Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

lots of spyware/adware/virus' on teenage sons computer


  • This topic is locked This topic is locked
4 replies to this topic

#1 jennajaxson

jennajaxson

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:35 AM

Posted 11 July 2014 - 06:43 PM

I ran Malwarebytes and Adwcleaner and also  farbar recovery scan tool kit. I am attaching the logs. Please Help. Thank you.

 

# AdwCleaner v3.215 - Report created 11/07/2014 at 19:10:31
# Updated 09/07/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Rami-PC - RAMI
# Running from : C:\Users\ramig_000\Downloads\adwcleaner_3.215(1).exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP
Service Deleted : BackupStack

***** [ Files / Folders ] *****

Folder Deleted : \SearchProtect
Folder Deleted : C:\ProgramData\374311380
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\BerOwsae22savaee
Folder Deleted : C:\ProgramData\Searchh-NeWoTTab
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiDefMedia
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ExpressFiles
Folder Deleted : C:\Program Files (x86)\File Type Helper
Folder Deleted : C:\Program Files (x86)\HiDefMedia
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\otshot
Folder Deleted : C:\Program Files (x86)\Perion
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
Folder Deleted : C:\Program Files (x86)\xVidly
Folder Deleted : C:\Users\Rami-PC\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Rami-PC\AppData\Local\Conduit
Folder Deleted : C:\Users\Rami-PC\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Rami-PC\AppData\Local\visi_coupon
Folder Deleted : C:\Users\Rami-PC\AppData\Local\Temp\AirInstaller
Folder Deleted : C:\Users\Rami-PC\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Rami-PC\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Rami-PC\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Rami-PC\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Users\Rami-PC\AppData\LocalLow\incredibar.com
Folder Deleted : C:\Users\Rami-PC\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Rami-PC\AppData\LocalLow\BerOwsae22savaee
Folder Deleted : C:\Users\Rami-PC\AppData\LocalLow\Searchh-NeWoTTab
Folder Deleted : C:\Users\Rami-PC\AppData\LocalLow\WhiteSmoke_B
Folder Deleted : C:\Users\Rami-PC\AppData\Roaming\Activeris
Folder Deleted : C:\Users\Rami-PC\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Users\Rami-PC\AppData\Roaming\NCdownloader
Folder Deleted : C:\Users\Rami-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\Rami-PC\Documents\Optimizer Pro
Folder Deleted : C:\Users\ramig_000\AppData\Local\visi_coupon
Folder Deleted : C:\Users\ramig_000\AppData\Local\Temp\apn
Folder Deleted : C:\Users\ramig_000\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Rami-PC\AppData\Roaming\Mozilla\Firefox\Profiles\f1jbbuhp.default\adawaretb
Folder Deleted : C:\Users\xXxKINGxCOBRAxXx\AppData\Roaming\Mozilla\Firefox\Profiles\mz91zrnc.default\adawaretb
Folder Deleted : C:\Users\Rami-PC\AppData\Roaming\Mozilla\Firefox\Profiles\f1jbbuhp.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\Users\Rami-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh
Folder Deleted : C:\Users\Rami-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Folder Deleted : C:\Users\Rami-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nelmphhjfpihlhcohejfomfpggbglchf
Folder Deleted : C:\Users\Rami-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpaiibklhaneknloaoccoidbaffjjlnb
Folder Deleted : C:\Users\Rami-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhfghaejnmdegcnoohmegfhnfmehpkbl
[!] Folder Deleted : C:\Users\Rami-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh
File Deleted : \END
File Deleted : C:\Users\Rami-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Users\Rami-PC\Desktop\Continue VuuPC Installation.lnk
File Deleted : C:\Users\Rami-PC\AppData\Roaming\Mozilla\Firefox\Profiles\f1jbbuhp.default\searchplugins\ask-search.xml
File Deleted : C:\Users\ramig_000\AppData\Roaming\Mozilla\Firefox\Profiles\4illhifc.default\searchplugins\ask-search.xml
File Deleted : C:\Users\Rami-PC\AppData\Roaming\Mozilla\Firefox\Profiles\f1jbbuhp.default\searchplugins\SweetIM Search.xml
File Deleted : C:\Users\Rami-PC\AppData\Roaming\Mozilla\Firefox\Profiles\f1jbbuhp.default\user.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js
File Deleted : C:\WINDOWS\System32\Tasks\Express FilesUpdate

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Key Deleted : HKCU\Software\Google\Chrome\Extensions\kheelobnibmchifldedamogdmhemfjio
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kheelobnibmchifldedamogdmhemfjio
Key Deleted : HKCU\Software\Google\Chrome\Extensions\gpaiibklhaneknloaoccoidbaffjjlnb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gpaiibklhaneknloaoccoidbaffjjlnb
Key Deleted : HKCU\Software\Google\Chrome\Extensions\hhfghaejnmdegcnoohmegfhnfmehpkbl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hhfghaejnmdegcnoohmegfhnfmehpkbl
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\CptUrlPassthru.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dca-bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ActiverisAntiMalware_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ActiverisAntiMalware_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2383985
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2998365
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3176921
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3279141
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3286042
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3287307
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298575
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3309758
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A57F7191-1E7F-4852-BAAF-F80A43E2687A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{DD7C44CC-0F60-4FD9-A38F-5CF30D698AC2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{878B8524-AED5-4870-9A96-A515440DAC75}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{878B8524-AED5-4870-9A96-A515440DAC75}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{878B8524-AED5-4870-9A96-A515440DAC75}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{878B8524-AED5-4870-9A96-A515440DAC75}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0C6F9D5-2492-48AD-A2D4-8801513B20B5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D45C221-0F1C-44F8-8B05-B7096B9E8E2A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Compete
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\visualbee
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\adawaretb
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\blockAndSurf
Key Deleted : HKCU\Software\AppDataLow\Software\Compete
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\WhiteSmoke_B
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\CompeteInc
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\Free_soft_today
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKLM\Software\Tutorials
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\visualbee
Key Deleted : HKLM\Software\WhiteSmoke_B
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ExpressFiles
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\Rami-PC\AppData\Roaming\Mozilla\Firefox\Profiles\f1jbbuhp.default\prefs.js ]

