-05-20 15:36 - 00000000 ____D () C:\Users\Mateo\AppData\Roaming\Foxit Software
2014-05-20 15:33 - 2014-05-20 15:33 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-05-20 15:32 - 2014-05-20 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-05-20 15:32 - 2014-05-20 15:32 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-05-17 18:56 - 2014-05-13 14:43 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433781.dll
2014-05-17 18:56 - 2014-05-13 14:43 - 01540384 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433781.dll
2014-05-17 17:34 - 2014-05-17 17:34 - 00000000 ____D () C:\Users\Mateo\AppData\Local\Innovative Solutions
2014-05-14 23:39 - 2014-05-14 23:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-14 23:39 - 2014-05-14 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-11 15:56 - 2014-05-30 17:35 - 00000000 ____D () C:\Windows\Minidump
 
==================== One Month Modified Files and Folders =======
 
2014-06-08 16:59 - 2014-03-08 17:56 - 00000000 ____D () C:\Users\Mateo\AppData\Local\Temp
2014-06-08 16:58 - 2014-06-08 16:58 - 00007241 _____ () C:\Users\Mateo\Desktop\FRST.txt
2014-06-08 16:58 - 2014-05-31 01:35 - 00000000 ____D () C:\FRST
2014-06-08 16:57 - 2014-06-08 16:57 - 02072576 _____ (Farbar) C:\Users\Mateo\Desktop\FRST64.exe
2014-06-08 16:53 - 2014-03-09 21:55 - 00000000 ____D () C:\Users\Mateo\AppData\Roaming\Skype
2014-06-08 16:35 - 2014-04-04 14:49 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-08 14:48 - 2014-05-22 10:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-08 14:36 - 2014-05-22 22:48 - 00000613 _____ () C:\Users\Mateo\Desktop\AutoClick.ini
2014-06-08 02:27 - 2014-03-08 17:44 - 01954692 _____ () C:\Windows\WindowsUpdate.log
2014-06-07 19:13 - 2009-07-14 06:45 - 00022976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-07 19:13 - 2009-07-14 06:45 - 00022976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-07 19:10 - 2009-07-14 07:13 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-07 19:05 - 2014-05-22 17:27 - 00006056 _____ () C:\Windows\setupact.log
2014-06-07 19:05 - 2014-03-08 19:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-07 19:05 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-07 08:37 - 2014-03-10 17:43 - 00000000 ____D () C:\Users\Mateo\AppData\Roaming\Xfire
2014-06-07 03:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-06 11:01 - 2014-03-08 18:40 - 00000000 ____D () C:\Users\Mateo\AppData\Roaming\uTorrent
2014-06-06 10:18 - 2014-03-10 17:42 - 00000000 ____D () C:\ProgramData\Xfire
2014-06-05 09:44 - 2014-04-04 14:49 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-05 09:44 - 2014-04-04 14:48 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-05 09:44 - 2014-04-04 14:48 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-05 00:10 - 2014-06-05 00:10 - 00011279 _____ () C:\Users\Mateo\Desktop\dds.txt
2014-06-05 00:10 - 2014-06-05 00:10 - 00008322 _____ () C:\Users\Mateo\Desktop\attach.txt
2014-06-05 00:08 - 2014-06-05 00:08 - 00688992 ____R (Swearware) C:\Users\Mateo\Desktop\dds.com
2014-06-04 21:45 - 2014-06-04 21:42 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-06-04 21:43 - 2014-06-04 21:43 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-06-04 21:43 - 2014-06-04 21:43 - 00000000 ____D () C:\Program Files\Realtek
2014-06-04 21:42 - 2014-06-04 21:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-04 21:42 - 2014-06-04 21:42 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-04 21:41 - 2014-06-04 21:29 - 125683715 _____ (Realtek Semiconductor Corp.) C:\Users\Mateo\Downloads\64bit_Win7_Win8_Win81_R275.exe
2014-06-04 16:52 - 2014-03-08 17:57 - 00001447 _____ () C:\Users\Mateo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-04 16:52 - 2014-03-08 17:57 - 00001413 _____ () C:\Users\Mateo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-06-04 16:51 - 2014-03-09 01:40 - 00000000 ____D () C:\Windows\Panther
2014-06-04 16:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-04 16:48 - 2014-06-04 16:48 - 00000000 ____D () C:\Users\Mateo\Downloads\Windows 7 Loader + Activator v2.0.6 Reloaded - DAZ [Team Rjaa]
