Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Shortcut and/or Recycler Virus


  • This topic is locked This topic is locked
15 replies to this topic

#1 paul02

paul02

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:29 AM

Posted 11 June 2014 - 09:55 AM

As title states, I seem to be infected with some shortcut virus that opens any file in a new window.

 

Also, I noticed a RECYCLER icon and I am quite sure this is a virus from Googling it.

 

The result of this, any harddrive or thumbdrive and external harddrive that is plugged in gets infected.

 

My browsers get search addons without my permission. I also get stuff downloaded and installed into the computer without my knowledge.

 

Please help!

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.60.2
Run by pc at 22:48:57 on 2014-06-11
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.4038.2436 [GMT 8:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\pc\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\ImgBurn\ImgBurn.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1402325583&from=smt&uid=WDCXWD10EALX-009BA0_WD-WCATR968235382353&q={searchTerms}
mDefault_Page_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [uTorrent] "C:\Users\pc\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
uRun: [EPSON TX121 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIGGI.EXE /FU "C:\Windows\TEMP\E_S5714.tmp" /EF "HKCU"
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{93632F4C-067C-42F5-8065-3A7B96F2AE55} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://www.google.com
x64-mSearch Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1402325583&from=smt&uid=WDCXWD10EALX-009BA0_WD-WCATR968235382353&q={searchTerms}
x64-mDefault_Page_URL = hxxp://www.google.com
x64-mDefault_Search_URL = hxxp://www.google.com
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\3ucwimsd.default\
FF - prefs.js: browser.search.selectedEngine - sweet-page
FF - prefs.js: keyword.URL - hxxps://sg.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=903578&p=
FF - plugin: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
.
---- FIREFOX POLICIES ----
.
user_pref(extensions.autoDisableScopes,14);
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-6-9 19264]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2014-6-9 22680]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-15 759048]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-6-20 634632]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2014-6-9 166720]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-6-9 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-6-9 860472]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-6-8 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-6-8 21055432]
R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2014-1-9 1025408]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-6-8 413128]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2014-6-9 365376]
R3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-1-7 14872]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-6-9 357184]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-6-9 789824]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-6-9 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-6-9 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-6-9 63704]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-6-8 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-6-8 40392]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-6-9 646248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-12 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-12 124088]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 EsgScanner;EsgScanner;C:\Windows\System32\drivers\EsgScanner.sys [2014-6-9 22704]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2014-6-9 30528]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2014-6-9 160256]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-8 111616]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-1-23 178760]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-6-8 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-6-8 56832]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-6-8 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2014-06-09 15:45:12    22704    ----a-w-    C:\Windows\System32\drivers\EsgScanner.sys
2014-06-09 15:45:09    110080    ----a-r-    C:\Users\pc\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconF7A21AF7.exe
2014-06-09 15:45:09    110080    ----a-r-    C:\Users\pc\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconD7F16134.exe
2014-06-09 15:45:09    110080    ----a-r-    C:\Users\pc\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\Icon1226A4C5.exe
2014-06-09 15:45:09    --------    d-----w-    C:\sh4ldr
2014-06-09 15:45:09    --------    d-----w-    C:\Program Files\Enigma Software Group
2014-06-09 15:44:38    --------    d-----w-    C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-09 15:44:37    --------    d-----w-    C:\Program Files (x86)\Common Files\Wise Installation Wizard
2014-06-09 15:09:59    122584    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-09 15:09:49    91352    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-09 15:09:49    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-06-09 15:09:49    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-06-09 15:09:49    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-06-09 15:09:49    --------    d-----w-    C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-09 15:07:05    --------    d-----w-    C:\UsbFix
2014-06-09 14:57:20    --------    d-----w-    C:\Users\pc\AppData\Local\Apple
2014-06-09 14:56:55    499712    ----a-w-    C:\Windows\SysWow64\msvcp71.dll
2014-06-09 14:56:55    348160    ----a-w-    C:\Windows\SysWow64\msvcr71.dll
2014-06-09 14:56:47    --------    d-----w-    C:\Program Files (x86)\Steinberg
2014-06-09 14:55:17    --------    d-sh--w-    C:\$RECYCLE.BIN
2014-06-09 13:33:21    --------    d-----w-    C:\Users\pc\AppData\Roaming\SupTab
2014-06-09 13:33:21    --------    d-----w-    C:\ProgramData\WindowsProtectManger
2014-06-09 13:33:21    --------    d-----w-    C:\ProgramData\IePluginServices
2014-06-09 13:33:15    --------    d-----w-    C:\Users\pc\AppData\Roaming\sweet-page
2014-06-09 13:32:58    --------    d-----w-    C:\Program Files\Unlocker
2014-06-09 13:24:43    --------    d-----w-    C:\Program Files (x86)\Common Files\DigiDesign
2014-06-09 13:24:33    --------    d-----w-    C:\Program Files\Common Files\Avid
2014-06-09 13:24:33    --------    d-----w-    C:\Program Files (x86)\IK Multimedia
2014-06-09 13:24:33    --------    d-----w-    C:\Program Files (x86)\Common Files\Avid
2014-06-09 05:12:22    --------    d-sh--w-    C:\Users\pc\AppData\Local\EmieUserList
2014-06-09 05:12:22    --------    d-sh--w-    C:\Users\pc\AppData\Local\EmieSiteList
2014-06-09 04:58:33    --------    d-----w-    C:\Program Files (x86)\NCH Software
2014-06-09 04:58:30    --------    d-----w-    C:\Users\pc\AppData\Roaming\NCH Software
2014-06-09 04:57:43    --------    d-----w-    C:\Users\pc\AppData\Roaming\ePaperPress
2014-06-09 04:56:34    --------    d-----w-    C:\Program Files (x86)\ePaperPress
2014-06-09 04:28:46    306688    ----a-w-    C:\Windows\IsUninst.exe
2014-06-09 04:25:20    --------    d-----w-    C:\Program Files\Common Files\EPSON
2014-06-09 04:24:27    --------    d-----w-    C:\ProgramData\UDL
2014-06-09 04:23:52    --------    d-----w-    C:\Program Files\Epson Software
2014-06-09 04:21:40    --------    d-----w-    C:\Program Files (x86)\Epson Software
2014-06-09 04:21:02    --------    d-----w-    C:\Users\pc\AppData\Local\ABBYY
2014-06-09 04:20:00    --------    d-----w-    C:\ProgramData\ABBYY
2014-06-09 04:20:00    --------    d-----w-    C:\Program Files (x86)\Common Files\ABBYY
2014-06-09 04:20:00    --------    d-----w-    C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
2014-06-09 04:18:37    10752    ----a-w-    C:\Windows\System32\E_GCINST.DLL
2014-06-09 04:18:36    88064    ----a-w-    C:\Windows\System32\E_IBCBGGI.DLL
2014-06-09 04:18:36    118784    ----a-w-    C:\Windows\System32\E_ILMGGI.DLL
2014-06-09 04:18:32    464384    ----a-w-    C:\Windows\System32\esxw2ud.dll
2014-06-09 04:18:32    17408    ----a-w-    C:\Windows\System32\esxcdev.dll
2014-06-09 04:18:32    128392    ----a-w-    C:\Windows\System32\esdevapp.exe
2014-06-09 04:18:32    --------    d-----w-    C:\Program Files (x86)\epson
2014-06-09 04:08:50    --------    d-----w-    C:\ProgramData\EPSON
2014-06-09 00:37:24    2622464    ----a-w-    C:\Windows\System32\wucltux.dll
2014-06-09 00:37:19    99840    ----a-w-    C:\Windows\System32\wudriver.dll
2014-06-09 00:37:08    36864    ----a-w-    C:\Windows\System32\wuapp.exe
2014-06-09 00:37:08    186752    ----a-w-    C:\Windows\System32\wuwebv.dll
2014-06-09 00:36:00    --------    d-----w-    C:\Users\pc\AppData\Local\CrashDumps
2014-06-09 00:07:20    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-08 23:03:15    --------    d-----w-    C:\Windows\Panther
2014-06-08 23:03:02    --------    d-----w-    C:\Boot
2014-06-08 22:43:27    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-06-08 22:43:27    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-06-08 22:42:00    --------    d-----w-    C:\Program Files (x86)\MSXML 4.0
2014-06-08 22:19:05    --------    d-----w-    C:\Program Files (x86)\AMD
2014-06-08 22:16:52    74272    ----a-w-    C:\Windows\System32\RtNicProp64.dll
2014-06-08 22:16:52    646248    ----a-w-    C:\Windows\System32\drivers\Rt64win7.sys
2014-06-08 22:16:52    107552    ----a-w-    C:\Windows\System32\RTNUninst64.dll
2014-06-08 22:16:02    --------    d-----w-    C:\Windows\SysWow64\RTCOM
2014-06-08 22:16:02    --------    d-----w-    C:\Program Files\Realtek
2014-06-08 22:14:57    53248    ----a-r-    C:\Windows\SysWow64\CSVer.dll
2014-06-08 22:14:55    --------    d-----w-    C:\Program Files (x86)\Common Files\postureAgent
2014-06-08 22:14:49    --------    d-----w-    C:\Intel
2014-06-08 22:14:48    62784    ----a-w-    C:\Windows\System32\drivers\HECIx64.sys
2014-06-08 22:14:07    --------    d-----w-    C:\Windows\System32\drivers\NISx64\1400000.088
2014-06-08 22:14:07    --------    d-----w-    C:\Windows\System32\drivers\NISx64
2014-06-08 22:14:06    --------    d-----w-    C:\ProgramData\Norton
2014-06-08 22:13:08    --------    d-----w-    C:\ProgramData\NortonInstaller
2014-06-08 22:10:56    --------    d-sh--w-    C:\Windows\Installer
2014-06-08 22:10:53    --------    d-----w-    C:\Users\pc\AppData\Local\Google
2014-06-08 22:09:14    --------    d-----w-    C:\Users\pc\AppData\Local\VirtualStore
2014-06-08 22:07:54    --------    d-----w-    C:\Recovery
2014-06-08 22:02:15    --------    d-s---w-    C:\Windows\System32\CompatTel
2014-06-08 15:55:57    167424    ----a-w-    C:\Program Files\Windows Media Player\wmplayer.exe
2014-06-08 15:55:57    164864    ----a-w-    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-06-08 15:55:57    12625920    ----a-w-    C:\Windows\System32\wmploc.DLL
2014-06-08 15:55:57    12625408    ----a-w-    C:\Windows\SysWow64\wmploc.DLL
2014-06-08 15:49:41    --------    d-----w-    C:\Windows\Migration
2014-06-08 15:43:11    327168    ----a-w-    C:\Windows\System32\mswsock.dll
2014-06-08 15:43:11    231424    ----a-w-    C:\Windows\SysWow64\mswsock.dll
2014-06-08 15:17:09    19456    ----a-w-    C:\Windows\System32\drivers\rdpvideominiport.sys
2014-06-08 15:17:09    15360    ----a-w-    C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-06-08 15:17:08    3174912    ----a-w-    C:\Windows\System32\rdpcorets.dll
2014-06-08 15:17:08    243200    ----a-w-    C:\Windows\System32\rdpudd.dll
2014-06-08 15:17:08    228864    ----a-w-    C:\Windows\System32\rdpendp_winip.dll
2014-06-08 15:17:08    192000    ----a-w-    C:\Windows\SysWow64\rdpendp_winip.dll
2014-06-08 14:56:57    477184    ----a-w-    C:\Windows\System32\aepdu.dll
2014-06-08 14:55:57    3156480    ----a-w-    C:\Windows\System32\win32k.sys
2014-06-08 14:52:31    5550016    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2014-06-08 14:51:34    27584    ----a-w-    C:\Windows\System32\drivers\Diskdump.sys
2014-06-08 14:51:34    274880    ----a-w-    C:\Windows\System32\drivers\msiscsi.sys
2014-06-08 14:51:34    2048    ----a-w-    C:\Windows\SysWow64\iologmsg.dll
2014-06-08 14:51:34    2048    ----a-w-    C:\Windows\System32\iologmsg.dll
2014-06-08 14:51:34    190912    ----a-w-    C:\Windows\System32\drivers\storport.sys
2014-06-08 14:51:02    376768    ----a-w-    C:\Windows\System32\drivers\netio.sys
2014-06-08 14:51:02    1903552    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2014-06-08 14:51:01    1684928    ----a-w-    C:\Windows\System32\drivers\ntfs.sys
2014-06-08 14:49:53    155584    ----a-w-    C:\Windows\System32\drivers\ataport.sys
2014-06-08 14:49:48    68608    ----a-w-    C:\Windows\System32\taskhost.exe
2014-06-08 14:49:46    859648    ----a-w-    C:\Windows\System32\IKEEXT.DLL
2014-06-08 14:49:46    830464    ----a-w-    C:\Windows\System32\nshwfp.dll
2014-06-08 14:49:46    656896    ----a-w-    C:\Windows\SysWow64\nshwfp.dll
2014-06-08 14:49:46    324096    ----a-w-    C:\Windows\System32\FWPUCLNT.DLL
2014-06-08 14:49:46    216576    ----a-w-    C:\Windows\SysWow64\FWPUCLNT.DLL
2014-06-08 14:45:59    461312    ----a-w-    C:\Windows\System32\scavengeui.dll
2014-06-08 14:17:47    --------    d-----w-    C:\Users\pc\AppData\Local\Diagnostics
2014-06-08 14:17:45    --------    d-----w-    C:\Windows\System32\SPReview
2014-06-08 14:16:35    --------    d-----w-    C:\Windows\System32\EventProviders
2014-06-08 14:10:45    --------    d-----w-    C:\Windows\SysWow64\Wat
2014-06-08 14:10:45    --------    d-----w-    C:\Windows\System32\Wat
2014-06-08 13:48:00    48976    ----a-w-    C:\Windows\System32\netfxperf.dll
2014-06-08 13:48:00    1942856    ----a-w-    C:\Windows\System32\dfshim.dll
2014-06-08 13:46:59    897536    ----a-w-    C:\Windows\System32\azroles.dll
2014-06-08 13:45:56    279552    ----a-w-    C:\Windows\System32\dxdiagn.dll
2014-06-08 13:44:59    8192    ----a-w-    C:\Windows\System32\KBDTUQ.DLL
2014-06-08 13:42:56    244736    ----a-w-    C:\Program Files\Windows Portable Devices\sqmapi.dll
2014-06-08 13:42:55    529408    ----a-w-    C:\Windows\System32\wbemcomn.dll
2014-06-08 13:42:39    244736    ----a-w-    C:\Windows\System32\sqmapi.dll
2014-06-08 13:36:04    --------    d-----w-    C:\Users\pc\AppData\Local\Ahead
2014-06-08 13:34:30    --------    d-----w-    C:\ProgramData\Nero
2014-06-08 13:34:30    --------    d-----w-    C:\Program Files (x86)\Nero
2014-06-08 13:30:17    --------    d-----w-    C:\Users\pc\AppData\Roaming\uTorrent
2014-06-08 13:27:51    --------    d-----w-    C:\Users\pc\AppData\Local\ElevatedDiagnostics
2014-06-08 13:25:58    --------    d-----w-    C:\Program Files (x86)\Microsoft SQL Server
2014-06-08 13:25:49    --------    d-----w-    C:\ProgramData\regid.1991-06.com.microsoft
2014-06-08 13:25:37    --------    d-----w-    C:\Windows\PCHEALTH
2014-06-08 13:25:37    --------    d-----w-    C:\Program Files\Microsoft SQL Server
2014-06-08 13:23:35    --------    d-----w-    C:\Program Files\Microsoft Analysis Services
2014-06-08 13:23:35    --------    d-----w-    C:\Program Files (x86)\Microsoft Analysis Services
2014-06-08 13:22:22    --------    d-----w-    C:\Users\pc\AppData\Local\Microsoft Help
2014-06-08 13:18:21    99384    ----a-w-    C:\Users\pc\AppData\Roaming\inst.exe
2014-06-08 13:18:21    82816    ----a-w-    C:\Users\pc\AppData\Roaming\pcouffin.sys
2014-06-08 13:18:15    --------    d-----w-    C:\ProgramData\VSO
2014-06-08 13:18:15    --------    d-----w-    C:\Program Files (x86)\VSO
2014-06-08 13:18:06    --------    d-----w-    C:\Users\pc\AppData\Local\Programs
2014-06-08 13:15:16    2565632    ----a-w-    C:\Windows\System32\esent.dll
2014-06-08 13:15:16    1699328    ----a-w-    C:\Windows\SysWow64\esent.dll
2014-06-08 13:15:15    96768    ----a-w-    C:\Windows\System32\fsutil.exe
2014-06-08 13:15:15    74240    ----a-w-    C:\Windows\SysWow64\fsutil.exe
2014-06-08 13:15:15    410496    ----a-w-    C:\Windows\System32\drivers\iaStorV.sys
2014-06-08 13:15:15    27008    ----a-w-    C:\Windows\System32\drivers\amdxata.sys
2014-06-08 13:15:15    166272    ----a-w-    C:\Windows\System32\drivers\nvstor.sys
2014-06-08 13:15:15    148352    ----a-w-    C:\Windows\System32\drivers\nvraid.sys
2014-06-08 13:15:15    107904    ----a-w-    C:\Windows\System32\drivers\amdsata.sys
2014-06-08 13:13:55    --------    d-----w-    C:\Users\pc\AppData\Local\Macromedia
2014-06-08 13:12:50    --------    d-----w-    C:\Users\pc\AppData\Local\Mozilla
2014-06-08 12:09:54    9728    ----a-w-    C:\Windows\System32\Wdfres.dll
2014-06-08 12:09:54    54376    ----a-w-    C:\Windows\System32\drivers\WdfLdr.sys
2014-06-08 12:09:54    2560    ----a-w-    C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2014-06-08 11:25:12    --------    d-----w-    C:\Windows\System32\MRT
2014-06-08 11:11:31    87040    ----a-w-    C:\Windows\System32\drivers\WUDFPf.sys
2014-06-08 11:11:31    198656    ----a-w-    C:\Windows\System32\drivers\WUDFRd.sys
2014-06-08 11:11:30    84992    ----a-w-    C:\Windows\System32\WUDFSvc.dll
2014-06-08 11:11:30    744448    ----a-w-    C:\Windows\System32\WUDFx.dll
2014-06-08 11:11:30    45056    ----a-w-    C:\Windows\System32\WUDFCoinstaller.dll
2014-06-08 11:11:30    229888    ----a-w-    C:\Windows\System32\WUDFHost.exe
2014-06-08 11:11:30    194048    ----a-w-    C:\Windows\System32\WUDFPlatform.dll
2014-06-08 10:37:29    23408    ----a-w-    C:\Windows\System32\drivers\fs_rec.sys
2014-06-08 10:37:28    5120    ----a-w-    C:\Windows\SysWow64\wmi.dll
2014-06-08 10:37:28    5120    ----a-w-    C:\Windows\System32\wmi.dll
2014-06-08 10:24:44    --------    d-----w-    C:\Program Files\CCleaner
2014-06-08 10:21:48    961024    ----a-w-    C:\Windows\System32\CPFilters.dll
2014-06-08 10:20:58    515584    ----a-w-    C:\Windows\System32\timedate.cpl
2014-06-08 10:19:55    288088    ----a-w-    C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-06-08 10:10:01    1715176    ----a-w-    C:\Windows\System32\nvspbridge64.dll
2014-06-08 10:10:01    1291232    ----a-w-    C:\Windows\SysWow64\nvspbridge.dll
2014-06-08 10:08:14    25640    ----a-w-    C:\Windows\gdrv.sys
2014-06-08 09:58:10    1279480    ----a-w-    C:\Windows\System32\nvspcap64.dll
2014-06-08 09:58:10    1122312    ----a-w-    C:\Windows\SysWow64\nvspcap.dll
2014-06-08 09:58:10    --------    d-----w-    C:\Users\pc\AppData\Local\NVIDIA Corporation
2014-06-08 09:58:10    --------    d-----w-    C:\Users\pc\AppData\Local\NVIDIA
2014-06-08 09:57:24    601432    ----a-w-    C:\Windows\SysWow64\nvStreaming.exe
2014-06-08 09:57:06    927520    ----a-w-    C:\Windows\System32\nvvsvc.exe
2014-06-08 09:57:06    6769096    ----a-w-    C:\Windows\System32\nvcpl.dll
2014-06-08 09:57:06    62808    ----a-w-    C:\Windows\System32\nvshext.dll
2014-06-08 09:57:06    387528    ----a-w-    C:\Windows\System32\nvmctray.dll
2014-06-08 09:57:06    3774821    ----a-w-    C:\Windows\System32\nvcoproc.bin
2014-06-08 09:57:06    3514144    ----a-w-    C:\Windows\System32\nvsvc64.dll
2014-06-08 09:56:51    61216    ----a-w-    C:\Windows\System32\OpenCL.dll
2014-06-08 09:56:51    52056    ----a-w-    C:\Windows\SysWow64\OpenCL.dll
2014-06-08 09:56:47    --------    d-----w-    C:\ProgramData\NVIDIA Corporation
2014-06-08 09:56:43    --------    d-----w-    C:\Program Files (x86)\NVIDIA Corporation
2014-06-08 09:54:34    --------    d-----w-    C:\Program Files\NVIDIA Corporation
2014-06-08 09:54:33    40392    ----a-w-    C:\Windows\System32\drivers\nvvad64v.sys
2014-06-08 09:54:31    37320    ----a-w-    C:\Windows\System32\nvaudcap64v.dll
2014-06-08 09:54:31    34760    ----a-w-    C:\Windows\SysWow64\nvaudcap32v.dll
2014-06-08 09:52:13    70832    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-08 09:52:13    692400    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-08 09:51:09    --------    d-----w-    C:\Windows\SysWow64\directx
2014-06-08 09:51:04    --------    d-----w-    C:\ProgramData\Oracle
2014-06-08 09:50:48    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-06-08 09:43:47    826880    ----a-w-    C:\Windows\SysWow64\rdpcore.dll
2014-06-08 09:43:47    23552    ----a-w-    C:\Windows\System32\drivers\tdtcp.sys
2014-06-08 09:43:47    1031680    ----a-w-    C:\Windows\System32\rdpcore.dll
.
==================== Find3M  ====================
.
2014-06-08 22:39:10    30528    ----a-w-    C:\Windows\GVTDrv64.sys
2014-06-08 14:24:03    175616    ----a-w-    C:\Windows\System32\msclmd.dll
2014-06-08 14:24:03    152576    ----a-w-    C:\Windows\SysWow64\msclmd.dll
2014-05-09 06:11:23    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-04-12 02:22:05    95680    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05    155072    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38    29184    ----a-w-    C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38    136192    ----a-w-    C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37    28160    ----a-w-    C:\Windows\System32\secur32.dll
2014-04-12 02:19:32    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05    31232    ----a-w-    C:\Windows\System32\lsass.exe
2014-04-12 02:12:06    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 22:50:07.88 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:29 PM