Line Deleted : user_pref("CT2383985.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Ablank\",\"EB_MAIN_FRAME_TITLE\":\"\"}");
Line Deleted : user_pref("CT2383985_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1374082986091,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT2998365_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1364564827047,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3176921_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1364859984362,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3286042_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1370840934067,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3287307_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1364870283244,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3298575_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1373584028403,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3309758_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1402940466885,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2383985&octid=CT2383985&SearchSource=61&CUI=UN68883551513277215&UM=2&UP=SPD6FF4913-8251-4577-917A-C4AE1D7C31E7");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3286042&SearchSource=2&CUI=UN42823211518953241&UM=2&q=");
Line Deleted : user_pref("Smartbar.TBHomepagesList", "hxxp://search.conduit.com/?ctid=CT2383985&octid=CT2383985&SearchSource=61&CUI=UN68883551513277215&UM=2&UP=SPD6FF4913-8251-4577-917A-C4AE1D7C31E7");
Line Deleted : user_pref("Smartbar.TBSearchEngineList", "");
Line Deleted : user_pref("Smartbar.TBSearchUrlList", "");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3309758");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "MixiDJ V39 Customized Web Search");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?tpid=OVO2V7C&o=APN11381&pf=V7&trgb=FF&p2=%5EBAO%5EYYYYYY%5EYY%5EUS&gct=hp&apn_ptnrs=%5EBAO&apn_dtid=%5EYYYYYY%5EYY%5EUS&apn_dbr=ff_30.[...]
Line Deleted : user_pref("extensions.OVO2V7C.domain", "\"www.search.ask.com\"");
Line Deleted : user_pref("extensions.OVO2V7C.hpr_ff", "\"hxxp://www.search.ask.com/?tpid=OVO2V7C&o=APN11381&pf=V7&trgb=FF&p2=%5EBAO%5EYYYYYY%5EYY%5EUS&gct=hp&apn_ptnrs=%5EBAO&apn_dtid=%5EYYYYYY%5EYY%5EUS&apn_dbr=ff_[...]
Line Deleted : user_pref("extensions.enabledAddons", "%7B87934c42-161d-45bc-8cef-ef18abe2a30c%7D:3.9,toolbar_OVO2V7C%40apn.ask.com:41.6,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0");
Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 2);
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3309758");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2383985&octid=CT2383985&SearchSource=61&CUI=UN68883551513277215&UM=2&UP=SPD6FF4913-8251-4577-917A-C4AE1D7C31E7,hxxp://searc[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3309758&SearchSource=2&CUI=UN39666413291137274&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?SSP[...]
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3309758");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3309758");
Line Deleted : user_pref("smartbar.homepageList", "hxxp://search.conduit.com/?ctid=CT2383985&octid=CT2383985&SearchSource=61&CUI=UN68883551513277215&UM=2&UP=SPD6FF4913-8251-4577-917A-C4AE1D7C31E7,hxxp://search.condu[...]
Line Deleted : user_pref("smartbar.machineId", "VVT92UOHOHN6HMGQ4B3TA3VYFGMJTN0ANTW6/RN2UHPYD3CP4Z0U+VLSJJW/ERKNDBY9OSY0YNTCTQVDSHYLZG");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?octid=CT2383985&ctid=CT2383985&SearchSource=13&CUI=UN68883551513277215&UP=SPD6FF4913-8251-4577-917A-C4AE1D7C31E7");
Line Deleted : user_pref("smartbar.searchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3309758&SearchSource=2&CUI=UN39666413291137274&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?SSPV=&ctid[...]
Line Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1364860184322");

[ File : C:\Users\ramig_000\AppData\Roaming\Mozilla\Firefox\Profiles\4illhifc.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?tpid=OVO2V7C&o=APN11381&pf=V7&trgb=FF&p2=%5EBAO%5EYYYYYY%5EYY%5EUS&gct=hp&apn_ptnrs=%5EBAO&apn_dtid=%5EYYYYYY%5EYY%5EUS&apn_dbr=ff_30.[...]

[ File : C:\Users\xXxKINGxCOBRAxXx\AppData\Roaming\Mozilla\Firefox\Profiles\mz91zrnc.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Rami-PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : nelmphhjfpihlhcohejfomfpggbglchf
Deleted [Extension] : gpaiibklhaneknloaoccoidbaffjjlnb
Deleted [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg
Deleted [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp
Deleted [Extension] : hhfghaejnmdegcnoohmegfhnfmehpkbl
Deleted [Extension] : iibmmjhgclhlahmjniokmhleigemjpbh

*************************

AdwCleaner[R0].txt - [20770 octets] - [11/07/2014 19:08:54]
AdwCleaner[S0].txt - [20015 octets] - [11/07/2014 19:10:31]

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [20076 octets] ##########
 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by ramig_000 (ATTENTION: The logged in user is not administrator) on RAMI on 11-07-2014 19:27:37
Running from C:\Users\ramig_000\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332STI.EXE
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\AuthHost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-06-26] (Alcor Micro Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2012-11-01] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2012-11-01] (Lenovo(beijing) Limited)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [PocketCloud Location] => C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseBrowser.exe [935312 2012-11-05] (Wyse Technology Inc.)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe [7715160 2014-06-03] ()
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [OtShot] => C:\Program Files (x86)\OtShot\otshot.exe -minimize
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" [54072 2014-05-12] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1806527627-2924948291-3671334023-1045\...\Run: [ooVoo] => C\ooVoo.exe /minimized
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FastMediaConverter.lnk
ShortcutTarget: FastMediaConverter.lnk -> C:\Program Files (x86)\FastMediaConverter\FastMediaConverterApp.exe ()
Startup: C:\Users\ramig_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM - DefaultScope {0E9B26DA-455C-406D-82EC-ADE6966CA27A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM - {0E9B26DA-455C-406D-82EC-ADE6966CA27A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0E9B26DA-455C-406D-82EC-ADE6966CA27A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
BHO: No Name - {6C8DB2EC-499B-4897-A784-0E3186C97E9D} -  No File
BHO-x32: No Name - {6C8DB2EC-499B-4897-A784-0E3186C97E9D} -  No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\ramig_000\AppData\Roaming\Mozilla\Firefox\Profiles\4illhifc.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe [706864 2014-06-03] ()
R2 lmhosts; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-16] (Nitro PDF Software)
R2 NlaSvc; C:\Windows\System32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudService.exe [191488 2012-11-05] () [File not signed]
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseRemoteAccess.exe [1436160 2012-11-05] (Wyse Technology.) [File not signed]