2014-06-04 16:31 - 2014-06-04 16:31 - 17848832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-06-04 16:31 - 2014-06-04 16:31 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-04 16:31 - 2014-06-04 16:31 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-04 16:31 - 2014-06-04 16:31 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-04 16:31 - 2014-06-04 16:31 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-04 16:31 - 2014-06-04 16:31 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-04 16:31 - 2014-06-04 16:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-04 16:31 - 2014-06-04 16:31 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-06-04 16:31 - 2014-06-04 16:31 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-04 16:31 - 2014-06-04 16:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-06-04 16:31 - 2014-06-04 16:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-06-04 16:31 - 2014-06-04 16:31 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-04 16:31 - 2014-06-04 16:23 - 00003797 _____ () C:\Windows\IE9_main.log
2014-06-04 16:27 - 2014-06-04 16:27 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 03181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-06-04 16:27 - 2014-06-04 16:27 - 01863680 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-06-04 16:27 - 2014-06-04 16:27 - 01540608 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-06-04 16:27 - 2014-06-04 16:27 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00283648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-06-04 16:27 - 2014-06-04 16:27 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-06-04 16:27 - 2014-06-04 16:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2014-06-04 16:22 - 2014-06-03 14:06 - 00002422 _____ () C:\Windows\IE11_main.log
2014-06-04 16:05 - 2014-03-08 17:56 - 00000000 ____D () C:\Users\Mateo
2014-06-03 14:06 - 2014-06-03 14:06 - 02077392 _____ (Microsoft Corporation) C:\Users\Mateo\Desktop\IE11-Windows6.1.exe
2014-05-31 18:15 - 2014-05-31 18:15 - 00000000 ____D () C:\Users\Mateo\AppData\Roaming\NVIDIA
2014-05-30 18:50 - 2012-12-26 16:14 - 00000000 ____D () C:\Program Files (x86)\Tales of Pirates II clean
2014-05-30 17:35 - 2014-05-30 17:35 - 00281800 _____ () C:\Windows\Minidump\053014-13665-01.dmp
2014-05-30 17:35 - 2014-05-23 11:26 - 159881267 _____ () C:\Windows\MEMORY.DMP
2014-05-30 17:35 - 2014-05-11 15:56 - 00000000 ____D () C:\Windows\Minidump
2014-05-30 17:26 - 2014-05-30 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-30 17:21 - 2014-03-09 02:23 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-30 17:21 - 2014-03-09 02:22 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-05-30 17:21 - 2014-03-09 02:11 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-05-30 17:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-30 17:19 - 2014-05-30 14:52 - 00000000 ____D () C:\Users\Mateo\AppData\Local\NVIDIA Corporation
2014-05-30 14:39 - 2014-05-30 14:39 - 00344506 _____ () C:\Windows\PFRO.log
2014-05-30 14:39 - 2014-04-04 16:48 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-30 12:24 - 2014-05-30 12:24 - 00000000 ____D () C:\temp
2014-05-30 12:19 - 2014-03-09 05:10 - 00000388 _____ () C:\Windows\Tasks\update-sys.job
2014-05-30 12:19 - 2014-03-09 05:10 - 00000388 _____ () C:\Windows\Tasks\update-S-1-5-21-2371166680-4290356488-3413895344-1000.job
2014-05-30 12:13 - 2014-05-30 12:13 - 00000000 ____D () C:\NVIDIA
2014-05-30 12:12 - 2014-05-30 11:36 - 283793864 _____ (NVIDIA Corporation) C:\Users\Mateo\Desktop\337.88-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-05-30 11:47 - 2014-03-09 05:10 - 00003398 _____ () C:\Windows\System32\Tasks\update-sys
2014-05-30 11:47 - 2014-03-09 05:10 - 00003376 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-2371166680-4290356488-3413895344-1000
2014-05-29 20:46 - 2014-03-09 05:10 - 00000440 _____ () C:\Users\Mateo\AppData\Local\UserProducts.xml
2014-05-29 20:46 - 2014-03-09 05:10 - 00000000 ____D () C:\Users\Mateo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-05-29 13:22 - 2014-05-29 13:22 - 00281592 _____ () C:\Windows\Minidump\052914-22464-01.dmp
2014-05-29 13:22 - 2009-07-14 06:45 - 00293200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-26 15:00 - 2014-03-08 18:10 - 00063568 _____ () C:\Users\Mateo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-25 22:57 - 2014-05-25 22:57 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-05-25 22:57 - 2014-05-25 22:57 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-05-25 22:57 - 2014-05-25 22:57 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-05-25 22:57 - 2014-05-25 22:56 - 06211936 _____ (TeamViewer GmbH) C:\Users\Mateo\Desktop\TeamViewer_Setup_hr.exe