Posted 14 June 2014 - 09:43 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:29 PM

Posted 19 June 2014 - 07:56 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:29 PM

Posted 26 June 2014 - 07:01 AM

This topic has been re-opened at the request of the person who originally posted.

#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:29 PM

Posted 26 June 2014 - 07:02 AM

Please download and run the tools I previously requested.

Wait for further instructions.

#6 paul02

paul02
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:29 AM

Posted 29 June 2014 - 02:19 AM

 

Here goes. It seems fine now. Hope the logs show so too!

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014
Ran by Bob (administrator) on BOB-PC on 25-06-2014 22:40:53
Running from C:\Users\Bob\Desktop\New folder
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIGGI.EXE
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Marvell Inc) C:\ProgramData\wmimgmt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-19] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2007392 2014-04-01] (Wondershare)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1953792 2014-05-16] ()
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-4012581036-4293204916-164187839-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-4012581036-4293204916-164187839-1000\...\Run: [EPSON TX121 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGI.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4012581036-4293204916-164187839-1000\...\Run: [iFunBox Price Watch] => C:\Users\Bob\Downloads\ifunbox2014\iFunBox2014.exe /tray
HKU\S-1-5-21-4012581036-4293204916-164187839-1000\...\Run: [wmi32] => C:\ProgramData\Application Data\wmimgmt.exe [0 ] (Marvell Inc)
HKU\S-1-5-21-4012581036-4293204916-164187839-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4012581036-4293204916-164187839-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4012581036-4293204916-164187839-1000\...\MountPoints2: {cfefd209-f7b8-11e3-9fc8-94de80cb7729} - F:\LaunchU3.exe -a
HKU\S-1-5-21-4012581036-4293204916-164187839-1000\...\MountPoints2: {ee72ed0b-f3c9-11e3-a081-94de80cb7729} - G:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
GroupPolicyUsers\S-1-5-21-4012581036-4293204916-164187839-1001\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6684FC8D3A86CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_24_ie&cd=2XzuyEtN2Y1L1QzuzyyE0D0EzztD0C0ByByBtBzyzy0EzyyDtN0D0Tzu0SzzzyyEtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtA0FyB0AtA0BtBtG0FtA0A0CtG0DyE0C0BtG0DzztD0FtGtAzztAzyyEyEyDtDzyyD0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CtA0DzyyD0E0BtGyB0B0CtBtG0ByBtBtDtGtAtD0DyBtGtByEtDyE0FtCyBzytAzz0DyB2Q&cr=786386748&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_24_ie&cd=2XzuyEtN2Y1L1QzuzyyE0D0EzztD0C0ByByBtBzyzy0EzyyDtN0D0Tzu0SzzzyyEtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtA0FyB0AtA0BtBtG0FtA0A0CtG0DyE0C0BtG0DzztD0FtGtAzztAzyyEyEyDtDzyyD0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CtA0DzyyD0E0BtGyB0B0CtBtG0ByBtBtDtGtAtD0DyBtGtByEtDyE0FtCyBzytAzz0DyB2Q&cr=786386748&ir=
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_24_ie&cd=2XzuyEtN2Y1L1QzuzyyE0D0EzztD0C0ByByBtBzyzy0EzyyDtN0D0Tzu0SzzzyyEtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtA0FyB0AtA0BtBtG0FtA0A0CtG0DyE0C0BtG0DzztD0FtGtAzztAzyyEyEyDtDzyyD0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CtA0DzyyD0E0BtGyB0B0CtBtG0ByBtBtDtGtAtD0DyBtGtByEtDyE0FtCyBzytAzz0DyB2Q&cr=786386748&ir=
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 - {451C804F-C205-4F03-B48E-537EC94937BF} - C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll (Wondershare)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
Handler-x32: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\v3f1lvgz.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - c:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - c:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-19]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2014-06-25]

==================== Services (Whitelisted) =================

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-19] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-06-19] (AVAST Software)
S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)