==================== Drivers (Whitelisted) ====================

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 NMgamingmsFltr; C:\Windows\system32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
R3 SaiK0CFA; C:\Windows\system32\DRIVERS\SaiK0CFA.sys [174600 2010-07-21] (Saitek)
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SaiU0CFA; C:\Windows\System32\drivers\SaiU0CFA.sys [41352 2010-07-21] (Saitek)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
R1 {587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64; C:\Windows\System32\drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys [61120 2014-06-13] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-11 19:27 - 2014-07-11 19:28 - 00012208 _____ () C:\Users\ramig_000\Downloads\FRST.txt
2014-07-11 19:27 - 2014-07-11 19:27 - 00000000 ____D () C:\FRST
2014-07-11 19:26 - 2014-07-11 19:27 - 02084864 _____ (Farbar) C:\Users\ramig_000\Downloads\FRST64.exe
2014-07-11 19:09 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-11 19:08 - 2014-07-11 19:11 - 00000000 ____D () C:\AdwCleaner
2014-07-11 19:07 - 2014-07-11 19:07 - 01348263 _____ () C:\Users\ramig_000\Downloads\AdwCleaner.exe
2014-07-11 19:06 - 2014-07-11 19:06 - 01348263 _____ () C:\Users\ramig_000\Downloads\adwcleaner_3.215(2).exe
2014-07-11 19:06 - 2014-07-11 19:06 - 01348263 _____ () C:\Users\ramig_000\Downloads\adwcleaner_3.215(1).exe
2014-07-11 19:05 - 2014-07-11 19:05 - 01348263 _____ () C:\Users\ramig_000\Downloads\adwcleaner_3.215.exe
2014-07-11 18:42 - 2014-06-26 16:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-07-11 18:42 - 2014-06-26 16:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-11 17:24 - 2014-04-13 23:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-11 16:38 - 2014-07-11 16:38 - 00000921 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-07-11 16:31 - 2014-07-11 16:38 - 00000000 ____D () C:\Program Files\GIMP 2
2014-07-11 16:27 - 2014-07-11 16:28 - 90396104 _____ (The GIMP Team ) C:\Users\ramig_000\Downloads\gimp-2.8.10-setup.exe
2014-07-11 09:31 - 2014-07-11 09:31 - 00000000 ____D () C:\Users\ramig_000\Documents\Mount&Blade Warband Savegames
2014-07-11 09:29 - 2014-07-11 09:31 - 00000000 ____D () C:\Users\ramig_000\Documents\Mount&Blade Warband
2014-07-11 09:29 - 2014-07-11 09:30 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\Mount&Blade Warband
2014-07-10 19:47 - 2014-07-10 19:47 - 00000221 _____ () C:\Users\ramig_000\Desktop\Mount & Blade Warband.url
2014-07-10 19:47 - 2014-07-10 19:47 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-10 17:29 - 2014-07-10 17:29 - 00000000 __SHD () C:\Users\ramig_000\AppData\Local\EmieUserList
2014-07-10 17:29 - 2014-07-10 17:29 - 00000000 __SHD () C:\Users\ramig_000\AppData\Local\EmieSiteList
2014-07-10 14:43 - 2014-07-10 14:43 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\OpenOffice.org
2014-07-10 00:59 - 2014-07-10 01:00 - 00000000 ___RD () C:\Users\ramig_000\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2014-07-09 23:03 - 2014-07-09 23:03 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\LSC
2014-07-09 23:03 - 2014-07-09 23:03 - 00000000 ____D () C:\Users\ramig_000\AppData\Local\Adobe
2014-07-09 16:59 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-09 16:59 - 2014-06-18 19:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-09 16:59 - 2014-06-18 18:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-09 16:58 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-09 16:52 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-09 16:52 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-09 16:51 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-09 16:51 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-09 16:50 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-09 16:50 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-09 16:50 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-09 16:49 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-09 16:49 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-09 16:49 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-09 16:49 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-09 16:48 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-09 16:48 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-09 16:48 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-09 16:48 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-09 16:48 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-09 16:48 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-09 16:48 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-09 16:47 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-09 16:47 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-09 16:47 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-09 16:47 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-09 16:47 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-09 16:46 - 2014-06-16 18:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-09 16:46 - 2014-06-16 18:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-09 16:46 - 2014-06-06 10:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-09 16:46 - 2014-05-29 23:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-09 16:44 - 2014-05-29 08:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-09 16:44 - 2014-05-29 03:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-09 16:44 - 2014-05-29 02:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-09 16:44 - 2014-05-29 02:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-09 16:44 - 2014-05-29 01:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-09 16:44 - 2014-05-29 01:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 16:31 - 2014-06-06 09:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-09 16:31 - 2014-06-06 08:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-09 16:30 - 2014-05-31 06:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-09 16:30 - 2014-05-31 06:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-09 16:30 - 2014-05-30 23:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-09 16:30 - 2014-05-30 23:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-09 16:30 - 2014-05-30 23:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 16:30 - 2014-05-30 23:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-09 16:30 - 2014-05-30 23:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-09 16:30 - 2014-05-30 23:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 16:30 - 2014-05-30 22:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-09 16:30 - 2014-05-30 22:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-09 16:30 - 2014-05-30 22:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-09 16:30 - 2014-05-30 22:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-09 16:30 - 2014-05-30 22:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-09 16:30 - 2014-05-30 22:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-09 16:30 - 2014-05-30 22:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-09 16:00 - 2014-07-09 16:00 - 00000000 ____D () C:\Users\ramig_000\AppData\Local\SmartTechnology
2014-07-09 15:59 - 2014-07-09 15:59 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-07 11:23 - 2014-07-07 11:23 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\Lavasoft
2014-07-07 11:14 - 2014-07-07 11:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-07-06 16:01 - 2014-07-06 16:01 - 00000000 ____D () C:\ProgramData\LogiShrd
2014-07-06 16:01 - 2014-07-06 16:01 - 00000000 ____D () C:\Program Files\Common Files\LogiShrd
2014-07-06 16:00 - 2014-07-06 16:00 - 04147600 _____ ($Co_Name Inc.) C:\Users\ramig_000\Downloads\unifying250.exe
2014-06-30 22:25 - 2014-06-30 22:25 - 00000000 ____D () C:\Users\ramig_000\AppData\Local\Blizzard Entertainment
2014-06-30 22:24 - 2014-07-11 14:18 - 00000000 ____D () C:\Users\ramig_000\AppData\Local\Battle.net
2014-06-30 22:24 - 2014-07-02 18:19 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\Battle.net
2014-06-30 21:41 - 2014-06-30 21:41 - 00000000 ____D () C:\Users\ramig_000\AppData\Local\Macromedia
2014-06-30 17:44 - 2014-07-11 17:13 - 00371200 ___SH () C:\Users\ramig_000\Downloads\Thumbs.db
2014-06-30 17:42 - 2014-06-30 17:42 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\Mozilla
2014-06-30 17:42 - 2014-06-30 17:42 - 00000000 ____D () C:\Users\ramig_000\AppData\Local\Mozilla
2014-06-30 17:40 - 2014-07-11 19:15 - 00000000 __RDO () C:\Users\ramig_000\OneDrive
2014-06-30 17:36 - 2014-06-30 17:36 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\dll-files.com
2014-06-30 17:35 - 2014-07-11 19:24 - 00000000 ____D () C:\Users\ramig_000\AppData\Local\Packages
2014-06-30 17:35 - 2014-07-11 19:11 - 00000000 ____D () C:\Users\ramig_000
2014-06-30 17:35 - 2014-07-09 23:03 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\Adobe
2014-06-30 17:35 - 2014-06-30 17:35 - 00001457 _____ () C:\Users\ramig_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-30 17:35 - 2014-06-30 17:35 - 00000020 ___SH () C:\Users\ramig_000\ntuser.ini
2014-06-30 17:35 - 2014-06-30 17:35 - 00000000 ____D () C:\Users\ramig_000\AppData\Local\VirtualStore
2014-06-30 17:35 - 2014-06-05 11:59 - 00000000 ___RD () C:\Users\ramig_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-30 17:35 - 2014-06-01 00:30 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\Macromedia
2014-06-30 17:35 - 2014-03-18 06:33 - 00000000 ___RD () C:\Users\ramig_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-30 17:35 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\ramig_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-06-30 17:35 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\ramig_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-06-30 17:35 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\ramig_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-30 17:35 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-30 17:35 - 2010-12-19 01:31 - 00000189 _____ () C:\Users\ramig_000\Desktop\Lenovo Telephony Start Now.url
2014-06-29 22:22 - 2014-06-29 22:22 - 00001799 _____ () C:\Users\Public\Desktop\ooVoo.lnk
2014-06-29 22:22 - 2014-06-29 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
2014-06-29 22:22 - 2014-06-29 22:22 - 00000000 ____D () C:\Program Files (x86)\ooVoo