2014-05-23 11:26 - 2014-05-23 11:26 - 00282240 _____ () C:\Windows\Minidump\052314-14274-01.dmp
2014-05-22 22:44 - 2014-03-08 19:32 - 00000000 ____D () C:\Users\Mateo\AppData\Roaming\Mozilla
2014-05-22 22:43 - 2014-05-22 22:43 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-22 22:43 - 2014-05-22 22:43 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-22 22:43 - 2014-05-22 22:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-22 22:43 - 2014-03-18 20:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-22 17:27 - 2014-05-22 17:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-22 15:55 - 2014-05-22 15:54 - 00000000 ____D () C:\Users\Mateo\AppData\Roaming\Maxthon3
2014-05-22 15:54 - 2014-05-22 15:54 - 00003578 _____ () C:\Windows\System32\Tasks\Maxthon Update
2014-05-22 15:54 - 2014-05-22 15:54 - 00001085 _____ () C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2014-05-22 15:54 - 2014-05-22 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2014-05-22 15:54 - 2014-05-22 15:53 - 00000000 ____D () C:\Program Files (x86)\Maxthon
2014-05-22 11:22 - 2014-05-22 11:22 - 00000000 ____D () C:\Users\Mateo\AppData\Local\Opera Software
2014-05-22 11:22 - 2013-12-05 19:54 - 00000000 ____D () C:\Users\Mateo\Desktop\clicker
2014-05-22 11:21 - 2014-05-22 11:21 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-05-22 11:21 - 2014-05-22 11:21 - 00000000 ____D () C:\Users\Mateo\AppData\Roaming\Opera Software
2014-05-22 11:21 - 2014-05-22 11:21 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-22 10:40 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-05-22 10:35 - 2014-04-04 12:33 - 00000000 ____D () C:\Users\Mateo\AppData\Roaming\Ymagtu
2014-05-22 10:12 - 2014-05-22 10:12 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-22 10:12 - 2014-05-22 10:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-22 10:12 - 2014-05-22 10:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-22 10:12 - 2014-05-22 10:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-20 15:36 - 2014-05-20 15:35 - 00000000 ____D () C:\Users\Mateo\AppData\Roaming\Foxit Software
2014-05-20 15:33 - 2014-05-20 15:33 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-05-20 15:32 - 2014-05-20 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-05-20 15:32 - 2014-05-20 15:32 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-05-20 04:44 - 2014-05-30 17:21 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-05-20 04:44 - 2014-05-30 17:21 - 00052056 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:44 - 2014-05-30 17:19 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-20 04:44 - 2014-05-30 17:19 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 03:25 - 2014-05-30 17:21 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 03:25 - 2014-05-30 17:21 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25 - 2014-05-30 17:21 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25 - 2014-05-30 17:21 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-20 03:25 - 2014-05-30 17:21 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-20 01:10 - 2014-05-30 17:21 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-17 17:34 - 2014-05-17 17:34 - 00000000 ____D () C:\Users\Mateo\AppData\Local\Innovative Solutions
2014-05-15 01:49 - 2014-05-30 17:21 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-05-14 23:39 - 2014-05-14 23:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-14 23:39 - 2014-05-14 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-14 23:39 - 2014-03-09 21:53 - 00000000 ____D () C:\ProgramData\Skype
2014-05-14 23:33 - 2014-04-10 14:04 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-14 18:37 - 2014-06-04 21:42 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-05-14 16:00 - 2014-06-04 21:42 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-05-13 14:43 - 2014-05-17 18:56 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433781.dll
2014-05-13 14:43 - 2014-05-17 18:56 - 01540384 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433781.dll
2014-05-12 08:26 - 2014-05-22 10:12 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 08:26 - 2014-05-22 10:12 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 08:25 - 2014-05-22 10:12 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-05-09 11:17 - 2014-06-04 21:42 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
 