==================== Drivers (Whitelisted) ====================

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-19] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-06-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-19] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2014-06-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-19] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-19] ()
R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-04-01] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-02] ()
R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}w64; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w64.sys [61120 2014-06-19] (StdLib)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64; system32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-25 22:40 - 2014-06-25 22:40 - 00000000 ____D () C:\FRST
2014-06-25 22:39 - 2014-06-25 22:40 - 00000000 ____D () C:\Users\Bob\Desktop\New folder
2014-06-25 22:32 - 2014-06-25 22:32 - 00007656 _____ () C:\Users\Bob\Desktop\AdwCleaner[R0].txt
2014-06-25 22:30 - 2014-06-25 22:32 - 00000000 ____D () C:\AdwCleaner
2014-06-25 22:27 - 2014-06-25 22:27 - 01342659 _____ () C:\Users\Bob\Downloads\adwcleaner_3.213.exe
2014-06-25 22:25 - 2014-06-25 22:25 - 00000000 ____D () C:\Users\Bob\Downloads\AutoRunExterminator-1.8
2014-06-25 22:23 - 2014-06-25 22:23 - 00000000 ____D () C:\Users\Bob\Documents\Wondershare Video Converter Ultimate
2014-06-25 22:23 - 2014-06-25 22:23 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Wondershare Video Converter Ultimate
2014-06-25 22:23 - 2014-06-25 22:23 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-06-25 22:22 - 2014-06-25 22:30 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate
2014-06-25 22:22 - 2014-06-25 22:22 - 00001460 _____ () C:\Users\Public\Desktop\Wondershare Video Converter Ultimate.lnk
2014-06-25 22:22 - 2014-06-25 22:22 - 00000000 ____D () C:\Users\Bob\AppData\Local\Wondershare
2014-06-25 22:22 - 2014-06-25 22:22 - 00000000 ____D () C:\ProgramData\Wondershare
2014-06-25 22:22 - 2014-06-25 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-06-25 22:22 - 2014-06-25 22:22 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-06-25 22:22 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2014-06-25 22:22 - 2013-08-07 14:31 - 00214528 _____ () C:\Windows\SysWOW64\WSCM32.dll
2014-06-25 21:45 - 2014-06-25 21:45 - 00258048 ____N (Marvell Inc) C:\ProgramData\wmimgmt.exe
2014-06-25 21:45 - 2014-06-25 21:45 - 00000000 __SHD () C:\Users\Public\Documents\Media
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft ICE
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\Program Files\Microsoft Research
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\Program Files (x86)\SiteLookup
2014-06-25 21:40 - 2014-06-25 21:41 - 02270208 _____ () C:\Users\Bob\Desktop\ICE-1.4.4-for-32-bit-Windows.msi
2014-06-25 21:36 - 2014-06-25 21:37 - 02534400 _____ () C:\Users\Bob\Downloads\ICE-1.4.4-for-64-bit-Windows.msi
2014-06-24 22:37 - 2014-06-24 22:37 - 00000000 ____D () C:\Users\Family\AppData\Local\Apple
2014-06-24 20:57 - 2014-06-24 21:04 - 00000000 ____D () C:\Users\Family\Downloads\Contractor Application Pass Form
2014-06-24 20:56 - 2014-06-24 20:56 - 00038058 _____ () C:\Users\Family\Downloads\Contractor Application Pass Form.zip
2014-06-24 11:23 - 2014-06-24 11:23 - 01071149 _____ () C:\Users\Family\Desktop\660PRO-B10.fix1.rar
2014-06-24 11:23 - 2011-10-29 21:45 - 00001819 _____ () C:\Users\Family\Desktop\credit.txt
2014-06-24 11:23 - 2011-10-29 21:45 - 00000000 ____D () C:\Users\Family\Desktop\seplugins
2014-06-24 11:23 - 2011-10-29 21:45 - 00000000 ____D () C:\Users\Family\Desktop\sdk
2014-06-24 11:23 - 2011-10-29 21:45 - 00000000 ____D () C:\Users\Family\Desktop\PSP
2014-06-24 11:07 - 2014-06-24 11:25 - 209715200 _____ () C:\Users\Family\Downloads\Digimon World 3.part2.rar
2014-06-24 11:07 - 2014-06-24 11:11 - 38488422 _____ () C:\Users\Family\Downloads\Digimon World 3.part3.rar
2014-06-24 11:04 - 2014-06-24 11:11 - 00000000 ____D () C:\Users\Family\Downloads\DW3
2014-06-24 10:56 - 2014-06-24 11:15 - 209715200 _____ () C:\Users\Family\Downloads\Digimon World 3.part1.rar
2014-06-23 22:53 - 2014-06-23 22:53 - 00000000 ____D () C:\Users\Family\Downloads\Digimon World 2003 [PAL][SLES-03936]
2014-06-23 19:15 - 2014-06-23 19:15 - 00001496 _____ () C:\Users\Bob\Desktop\holding - Shortcut.lnk
2014-06-23 19:14 - 2014-06-23 19:14 - 00001533 _____ () C:\Users\Bob\Desktop\direct jpegs - Shortcut.lnk
2014-06-23 18:45 - 2014-06-23 18:45 - 00001172 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.lnk
2014-06-23 18:45 - 2014-06-23 18:45 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.lnk
2014-06-23 18:45 - 2014-06-23 18:45 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-23 18:41 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2014-06-23 16:51 - 2014-06-23 16:51 - 00000000 ____D () C:\Users\Family\AppData\Roaming\Ahead
2014-06-23 16:51 - 2014-06-23 16:51 - 00000000 ____D () C:\Users\Family\AppData\Local\Ahead
2014-06-22 23:47 - 2014-06-22 23:47 - 00000000 ____D () C:\Users\Bob\AppData\Local\Macroplant_LLC
2014-06-22 23:47 - 2014-06-22 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-06-22 23:47 - 2014-06-22 23:47 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-06-22 23:46 - 2014-06-25 22:08 - 00000000 ____D () C:\Program Files (x86)\iExplorer
2014-06-22 23:46 - 2012-04-09 16:27 - 00352144 _____ (EldoS Corporation) C:\Windows\system32\Drivers\cbfs3.sys
2014-06-22 23:46 - 2012-04-09 16:27 - 00223760 _____ (EldoS Corporation) C:\Windows\SysWOW64\CbFsNetRdr3.dll
2014-06-22 23:46 - 2012-04-09 16:27 - 00190480 _____ (EldoS Corporation) C:\Windows\system32\CbFsMntNtf3.dll
2014-06-22 23:46 - 2012-04-09 16:27 - 00158224 _____ (EldoS Corporation) C:\Windows\SysWOW64\CbFsMntNtf3.dll
2014-06-22 23:46 - 2012-04-09 16:27 - 00141328 _____ (EldoS Corporation) C:\Windows\system32\CbFsNetRdr3.dll
2014-06-22 23:43 - 2014-06-22 23:43 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-06-22 23:43 - 2014-06-22 23:43 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\iFunBox.NXGen
2014-06-22 23:17 - 2014-06-22 23:17 - 00000000 ____D () C:\Users\Bob\AppData\Local\{2A82324E-1E3C-4E88-A68A-8BA11B0417FE}
2014-06-22 23:12 - 2014-06-22 23:12 - 00000000 ____D () C:\Users\Bob\Documents\iTools
2014-06-22 22:54 - 2014-06-22 23:29 - 00000000 ____D () C:\Users\Bob\AppData\Local\Wide Angle Software
2014-06-22 22:53 - 2014-06-22 23:43 - 00000000 ____D () C:\Program Files (x86)\Wide Angle Software
2014-06-22 22:44 - 2014-06-22 22:46 - 00000210 _____ () C:\Users\Bob\AppData\Roaming\iPod Access v4 Prefs
2014-06-22 22:44 - 2014-06-22 22:44 - 00000042 ____H () C:\Users\Bob\AppData\Roaming\iPodAccessv4_OwnerName
2014-06-22 22:44 - 2014-06-22 22:44 - 00000042 ____H () C:\ProgramData\iPodAccessv4_OwnerName
2014-06-22 22:44 - 2014-06-22 22:44 - 00000000 ____D () C:\ProgramData\eSellerate
2014-06-22 22:43 - 2014-06-22 22:43 - 00000257 _____ () C:\Users\Bob\AppData\Roaming\com.kennettnet.MusicRescue4.plist
2014-06-22 22:43 - 2014-06-22 22:43 - 00000011 ____H () C:\Users\Bob\AppData\Roaming\iPodAccess_Time
2014-06-22 22:40 - 2014-06-22 22:40 - 00000000 ____D () C:\Users\Bob\AppData\Local\Downloaded Installations
2014-06-22 22:37 - 2014-06-22 22:37 - 00000000 ____D () C:\Users\Bob\Downloads\New folder
2014-06-22 21:48 - 2014-06-23 06:19 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\uTorrent
2014-06-22 21:43 - 2014-06-22 21:43 - 00002972 _____ () C:\Windows\System32\Tasks\{B49CF12D-5771-4547-BF50-D2281C372B4C}
2014-06-22 21:38 - 2014-06-22 21:38 - 00000000 ____D () C:\Users\Bob\Documents\ImTOO
2014-06-22 21:38 - 2014-06-22 21:38 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\NVIDIA
2014-06-22 21:38 - 2014-06-22 21:38 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\ImTOO
2014-06-22 13:36 - 2014-06-22 13:46 - 65830168 _____ () C:\Users\Family\Downloads\hackshield2(1).rar
2014-06-21 20:21 - 2014-06-21 20:21 - 00000000 ____D () C:\Users\Family\Downloads\pops
2014-06-21 12:12 - 2014-06-24 09:40 - 00000000 ____D () C:\Users\Family\Desktop\Mike Diploma stuff
2014-06-21 10:49 - 2014-06-23 22:45 - 00000000 ____D () C:\Users\Family\Desktop\tmstreamer_x86_989CD67AC8B282B6
2014-06-21 10:28 - 2014-06-21 19:16 - 00000000 ____D () C:\Users\Family\Downloads\Digimon World 3 IMG
2014-06-21 10:25 - 2014-06-21 10:27 - 00000000 ____D () C:\Users\Family\Downloads\psgui
2014-06-21 10:10 - 2014-06-21 10:10 - 00000222 _____ () C:\Users\Family\Desktop\Infestation Survivor Stories.url
2014-06-20 10:31 - 2014-06-20 10:42 - 00000000 ____D () C:\Users\Family\Downloads\(PSX-PSP) Digimon World 1 - 3 converted properly [ResourceRG Games by KloWn]
2014-06-20 10:28 - 2014-06-20 10:30 - 00000000 ____D () C:\Users\Family\Downloads\Game of Thrones S04E10 HDTV x264-KILLERS[ettv]
2014-06-20 10:27 - 2014-06-20 10:45 - 00000000 ____D () C:\Users\Family\Downloads\Game of Thrones S04E09 HDTV x264-KILLERS[ettv]
2014-06-20 09:31 - 2014-06-19 15:27 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w64.sys
2014-06-20 08:29 - 2014-06-23 15:57 - 00000000 ____D () C:\Users\Family\AppData\Roaming\vlc
2014-06-20 08:28 - 2014-06-20 08:28 - 00000000 ____D () C:\Users\Family\AppData\Roaming\AVAST Software
2014-06-20 00:01 - 2014-06-20 00:01 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\vlc
2014-06-20 00:00 - 2014-06-20 00:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-20 00:00 - 2014-06-20 00:00 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-06-19 23:35 - 2014-06-19 23:35 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\AVAST Software
2014-06-19 23:35 - 2014-06-19 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-19 23:34 - 2014-06-24 07:50 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-19 23:34 - 2014-06-19 23:34 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1403192088941
2014-06-19 23:34 - 2014-06-19 23:34 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1403192088941
2014-06-19 23:34 - 2014-06-19 23:34 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-19 23:34 - 2014-06-19 23:34 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-19 23:34 - 2014-06-19 23:34 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-19 22:58 - 2014-06-19 22:58 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-19 22:41 - 2014-06-19 22:41 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-19 22:27 - 2014-06-19 22:29 - 04768536 _____ (AVAST Software) C:\Users\Family\Downloads\avast_internet_security_setup_online.exe
2014-06-19 12:23 - 2014-06-19 12:23 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\EPSON
2014-06-19 12:23 - 2014-06-19 12:23 - 00000000 _____ () C:\Users\Bob\Sti_Trace.log
2014-06-19 09:19 - 2014-06-22 13:46 - 00000000 ____D () C:\Users\Family\Desktop\WarZlauncher.exe_1.0.0
2014-06-19 09:18 - 2014-06-19 09:19 - 06120208 _____ () C:\Users\Family\Downloads\WarZlauncher.exe_1.0.0.rar
2014-06-18 22:48 - 2014-06-18 22:48 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\iMobie
2014-06-18 22:48 - 2014-06-18 22:48 - 00000000 ____D () C:\Users\Bob\AppData\Local\iMobie_Inc
2014-06-18 22:27 - 2014-06-21 15:25 - 00000000 ____D () C:\Users\Family\AppData\Roaming\uTorrent
2014-06-18 22:27 - 2014-06-18 22:27 - 00000814 _____ () C:\Users\Family\Desktop\µTorrent.lnk
2014-06-18 22:26 - 2014-06-18 22:27 - 01700688 _____ (BitTorrent Inc.) C:\Users\Family\Downloads\uTorrent.exe
2014-06-18 22:15 - 2014-06-23 16:50 - 00000000 ____D () C:\Users\Family\AppData\Local\Apple Computer
2014-06-18 22:15 - 2014-06-18 22:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-16 19:41 - 2014-06-22 22:37 - 00000000 ____D () C:\Program Files\Unlocker
2014-06-16 19:41 - 2014-06-16 19:41 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-06-16 19:36 - 2014-06-16 19:36 - 00000000 ____D () C:\Users\Bob\Desktop\AutoRunExterminator-1.8
2014-06-16 19:36 - 2014-06-14 12:34 - 00001142 _____ () C:\Users\Bob\Desktop\How to Remove RecycleBIN virus.txt
2014-06-15 17:11 - 2011-07-09 11:17 - 51050204 _____ () C:\Users\Bob\Desktop\Down Low.wav
2014-06-15 00:15 - 2014-06-15 00:15 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-15 00:15 - 2014-06-15 00:15 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-14 22:22 - 2014-06-14 22:22 - 00000000 ____D () C:\Users\Family\AppData\Local\Arktos Entertainment
2014-06-14 21:51 - 2014-06-14 21:51 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-06-14 21:50 - 2014-06-14 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-06-14 21:50 - 2014-06-14 21:51 - 00000000 ____D () C:\ProgramData\EPSON
2014-06-14 21:50 - 2014-06-14 21:50 - 00000000 ____D () C:\Program Files (x86)\epson
2014-06-14 21:50 - 2009-11-20 00:00 - 00464384 _____ (Seiko Epson Corporation) C:\Windows\system32\esxw2ud.dll
2014-06-14 21:50 - 2009-10-01 13:01 - 00088064 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_IBCBGGI.DLL
2014-06-14 21:50 - 2009-05-01 00:00 - 00128392 _____ (Seiko Epson Corporation) C:\Windows\system32\esdevapp.exe
2014-06-14 21:50 - 2009-05-01 00:00 - 00017408 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxcdev.dll
2014-06-14 21:50 - 2008-11-12 11:00 - 00118784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMGGI.DLL
2014-06-14 21:50 - 2007-04-10 11:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2014-06-14 21:47 - 2014-06-25 22:30 - 00002754 _____ () C:\Users\Bob\AppData\Roaming\ICARE_ACTIVITY.LOG
2014-06-14 17:23 - 2014-06-14 17:23 - 00000000 ____D () C:\Users\Family\Documents\Arktos
2014-06-14 17:23 - 2014-06-14 17:23 - 00000000 ____D () C:\Users\Family\AppData\Local\CrashRpt
2014-06-14 17:23 - 2014-06-14 17:23 - 00000000 ____D () C:\Users\Family\AppData\Local\Arktos
2014-06-14 16:38 - 2014-06-14 16:38 - 01854120 _____ () C:\Users\Family\Downloads\tmstreamer_x86_989CD67AC8B282B6.zip
2014-06-14 16:34 - 2014-06-22 13:40 - 00000000 ____D () C:\Users\Family\Documents\Infestation Survivor Stories
2014-06-14 16:34 - 2014-06-14 16:34 - 00001003 _____ () C:\Users\Family\Desktop\Infestation Survivor Stories.lnk
2014-06-14 16:34 - 2014-06-14 16:34 - 00000000 ____D () C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Infestation Survivor Stories
2014-06-14 16:33 - 2014-06-14 16:33 - 08234912 _____ (OP Productions LLC ) C:\Users\Family\Downloads\Infestation_WebSetup.exe
2014-06-14 13:45 - 2014-06-14 13:45 - 00000000 __SHD () C:\Users\Family\AppData\Local\EmieUserList
2014-06-14 13:45 - 2014-06-14 13:45 - 00000000 __SHD () C:\Users\Family\AppData\Local\EmieSiteList
2014-06-14 13:45 - 2014-06-14 13:45 - 00000000 ____D () C:\ProgramData\vsosdk
2014-06-14 13:32 - 2014-06-14 13:50 - 00000000 ____D () C:\Users\Family\Documents\ConvertXtoDVD
2014-06-14 12:34 - 2014-06-14 12:34 - 00001142 _____ () C:\Users\Bob\Downloads\How to Remove RecycleBIN virus.txt
2014-06-14 12:18 - 2014-06-14 12:18 - 00017028 _____ () C:\Users\Bob\Downloads\AutoRunExterminator-1.8.zip
2014-06-13 19:46 - 2014-01-09 10:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-13 19:46 - 2014-01-04 06:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-13 12:04 - 2014-06-13 12:04 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-06-13 12:04 - 2010-11-21 11:23 - 00383786 __RSH () C:\bootmgr
2014-06-13 09:01 - 2014-06-25 12:52 - 00001234 __RSH () C:\Users\Family\ntuser.pol
2014-06-13 09:00 - 2014-06-25 09:32 - 00000632 __RSH () C:\Users\Bob\ntuser.pol
2014-06-13 03:05 - 2014-06-13 03:05 - 00000000 ____D () C:\Windows\CSC
2014-06-13 00:34 - 2014-06-13 00:34 - 00000219 _____ () C:\Users\Family\Desktop\Dota 2.url
2014-06-13 00:31 - 2014-06-13 00:31 - 00001366 _____ () C:\Users\Family\Desktop\Steam.lnk
2014-06-13 00:29 - 2014-06-25 14:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-13 00:29 - 2014-06-13 00:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-13 00:25 - 2014-06-13 00:25 - 01141680 _____ () C:\Users\Family\Downloads\SteamSetup.exe
2014-06-13 00:23 - 2014-06-13 00:23 - 00016630 _____ () C:\Users\Family\Downloads\Outlook.com.zip
2014-06-13 00:18 - 2014-06-13 00:18 - 00000000 ____D () C:\Users\Family\AppData\Roaming\WinRAR
2014-06-13 00:18 - 2014-06-13 00:18 - 00000000 ____D () C:\Users\Family\AppData\OICE_15_974FA576_32C1D314_2F1C
2014-06-13 00:15 - 2014-06-15 11:40 - 00065600 _____ () C:\Users\Family\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-13 00:15 - 2014-06-13 00:15 - 00000000 ____D () C:\Users\Family\AppData\Roaming\Macromedia
2014-06-13 00:15 - 2014-06-13 00:15 - 00000000 ____D () C:\Users\Family\AppData\Local\Macromedia
2014-06-13 00:14 - 2014-06-13 10:37 - 00000000 ____D () C:\Users\Family\AppData\Local\NVIDIA Corporation
2014-06-13 00:13 - 2014-06-25 12:52 - 00000000 ____D () C:\Users\Family
2014-06-13 00:13 - 2014-06-18 22:15 - 00000000 ____D () C:\Users\Family\AppData\Roaming\Apple Computer
2014-06-13 00:13 - 2014-06-13 00:13 - 00001413 _____ () C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-13 00:13 - 2014-06-13 00:13 - 00000020 ___SH () C:\Users\Family\ntuser.ini
2014-06-13 00:13 - 2014-06-13 00:13 - 00000000 ____D () C:\Users\Family\AppData\Roaming\Mozilla
2014-06-13 00:13 - 2014-06-13 00:13 - 00000000 ____D () C:\Users\Family\AppData\Roaming\Adobe
2014-06-13 00:13 - 2014-06-13 00:13 - 00000000 ____D () C:\Users\Family\AppData\Local\NVIDIA
2014-06-13 00:13 - 2014-06-13 00:13 - 00000000 ____D () C:\Users\Family\AppData\Local\Mozilla