2014-06-16 20:57 - 2014-01-19 03:38 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-06-16 20:30 - 2014-06-16 20:31 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-16 20:30 - 2014-06-16 20:30 - 00001418 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-16 20:30 - 2014-06-16 20:30 - 00001406 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-16 20:30 - 2014-06-16 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-16 20:30 - 2009-01-25 16:14 - 00017272 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-06-16 20:29 - 2014-06-16 20:30 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-16 20:05 - 2014-07-11 19:13 - 00002340 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-06-16 20:05 - 2014-06-16 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-06-16 20:05 - 2014-06-16 20:05 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-16 20:04 - 2014-06-16 20:04 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-06-16 20:04 - 2014-06-16 20:04 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-06-16 20:03 - 2014-06-16 20:03 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-06-16 19:26 - 2014-06-16 19:27 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-16 19:26 - 2014-06-16 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-16 19:26 - 2014-06-16 19:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-16 19:26 - 2014-05-12 10:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-06-16 19:26 - 2014-05-12 10:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-06-16 14:03 - 2014-06-13 21:49 - 00061120 _____ (StdLib) C:\WINDOWS\system32\Drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys
2014-06-16 13:56 - 2014-06-16 13:56 - 00000000 ____D () C:\ProgramData\SmartTechnology
2014-06-16 13:56 - 2014-06-16 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology
2014-06-16 13:56 - 2014-06-16 13:56 - 00000000 ____D () C:\Program Files\SmartTechnology
2014-06-16 13:32 - 2014-06-16 13:32 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-06-16 13:00 - 2014-06-16 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Media Converter
2014-06-16 12:59 - 2014-06-19 15:31 - 00000000 ____D () C:\Program Files (x86)\FastMediaConverter
2014-06-16 12:58 - 2014-06-16 12:58 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SaiK0CFA_01009.Wdf
2014-06-14 10:49 - 2010-06-02 07:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2014-06-14 10:49 - 2010-06-02 07:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-06-14 10:49 - 2010-06-02 07:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2014-06-14 10:49 - 2010-06-02 07:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2014-06-14 10:49 - 2010-06-02 07:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-06-14 10:49 - 2010-06-02 07:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2014-06-14 10:49 - 2010-05-26 14:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-06-14 10:49 - 2010-05-26 14:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-06-14 10:49 - 2010-05-26 14:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2014-06-14 10:49 - 2010-05-26 14:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2014-06-14 10:49 - 2010-05-26 14:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2014-06-14 10:49 - 2010-05-26 14:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-06-14 10:49 - 2010-05-26 14:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2014-06-14 10:49 - 2010-05-26 14:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-06-14 10:49 - 2010-05-26 14:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2014-06-14 10:49 - 2010-02-04 13:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2014-06-14 10:49 - 2010-02-04 13:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2014-06-14 10:49 - 2010-02-04 13:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2014-06-14 10:49 - 2010-02-04 13:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2014-06-14 10:49 - 2010-02-04 13:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2014-06-14 10:49 - 2010-02-04 13:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2014-06-14 10:49 - 2010-02-04 13:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2014-06-14 10:49 - 2010-02-04 13:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2014-06-14 10:49 - 2009-09-04 20:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2014-06-14 10:49 - 2009-09-04 20:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2014-06-14 10:49 - 2009-09-04 20:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2014-06-14 10:49 - 2009-09-04 20:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2014-06-14 10:49 - 2009-09-04 20:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2014-06-14 10:49 - 2009-09-04 20:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2014-06-14 10:49 - 2009-09-04 20:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2014-06-14 10:49 - 2009-09-04 20:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2014-06-14 10:49 - 2009-09-04 20:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2014-06-14 10:49 - 2009-09-04 20:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2014-06-14 10:49 - 2009-09-04 20:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2014-06-14 10:49 - 2009-09-04 20:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2014-06-14 10:49 - 2009-09-04 20:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2014-06-14 10:49 - 2009-09-04 20:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2014-06-14 10:49 - 2009-09-04 20:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2014-06-14 10:49 - 2009-09-04 20:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2014-06-14 10:49 - 2009-03-16 17:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2014-06-14 10:49 - 2009-03-16 17:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2014-06-14 10:49 - 2009-03-16 17:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2014-06-14 10:49 - 2009-03-16 17:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2014-06-14 10:49 - 2009-03-16 17:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2014-06-14 10:49 - 2009-03-16 17:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2014-06-14 10:49 - 2009-03-09 18:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2014-06-14 10:49 - 2009-03-09 18:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2014-06-14 10:49 - 2009-03-09 18:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2014-06-14 10:49 - 2009-03-09 18:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2014-06-14 10:49 - 2009-03-09 18:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2014-06-14 10:49 - 2009-03-09 18:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2014-06-14 10:49 - 2008-10-27 13:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2014-06-14 10:49 - 2008-10-27 13:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2014-06-14 10:49 - 2008-10-27 13:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2014-06-14 10:49 - 2008-10-27 13:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2014-06-14 10:49 - 2008-10-27 13:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2014-06-14 10:49 - 2008-10-27 13:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2014-06-14 10:49 - 2008-10-27 13:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2014-06-14 10:49 - 2008-10-27 13:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2014-06-14 10:49 - 2008-10-15 09:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2014-06-14 10:49 - 2008-10-15 09:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2014-06-14 10:49 - 2008-10-15 09:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2014-06-14 10:49 - 2008-10-15 09:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2014-06-14 10:49 - 2008-10-15 09:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2014-06-14 10:49 - 2008-10-15 09:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2014-06-14 10:49 - 2008-07-31 13:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2014-06-14 10:49 - 2008-07-31 13:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2014-06-14 10:49 - 2008-07-31 13:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2014-06-14 10:49 - 2008-07-31 13:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2014-06-14 10:49 - 2008-07-31 13:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2014-06-14 10:49 - 2008-07-31 13:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2014-06-14 10:49 - 2008-07-10 14:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2014-06-14 10:49 - 2008-07-10 14:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2014-06-14 10:49 - 2008-07-10 14:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2014-06-14 10:49 - 2008-07-10 14:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2014-06-14 10:49 - 2008-07-10 14:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2014-06-14 10:49 - 2008-07-10 14:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2014-06-14 10:49 - 2008-05-30 17:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2014-06-14 10:49 - 2008-05-30 17:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2014-06-14 10:49 - 2008-05-30 17:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2014-06-14 10:49 - 2008-05-30 17:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2014-06-14 10:49 - 2008-05-30 17:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2014-06-14 10:49 - 2008-05-30 17:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2014-06-14 10:49 - 2008-05-30 17:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2014-06-14 10:49 - 2008-05-30 17:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2014-06-14 10:49 - 2008-05-30 17:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2014-06-14 10:49 - 2008-05-30 17:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2014-06-14 10:49 - 2008-05-30 17:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2014-06-14 10:49 - 2008-05-30 17:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2014-06-14 10:49 - 2008-05-30 17:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2014-06-14 10:49 - 2008-05-30 17:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2014-06-14 10:49 - 2008-03-05 19:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2014-06-14 10:49 - 2008-03-05 19:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2014-06-14 10:49 - 2008-03-05 19:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2014-06-14 10:49 - 2008-03-05 19:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2014-06-14 10:49 - 2008-03-05 19:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2014-06-14 10:49 - 2008-03-05 19:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2014-06-14 10:49 - 2008-03-05 18:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2014-06-14 10:49 - 2008-03-05 18:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2014-06-14 10:49 - 2008-03-05 18:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2014-06-14 10:49 - 2008-03-05 18:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2014-06-14 10:49 - 2008-02-06 02:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2014-06-14 10:49 - 2008-02-06 02:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2014-06-14 10:49 - 2007-10-22 06:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2014-06-14 10:49 - 2007-10-22 06:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2014-06-14 10:49 - 2007-10-12 18:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2014-06-14 10:49 - 2007-10-12 18:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2014-06-14 10:49 - 2007-10-12 18:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2014-06-14 10:49 - 2007-10-12 18:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2014-06-14 10:49 - 2007-10-02 12:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2014-06-14 10:49 - 2007-10-02 12:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2014-06-14 10:49 - 2007-07-20 03:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2014-06-14 10:49 - 2007-07-20 03:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2014-06-14 10:49 - 2007-07-19 21:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2014-06-14 10:49 - 2007-07-19 21:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2014-06-14 10:49 - 2007-07-19 21:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2014-06-14 10:49 - 2007-07-19 21:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2014-06-14 10:48 - 2014-06-25 16:38 - 00028634 _____ () C:\WINDOWS\DirectX.log