Some content of TEMP:
====================
C:\Users\Mateo\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Mateo\AppData\Local\Temp\nvStInst.exe
C:\Users\Mateo\AppData\Local\Temp\UNINSTALL.EXE
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-05-30 17:08
 
==================== End Of Log ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2014
Ran by Mateo at 2014-06-08 16:59:12
Running from C:\Users\Mateo\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7955 - DsNET Corp)
Auto Clicker by Shocker (HKLM-x32\...\Auto Clicker by Shocker_is1) (Version: V3.0 - shockingsoft.com)
Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 17.27.0.1146 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.3.99.311 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.0.429 - Foxit Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Lightshot-5.1.2.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.2.0 - Skillbrains)
Malwarebytes Anti-Malware verzija 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.0.4000 - Maxthon International Limited)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA 3D Vision Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{24B89186-2A56-4D28-B930-6F4FCF224E2F}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 21.0.1432.67 (HKLM-x32\...\Opera 21.0.1432.67) (Version: 21.0.1432.67 - Opera Software ASA)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Vodafone Mobile Connect Lite (HKLM-x32\...\{8B3776EC-5F0A-4996-A7DF-BB5DA95B240E}) (Version: 9.3.6.12095 - Vodafone)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Xfire (HKLM-x32\...\Xfire) (Version:  - )
 
==================== Restore Points  =========================
 
07-06-2014 01:32:18 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {45EAA00F-C303-4553-9DEE-DCCF3A591986} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-05] (Adobe Systems Incorporated)
Task: {55339E9E-69BE-40B6-816E-9F695A003935} - System32\Tasks\update-S-1-5-21-2371166680-4290356488-3413895344-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-09-27] ()
Task: {AC4332F9-39F9-487A-90C8-A45A495A9E5C} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2014-05-14] (Maxthon International ltd.)
Task: {B333FEBB-9BB9-4345-9254-47F5C3C377DF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {F18B2A48-B9FB-4F07-8960-A4B1D4EFC286} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-09-27] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2371166680-4290356488-3413895344-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-05-30 17:21 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-22 11:21 - 2014-05-12 07:51 - 01397880 _____ () C:\Program Files (x86)\Opera\21.0.1432.67\opera_crashreporter.exe
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2014-05-22 11:21 - 2014-05-12 07:51 - 00877688 _____ () C:\Program Files (x86)\Opera\21.0.1432.67\libglesv2.dll
2014-05-22 11:21 - 2014-05-12 07:51 - 00135800 _____ () C:\Program Files (x86)\Opera\21.0.1432.67\libegl.dll
2014-05-22 11:21 - 2014-05-12 07:51 - 00957048 _____ () C:\Program Files (x86)\Opera\21.0.1432.67\ffmpegsumo.dll
2014-05-14 00:36 - 2014-05-14 00:36 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
2014-05-22 15:54 - 2013-11-18 03:18 - 00258944 _____ () C:\Program Files (x86)\Maxthon\bin\Maxzlib.dll
2014-05-22 15:54 - 2013-11-18 03:18 - 00258944 _____ () C:\Program Files (x86)\Maxthon\Bin\maxzlib.dll
2014-05-22 15:54 - 2014-02-14 04:52 - 00247096 _____ () C:\Program Files (x86)\Maxthon\Addons\Mobile\MxMobile.dll
2014-05-22 15:54 - 2013-11-21 08:37 - 00887064 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libglesv2.dll
2014-05-22 15:54 - 2013-11-21 08:37 - 00109336 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libegl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: FoxitCloudUpdateService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: VMCService => 2
MSCONFIG\startupreg: Bdagent => "C:\Program Files\Bitdefender\Bitdefender\bdagent.exe"
MSCONFIG\startupreg: DriverMax => "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -agent
MSCONFIG\startupreg: DriverMax_RESTART => "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -RESTART
MSCONFIG\startupreg: LightShot => C:\Users\Mateo\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/06/2014 10:41:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 9.0.8112.16545 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2f80
 
Start Time: 01cf815a074f0b2e
 
Termination Time: 406
 
Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe
 
Report Id:
 
Error: (06/04/2014 04:48:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 
Error: (06/03/2014 03:06:30 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x81000101).
 