2014-06-13 00:13 - 2009-07-14 12:54 - 00000000 ___RD () C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-13 00:13 - 2009-07-14 12:49 - 00000000 ___RD () C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-12 23:12 - 2014-06-12 23:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 23:11 - 2014-06-12 23:21 - 00287942 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-06-12 23:11 - 2013-10-02 10:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-06-12 23:11 - 2013-10-02 10:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-12 23:11 - 2013-10-02 10:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-12 23:11 - 2013-10-02 09:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-06-12 23:11 - 2013-10-02 09:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-06-12 23:11 - 2013-10-02 09:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-12 23:11 - 2013-10-02 09:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-06-12 23:11 - 2013-10-02 08:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-12 23:11 - 2013-10-02 08:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-06-12 23:11 - 2013-10-02 08:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-06-12 23:11 - 2013-10-02 08:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-06-12 23:11 - 2013-10-02 08:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-06-12 23:11 - 2013-10-02 07:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-12 23:11 - 2013-10-02 07:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-06-12 23:11 - 2013-10-02 07:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-12 23:11 - 2013-10-02 06:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-06-12 23:10 - 2014-06-12 23:10 - 00295526 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-06-12 23:10 - 2014-06-12 23:10 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-06-12 23:09 - 2013-09-25 10:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-06-12 23:09 - 2013-09-25 09:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-06-12 22:53 - 2014-06-12 22:53 - 00105364 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-06-12 22:52 - 2014-04-25 10:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 22:52 - 2014-04-25 10:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 22:52 - 2014-04-05 10:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 22:52 - 2014-04-05 10:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 22:52 - 2014-03-26 22:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 22:52 - 2014-03-26 22:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 22:52 - 2014-03-26 22:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 22:52 - 2014-03-26 22:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 22:52 - 2014-03-26 22:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 22:52 - 2014-03-26 22:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 22:52 - 2014-03-26 22:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 22:52 - 2014-03-26 22:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 22:51 - 2014-05-30 18:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 22:51 - 2014-05-30 18:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 22:51 - 2014-05-30 18:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 22:51 - 2014-05-30 17:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 22:51 - 2014-05-30 17:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 22:51 - 2014-05-30 17:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 22:51 - 2014-05-30 17:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 22:51 - 2014-05-30 17:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 22:51 - 2014-05-30 17:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 22:51 - 2014-05-30 17:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 22:51 - 2014-05-30 17:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 22:51 - 2014-05-30 17:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 22:51 - 2014-05-30 17:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 22:51 - 2014-05-30 17:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 22:51 - 2014-05-30 17:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 22:51 - 2014-05-30 17:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 22:51 - 2014-05-30 17:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 22:51 - 2014-05-30 17:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 22:51 - 2014-05-30 16:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 22:51 - 2014-05-30 16:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 22:51 - 2014-05-30 16:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 22:51 - 2014-05-30 16:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 22:51 - 2014-05-30 16:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 22:51 - 2014-05-30 16:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 22:51 - 2014-05-30 16:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 22:51 - 2014-05-30 16:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 22:51 - 2014-05-30 16:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 22:51 - 2014-05-30 16:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 22:51 - 2014-05-30 16:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 22:51 - 2014-05-30 16:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 22:51 - 2014-05-30 16:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 22:51 - 2014-05-30 16:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 22:51 - 2014-05-30 16:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 22:51 - 2014-05-30 16:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 22:51 - 2014-05-30 16:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 22:51 - 2014-05-30 16:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 22:51 - 2014-05-30 16:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 22:51 - 2014-05-30 16:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 22:51 - 2014-05-30 16:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 22:51 - 2014-05-30 16:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 22:51 - 2014-05-30 15:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 22:51 - 2014-05-30 15:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 22:51 - 2014-05-30 15:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 22:51 - 2014-05-30 15:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 22:51 - 2014-05-30 15:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 22:51 - 2014-05-30 15:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 22:51 - 2014-05-30 15:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 22:51 - 2014-05-30 15:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 22:51 - 2014-05-30 15:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 22:51 - 2014-05-30 15:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 22:51 - 2014-05-30 15:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 22:51 - 2014-05-30 15:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 22:51 - 2014-05-08 17:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 22:51 - 2014-05-08 17:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 22:47 - 2014-06-08 17:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 22:47 - 2014-06-08 17:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 22:45 - 2014-06-12 23:07 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Apple Computer
2014-06-12 22:45 - 2014-06-12 22:45 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-12 22:45 - 2014-06-12 22:45 - 00000000 ____D () C:\Users\Bob\AppData\Local\Apple Computer
2014-06-12 22:45 - 2014-06-12 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-12 22:45 - 2014-06-12 22:45 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-12 22:45 - 2014-06-12 22:45 - 00000000 ____D () C:\Program Files\iTunes
2014-06-12 22:45 - 2014-06-12 22:45 - 00000000 ____D () C:\Program Files\iPod
2014-06-12 22:45 - 2014-06-12 22:45 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-12 22:45 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-06-12 22:44 - 2014-06-12 22:44 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-06-12 22:44 - 2014-06-12 22:44 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-06-12 22:44 - 2014-06-12 22:44 - 00000000 ____D () C:\Users\Bob\AppData\Local\Apple
2014-06-12 22:44 - 2014-06-12 22:44 - 00000000 ____D () C:\ProgramData\Apple
2014-06-12 22:44 - 2014-06-12 22:44 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-12 22:44 - 2014-06-12 22:44 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-12 22:44 - 2014-06-12 22:44 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-12 22:44 - 2014-06-12 22:44 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-12 22:42 - 2014-06-12 22:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-12 21:40 - 2014-06-12 21:40 - 00000043 _____ () C:\Users\Bob\AppData\Roaming\WB.CFG
2014-06-12 21:27 - 2014-06-14 13:32 - 00000000 ____D () C:\ProgramData\VSO
2014-06-12 21:27 - 2014-06-12 21:27 - 00099384 _____ () C:\Users\Bob\AppData\Roaming\inst.exe
2014-06-12 21:27 - 2014-06-12 21:27 - 00082816 _____ (VSO Software) C:\Users\Bob\AppData\Roaming\pcouffin.sys
2014-06-12 21:27 - 2014-06-12 21:27 - 00007859 _____ () C:\Users\Bob\AppData\Roaming\pcouffin.cat
2014-06-12 21:27 - 2014-06-12 21:27 - 00001228 _____ () C:\Users\Bob\Desktop\ConvertXToDVD 5.lnk
2014-06-12 21:27 - 2014-06-12 21:27 - 00000055 _____ () C:\Users\Bob\AppData\Roaming\pcouffin.log
2014-06-12 21:27 - 2014-06-12 21:27 - 00000000 ____D () C:\Users\Bob\Documents\PcSetup
2014-06-12 21:27 - 2014-06-12 21:27 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Vso
2014-06-12 21:27 - 2014-06-12 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2014-06-12 21:27 - 2014-06-12 21:27 - 00000000 ____D () C:\Program Files (x86)\VSO
2014-06-12 21:26 - 2014-06-12 21:26 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\WinRAR
2014-06-12 21:25 - 2014-06-12 21:25 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-06-12 21:25 - 2014-06-12 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-06-12 21:25 - 2014-06-12 21:25 - 00000000 ____D () C:\Program Files\WinRAR
2014-06-12 21:23 - 2014-06-12 21:23 - 00002742 _____ () C:\Users\Public\Desktop\Nero StartSmart.lnk
2014-06-12 21:23 - 2014-06-12 21:23 - 00000000 ____D () C:\Users\Bob\AppData\Local\Ahead
2014-06-12 21:23 - 2014-06-12 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition
2014-06-12 21:21 - 2014-06-12 21:21 - 00000000 ____D () C:\ProgramData\Nero
2014-06-12 21:21 - 2014-06-12 21:21 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-06-12 21:20 - 2014-06-15 00:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-12 21:20 - 2014-06-12 21:20 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-06-12 21:20 - 2014-06-12 21:20 - 00000000 ____D () C:\Windows\PCHEALTH
2014-06-12 21:20 - 2014-06-12 21:20 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-06-12 21:20 - 2014-06-12 21:20 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-12 21:20 - 2014-06-12 21:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-06-12 21:19 - 2014-06-12 21:19 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-06-12 21:19 - 2014-06-12 21:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-06-12 21:18 - 2014-06-15 00:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 21:18 - 2014-06-12 21:20 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-12 21:18 - 2014-06-12 21:18 - 00000000 ____D () C:\Users\Bob\AppData\Local\Microsoft Help
2014-06-12 21:18 - 2014-06-12 21:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-06-12 21:17 - 2014-06-12 21:17 - 00000000 __RHD () C:\MSOCache
2014-06-12 21:16 - 2014-06-12 21:34 - 00000016 _____ () C:\Windows\SysWOW64\w3data.vss
2014-06-12 21:16 - 2014-06-12 21:34 - 00000016 _____ () C:\Windows\SysWOW64\msvcsv60.dll
2014-06-12 21:16 - 2014-06-12 21:34 - 00000016 _____ () C:\Windows\msocreg32.dat
2014-06-12 21:15 - 2014-06-25 21:55 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-12 21:15 - 2014-06-12 21:16 - 00001103 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-RackS 3.lnk
2014-06-12 21:15 - 2014-06-12 21:15 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-12 21:15 - 2014-06-12 21:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-12 21:15 - 2014-06-12 21:15 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 21:15 - 2014-06-12 21:15 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-06-12 21:15 - 2014-06-12 21:15 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-12 21:15 - 2014-06-12 21:15 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Macromedia
2014-06-12 21:15 - 2014-06-12 21:15 - 00000000 ____D () C:\Users\Bob\AppData\Local\Macromedia
2014-06-12 21:15 - 2014-06-12 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2014-06-12 21:15 - 2014-06-12 21:15 - 00000000 ____D () C:\Program Files (x86)\Steinberg
2014-06-12 21:15 - 2014-06-12 21:15 - 00000000 ____D () C:\Program Files (x86)\IK Multimedia
2014-06-12 21:15 - 2007-03-15 14:06 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-06-12 21:15 - 2007-03-15 14:06 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-06-12 21:13 - 2014-06-12 21:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-06-12 21:08 - 2014-05-30 07:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-12 21:08 - 2014-05-30 07:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-12 21:05 - 2014-06-15 00:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 21:05 - 2014-06-12 21:05 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-12 21:05 - 2014-06-12 21:05 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-12 21:05 - 2014-06-12 21:05 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Mozilla
2014-06-12 21:05 - 2014-06-12 21:05 - 00000000 ____D () C:\Users\Bob\AppData\Local\Mozilla
2014-06-12 21:05 - 2014-06-12 21:05 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-12 21:05 - 2014-06-12 21:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 20:59 - 2014-06-12 21:08 - 00000000 ____D () C:\Users\Bob\AppData\Local\NVIDIA Corporation
2014-06-12 20:59 - 2014-06-12 21:06 - 00000000 ____D () C:\Users\Bob\AppData\Local\NVIDIA
2014-06-12 20:59 - 2014-06-12 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-12 20:59 - 2014-05-30 07:07 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-06-12 20:59 - 2014-05-30 07:07 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-06-12 20:58 - 2014-06-12 21:02 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-12 20:58 - 2014-06-12 20:59 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-12 20:58 - 2014-06-12 20:58 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-12 20:58 - 2014-05-20 10:44 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-06-12 20:58 - 2014-05-20 10:44 - 00052056 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-06-12 20:58 - 2014-05-20 09:25 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-06-12 20:58 - 2014-05-20 09:25 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-06-12 20:58 - 2014-05-20 09:25 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-06-12 20:58 - 2014-05-20 09:25 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-06-12 20:58 - 2014-05-20 09:25 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-06-12 20:58 - 2014-05-20 07:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-06-12 20:58 - 2014-05-15 07:49 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-06-12 20:57 - 2014-05-20 10:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-12 20:57 - 2014-05-20 10:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-06-12 20:57 - 2014-05-20 10:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-06-12 20:57 - 2014-05-20 10:44 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-06-12 20:56 - 2014-06-12 21:07 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-12 20:56 - 2014-06-12 20:56 - 00000000 ____D () C:\NVIDIA
2014-06-12 20:56 - 2014-04-01 00:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-12 20:56 - 2014-04-01 00:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-06-12 20:56 - 2014-04-01 00:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-12 20:50 - 2014-06-25 22:33 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-12 20:42 - 2014-06-12 20:42 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-12 20:42 - 2014-06-12 20:42 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-12 20:42 - 2014-06-12 20:42 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-12 20:42 - 2014-06-12 20:42 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-12 20:42 - 2014-06-12 20:42 - 00000000 ____D () C:\Windows\Sun
2014-06-12 20:42 - 2014-06-12 20:42 - 00000000 ____D () C:\ProgramData\Sun
2014-06-12 20:42 - 2014-06-12 20:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-12 20:42 - 2014-06-12 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-12 20:42 - 2014-06-12 20:42 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-12 20:38 - 2014-06-12 20:38 - 00009933 _____ () C:\Windows\DirectX.log