2014-06-14 10:48 - 2014-06-14 10:48 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-14 10:48 - 2007-10-22 06:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2014-06-14 10:48 - 2007-10-22 06:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2014-06-14 10:48 - 2007-07-19 21:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2014-06-14 10:48 - 2007-07-19 21:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2014-06-14 10:48 - 2007-06-20 23:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2014-06-14 10:48 - 2007-06-20 23:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2014-06-14 10:48 - 2007-05-16 19:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2014-06-14 10:48 - 2007-05-16 19:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2014-06-14 10:48 - 2007-05-16 19:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2014-06-14 10:48 - 2007-05-16 19:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2014-06-14 10:48 - 2007-05-16 19:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2014-06-14 10:48 - 2007-05-16 19:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2014-06-14 10:48 - 2007-04-04 21:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2014-06-14 10:48 - 2007-04-04 21:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2014-06-14 10:48 - 2007-04-04 21:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2014-06-14 10:48 - 2007-04-04 21:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2014-06-14 10:48 - 2007-03-15 19:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2014-06-14 10:48 - 2007-03-15 19:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2014-06-14 10:48 - 2007-03-12 19:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2014-06-14 10:48 - 2007-03-12 19:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2014-06-14 10:48 - 2007-03-12 19:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2014-06-14 10:48 - 2007-03-12 19:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2014-06-14 10:48 - 2007-03-05 15:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2014-06-14 10:48 - 2007-03-05 15:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2014-06-14 10:48 - 2007-01-24 18:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2014-06-14 10:48 - 2007-01-24 18:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2014-06-14 10:48 - 2006-12-08 15:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2014-06-14 10:48 - 2006-12-08 15:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2014-06-14 10:48 - 2006-11-29 16:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2014-06-14 10:48 - 2006-11-29 16:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2014-06-14 10:48 - 2006-11-29 16:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2014-06-14 10:48 - 2006-11-29 16:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2014-06-14 10:48 - 2006-09-28 19:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2014-06-14 10:48 - 2006-09-28 19:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2014-06-14 10:48 - 2006-09-28 19:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2014-06-14 10:48 - 2006-09-28 19:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2014-06-14 10:48 - 2006-07-28 12:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2014-06-14 10:48 - 2006-07-28 12:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2014-06-14 10:48 - 2006-07-28 12:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2014-06-14 10:48 - 2006-07-28 12:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2014-06-14 10:48 - 2006-05-31 10:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2014-06-14 10:48 - 2006-05-31 10:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2014-06-14 10:48 - 2006-03-31 15:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2014-06-14 10:48 - 2006-03-31 15:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2014-06-14 10:48 - 2006-03-31 15:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2014-06-14 10:48 - 2006-03-31 15:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2014-06-14 10:48 - 2006-03-31 15:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2014-06-14 10:48 - 2006-03-31 15:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2014-06-14 10:48 - 2006-02-03 11:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2014-06-14 10:48 - 2006-02-03 11:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2014-06-14 10:48 - 2006-02-03 11:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2014-06-14 10:48 - 2006-02-03 11:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2014-06-14 10:48 - 2006-02-03 11:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2014-06-14 10:48 - 2006-02-03 11:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2014-06-14 10:48 - 2005-12-05 21:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2014-06-14 10:48 - 2005-12-05 21:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2014-06-14 10:48 - 2005-07-22 22:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2014-06-14 10:48 - 2005-07-22 22:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2014-06-14 10:48 - 2005-05-26 18:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2014-06-14 10:48 - 2005-05-26 18:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2014-06-14 10:48 - 2005-03-18 20:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2014-06-14 10:48 - 2005-03-18 20:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2014-06-14 10:48 - 2005-02-05 22:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2014-06-14 10:48 - 2005-02-05 22:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2014-06-13 21:16 - 2014-06-13 21:16 - 00000000 ____D () C:\WINDOWS\Minidump
2014-06-13 21:01 - 2014-07-11 17:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-13 21:01 - 2014-06-13 21:01 - 00000990 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-06-13 21:01 - 2014-06-13 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-11 21:42 - 2014-06-16 20:33 - 00000000 ____D () C:\Program Files (x86)\CompuClever
2014-06-11 21:42 - 2014-06-11 21:42 - 00000000 ____D () C:\ProgramData\UAB
2014-06-11 21:40 - 2014-06-11 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Restore
2014-06-11 21:40 - 2014-06-11 21:40 - 00000000 ____D () C:\ProgramData\Driver Restore
2014-06-11 21:40 - 2014-06-11 21:40 - 00000000 ____D () C:\Program Files (x86)\Driver Restore
2014-06-11 21:39 - 2014-06-12 19:34 - 00000804 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Toribash.lnk
2014-06-11 16:34 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 16:34 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 16:34 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 16:34 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 16:34 - 2014-05-09 23:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 16:34 - 2014-05-09 23:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 16:34 - 2014-05-08 19:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 16:34 - 2014-05-05 00:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 16:34 - 2014-04-30 07:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 16:34 - 2014-04-29 23:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 16:34 - 2014-04-03 03:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 16:34 - 2014-04-03 03:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-11 16:34 - 2014-02-06 07:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 16:34 - 2014-02-06 07:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 16:34 - 2014-02-06 07:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 16:34 - 2014-02-06 06:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 16:34 - 2014-02-06 06:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 16:34 - 2014-02-06 06:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 16:34 - 2014-02-06 06:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 16:34 - 2014-02-06 06:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 16:34 - 2014-02-06 05:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 16:34 - 2014-02-06 05:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 16:34 - 2014-02-06 05:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 16:34 - 2014-02-06 05:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 16:33 - 2014-04-06 12:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-11 16:33 - 2014-04-06 07:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-11 16:32 - 2014-04-18 10:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-11 16:32 - 2014-04-18 10:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-11 16:32 - 2014-04-18 09:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-11 16:32 - 2014-04-18 05:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-11 16:32 - 2014-04-18 04:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-11 16:32 - 2014-04-18 04:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-11 16:32 - 2014-04-18 04:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-11 16:32 - 2014-04-18 03:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-11 16:32 - 2014-04-18 03:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-11 16:32 - 2014-04-14 05:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-11 16:32 - 2014-04-14 04:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-11 16:32 - 2014-04-11 00:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-11 16:32 - 2014-04-11 00:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-11 16:32 - 2014-04-10 23:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-11 