Error: (06/03/2014 02:56:53 PM) (Source: ESENT) (EventID: 104) (User: )
Description: Catalog Database (1112) Catalog Database: The database engine stopped the instance (0) with error (-1090).
 
Error: (06/03/2014 02:41:59 PM) (Source: ESENT) (EventID: 471) (User: )
Description: Catalog Database (1112) Catalog Database: Unable to rollback operation #5045 on database C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb. Error: -510. All future database updates will be rejected.
 
Error: (06/03/2014 02:41:59 PM) (Source: ESENT) (EventID: 492) (User: )
Description: Catalog Database (1112) Catalog Database: The logfile sequence in "C:\Windows\system32\CatRoot2\" has been halted due to a fatal error.  No further updates are possible for the databases that use this logfile sequence.  Please correct the problem and restart or restore from backup.
 
Error: (06/03/2014 02:41:59 PM) (Source: ESENT) (EventID: 413) (User: )
Description: Catalog Database (1112) Catalog Database: Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1022.
 
Error: (06/03/2014 02:41:59 PM) (Source: ESENT) (EventID: 482) (User: )
Description: Catalog Database (1112) Catalog Database: An attempt to write to the file "C:\Windows\system32\CatRoot2\edbtmp.log" at offset 0 (0x0000000000000000) for 65536 (0x00010000) bytes failed after Catalog Database0 seconds with system error 1117 (0x0000045d): "The request could not be performed because of an I/O device error. ".  The write operation will fail with error -1022 (0xfffffc02).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (06/01/2014 05:51:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7600.16385, time stamp: 0x4a5bc69e
Faulting module name: mscoree.dll_unloaded, version: 0.0.0.0, time stamp: 0x4af3af84
Exception code: 0xc0000005
Fault offset: 0x74d28664
Faulting process id: 0x15cc
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (05/31/2014 06:20:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Maxthon.exe version 4.4.0.4000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 248
 
Start Time: 01cf7cebef90daa5
 
Termination Time: 4
 
Application Path: C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
 
Report Id: 77323bfd-e8df-11e3-866e-00a0c6000000
 
 
System errors:
=============
Error: (06/07/2014 07:05:50 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 19:03:53 on ‎07/‎06/‎2014 was unexpected.
 
Error: (06/04/2014 04:20:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 16:18:44 on ‎04/‎06/‎2014 was unexpected.
 
Error: (06/04/2014 04:05:07 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 15:05:50 on ‎03/‎06/‎2014 was unexpected.
 
Error: (06/03/2014 02:19:38 PM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.
 
Error: (06/03/2014 02:16:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 14:13:53 on ‎03/‎06/‎2014 was unexpected.
 
Error: (06/02/2014 07:05:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 17:58:51 on ‎02/‎06/‎2014 was unexpected.
 
Error: (06/01/2014 09:54:42 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 20:53:38 on ‎01/‎06/‎2014 was unexpected.
 
Error: (05/31/2014 09:18:33 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 01:07:39 on ‎31/‎05/‎2014 was unexpected.
 
Error: (05/30/2014 06:28:42 PM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.
 
Error: (05/30/2014 05:35:28 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff8800f5c63cb, 0xfffff88004f88b58, 0xfffff88004f883b0)C:\Windows\MEMORY.DMP053014-13665-01
 
 
Microsoft Office Sessions:
=========================
Error: (06/06/2014 10:41:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe9.0.8112.165452f8001cf815a074f0b2e406C:\Program Files (x86)\Internet Explorer\iexplore.exe
 
Error: (06/04/2014 04:48:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Mateo\Downloads\esetsmartinstaller_enu.exe
 
Error: (06/03/2014 03:06:30 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
 
Error: (06/03/2014 02:56:53 PM) (Source: ESENT) (EventID: 104) (User: )
Description: Catalog Database1112Catalog Database: 0-1090
 