2014-06-12 20:38 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-06-12 20:38 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-06-12 20:38 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-06-12 20:38 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-06-12 20:38 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-06-12 20:38 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-06-12 20:38 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-06-12 20:38 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-06-12 20:38 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-06-12 20:38 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-06-12 20:38 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-06-12 20:38 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-06-12 20:38 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-06-12 20:38 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-06-12 20:38 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-06-12 20:38 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-06-12 20:38 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-06-12 20:38 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-06-12 20:38 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-06-12 20:38 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-06-12 20:38 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-06-12 20:38 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-06-12 20:38 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-06-12 20:38 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-06-12 20:38 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-06-12 20:38 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-06-12 20:38 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-06-12 20:38 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-06-12 20:38 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-06-12 20:38 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-06-12 20:38 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-06-12 20:38 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-06-12 20:38 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-06-12 20:38 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-06-12 20:38 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-06-12 20:38 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-06-12 20:38 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-06-12 20:38 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-06-12 20:38 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-06-12 20:38 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-06-12 20:38 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-06-12 20:38 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-06-12 20:38 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-06-12 20:38 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-06-12 20:38 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-06-12 20:38 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-06-12 20:38 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-06-12 20:38 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-06-12 20:38 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-06-12 20:38 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-06-12 20:38 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-06-12 20:38 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-06-12 20:38 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-06-12 20:38 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-06-12 20:38 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-06-12 20:38 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-06-12 20:38 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-06-12 20:38 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-06-12 20:38 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-06-12 20:38 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-06-12 20:38 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-06-12 20:38 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-06-12 20:38 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-06-12 20:38 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-06-12 20:38 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-06-12 20:38 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-06-12 20:38 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-06-12 20:38 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-06-12 20:38 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-06-12 20:38 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-06-12 20:38 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-06-12 20:38 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-06-12 20:38 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-06-12 20:38 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-06-12 20:38 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-06-12 20:38 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-06-12 20:38 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-06-12 20:38 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-06-12 20:38 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-06-12 20:38 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-06-12 20:38 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-06-12 20:38 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-06-12 20:38 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-06-12 20:38 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-06-12 20:38 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-06-12 20:38 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-06-12 20:38 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-06-12 20:38 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-06-12 20:38 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-06-12 20:38 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-06-12 20:38 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-06-12 20:38 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-06-12 20:38 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-06-12 20:38 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-06-12 20:38 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-06-12 20:38 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-06-12 20:38 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-06-12 20:38 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-06-12 20:38 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-06-12 20:38 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-06-12 20:38 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-06-12 20:38 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-06-12 20:38 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-06-12 20:38 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-06-12 20:38 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-06-12 20:38 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-06-12 20:38 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-06-12 20:38 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-06-12 20:38 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-06-12 20:38 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-06-12 20:38 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-06-12 20:38 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-06-12 20:38 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-06-12 20:38 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-06-12 20:38 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-06-12 20:38 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-06-12 20:38 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-06-12 20:38 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-06-12 20:38 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-06-12 20:38 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-06-12 20:38 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-06-12 20:38 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-06-12 20:38 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-06-12 20:38 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-06-12 20:38 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-06-12 20:38 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-06-12 20:38 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-06-12 20:38 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-06-12 20:38 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-06-12 20:38 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-06-12 20:38 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-06-12 20:38 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-06-12 20:38 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-06-12 20:38 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-06-12 20:38 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-06-12 20:38 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-06-12 20:38 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-06-12 20:38 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-06-12 20:38 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-06-12 20:38 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-06-12 20:38 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-06-12 20:38 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-06-12 20:38 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-06-12 20:38 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-06-12 20:38 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-06-12 20:38 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-06-12 20:38 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-06-12 20:38 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-06-12 20:38 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-06-12 20:38 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-06-12 20:38 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-06-12 20:38 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-06-12 20:38 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-06-12 20:38 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-06-12 20:38 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-06-12 20:38 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-06-12 20:38 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-06-12 20:38 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-06-12 20:38 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-06-12 20:38 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-06-12 20:38 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-06-12 20:38 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-06-12 20:38 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-06-12 20:38 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-06-12 20:38 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-06-12 20:38 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-06-12 20:38 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-06-12 20:38 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-06-12 20:38 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-06-12 20:38 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-06-12 20:38 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-06-12 20:38 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-06-12 20:38 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-06-12 20:38 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-06-12 20:38 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-06-12 20:38 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-06-12 20:38 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-06-12 20:38 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-06-12 20:38 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-06-12 20:38 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-06-12 20:38 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-06-12 20:38 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-06-12 20:36 - 2014-06-12 20:38 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-12 20:33 - 2014-06-12 20:33 - 00000000 __SHD () C:\Users\Bob\AppData\Local\EmieUserList
2014-06-12 20:33 - 2014-06-12 20:33 - 00000000 __SHD () C:\Users\Bob\AppData\Local\EmieSiteList
2014-06-12 20:25 - 2014-06-12 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2014-06-12 20:25 - 2014-06-12 20:25 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-06-12 20:23 - 2014-06-12 20:26 - 00000156 _____ () C:\csb.log
2014-06-12 20:23 - 2014-06-12 20:26 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2014-06-12 20:23 - 2014-06-12 20:23 - 00000000 ____D () C:\Program Files\GIGABYTE
2014-06-12 20:23 - 2012-10-25 09:01 - 00022680 _____ () C:\Windows\system32\Drivers\AppleCharger.sys
2014-06-12 20:23 - 2010-04-06 16:30 - 00031272 _____ () C:\Windows\system32\AppleChargerSrv.exe
2014-06-12 20:22 - 2014-06-12 20:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-06-12 20:22 - 2012-05-21 00:25 - 00019264 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2014-06-12 20:21 - 2014-06-15 17:07 - 00065600 _____ () C:\Users\Bob\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-12 20:21 - 2014-06-12 20:21 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-06-12 20:21 - 2014-06-12 20:21 - 00000000 ____D () C:\Program Files\Realtek
2014-06-12 20:21 - 2012-07-18 11:57 - 00015168 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2014-06-12 20:21 - 2011-09-29 17:30 - 00646248 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-06-12 20:21 - 2011-09-29 17:30 - 00074272 _____ () C:\Windows\system32\RtNicProp64.dll
2014-06-12 20:20 - 2014-06-12 20:22 - 00000189 _____ () C:\Install.log
2014-06-12 20:20 - 2014-06-12 20:21 - 00003203 _____ () C:\RHDSetup.log
2014-06-12 20:20 - 2014-06-12 20:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-06-12 20:20 - 2014-06-12 20:21 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-06-12 20:20 - 2014-06-12 20:21 - 00000000 ____D () C:\ProgramData\Intel
2014-06-12 20:20 - 2014-06-12 20:21 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-12 20:20 - 2014-06-12 20:20 - 00000000 ____D () C:\Program Files\Intel
2014-06-12 20:20 - 2012-07-04 10:55 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-06-12 20:20 - 2012-06-19 16:54 - 04065296 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-06-12 20:20 - 2012-06-19 13:31 - 00293889 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-06-12 20:20 - 2012-06-08 16:23 - 00083072 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2014-06-12 20:20 - 2012-06-08 16:21 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2014-06-12 20:20 - 2012-06-08 16:21 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2014-06-12 20:20 - 2012-06-08 16:18 - 03615888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-06-12 20:20 - 2012-06-06 10:44 - 00869520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-06-12 20:20 - 2012-06-01 09:37 - 02674320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-06-12 20:20 - 2012-05-31 18:08 - 00105616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-06-12 20:20 - 2012-05-25 18:06 - 01706640 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-06-12 20:20 - 2012-05-10 15:22 - 01262696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-06-12 20:20 - 2012-04-10 14:40 - 02533952 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-06-12 20:20 - 2012-04-03 18:42 - 01015640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-06-12 20:20 - 2012-03-08 11:47 - 00202336 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-06-12 20:20 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-06-12 20:20 - 2012-02-21 19:45 - 02605400 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2014-06-12 20:20 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-06-12 20:20 - 2011-12-18 17:58 - 02131288 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-06-12 20:20 - 2011-12-16 14:57 - 00065112 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld64.dll
2014-06-12 20:20 - 2011-12-13 16:58 - 01560168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-06-12 20:20 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-06-12 20:20 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-06-12 20:20 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-06-12 20:20 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-06-12 20:20 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-06-12 20:20 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-06-12 20:20 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-06-12 20:20 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-06-12 20:20 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-06-12 20:20 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-06-12 20:20 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-06-12 20:20 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-06-12 20:20 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-06-12 20:20 - 2009-11-18 07:13 - 00060504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn64.dll
2014-06-12 20:19 - 2014-06-12 21:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-12 20:19 - 2014-06-12 20:31 - 00000010 _____ () C:\Windows\GSetup.ini
2014-06-12 20:19 - 2014-06-12 20:25 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-06-12 20:19 - 2014-06-12 20:19 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\InstallShield
2014-06-12 20:19 - 2014-06-12 20:19 - 00000000 ____D () C:\Intel
2014-06-12 20:19 - 2012-07-02 15:16 - 00062784 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2014-06-12 20:18 - 2014-06-25 09:32 - 00000000 ____D () C:\Users\Bob
2014-06-12 20:18 - 2014-06-23 20:23 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Adobe
2014-06-12 20:18 - 2014-06-12 20:18 - 00001413 _____ () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-12 20:18 - 2014-06-12 20:18 - 00000020 ___SH () C:\Users\Bob\ntuser.ini
2014-06-12 20:18 - 2014-06-12 20:18 - 00000000 ____D () C:\Users\Bob\AppData\Local\VirtualStore
2014-06-12 20:18 - 2009-07-14 12:54 - 00000000 ___RD () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-12 20:18 - 2009-07-14 12:49 - 00000000 ___RD () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-12 20:16 - 2014-06-12 20:16 - 00319425 __RSH () C:\MWATL
2014-06-12 20:15 - 2014-06-25 22:36 - 02095283 _____ () C:\Windows\WindowsUpdate.log
2014-06-12 20:15 - 2014-06-12 23:12 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 20:15 - 2014-06-12 20:15 - 00000000 __SHD () C:\Recovery