16:32 - 2014-04-09 07:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-11 16:32 - 2014-04-09 02:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-11 16:32 - 2014-04-09 01:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-11 16:32 - 2014-04-08 23:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-11 16:32 - 2014-04-07 22:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-11 16:32 - 2014-04-06 12:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-11 16:32 - 2014-04-06 12:34 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-11 16:32 - 2014-04-06 12:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-11 16:32 - 2014-04-06 12:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-11 16:32 - 2014-04-06 12:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-11 16:32 - 2014-04-06 12:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-11 16:32 - 2014-04-06 12:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-11 16:32 - 2014-04-06 12:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-11 16:32 - 2014-04-06 12:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-11 16:32 - 2014-04-06 12:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-11 16:32 - 2014-04-06 12:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-11 16:32 - 2014-04-06 12:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-11 16:32 - 2014-04-06 12:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-11 16:32 - 2014-04-06 12:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-11 16:32 - 2014-04-06 12:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-11 16:32 - 2014-04-06 12:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-11 16:32 - 2014-04-06 12:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-11 16:32 - 2014-04-06 12:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-11 16:32 - 2014-04-06 11:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-11 16:32 - 2014-04-06 11:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-11 16:32 - 2014-04-06 11:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-11 16:32 - 2014-04-06 11:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-11 16:32 - 2014-04-06 11:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-11 16:32 - 2014-04-06 11:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-11 16:32 - 2014-04-06 11:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-11 16:32 - 2014-04-06 11:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-11 16:32 - 2014-04-06 11:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-11 16:32 - 2014-04-06 11:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-11 16:32 - 2014-04-06 11:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-11 16:32 - 2014-04-06 11:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-11 16:32 - 2014-04-06 08:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-11 16:32 - 2014-04-06 08:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-11 16:32 - 2014-04-06 08:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-11 16:32 - 2014-04-06 08:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-11 16:32 - 2014-04-06 08:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-11 16:32 - 2014-04-06 07:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-11 16:32 - 2014-04-06 07:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-11 16:32 - 2014-04-06 07:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-11 16:32 - 2014-04-06 07:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-11 16:32 - 2014-04-06 06:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-11 16:32 - 2014-04-06 06:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-11 16:32 - 2014-04-06 06:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-11 16:32 - 2014-04-06 06:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-11 16:32 - 2014-04-06 06:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-11 16:32 - 2014-04-06 05:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-11 16:32 - 2014-04-03 04:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-11 16:32 - 2014-04-03 04:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-11 16:32 - 2014-04-03 04:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-11 16:32 - 2014-04-03 00:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-11 16:32 - 2014-04-03 00:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-11 16:32 - 2014-04-02 23:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-11 16:32 - 2014-04-02 22:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-11 16:32 - 2014-04-02 22:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-11 16:32 - 2014-04-02 22:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-11 16:32 - 2014-04-02 22:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-11 16:32 - 2014-04-02 22:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-11 16:32 - 2014-04-02 22:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-11 16:32 - 2014-04-01 02:23 - 00384856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-11 16:32 - 2014-03-31 01:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-11 16:32 - 2014-03-30 20:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-11 16:32 - 2014-03-30 20:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-11 16:32 - 2014-03-30 19:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-11 16:32 - 2014-03-30 18:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-11 16:32 - 2014-03-30 18:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-11 16:32 - 2014-03-30 18:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-11 16:32 - 2014-03-30 18:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-11 16:32 - 2014-03-30 17:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-11 16:32 - 2014-03-28 11:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-11 16:32 - 2014-03-27 02:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-11 16:32 - 2014-03-27 01:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-11 16:32 - 2014-03-27 00:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-11 16:32 - 2014-03-27 00:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-11 16:32 - 2014-03-27 00:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-11 16:32 - 2014-03-26 23:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-11 16:32 - 2014-03-26 23:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-11 16:32 - 2014-03-26 23:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-11 16:32 - 2014-03-24 18:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-11 16:32 - 2014-03-19 23:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-11 16:32 - 2014-03-19 20:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-11 16:32 - 2014-03-19 19:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-11 16:32 - 2014-03-19 04:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-11 16:32 - 2014-03-19 04:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-11 16:32 - 2014-03-19 03:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-11 16:32 - 2014-03-19 03:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-11 16:32 - 2014-03-19 02:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-11 16:32 - 2014-03-19 01:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-11 16:32 - 2014-03-19 01:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-11 16:32 - 2014-03-19 01:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-11 16:32 - 2014-03-19 01:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-11 16:32 - 2014-03-19 01:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-11 16:32 - 2014-03-19 01:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-11 16:32 - 2014-03-19 00:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-11 16:32 - 2014-03-19 00:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-11 16:32 - 2014-03-19 00:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-11 16:32 - 2014-03-18 04:19 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-11 16:32 - 2014-03-18 01:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-11 16:32 - 2014-03-18 00:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-11 16:32 - 2014-03-17 01:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-11 16:32 - 2014-03-17 00:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-11 16:32 - 2014-03-16 23:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-11 16:32 - 2014-03-16 22:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-11 16:32 - 2014-03-16 22:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-11 16:32 - 2014-03-14 02:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-11 16:32 - 2014-03-14 02:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-11 16:32 - 2014-03-06 08:42 - 00310616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-11 16:32 - 2014-01-27 14:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-11 16:30 - 2014-05-19 02:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 16:30 - 2014-05-19 02:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 16:30 - 2014-05-19 01:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 16:30 - 2014-05-01 09:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 16:30 - 2014-05-01 09:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 16:30 - 2014-05-01 03:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 16:30 - 2014-05-01 03:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 16:30 - 2014-05-01 02:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 16:30 - 2014-05-01 01:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 16:30 - 2014-04-30 00:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 16:30 - 2014-04-30 00:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 16:30 - 2014-04-29 23:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 12:51 - 2014-07-10 11:51 - 00000298 _____ () C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job
2014-06-11 12:51 - 2014-07-05 09:51 - 00000306 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2014-06-11 12:51 - 2014-06-14 21:35 - 00000290 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2014-06-11 12:51 - 2014-06-11 12:51 - 01998168 _____ () C:\WINDOWS\SysWOW64\D3DX9_43.dll
2014-06-11 12:51 - 2014-06-11 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2014-06-11 12:51 - 2014-06-11 12:51 - 00000000 ____D () C:\Program Files (x86)\Dll-Files.com Fixer
2014-06-11 11:39 - 2014-06-12 19:34 - 00000000 ____D () C:\Games
2014-06-11 11:39 - 2014-06-11 11:39 - 00000825 _____ () C:\Users\Public\Desktop\World of Warplanes.lnk
2014-06-11 11:39 - 2014-06-11 11:39 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-06-11 11:39 - 2014-06-11 11:39 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-06-11 11:39 - 2014-06-11 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warplanes