Error: (06/03/2014 02:41:59 PM) (Source: ESENT) (EventID: 471) (User: )
Description: Catalog Database1112Catalog Database: 5045C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-510
 
Error: (06/03/2014 02:41:59 PM) (Source: ESENT) (EventID: 492) (User: )
Description: Catalog Database1112Catalog Database: C:\Windows\system32\CatRoot2\
 
Error: (06/03/2014 02:41:59 PM) (Source: ESENT) (EventID: 413) (User: )
Description: Catalog Database1112Catalog Database: -1022
 
Error: (06/03/2014 02:41:59 PM) (Source: ESENT) (EventID: 482) (User: )
Description: Catalog Database1112Catalog Database: C:\Windows\system32\CatRoot2\edbtmp.log0 (0x0000000000000000)65536 (0x00010000)-1022 (0xfffffc02)1117 (0x0000045d)The request could not be performed because of an I/O device error. 8
 
Error: (06/01/2014 05:51:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7600.163854a5bc69emscoree.dll_unloaded0.0.0.04af3af84c000000574d2866415cc01cf7d7a4b18ecf4C:\Program Files (x86)\Internet Explorer\iexplore.exemscoree.dll895fc90a-e9a4-11e3-866e-00a0c6000000
 
Error: (05/31/2014 06:20:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Maxthon.exe4.4.0.400024801cf7cebef90daa54C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe77323bfd-e8df-11e3-866e-00a0c6000000
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 93%
Total physical RAM: 2046.49 MB
Available physical RAM: 125.69 MB
Total Pagefile: 5115.49 MB
Available Pagefile: 2265.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:148.95 GB) (Free:82.1 GB) NTFS
Drive e: (My Disc) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 04590458)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 
 
 
 
 

 

Attached Files



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,381 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:22 PM

Posted 08 June 2014 - 10:11 AM

Hi Mateo and welcome.

Just wanted you to know I will be away from my computer for a few hours but will attack this information as soon as I return!
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Mateyto

Mateyto
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:22 PM

Posted 08 June 2014 - 10:56 AM

np buddy,take ur time,am not using "sleep mode" anymore so won't have any problems I guess ^^



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,381 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:22 PM

Posted 08 June 2014 - 02:28 PM

Greetings Mateo,

Thank you for your patience. We need to investigate a little more. Please consider and do this for me.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have µTorrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Uploading Minidump File

--------------------
  • Using Windows Explorer please navigate to the following location:

C:\Windows\Minidump\053014-13665-01.dmp

  • Zip the file
  • Upload the file here
  • I will be automatically notified when the file has been successfully uploaded
===================================================

SystemLook by jpshortstuff

--------------------
  • Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1
Download Mirror #2
Download Mirror #3 For 64-bit users

  • Double-click SystemLook.exe to run it.
  • Vista\Windows 7 users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following codebox into the main textfield:
:dir
C:\Users\Mateo\AppData\Roaming\Ymagtu /s
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply or, if necessary zip and attach the file.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Uploaded Minidump file
  • SystemLook report

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Mateyto

Mateyto
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:22 PM

Posted 09 June 2014 - 03:57 AM

hi buddy, µTorrent is uninstalled,Minidump is uploaded,and here is result of SystemLook scan 

 

 

 

 

SystemLook 30.07.11 by jpshortstuff Log created at 10:55 on 09/06/2014 by Mateo Administrator -

 

Elevation successful ========== dir ========== C:\Users\Mateo\AppData\Roaming\Ymagtu - Parameters: "/s" ---Files--- None found. No folders found. -= EOF =-


Edited by Mateyto, 09 June 2014 - 03:58 AM.


#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,381 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:22 PM

Posted 09 June 2014 - 02:18 PM

Hi Mateo,

Thanks for the report. Are your current symptoms still the same as what you described in your first post? If not, please describe.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Mateyto

Mateyto
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:22 PM

Posted 09 June 2014 - 04:42 PM

well...honestly am scared to turn it off so it's mostly on all time,it doesn't bother me since it's in living room...but,before I mostly were using sleep fuction,wasn't rly turning him off,but now when I put him to sleep,and after I try to awake him,seems like monitor is not responding,led diode which should go from orange to blue when it recive singal,just stays orange,and I got no option but to restart pc manually,after restart it offers me system repair option,if I select it it gives me error as described in first post


Edited by Mateyto, 09 June 2014 - 04:45 PM.