==================== One Month Modified Files and Folders =======

2014-06-25 22:40 - 2014-06-25 22:40 - 00000000 ____D () C:\FRST
2014-06-25 22:40 - 2014-06-25 22:39 - 00000000 ____D () C:\Users\Bob\Desktop\New folder
2014-06-25 22:40 - 2009-07-14 13:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-25 22:40 - 2009-07-14 12:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-25 22:40 - 2009-07-14 12:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-25 22:36 - 2014-06-12 20:15 - 02095283 _____ () C:\Windows\WindowsUpdate.log
2014-06-25 22:33 - 2014-06-12 20:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-25 22:33 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-25 22:33 - 2009-07-14 12:51 - 00055148 _____ () C:\Windows\setupact.log
2014-06-25 22:32 - 2014-06-25 22:32 - 00007656 _____ () C:\Users\Bob\Desktop\AdwCleaner[R0].txt
2014-06-25 22:32 - 2014-06-25 22:30 - 00000000 ____D () C:\AdwCleaner
2014-06-25 22:32 - 2010-11-21 11:47 - 00011682 _____ () C:\Windows\PFRO.log
2014-06-25 22:30 - 2014-06-25 22:22 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate
2014-06-25 22:30 - 2014-06-14 21:47 - 00002754 _____ () C:\Users\Bob\AppData\Roaming\ICARE_ACTIVITY.LOG
2014-06-25 22:27 - 2014-06-25 22:27 - 01342659 _____ () C:\Users\Bob\Downloads\adwcleaner_3.213.exe
2014-06-25 22:25 - 2014-06-25 22:25 - 00000000 ____D () C:\Users\Bob\Downloads\AutoRunExterminator-1.8
2014-06-25 22:23 - 2014-06-25 22:23 - 00000000 ____D () C:\Users\Bob\Documents\Wondershare Video Converter Ultimate
2014-06-25 22:23 - 2014-06-25 22:23 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Wondershare Video Converter Ultimate
2014-06-25 22:23 - 2014-06-25 22:23 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-06-25 22:22 - 2014-06-25 22:22 - 00001460 _____ () C:\Users\Public\Desktop\Wondershare Video Converter Ultimate.lnk
2014-06-25 22:22 - 2014-06-25 22:22 - 00000000 ____D () C:\Users\Bob\AppData\Local\Wondershare
2014-06-25 22:22 - 2014-06-25 22:22 - 00000000 ____D () C:\ProgramData\Wondershare
2014-06-25 22:22 - 2014-06-25 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-06-25 22:22 - 2014-06-25 22:22 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-06-25 22:08 - 2014-06-22 23:46 - 00000000 ____D () C:\Program Files (x86)\iExplorer
2014-06-25 21:55 - 2014-06-12 21:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-25 21:45 - 2014-06-25 21:45 - 00258048 ____N (Marvell Inc) C:\ProgramData\wmimgmt.exe
2014-06-25 21:45 - 2014-06-25 21:45 - 00000000 __SHD () C:\Users\Public\Documents\Media
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft ICE
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\Program Files\Microsoft Research
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\Program Files (x86)\SiteLookup
2014-06-25 21:41 - 2014-06-25 21:40 - 02270208 _____ () C:\Users\Bob\Desktop\ICE-1.4.4-for-32-bit-Windows.msi
2014-06-25 21:37 - 2014-06-25 21:36 - 02534400 _____ () C:\Users\Bob\Downloads\ICE-1.4.4-for-64-bit-Windows.msi
2014-06-25 14:41 - 2014-06-13 00:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-25 12:52 - 2014-06-13 09:01 - 00001234 __RSH () C:\Users\Family\ntuser.pol
2014-06-25 12:52 - 2014-06-13 00:13 - 00000000 ____D () C:\Users\Family
2014-06-25 09:32 - 2014-06-13 09:00 - 00000632 __RSH () C:\Users\Bob\ntuser.pol
2014-06-25 09:32 - 2014-06-12 20:18 - 00000000 ____D () C:\Users\Bob
2014-06-24 22:37 - 2014-06-24 22:37 - 00000000 ____D () C:\Users\Family\AppData\Local\Apple
2014-06-24 21:04 - 2014-06-24 20:57 - 00000000 ____D () C:\Users\Family\Downloads\Contractor Application Pass Form
2014-06-24 20:56 - 2014-06-24 20:56 - 00038058 _____ () C:\Users\Family\Downloads\Contractor Application Pass Form.zip
2014-06-24 11:25 - 2014-06-24 11:07 - 209715200 _____ () C:\Users\Family\Downloads\Digimon World 3.part2.rar
2014-06-24 11:23 - 2014-06-24 11:23 - 01071149 _____ () C:\Users\Family\Desktop\660PRO-B10.fix1.rar
2014-06-24 11:15 - 2014-06-24 10:56 - 209715200 _____ () C:\Users\Family\Downloads\Digimon World 3.part1.rar
2014-06-24 11:11 - 2014-06-24 11:07 - 38488422 _____ () C:\Users\Family\Downloads\Digimon World 3.part3.rar
2014-06-24 11:11 - 2014-06-24 11:04 - 00000000 ____D () C:\Users\Family\Downloads\DW3
2014-06-24 09:40 - 2014-06-21 12:12 - 00000000 ____D () C:\Users\Family\Desktop\Mike Diploma stuff
2014-06-24 07:50 - 2014-06-19 23:34 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-23 22:53 - 2014-06-23 22:53 - 00000000 ____D () C:\Users\Family\Downloads\Digimon World 2003 [PAL][SLES-03936]
2014-06-23 22:45 - 2014-06-21 10:49 - 00000000 ____D () C:\Users\Family\Desktop\tmstreamer_x86_989CD67AC8B282B6
2014-06-23 20:23 - 2014-06-12 20:18 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Adobe
2014-06-23 19:15 - 2014-06-23 19:15 - 00001496 _____ () C:\Users\Bob\Desktop\holding - Shortcut.lnk
2014-06-23 19:14 - 2014-06-23 19:14 - 00001533 _____ () C:\Users\Bob\Desktop\direct jpegs - Shortcut.lnk
2014-06-23 18:45 - 2014-06-23 18:45 - 00001172 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.lnk
2014-06-23 18:45 - 2014-06-23 18:45 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.lnk
2014-06-23 18:45 - 2014-06-23 18:45 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-23 16:51 - 2014-06-23 16:51 - 00000000 ____D () C:\Users\Family\AppData\Roaming\Ahead
2014-06-23 16:51 - 2014-06-23 16:51 - 00000000 ____D () C:\Users\Family\AppData\Local\Ahead
2014-06-23 16:50 - 2014-06-18 22:15 - 00000000 ____D () C:\Users\Family\AppData\Local\Apple Computer
2014-06-23 15:57 - 2014-06-20 08:29 - 00000000 ____D () C:\Users\Family\AppData\Roaming\vlc
2014-06-23 06:19 - 2014-06-22 21:48 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\uTorrent
2014-06-22 23:47 - 2014-06-22 23:47 - 00000000 ____D () C:\Users\Bob\AppData\Local\Macroplant_LLC
2014-06-22 23:47 - 2014-06-22 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-06-22 23:47 - 2014-06-22 23:47 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-06-22 23:43 - 2014-06-22 23:43 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-06-22 23:43 - 2014-06-22 23:43 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\iFunBox.NXGen
2014-06-22 23:43 - 2014-06-22 22:53 - 00000000 ____D () C:\Program Files (x86)\Wide Angle Software
2014-06-22 23:29 - 2014-06-22 22:54 - 00000000 ____D () C:\Users\Bob\AppData\Local\Wide Angle Software
2014-06-22 23:17 - 2014-06-22 23:17 - 00000000 ____D () C:\Users\Bob\AppData\Local\{2A82324E-1E3C-4E88-A68A-8BA11B0417FE}
2014-06-22 23:12 - 2014-06-22 23:12 - 00000000 ____D () C:\Users\Bob\Documents\iTools
2014-06-22 22:46 - 2014-06-22 22:44 - 00000210 _____ () C:\Users\Bob\AppData\Roaming\iPod Access v4 Prefs
2014-06-22 22:44 - 2014-06-22 22:44 - 00000042 ____H () C:\Users\Bob\AppData\Roaming\iPodAccessv4_OwnerName
2014-06-22 22:44 - 2014-06-22 22:44 - 00000042 ____H () C:\ProgramData\iPodAccessv4_OwnerName
2014-06-22 22:44 - 2014-06-22 22:44 - 00000000 ____D () C:\ProgramData\eSellerate
2014-06-22 22:43 - 2014-06-22 22:43 - 00000257 _____ () C:\Users\Bob\AppData\Roaming\com.kennettnet.MusicRescue4.plist
2014-06-22 22:43 - 2014-06-22 22:43 - 00000011 ____H () C:\Users\Bob\AppData\Roaming\iPodAccess_Time
2014-06-22 22:40 - 2014-06-22 22:40 - 00000000 ____D () C:\Users\Bob\AppData\Local\Downloaded Installations
2014-06-22 22:37 - 2014-06-22 22:37 - 00000000 ____D () C:\Users\Bob\Downloads\New folder
2014-06-22 22:37 - 2014-06-16 19:41 - 00000000 ____D () C:\Program Files\Unlocker
2014-06-22 22:29 - 2009-07-14 10:34 - 00000580 _____ () C:\Windows\win.ini
2014-06-22 21:43 - 2014-06-22 21:43 - 00002972 _____ () C:\Windows\System32\Tasks\{B49CF12D-5771-4547-BF50-D2281C372B4C}
2014-06-22 21:38 - 2014-06-22 21:38 - 00000000 ____D () C:\Users\Bob\Documents\ImTOO
2014-06-22 21:38 - 2014-06-22 21:38 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\NVIDIA
2014-06-22 21:38 - 2014-06-22 21:38 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\ImTOO
2014-06-22 13:46 - 2014-06-22 13:36 - 65830168 _____ () C:\Users\Family\Downloads\hackshield2(1).rar
2014-06-22 13:46 - 2014-06-19 09:19 - 00000000 ____D () C:\Users\Family\Desktop\WarZlauncher.exe_1.0.0
2014-06-22 13:40 - 2014-06-14 16:34 - 00000000 ____D () C:\Users\Family\Documents\Infestation Survivor Stories
2014-06-21 20:21 - 2014-06-21 20:21 - 00000000 ____D () C:\Users\Family\Downloads\pops
2014-06-21 19:16 - 2014-06-21 10:28 - 00000000 ____D () C:\Users\Family\Downloads\Digimon World 3 IMG
2014-06-21 15:25 - 2014-06-18 22:27 - 00000000 ____D () C:\Users\Family\AppData\Roaming\uTorrent
2014-06-21 10:27 - 2014-06-21 10:25 - 00000000 ____D () C:\Users\Family\Downloads\psgui
2014-06-21 10:10 - 2014-06-21 10:10 - 00000222 _____ () C:\Users\Family\Desktop\Infestation Survivor Stories.url
2014-06-20 10:45 - 2014-06-20 10:27 - 00000000 ____D () C:\Users\Family\Downloads\Game of Thrones S04E09 HDTV x264-KILLERS[ettv]
2014-06-20 10:42 - 2014-06-20 10:31 - 00000000 ____D () C:\Users\Family\Downloads\(PSX-PSP) Digimon World 1 - 3 converted properly [ResourceRG Games by KloWn]
2014-06-20 10:30 - 2014-06-20 10:28 - 00000000 ____D () C:\Users\Family\Downloads\Game of Thrones S04E10 HDTV x264-KILLERS[ettv]
2014-06-20 08:28 - 2014-06-20 08:28 - 00000000 ____D () C:\Users\Family\AppData\Roaming\AVAST Software
2014-06-20 00:01 - 2014-06-20 00:01 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\vlc
2014-06-20 00:00 - 2014-06-20 00:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-20 00:00 - 2014-06-20 00:00 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-06-19 23:35 - 2014-06-19 23:35 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\AVAST Software
2014-06-19 23:35 - 2014-06-19 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-19 23:34 - 2014-06-19 23:34 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1403192088941
2014-06-19 23:34 - 2014-06-19 23:34 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1403192088941
2014-06-19 23:34 - 2014-06-19 23:34 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-19 23:34 - 2014-06-19 23:34 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-19 23:34 - 2014-06-19 23:34 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-19 23:34 - 2014-06-19 23:34 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-19 22:58 - 2014-06-19 22:58 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-19 22:41 - 2014-06-19 22:41 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-19 22:29 - 2014-06-19 22:27 - 04768536 _____ (AVAST Software) C:\Users\Family\Downloads\avast_internet_security_setup_online.exe
2014-06-19 15:27 - 2014-06-20 09:31 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w64.sys
2014-06-19 12:23 - 2014-06-19 12:23 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\EPSON
2014-06-19 12:23 - 2014-06-19 12:23 - 00000000 _____ () C:\Users\Bob\Sti_Trace.log
2014-06-19 09:19 - 2014-06-19 09:18 - 06120208 _____ () C:\Users\Family\Downloads\WarZlauncher.exe_1.0.0.rar
2014-06-18 22:48 - 2014-06-18 22:48 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\iMobie
2014-06-18 22:48 - 2014-06-18 22:48 - 00000000 ____D () C:\Users\Bob\AppData\Local\iMobie_Inc
2014-06-18 22:27 - 2014-06-18 22:27 - 00000814 _____ () C:\Users\Family\Desktop\µTorrent.lnk
2014-06-18 22:27 - 2014-06-18 22:26 - 01700688 _____ (BitTorrent Inc.) C:\Users\Family\Downloads\uTorrent.exe
2014-06-18 22:15 - 2014-06-18 22:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-18 22:15 - 2014-06-13 00:13 - 00000000 ____D () C:\Users\Family\AppData\Roaming\Apple Computer
2014-06-16 21:45 - 2009-07-14 11:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-16 19:41 - 2014-06-16 19:41 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-06-16 19:36 - 2014-06-16 19:36 - 00000000 ____D () C:\Users\Bob\Desktop\AutoRunExterminator-1.8
2014-06-16 19:35 - 2009-07-14 13:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-06-15 17:08 - 2009-07-14 12:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-06-15 17:07 - 2014-06-12 20:21 - 00065600 _____ () C:\Users\Bob\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-15 11:40 - 2014-06-13 00:15 - 00065600 _____ () C:\Users\Family\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-15 11:37 - 2009-07-14 12:45 - 00308936 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-15 00:25 - 2014-06-12 21:18 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-15 00:25 - 2009-07-14 11:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-06-15 00:23 - 2009-07-14 11:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-15 00:21 - 2014-06-12 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-15 00:17 - 2014-06-12 21:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-15 00:15 - 2014-06-15 00:15 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-15 00:15 - 2014-06-15 00:15 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-14 22:22 - 2014-06-14 22:22 - 00000000 ____D () C:\Users\Family\AppData\Local\Arktos Entertainment
2014-06-14 21:51 - 2014-06-14 21:51 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-06-14 21:51 - 2014-06-14 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-06-14 21:51 - 2014-06-14 21:50 - 00000000 ____D () C:\ProgramData\EPSON
2014-06-14 21:50 - 2014-06-14 21:50 - 00000000 ____D () C:\Program Files (x86)\epson
2014-06-14 17:23 - 2014-06-14 17:23 - 00000000 ____D () C:\Users\Family\Documents\Arktos
2014-06-14 17:23 - 2014-06-14 17:23 - 00000000 ____D () C:\Users\Family\AppData\Local\CrashRpt
2014-06-14 17:23 - 2014-06-14 17:23 - 00000000 ____D () C:\Users\Family\AppData\Local\Arktos
2014-06-14 16:38 - 2014-06-14 16:38 - 01854120 _____ () C:\Users\Family\Downloads\tmstreamer_x86_989CD67AC8B282B6.zip
2014-06-14 16:34 - 2014-06-14 16:34 - 00001003 _____ () C:\Users\Family\Desktop\Infestation Survivor Stories.lnk
2014-06-14 16:34 - 2014-06-14 16:34 - 00000000 ____D () C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Infestation Survivor Stories
2014-06-14 16:33 - 2014-06-14 16:33 - 08234912 _____ (OP Productions LLC ) C:\Users\Family\Downloads\Infestation_WebSetup.exe
2014-06-14 13:50 - 2014-06-14 13:32 - 00000000 ____D () C:\Users\Family\Documents\ConvertXtoDVD
2014-06-14 13:45 - 2014-06-14 13:45 - 00000000 __SHD () C:\Users\Family\AppData\Local\EmieUserList
2014-06-14 13:45 - 2014-06-14 13:45 - 00000000 __SHD () C:\Users\Family\AppData\Local\EmieSiteList
2014-06-14 13:45 - 2014-06-14 13:45 - 00000000 ____D () C:\ProgramData\vsosdk
2014-06-14 13:32 - 2014-06-12 21:27 - 00000000 ____D () C:\ProgramData\VSO
2014-06-14 13:11 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\rescache
2014-06-14 12:34 - 2014-06-16 19:36 - 00001142 _____ () C:\Users\Bob\Desktop\How to Remove RecycleBIN virus.txt
2014-06-14 12:34 - 2014-06-14 12:34 - 00001142 _____ () C:\Users\Bob\Downloads\How to Remove RecycleBIN virus.txt
2014-06-14 12:18 - 2014-06-14 12:18 - 00017028 _____ () C:\Users\Bob\Downloads\AutoRunExterminator-1.8.zip
2014-06-13 12:04 - 2014-06-13 12:04 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-06-13 12:04 - 2009-07-14 13:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-06-13 12:04 - 2009-07-14 13:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-06-13 10:37 - 2014-06-13 00:14 - 00000000 ____D () C:\Users\Family\AppData\Local\NVIDIA Corporation
2014-06-13 09:00 - 2009-07-14 11:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-13 03:07 - 2014-05-16 01:51 - 00003652 _____ () C:\Windows\TSSysprep.log
2014-06-13 03:07 - 2009-07-14 12:46 - 00003806 _____ () C:\Windows\DtcInstall.log
2014-06-13 03:05 - 2014-06-13 03:05 - 00000000 ____D () C:\Windows\CSC
2014-06-13 00:34 - 2014-06-13 00:34 - 00000219 _____ () C:\Users\Family\Desktop\Dota 2.url
2014-06-13 00:31 - 2014-06-13 00:31 - 00001366 _____ () C:\Users\Family\Desktop\Steam.lnk
2014-06-13 00:29 - 2014-06-13 00:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-13 00:25 - 2014-06-13 00:25 - 01141680 _____ () C:\Users\Family\Downloads\SteamSetup.exe
2014-06-13 00:23 - 2014-06-13 00:23 - 00016630 _____ () C:\Users\Family\Downloads\Outlook.com.zip
2014-06-13 00:18 - 2014-06-13 00:18 - 00000000 ____D () C:\Users\Family\AppData\Roaming\WinRAR