==================== One Month Modified Files and Folders =======

2014-07-11 19:28 - 2014-07-11 19:27 - 00012208 _____ () C:\Users\ramig_000\Downloads\FRST.txt
2014-07-11 19:28 - 2014-06-01 22:23 - 00000982 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1806527627-2924948291-3671334023-1042UA.job
2014-07-11 19:28 - 2014-06-01 22:23 - 00000960 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1806527627-2924948291-3671334023-1042Core.job
2014-07-11 19:28 - 2014-03-04 00:39 - 00000374 _____ () C:\WINDOWS\Tasks\CIMT_S-1-5-21-1806527627-2924948291-3671334023-1001.job
2014-07-11 19:27 - 2014-07-11 19:27 - 00000000 ____D () C:\FRST
2014-07-11 19:27 - 2014-07-11 19:26 - 02084864 _____ (Farbar) C:\Users\ramig_000\Downloads\FRST64.exe
2014-07-11 19:24 - 2014-06-30 17:35 - 00000000 ____D () C:\Users\ramig_000\AppData\Local\Packages
2014-07-11 19:15 - 2014-06-30 17:40 - 00000000 __RDO () C:\Users\ramig_000\OneDrive
2014-07-11 19:15 - 2014-06-01 00:43 - 02040147 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-11 19:13 - 2014-06-16 20:05 - 00002340 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-07-11 19:12 - 2014-03-18 05:54 - 00412376 _____ () C:\WINDOWS\PFRO.log
2014-07-11 19:12 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-11 19:11 - 2014-07-11 19:08 - 00000000 ____D () C:\AdwCleaner
2014-07-11 19:11 - 2014-06-30 17:35 - 00000000 ____D () C:\Users\ramig_000
2014-07-11 19:11 - 2013-05-26 12:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-11 19:07 - 2014-07-11 19:07 - 01348263 _____ () C:\Users\ramig_000\Downloads\AdwCleaner.exe
2014-07-11 19:06 - 2014-07-11 19:06 - 01348263 _____ () C:\Users\ramig_000\Downloads\adwcleaner_3.215(2).exe
2014-07-11 19:06 - 2014-07-11 19:06 - 01348263 _____ () C:\Users\ramig_000\Downloads\adwcleaner_3.215(1).exe
2014-07-11 19:05 - 2014-07-11 19:05 - 01348263 _____ () C:\Users\ramig_000\Downloads\adwcleaner_3.215.exe
2014-07-11 19:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-11 18:41 - 2013-03-10 20:18 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-11 18:40 - 2013-08-22 10:44 - 00360312 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-11 18:36 - 2014-03-18 05:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 18:36 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-11 18:36 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 18:36 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 18:36 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-11 17:51 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-11 17:45 - 2013-08-17 22:08 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-11 17:35 - 2013-01-07 21:26 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-11 17:13 - 2014-06-30 17:44 - 00371200 ___SH () C:\Users\ramig_000\Downloads\Thumbs.db
2014-07-11 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-11 17:01 - 2014-06-13 21:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-11 16:38 - 2014-07-11 16:38 - 00000921 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-07-11 16:38 - 2014-07-11 16:31 - 00000000 ____D () C:\Program Files\GIMP 2
2014-07-11 16:34 - 2013-07-10 13:29 - 00000946 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1806527627-2924948291-3671334023-1001UA.job
2014-07-11 16:28 - 2014-07-11 16:27 - 90396104 _____ (The GIMP Team ) C:\Users\ramig_000\Downloads\gimp-2.8.10-setup.exe
2014-07-11 14:18 - 2014-06-30 22:24 - 00000000 ____D () C:\Users\ramig_000\AppData\Local\Battle.net
2014-07-11 10:34 - 2013-07-10 13:29 - 00000924 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1806527627-2924948291-3671334023-1001Core.job
2014-07-11 09:31 - 2014-07-11 09:31 - 00000000 ____D () C:\Users\ramig_000\Documents\Mount&Blade Warband Savegames
2014-07-11 09:31 - 2014-07-11 09:29 - 00000000 ____D () C:\Users\ramig_000\Documents\Mount&Blade Warband
2014-07-11 09:30 - 2014-07-11 09:29 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\Mount&Blade Warband
2014-07-10 19:47 - 2014-07-10 19:47 - 00000221 _____ () C:\Users\ramig_000\Desktop\Mount & Blade Warband.url
2014-07-10 19:47 - 2014-07-10 19:47 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-10 18:46 - 2014-06-10 02:48 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-07-10 17:29 - 2014-07-10 17:29 - 00000000 __SHD () C:\Users\ramig_000\AppData\Local\EmieUserList
2014-07-10 17:29 - 2014-07-10 17:29 - 00000000 __SHD () C:\Users\ramig_000\AppData\Local\EmieSiteList
2014-07-10 14:43 - 2014-07-10 14:43 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\OpenOffice.org
2014-07-10 11:51 - 2014-06-11 12:51 - 00000298 _____ () C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job
2014-07-10 01:00 - 2014-07-10 00:59 - 00000000 ___RD () C:\Users\ramig_000\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2014-07-09 23:03 - 2014-07-09 23:03 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\LSC
2014-07-09 23:03 - 2014-07-09 23:03 - 00000000 ____D () C:\Users\ramig_000\AppData\Local\Adobe
2014-07-09 23:03 - 2014-06-30 17:35 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\Adobe
2014-07-09 16:00 - 2014-07-09 16:00 - 00000000 ____D () C:\Users\ramig_000\AppData\Local\SmartTechnology
2014-07-09 15:59 - 2014-07-09 15:59 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-07 11:23 - 2014-07-07 11:23 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\Lavasoft
2014-07-07 11:14 - 2014-07-07 11:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-07-06 16:01 - 2014-07-06 16:01 - 00000000 ____D () C:\ProgramData\LogiShrd
2014-07-06 16:01 - 2014-07-06 16:01 - 00000000 ____D () C:\Program Files\Common Files\LogiShrd
2014-07-06 16:00 - 2014-07-06 16:00 - 04147600 _____ ($Co_Name Inc.) C:\Users\ramig_000\Downloads\unifying250.exe
2014-07-05 11:02 - 2014-03-18 06:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-05 09:51 - 2014-06-11 12:51 - 00000306 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2014-07-02 18:19 - 2014-06-30 22:24 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\Battle.net
2014-06-30 22:25 - 2014-06-30 22:25 - 00000000 ____D () C:\Users\ramig_000\AppData\Local\Blizzard Entertainment
2014-06-30 21:41 - 2014-06-30 21:41 - 00000000 ____D () C:\Users\ramig_000\AppData\Local\Macromedia
2014-06-30 17:42 - 2014-06-30 17:42 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\Mozilla
2014-06-30 17:42 - 2014-06-30 17:42 - 00000000 ____D () C:\Users\ramig_000\AppData\Local\Mozilla
2014-06-30 17:36 - 2014-06-30 17:36 - 00000000 ____D () C:\Users\ramig_000\AppData\Roaming\dll-files.com
2014-06-30 17:35 - 2014-06-30 17:35 - 00001457 _____ () C:\Users\ramig_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-30 17:35 - 2014-06-30 17:35 - 00000020 ___SH () C:\Users\ramig_000\ntuser.ini
2014-06-30 17:35 - 2014-06-30 17:35 - 00000000 ____D () C:\Users\ramig_000\AppData\Local\VirtualStore
2014-06-30 13:25 - 2014-06-01 00:25 - 00000000 ____D () C:\Users\Rami-PC
2014-06-29 22:22 - 2014-06-29 22:22 - 00001799 _____ () C:\Users\Public\Desktop\ooVoo.lnk
2014-06-29 22:22 - 2014-06-29 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
2014-06-29 22:22 - 2014-06-29 22:22 - 00000000 ____D () C:\Program Files (x86)\ooVoo
2014-06-26 16:55 - 2014-07-11 18:42 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 16:55 - 2014-07-11 18:42 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-25 16:38 - 2014-06-14 10:48 - 00028634 _____ () C:\WINDOWS\DirectX.log
2014-06-19 16:40 - 2013-08-22 10:46 - 00289502 _____ () C:\WINDOWS\setupact.log
2014-06-19 15:31 - 2014-06-16 12:59 - 00000000 ____D () C:\Program Files (x86)\FastMediaConverter
2014-06-18 21:39 - 2014-07-09 16:59 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-18 20:48 - 2014-07-09 16:49 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-18 20:16 - 2014-07-09 16:58 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-18 20:09 - 2014-07-09 16:49 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-18 19:51 - 2014-07-09 16:52 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-18 19:50 - 2014-07-09 16:48 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-18 19:48 - 2014-07-09 16:49 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-18 19:46 - 2014-07-09 16:59 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-06-18 19:39 - 2014-07-09 16:47 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-18 19:33 - 2014-07-09 16:48 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-18 19:32 - 2014-07-09 16:48 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-18 19:27 - 2014-07-09 16:48 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-18 19:12 - 2014-07-09 16:48 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-18 18:59 - 2014-07-09 16:47 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-18 18:58 - 2014-07-09 16:50 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-18 18:58 - 2014-07-09 16:49 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-18 18:57 - 2014-07-09 16:59 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-06-18 18:52 - 2014-07-09 16:51 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-18 18:51 - 2014-07-09 16:52 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-18 18:49 - 2014-07-09 16:48 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-18 18:45 - 2014-07-09 16:47 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-18 18:35 - 2014-07-09 16:51 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-18 18:34 - 2014-07-09 16:50 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-18 18:15 - 2014-07-09 16:47 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-18 18:13 - 2014-07-09 16:48 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-18 18:09 - 2014-07-09 16:50 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-18 18:07 - 2014-07-09 16:47 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-18 02:40 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-17 06:58 - 2014-06-09 18:06 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-06-16 21:00 - 2013-06-09 23:47 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-16 20:59 - 2012-11-01 17:28 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-06-16 20:59 - 2012-11-01 17:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-16 20:54 - 2014-06-01 23:51 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-16 20:33 - 2014-06-11 21:42 - 00000000 ____D () C:\Program Files (x86)\CompuClever
2014-06-16 20:31 - 2014-06-16 20:30 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-16 20:30 - 2014-06-16 20:30 - 00001418 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-16 20:30 - 2014-06-16 20:30 - 00001406 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-16 20:30 - 2014-06-16 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-16 20:30 - 2014-06-16 20:29 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-16 20:05 - 2014-06-16 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-06-16 20:05 - 2014-06-16 20:05 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-16 20:04 - 2014-06-16 20:04 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-06-16 20:04 - 2014-06-16 20:04 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-06-16 20:03 - 2014-06-16 20:03 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-06-16 19:46 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\System
2014-06-16 19:45 - 2012-11-01 17:37 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-06-16 19:27 - 2014-06-16 19:26 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-16 19:26 - 2014-06-16 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-16 19:26 - 2014-06-16 19:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-16 19:26 - 2013-05-30 18:04 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-16 19:26 - 2013-05-30 18:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-16 18:26 - 2014-07-09 16:46 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-06-16 18:24 - 2014-07-09 16:46 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-06-16 17:06 - 2012-07-26 01:26 - 00000218 _____ () C:\WINDOWS\win.ini
2014-06-16 13:56 - 2014-06-16 13:56 - 00000000 ____D () C:\ProgramData\SmartTechnology
2014-06-16 13:56 - 2014-06-16 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology
2014-06-16 13:56 - 2014-06-16 13:56 - 00000000 ____D () C:\Program Files\SmartTechnology
2014-06-16 13:32 - 2014-06-16 13:32 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-06-16 13:32 - 2013-08-22 11:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-06-16 13:32 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-06-16 13:00 - 2014-06-16 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Media Converter
2014-06-16 12:58 - 2014-06-16 12:58 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SaiK0CFA_01009.Wdf
2014-06-14 21:35 - 2014-06-11 12:51 - 00000290 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2014-06-14 10:48 - 2014-06-14 10:48 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-13 21:49 - 2014-06-16 14:03 - 00061120 _____ (StdLib) C:\WINDOWS\system32\Drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys
2014-06-13 21:16 - 2014-06-13 21:16 - 00000000 ____D () C:\WINDOWS\Minidump
2014-06-13 21:15 - 2013-07-21 19:33 - 406366497 _____ () C:\WINDOWS\MEMORY.DMP
2014-06-13 21:01 - 2014-06-13 21:01 - 00000990 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-06-13 21:01 - 2014-06-13 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-12 19:34 - 2014-06-11 21:39 - 00000804 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Toribash.lnk
2014-06-12 19:34 - 2014-06-11 11:39 - 00000000 ____D () C:\Games
2014-06-11 22:45 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-11 22:45 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-11 21:44 - 2012-11-01 17:29 - 00000000 ____D () C:\ProgramData\Temp
2014-06-11 21:42 - 2014-06-11 21:42 - 00000000 ____D () C:\ProgramData\UAB
2014-06-11 21:40 - 2014-06-11 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Restore
2014-06-11 21:40 - 2014-06-11 21:40 - 00000000 ____D () C:\ProgramData\Driver Restore
2014-06-11 21:40 - 2014-06-11 21:40 - 00000000 ____D () C:\Program Files (x86)\Driver Restore
2014-06-11 12:54 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-06-11 12:51 - 2014-06-11 12:51 - 01998168 _____ () C:\WINDOWS\SysWOW64\D3DX9_43.dll
2014-06-11 12:51 - 2014-06-11 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2014-06-11 12:51 - 2014-06-11 12:51 - 00000000 ____D () C:\Program Files (x86)\Dll-Files.com Fixer
2014-06-11 11:39 - 2014-06-11 11:39 - 00000825 _____ () C:\Users\Public\Desktop\World of Warplanes.lnk
2014-06-11 11:39 - 2014-06-11 11:39 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-06-11 11:39 - 2014-06-11 11:39 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-06-11 11:39 - 2014-06-11 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warplanes