#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,381 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:22 PM

Posted 09 June 2014 - 05:02 PM

Hi Mateo,

Thanks for the information. Please do this.

===================================================

SystemLook by jpshortstuff

--------------------
  • Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1
Download Mirror #2
Download Mirror #3 For 64-bit users

  • Double-click SystemLook.exe to run it.
  • Vista\Windows 7 users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following codebox into the main textfield:
:filefind
nvlddmkm.*
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • SystemLook log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 Mateyto

Mateyto
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:22 PM

Posted 09 June 2014 - 05:10 PM

SystemLook 30.07.11 by jpshortstuff
Log created at 00:04 on 10/06/2014 by Mateo
Administrator - Elevation successful
 
========== filefind ==========
 
Searching for "nvlddmkm.*"
C:\NVIDIA\DisplayDriver\334.89\Win8_WinVista_Win7_64\English\Display.Driver\nvlddmkm.sy_ --a---- 7153006 bytes [10:15 30/05/2014] [18:34 08/02/2014] 299A0FD02D081FB8B5A39223C08811D8
C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\English\Display.Driver\nvlddmkm.sy_ --a---- 7373023 bytes [15:16 30/05/2014] [02:44 20/05/2014] 9376A57DF12B4EBD5F047AB775E8CE40
C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{9DBF4B97-BBB3-413E-8E0A-FF81C07556AA}\nvlddmkm.sy_ --a---- 7373023 bytes [15:19 30/05/2014] [02:44 20/05/2014] 9376A57DF12B4EBD5F047AB775E8CE40
C:\Windows\System32\drivers\nvlddmkm.sys --a---- 12688328 bytes [15:19 30/05/2014] [02:44 20/05/2014] 0AC797F70F2F3E5B69A34FF2F63496F3
C:\Windows\System32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a5268036b32702df\nvlddmkm.sys --a---- 12688328 bytes [15:19 30/05/2014] [02:44 20/05/2014] 0AC797F70F2F3E5B69A34FF2F63496F3
C:\Windows\System32\DriverStore\FileRepository\nv_lh.inf_amd64_neutral_bc69f20e3115af59\nvlddmkm.sys --a---- 11572512 bytes [21:59 13/07/2009] [20:37 10/06/2009] DD81FBC57AB9134CDDC5CE90880BFD80
C:\Windows\System32\DriverStore\Temp\{1d941ae0-5652-6833-5027-f970d06a0549}\nvlddmkm.sys --a---- 12686168 bytes [16:38 17/05/2014] [12:43 13/05/2014] F6980F3590F8BE3F1280030340168E9D
C:\Windows\winsxs\amd64_nv_lh.inf_31bf3856ad364e35_6.1.7600.16385_none_4a5c7d78e486512b\nvlddmkm.sys --a---- 11572512 bytes [21:59 13/07/2009] [20:37 10/06/2009] DD81FBC57AB9134CDDC5CE90880BFD80
 
-= EOF =-


#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,381 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:22 PM

Posted 09 June 2014 - 05:14 PM

Thank you, now please do this.

===================================================

Copying and Overwriting a File Using CMD

--------------------
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type cmd, press Enter, and a black screen will appear
  • Copy and paste (pasting requires you right click and select paste) the following after the command prompt and then press Enter

copy C:\Windows\System32\DriverStore\Temp\{1d941ae0-5652-6833-5027-f970d06a0549}\nvlddmkm.sys C:\windows\system32\drivers

  • When asked if you want to overwrite the file hit the Y key and press Enter
  • You should receive a notification indicating 1 file(s) copied.
  • Type Exit then hit Enter
  • Reboot your computer and check the performance
===================================================

Things I would like to see in your next reply. :thumbsup2:
  • Results?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 Mateyto

Mateyto
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:22 PM

Posted 09 June 2014 - 05:46 PM

well I tried to shut down n it turned off normally,normal speed,but when I tried turn on,I didn't heard normal beep,I heard something like beeeeepbeepbeep,and nothing was showing up on screen,after that I pressed restart n it booted up normally,after I booted it up,I try put him in sleep mode to test it,and again it didn't wanna awake






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users