2014-06-13 00:18 - 2014-06-13 00:18 - 00000000 ____D () C:\Users\Family\AppData\OICE_15_974FA576_32C1D314_2F1C
2014-06-13 00:15 - 2014-06-13 00:15 - 00000000 ____D () C:\Users\Family\AppData\Roaming\Macromedia
2014-06-13 00:15 - 2014-06-13 00:15 - 00000000 ____D () C:\Users\Family\AppData\Local\Macromedia
2014-06-13 00:13 - 2014-06-13 00:13 - 00001413 _____ () C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-13 00:13 - 2014-06-13 00:13 - 00000020 ___SH () C:\Users\Family\ntuser.ini
2014-06-13 00:13 - 2014-06-13 00:13 - 00000000 ____D () C:\Users\Family\AppData\Roaming\Mozilla
2014-06-13 00:13 - 2014-06-13 00:13 - 00000000 ____D () C:\Users\Family\AppData\Roaming\Adobe
2014-06-13 00:13 - 2014-06-13 00:13 - 00000000 ____D () C:\Users\Family\AppData\Local\NVIDIA
2014-06-13 00:13 - 2014-06-13 00:13 - 00000000 ____D () C:\Users\Family\AppData\Local\Mozilla
2014-06-12 23:21 - 2014-06-12 23:11 - 00287942 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-06-12 23:13 - 2014-06-12 23:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 23:12 - 2014-06-12 20:15 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 23:10 - 2014-06-12 23:10 - 00295526 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-06-12 23:10 - 2014-06-12 23:10 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-06-12 23:10 - 2014-05-16 01:43 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 23:07 - 2014-06-12 22:45 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Apple Computer
2014-06-12 22:53 - 2014-06-12 22:53 - 00105364 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-06-12 22:45 - 2014-06-12 22:45 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-12 22:45 - 2014-06-12 22:45 - 00000000 ____D () C:\Users\Bob\AppData\Local\Apple Computer
2014-06-12 22:45 - 2014-06-12 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-12 22:45 - 2014-06-12 22:45 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-12 22:45 - 2014-06-12 22:45 - 00000000 ____D () C:\Program Files\iTunes
2014-06-12 22:45 - 2014-06-12 22:45 - 00000000 ____D () C:\Program Files\iPod
2014-06-12 22:45 - 2014-06-12 22:45 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-12 22:44 - 2014-06-12 22:44 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-06-12 22:44 - 2014-06-12 22:44 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-06-12 22:44 - 2014-06-12 22:44 - 00000000 ____D () C:\Users\Bob\AppData\Local\Apple
2014-06-12 22:44 - 2014-06-12 22:44 - 00000000 ____D () C:\ProgramData\Apple
2014-06-12 22:44 - 2014-06-12 22:44 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-12 22:44 - 2014-06-12 22:44 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-12 22:44 - 2014-06-12 22:44 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-12 22:44 - 2014-06-12 22:44 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-12 22:42 - 2014-06-12 22:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-12 21:40 - 2014-06-12 21:40 - 00000043 _____ () C:\Users\Bob\AppData\Roaming\WB.CFG
2014-06-12 21:34 - 2014-06-12 21:16 - 00000016 _____ () C:\Windows\SysWOW64\w3data.vss
2014-06-12 21:34 - 2014-06-12 21:16 - 00000016 _____ () C:\Windows\SysWOW64\msvcsv60.dll
2014-06-12 21:34 - 2014-06-12 21:16 - 00000016 _____ () C:\Windows\msocreg32.dat
2014-06-12 21:27 - 2014-06-12 21:27 - 00099384 _____ () C:\Users\Bob\AppData\Roaming\inst.exe
2014-06-12 21:27 - 2014-06-12 21:27 - 00082816 _____ (VSO Software) C:\Users\Bob\AppData\Roaming\pcouffin.sys
2014-06-12 21:27 - 2014-06-12 21:27 - 00007859 _____ () C:\Users\Bob\AppData\Roaming\pcouffin.cat
2014-06-12 21:27 - 2014-06-12 21:27 - 00001228 _____ () C:\Users\Bob\Desktop\ConvertXToDVD 5.lnk
2014-06-12 21:27 - 2014-06-12 21:27 - 00000055 _____ () C:\Users\Bob\AppData\Roaming\pcouffin.log
2014-06-12 21:27 - 2014-06-12 21:27 - 00000000 ____D () C:\Users\Bob\Documents\PcSetup
2014-06-12 21:27 - 2014-06-12 21:27 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Vso
2014-06-12 21:27 - 2014-06-12 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2014-06-12 21:27 - 2014-06-12 21:27 - 00000000 ____D () C:\Program Files (x86)\VSO
2014-06-12 21:26 - 2014-06-12 21:26 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\WinRAR
2014-06-12 21:25 - 2014-06-12 21:25 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-06-12 21:25 - 2014-06-12 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-06-12 21:25 - 2014-06-12 21:25 - 00000000 ____D () C:\Program Files\WinRAR
2014-06-12 21:23 - 2014-06-12 21:23 - 00002742 _____ () C:\Users\Public\Desktop\Nero StartSmart.lnk
2014-06-12 21:23 - 2014-06-12 21:23 - 00000000 ____D () C:\Users\Bob\AppData\Local\Ahead
2014-06-12 21:23 - 2014-06-12 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition
2014-06-12 21:21 - 2014-06-12 21:21 - 00000000 ____D () C:\ProgramData\Nero
2014-06-12 21:21 - 2014-06-12 21:21 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-06-12 21:20 - 2014-06-12 21:20 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-06-12 21:20 - 2014-06-12 21:20 - 00000000 ____D () C:\Windows\PCHEALTH
2014-06-12 21:20 - 2014-06-12 21:20 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-06-12 21:20 - 2014-06-12 21:20 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-12 21:20 - 2014-06-12 21:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-06-12 21:20 - 2014-06-12 21:18 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-12 21:19 - 2014-06-12 21:19 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-06-12 21:19 - 2014-06-12 21:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-06-12 21:19 - 2011-04-12 16:28 - 00000000 ____D () C:\Windows\ShellNew
2014-06-12 21:18 - 2014-06-12 21:18 - 00000000 ____D () C:\Users\Bob\AppData\Local\Microsoft Help
2014-06-12 21:18 - 2014-06-12 21:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-06-12 21:17 - 2014-06-12 21:17 - 00000000 __RHD () C:\MSOCache
2014-06-12 21:16 - 2014-06-12 21:15 - 00001103 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-RackS 3.lnk
2014-06-12 21:15 - 2014-06-12 21:15 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-12 21:15 - 2014-06-12 21:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-12 21:15 - 2014-06-12 21:15 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 21:15 - 2014-06-12 21:15 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-06-12 21:15 - 2014-06-12 21:15 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-12 21:15 - 2014-06-12 21:15 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Macromedia
2014-06-12 21:15 - 2014-06-12 21:15 - 00000000 ____D () C:\Users\Bob\AppData\Local\Macromedia
2014-06-12 21:15 - 2014-06-12 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2014-06-12 21:15 - 2014-06-12 21:15 - 00000000 ____D () C:\Program Files (x86)\Steinberg
2014-06-12 21:15 - 2014-06-12 21:15 - 00000000 ____D () C:\Program Files (x86)\IK Multimedia
2014-06-12 21:15 - 2014-06-12 20:19 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-12 21:13 - 2014-06-12 21:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-06-12 21:08 - 2014-06-12 20:59 - 00000000 ____D () C:\Users\Bob\AppData\Local\NVIDIA Corporation
2014-06-12 21:07 - 2014-06-12 20:56 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-12 21:06 - 2014-06-12 20:59 - 00000000 ____D () C:\Users\Bob\AppData\Local\NVIDIA
2014-06-12 21:05 - 2014-06-12 21:05 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-12 21:05 - 2014-06-12 21:05 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-12 21:05 - 2014-06-12 21:05 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Mozilla
2014-06-12 21:05 - 2014-06-12 21:05 - 00000000 ____D () C:\Users\Bob\AppData\Local\Mozilla
2014-06-12 21:05 - 2014-06-12 21:05 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-12 21:05 - 2014-06-12 21:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 21:03 - 2014-06-12 20:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-12 21:02 - 2014-06-12 20:58 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-12 20:59 - 2014-06-12 20:58 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-12 20:58 - 2014-06-12 20:58 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-12 20:58 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\Help
2014-06-12 20:56 - 2014-06-12 20:56 - 00000000 ____D () C:\NVIDIA
2014-06-12 20:42 - 2014-06-12 20:42 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-12 20:42 - 2014-06-12 20:42 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-12 20:42 - 2014-06-12 20:42 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-12 20:42 - 2014-06-12 20:42 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-12 20:42 - 2014-06-12 20:42 - 00000000 ____D () C:\Windows\Sun
2014-06-12 20:42 - 2014-06-12 20:42 - 00000000 ____D () C:\ProgramData\Sun
2014-06-12 20:42 - 2014-06-12 20:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-12 20:42 - 2014-06-12 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-12 20:42 - 2014-06-12 20:42 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-12 20:38 - 2014-06-12 20:38 - 00009933 _____ () C:\Windows\DirectX.log
2014-06-12 20:38 - 2014-06-12 20:36 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-12 20:33 - 2014-06-12 20:33 - 00000000 __SHD () C:\Users\Bob\AppData\Local\EmieUserList
2014-06-12 20:33 - 2014-06-12 20:33 - 00000000 __SHD () C:\Users\Bob\AppData\Local\EmieSiteList
2014-06-12 20:31 - 2014-06-12 20:19 - 00000010 _____ () C:\Windows\GSetup.ini
2014-06-12 20:26 - 2014-06-12 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2014-06-12 20:26 - 2014-06-12 20:23 - 00000156 _____ () C:\csb.log
2014-06-12 20:26 - 2014-06-12 20:23 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2014-06-12 20:25 - 2014-06-12 20:25 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-06-12 20:25 - 2014-06-12 20:19 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-06-12 20:23 - 2014-06-12 20:23 - 00000000 ____D () C:\Program Files\GIGABYTE
2014-06-12 20:22 - 2014-06-12 20:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-06-12 20:22 - 2014-06-12 20:20 - 00000189 _____ () C:\Install.log
2014-06-12 20:21 - 2014-06-12 20:21 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-06-12 20:21 - 2014-06-12 20:21 - 00000000 ____D () C:\Program Files\Realtek
2014-06-12 20:21 - 2014-06-12 20:20 - 00003203 _____ () C:\RHDSetup.log
2014-06-12 20:21 - 2014-06-12 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-06-12 20:21 - 2014-06-12 20:20 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-06-12 20:21 - 2014-06-12 20:20 - 00000000 ____D () C:\ProgramData\Intel
2014-06-12 20:21 - 2014-06-12 20:20 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-12 20:21 - 2009-07-14 13:32 - 00000000 ____D () C:\Windows\system32\restore
2014-06-12 20:20 - 2014-06-12 20:20 - 00000000 ____D () C:\Program Files\Intel
2014-06-12 20:19 - 2014-06-12 20:19 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\InstallShield
2014-06-12 20:19 - 2014-06-12 20:19 - 00000000 ____D () C:\Intel
2014-06-12 20:18 - 2014-06-12 20:18 - 00001413 _____ () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-12 20:18 - 2014-06-12 20:18 - 00000020 ___SH () C:\Users\Bob\ntuser.ini
2014-06-12 20:18 - 2014-06-12 20:18 - 00000000 ____D () C:\Users\Bob\AppData\Local\VirtualStore
2014-06-12 20:16 - 2014-06-12 20:16 - 00319425 __RSH () C:\MWATL
2014-06-12 20:16 - 2014-05-16 11:50 - 00000000 ____D () C:\Windows\Panther
2014-06-12 20:15 - 2014-06-12 20:15 - 00000000 __SHD () C:\Recovery
2014-06-08 17:13 - 2014-06-12 22:47 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 17:08 - 2014-06-12 22:47 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-30 18:21 - 2014-06-12 22:51 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 18:02 - 2014-06-12 22:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 18:02 - 2014-06-12 22:51 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 17:45 - 2014-06-12 22:51 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 17:39 - 2014-06-12 22:51 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 17:39 - 2014-06-12 22:51 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 17:38 - 2014-06-12 22:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 17:28 - 2014-06-12 22:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 17:27 - 2014-06-12 22:51 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 17:24 - 2014-06-12 22:51 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 17:21 - 2014-06-12 22:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 17:21 - 2014-06-12 22:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 17:20 - 2014-06-12 22:51 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 17:18 - 2014-06-12 22:51 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 17:11 - 2014-06-12 22:51 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 17:08 - 2014-06-12 22:51 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 17:06 - 2014-06-12 22:51 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 17:02 - 2014-06-12 22:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 16:55 - 2014-06-12 22:51 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 16:49 - 2014-06-12 22:51 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 16:46 - 2014-06-12 22:51 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 16:44 - 2014-06-12 22:51 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 16:44 - 2014-06-12 22:51 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 16:43 - 2014-06-12 22:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 16:42 - 2014-06-12 22:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 16:38 - 2014-06-12 22:51 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 16:35 - 2014-06-12 22:51 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 16:34 - 2014-06-12 22:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 16:33 - 2014-06-12 22:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 16:30 - 2014-06-12 22:51 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 16:29 - 2014-06-12 22:51 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 16:28 - 2014-06-12 22:51 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 16:27 - 2014-06-12 22:51 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 16:24 - 2014-06-12 22:51 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 16:23 - 2014-06-12 22:51 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 16:16 - 2014-06-12 22:51 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 16:10 - 2014-06-12 22:51 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 16:06 - 2014-06-12 22:51 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 16:04 - 2014-06-12 22:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 16:02 - 2014-06-12 22:51 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 15:56 - 2014-06-12 22:51 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 15:56 - 2014-06-12 22:51 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 15:54 - 2014-06-12 22:51 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 15:50 - 2014-06-12 22:51 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 15:49 - 2014-06-12 22:51 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 15:43 - 2014-06-12 22:51 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 15:40 - 2014-06-12 22:51 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 15:30 - 2014-06-12 22:51 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 15:21 - 2014-06-12 22:51 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 15:15 - 2014-06-12 22:51 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 15:13 - 2014-06-12 22:51 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 15:13 - 2014-06-12 22:51 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-30 07:07 - 2014-06-12 21:08 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-05-30 07:07 - 2014-06-12 21:08 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-05-30 07:07 - 2014-06-12 20:59 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-05-30 07:07 - 2014-06-12 20:59 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