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================


Edited by Queen-Evie, 11 July 2014 - 07:36 PM.
moved from Windows 8 to Malware Removal Logs. FRST logs are allowed only in MRL


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,497 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:35 AM

Posted 16 July 2014 - 01:08 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start
HKLM\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FastMediaConverter.lnk
ShortcutTarget: FastMediaConverter.lnk -> C:\Program Files (x86)\FastMediaConverter\FastMediaConverterApp.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: No Name - {6C8DB2EC-499B-4897-A784-0E3186C97E9D} -  No File
BHO-x32: No Name - {6C8DB2EC-499B-4897-A784-0E3186C97E9D} -  No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
R1 {587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64; C:\Windows\System32\drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys [61120 2014-06-13] (StdLib)

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/
===

How is the computer running now?

#3 jennajaxson

jennajaxson
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:35 AM

Posted 19 July 2014 - 09:22 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-07-2014
Ran by ramig_000 at 2014-07-19 22:09:03 Run:1
Running from C:\Users\ramig_000\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKLM\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FastMediaConverter.lnk
ShortcutTarget: FastMediaConverter.lnk -> C:\Program Files (x86)\FastMediaConverter\FastMediaConverterApp.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: No Name -
{6C8DB2EC-499B-4897-A784-0E3186C97E9D} -  No File
BHO-x32: No Name - {6C8DB2EC-499B-4897-A784-0E3186C97E9D} -  No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
R1 {587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64; C:\Windows\System32\drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys [61120 2014-06-13] (StdLib)

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon'=> Key not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FastMediaConverter.lnk" => Could not move.
C:\Program Files (x86)\FastMediaConverter\FastMediaConverterApp.exe => Moved successfully.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast' => Error deleting key. The key could be protected.
'HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncBackedUp' => Error deleting key. The key could be protected.
'HKLM\Software\Classes\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncPending' => Error deleting key. The key could be protected.
'HKLM\Software\Classes\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncRoot' => Error deleting key. The key could be protected.
'HKLM\Software\Classes\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncShared' => Error deleting key. The key could be protected.
'HKLM\Software\Classes\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}'=> Key not found.

"C:\WINDOWS\system32\GroupPolicy\Machine" directory move:

Could not move "C:\WINDOWS\system32\GroupPolicy\Machine\Registry.pol" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\GroupPolicy\Machine" directory. => Scheduled to move on reboot.

Could not move "C:\WINDOWS\system32\GroupPolicy\GPT.ini" => Scheduled to move on reboot.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Error setting value.

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes"

Listing permissions failed. Access Denied.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\BHO: No Name -'=> Key not found.
'HKCR\CLSID\BHO: No Name -'=> Key not found.
{6C8DB2EC-499B-4897-A784-0E3186C97E9D} -  No File => Error: No automatic fix found for this entry.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}' => Error deleting key. The key could be protected.
'HKCR\Wow6432Node\CLSID\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}'=> Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Value could not be deleted.
'HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}'=> Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Value could not be deleted.
'HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{4FF78044-96B4-4312-A5B7-FDA3CB328095}' => Error deleting key. The key could be protected.
'HKCR\Wow6432Node\CLSID\{4FF78044-96B4-4312-A5B7-FDA3CB328095}'=> Key not found.
{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64 => Unable to stop service
{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64 => Error deleting Service
 

 Results of screen317's Security Check version 0.99.85  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player     14.0.0.145  
 Mozilla Firefox (30.0)
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 



#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,497 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:35 AM

Posted 20 July 2014 - 08:35 AM

Looking good.

If all is well.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/

#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,497 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:35 AM

Posted 26 July 2014 - 07:24 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users