Files to move or delete:
====================
C:\ProgramData\wmimgmt.exe


Some content of TEMP:
====================
C:\Users\Bob\AppData\Local\Temp\BackupSetup.exe
C:\Users\Bob\AppData\Local\Temp\BuenoSearchTB.exe
C:\Users\Bob\AppData\Local\Temp\htmlayout.dll
C:\Users\Bob\AppData\Local\Temp\IrsoDLL.dll
C:\Users\Bob\AppData\Local\Temp\Quarantine.exe
C:\Users\Bob\AppData\Local\Temp\SimBundD.exe
C:\Users\Bob\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Bob\AppData\Local\Temp\_isC7A1.exe
C:\Users\Family\AppData\Local\Temp\GreenerWebUntemp.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 23:22

==================== End Of Log ============================

Attached Files



#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:29 PM

Posted 29 June 2014 - 07:05 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

HKU\S-1-5-21-4012581036-4293204916-164187839-1000\...\Run: [wmi32] => C:\ProgramData\Application Data\wmimgmt.exe [0 ] (Marvell Inc)
GroupPolicyUsers\S-1-5-21-4012581036-4293204916-164187839-1001\User: Group Policy restriction detected <======= ATTENTION
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_24_ie&cd=2XzuyEtN2Y1L1QzuzyyE0D0EzztD0C0ByByBtBzyzy0EzyyDtN0D0Tzu0SzzzyyEtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtA0FyB0AtA0BtBtG0FtA0A0CtG0DyE0C0BtG0DzztD0FtGtAzztAzyyEyEyDtDzyyD0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CtA0DzyyD0E0BtGyB0B0CtBtG0ByBtBtDtGtAtD0DyBtGtByEtDyE0FtCyBzytAzz0DyB2Q&cr=786386748&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_24_ie&cd=2XzuyEtN2Y1L1QzuzyyE0D0EzztD0C0ByByBtBzyzy0EzyyDtN0D0Tzu0SzzzyyEtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtA0FyB0AtA0BtBtG0FtA0A0CtG0DyE0C0BtG0DzztD0FtGtAzztAzyyEyEyDtDzyyD0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CtA0DzyyD0E0BtGyB0B0CtBtG0ByBtBtDtGtAtD0DyBtGtByEtDyE0FtCyBzytAzz0DyB2Q&cr=786386748&ir=
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_24_ie&cd=2XzuyEtN2Y1L1QzuzyyE0D0EzztD0C0ByByBtBzyzy0EzyyDtN0D0Tzu0SzzzyyEtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtA0FyB0AtA0BtBtG0FtA0A0CtG0DyE0C0BtG0DzztD0FtGtAzztAzyyEyEyDtDzyyD0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CtA0DzyyD0E0BtGyB0B0CtBtG0ByBtBtDtGtAtD0DyBtGtByEtDyE0FtCyBzytAzz0DyB2Q&cr=786386748&ir=
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
Handler-x32: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}w64; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w64.sys [61120 2014-06-19] (StdLib)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64; system32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys [X]
C:\ProgramData\wmimgmt.exe
C:\Users\Bob\AppData\Local\Temp\BackupSetup.exe
C:\Users\Bob\AppData\Local\Temp\BuenoSearchTB.exe
C:\Users\Bob\AppData\Local\Temp\htmlayout.dll
C:\Users\Bob\AppData\Local\Temp\IrsoDLL.dll
C:\Users\Bob\AppData\Local\Temp\Quarantine.exe
C:\Users\Bob\AppData\Local\Temp\SimBundD.exe
C:\Users\Bob\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Bob\AppData\Local\Temp\_isC7A1.exe
C:\Users\Family\AppData\Local\Temp\GreenerWebUntemp.exe
Task: {08DC2F6F-5C09-47DF-A289-2834D5FF2E68} - \AppCloudUpdater No Task File <==== ATTENTION
Adobe Flash Player Packages (HKCU\...\Adobe Flash Player Packages) (Version:  - ) <==== ATTENTION

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

====

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/

#8 paul02

paul02
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:29 AM

Posted 03 July 2014 - 11:41 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 

start

HKU\S-1-5-21-4012581036-4293204916-164187839-1000\...\Run: [wmi32] => C:\ProgramData\Application Data\wmimgmt.exe [0 ] (Marvell Inc)
GroupPolicyUsers\S-1-5-21-4012581036-4293204916-164187839-1001\User: Group Policy restriction detected <======= ATTENTION
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_24_ie&cd=2XzuyEtN2Y1L1QzuzyyE0D0EzztD0C0ByByBtBzyzy0EzyyDtN0D0Tzu0SzzzyyEtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtA0FyB0AtA0BtBtG0FtA0A0CtG0DyE0C0BtG0DzztD0FtGtAzztAzyyEyEyDtDzyyD0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CtA0DzyyD0E0BtGyB0B0CtBtG0ByBtBtDtGtAtD0DyBtGtByEtDyE0FtCyBzytAzz0DyB2Q&cr=786386748&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_24_ie&cd=2XzuyEtN2Y1L1QzuzyyE0D0EzztD0C0ByByBtBzyzy0EzyyDtN0D0Tzu0SzzzyyEtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtA0FyB0AtA0BtBtG0FtA0A0CtG0DyE0C0BtG0DzztD0FtGtAzztAzyyEyEyDtDzyyD0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CtA0DzyyD0E0BtGyB0B0CtBtG0ByBtBtDtGtAtD0DyBtGtByEtDyE0FtCyBzytAzz0DyB2Q&cr=786386748&ir=
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_24_ie&cd=2XzuyEtN2Y1L1QzuzyyE0D0EzztD0C0ByByBtBzyzy0EzyyDtN0D0Tzu0SzzzyyEtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtA0FyB0AtA0BtBtG0FtA0A0CtG0DyE0C0BtG0DzztD0FtGtAzztAzyyEyEyDtDzyyD0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CtA0DzyyD0E0BtGyB0B0CtBtG0ByBtBtDtGtAtD0DyBtGtByEtDyE0FtCyBzytAzz0DyB2Q&cr=786386748&ir=
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
Handler-x32: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}w64; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w64.sys [61120 2014-06-19] (StdLib)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64; system32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys [X]
C:\ProgramData\wmimgmt.exe
C:\Users\Bob\AppData\Local\Temp\BackupSetup.exe
C:\Users\Bob\AppData\Local\Temp\BuenoSearchTB.exe
C:\Users\Bob\AppData\Local\Temp\htmlayout.dll
C:\Users\Bob\AppData\Local\Temp\IrsoDLL.dll
C:\Users\Bob\AppData\Local\Temp\Quarantine.exe
C:\Users\Bob\AppData\Local\Temp\SimBundD.exe
C:\Users\Bob\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Bob\AppData\Local\Temp\_isC7A1.exe
C:\Users\Family\AppData\Local\Temp\GreenerWebUntemp.exe
Task: {08DC2F6F-5C09-47DF-A289-2834D5FF2E68} - \AppCloudUpdater No Task File <==== ATTENTION
Adobe Flash Player Packages (HKCU\...\Adobe Flash Player Packages) (Version:  - ) <==== ATTENTION

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

====

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/

 

 

Please hold while I get the data.



#9 paul02

paul02
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:29 AM

Posted 04 July 2014 - 08:48 PM

Fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-07-2014
Ran by Bob at 2014-07-05 09:42:42 Run:1
Running from C:\Users\Bob\Desktop\forbleepingcomputer
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start

HKU\S-1-5-21-4012581036-4293204916-164187839-1000\...\Run: [wmi32] => C:\ProgramData\Application Data\wmimgmt.exe [0 ] (Marvell Inc)
GroupPolicyUsers\S-1-5-21-4012581036-4293204916-164187839-1001\User: Group Policy restriction detected <======= ATTENTION
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_24_ie&cd=2XzuyEtN2Y1L1QzuzyyE0D0EzztD0C0ByByBtBzyzy0EzyyDtN0D0Tzu0SzzzyyEtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtA0FyB0AtA0BtBtG0FtA0A0CtG0DyE0C0BtG0DzztD0FtGtAzztAzyyEyEyDtDzyyD0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CtA0DzyyD0E0BtGyB0B0CtBtG0ByBtBtDtGtAtD0DyBtGtByEtDyE0FtCyBzytAzz0DyB2Q&cr=786386748&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_24_ie&cd=2XzuyEtN2Y1L1QzuzyyE0D0EzztD0C0ByByBtBzyzy0EzyyDtN0D0Tzu0SzzzyyEtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtA0FyB0AtA0BtBtG0FtA0A0CtG0DyE0C0BtG0DzztD0FtGtAzztAzyyEyEyDtDzyyD0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CtA0DzyyD0E0BtGyB0B0CtBtG0ByBtBtDtGtAtD0DyBtGtByEtDyE0FtCyBzytAzz0DyB2Q&cr=786386748&ir=
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_24_ie&cd=2XzuyEtN2Y1L1QzuzyyE0D0EzztD0C0ByByBtBzyzy0EzyyDtN0D0Tzu0SzzzyyEtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtA0FyB0AtA0BtBtG0FtA0A0CtG0DyE0C0BtG0DzztD0FtGtAzztAzyyEyEyDtDzyyD0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CtA0DzyyD0E0BtGyB0B0CtBtG0ByBtBtDtGtAtD0DyBtGtByEtDyE0FtCyBzytAzz0DyB2Q&cr=786386748&ir=
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
Handler-x32: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}w64; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w64.sys [61120 2014-06-19] (StdLib)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64; system32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys [X]
C:\ProgramData\wmimgmt.exe
C:\Users\Bob\AppData\Local\Temp\BackupSetup.exe
C:\Users\Bob\AppData\Local\Temp\BuenoSearchTB.exe
C:\Users\Bob\AppData\Local\Temp\htmlayout.dll
C:\Users\Bob\AppData\Local\Temp\IrsoDLL.dll
C:\Users\Bob\AppData\Local\Temp\Quarantine.exe
C:\Users\Bob\AppData\Local\Temp\SimBundD.exe
C:\Users\Bob\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Bob\AppData\Local\Temp\_isC7A1.exe
C:\Users\Family\AppData\Local\Temp\GreenerWebUntemp.exe
Task: {08DC2F6F-5C09-47DF-A289-2834D5FF2E68} - \AppCloudUpdater No Task File <==== ATTENTION
Adobe Flash Player Packages (HKCU\...\Adobe Flash Player Packages) (Version:  - ) <==== ATTENTION

End
*****************

HKU\S-1-5-21-4012581036-4293204916-164187839-1000\Software\Microsoft\Windows\CurrentVersion\Run\\wmi32 => value deleted successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-4012581036-4293204916-164187839-1001\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
'HKCR\PROTOCOLS\Handler\WSWSVCUchrome' => Key deleted successfully.
'HKCR\Wow6432Node\PROTOCOLS\Handler\WSWSVCUchrome'=> Key not found.
'HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File'=> Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
'HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File'=> Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
{a3f28269-ad17-41a8-b032-3e0313ef8979}w64 => Service stopped successfully.
{a3f28269-ad17-41a8-b032-3e0313ef8979}w64 => Service deleted successfully.
gdrv => Service deleted successfully.
VGPU => Service deleted successfully.
{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64 => Service deleted successfully.
C:\ProgramData\wmimgmt.exe => Moved successfully.
C:\Users\Bob\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\Bob\AppData\Local\Temp\BuenoSearchTB.exe => Moved successfully.
C:\Users\Bob\AppData\Local\Temp\htmlayout.dll => Moved successfully.
C:\Users\Bob\AppData\Local\Temp\IrsoDLL.dll => Moved successfully.
C:\Users\Bob\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Bob\AppData\Local\Temp\SimBundD.exe => Moved successfully.
C:\Users\Bob\AppData\Local\Temp\vcredist_x64.exe => Moved successfully.
C:\Users\Bob\AppData\Local\Temp\_isC7A1.exe => Moved successfully.
C:\Users\Family\AppData\Local\Temp\GreenerWebUntemp.exe => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08DC2F6F-5C09-47DF-A289-2834D5FF2E68}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08DC2F6F-5C09-47DF-A289-2834D5FF2E68}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AppCloudUpdater' => Key deleted successfully.


The system needed a reboot.

==== End of Fixlog ====

 

 

checkup:

 

 

 Results of screen317's Security Check version 0.99.85  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 60  
 Adobe Flash Player 14.0.0.125  
 Mozilla Firefox (30.0)
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast afwServ.exe  
 AVAST Software Avast avastui.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
 



#10 paul02

paul02
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:29 AM

Posted 04 July 2014 - 08:51 PM

Still get weird stuff installed onto my computer and onto my browser add-ons.



#11 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:29 PM

Posted 05 July 2014 - 06:52 AM

Still get weird stuff installed onto my computer and onto my browser add-ons.

What was installed since we started this clean-up?

#12 paul02

paul02
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:29 AM

Posted 05 July 2014 - 11:00 AM

 

Still get weird stuff installed onto my computer and onto my browser add-ons.

What was installed since we started this clean-up?

 

I uninstalled it so I can't remember, it might reinstall itself though.



#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:29 PM

Posted 05 July 2014 - 01:17 PM

Keep an eye on it and make a not if it returns.

#14 paul02

paul02
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:29 AM

Posted 11 July 2014 - 08:22 PM

Keep an eye on it and make a not if it returns.

I'd like to report that nothing has happened so far, I guess it's resolved. Thank you nasdaq



#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:29 PM

Posted 12 July 2014 - 07:25 AM

Glad we could help.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users