Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

address and search bars flash and can't type in them (zero access rootkit)


  • This topic is locked This topic is locked
22 replies to this topic

#1 raylicker1

raylicker1

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:44 PM

Posted 22 October 2014 - 10:17 PM

Address and search bars flash and can't type in them. can not open start menu and also does this in safe mode, please help, infected with ZEROACCESS ROOTKIT

 

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 10.0.9200.17088
Run by Den's at 5:40:01 on 2014-10-22
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8146.6747 [GMT -7:00]
.
AV: Emsisoft Anti-Malware *Disabled/Outdated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: Norton Security Suite *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton Security Suite *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Emsisoft Anti-Malware *Disabled/Outdated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
FW: Norton Security Suite *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\PROGRA~2\MICROS~1\OFFICE11\WORDVIEW.EXE
C:\Windows\explorer.exe
C:\Users\Den's\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe
C:\Users\Den's\AppData\Local\WeatherAlerts\WeatherAlerts.exe
C:\Program Files (x86)\FreeArc\bin\FreeArc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\ips\ipsbho.dll
BHO: Ads Removal: {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Constant Guard Protection Suite: {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.14.922.1\NativeBHO.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [GoogleChromeAutoLaunch_65E4CCBCE100B0D74D833D7DB6B1F2F3] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Google Update] "C:\Users\Den's\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
mRun: [Advanced-System Protector_startup] "C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe" autolaunch
dRun: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
StartupFolder: C:\Users\Den's\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DESKTO~1.LNK - C:\Users\Den's\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe
StartupFolder: C:\Users\Den's\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMEAS~1.LNK - C:\Program Files (x86)\IObit\Game Assistant\GameAssistant.exe
StartupFolder: C:\Users\Den's\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\WEATHE~1.LNK - C:\Users\Den's\AppData\Local\WeatherAlerts\WeatherAlerts.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONSTA~1.LNK - C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{16B064E3-E5B4-4E0E-89B5-DFE81493D87B} : NameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{A055C501-94FA-4521-9279-A19FA9294562} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{A055C501-94FA-4521-9279-A19FA9294562}\2456C6B696E6E23756475707 : DHCPNameServer = 192.168.206.1
TCP: Interfaces\{A055C501-94FA-4521-9279-A19FA9294562}\E4544574541425F5548545 : DHCPNameServer = 192.168.1.250
TCP: Interfaces\{BB388F52-5690-482F-9F05-3C2EB796EB67} : DHCPNameServer = 192.168.1.1 184.16.33.54
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coieplg.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coieplg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Den's\AppData\Roaming\Mozilla\Firefox\Profiles\jy5jl8gu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=282369&p=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: C:\Users\Den's\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll
FF - plugin: C:\Users\Den's\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Den's\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
FF - ExtSQL: 2014-09-06 05:52; ascsurfingprotection@iobit.com; C:\Users\Den's\AppData\Roaming\Mozilla\Firefox\Profiles\jy5jl8gu.default\extensions\ascsurfingprotection@iobit.com
.
============= SERVICES / DRIVERS ===============
.
R0 AvgRkx64;avgrkx64.sys;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-23 14856]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-2-20 19264]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-4-28 55952]
R0 Sahdad64;HDD Filter Driver;C:\Windows\System32\drivers\Sahdad64.sys [2013-4-28 27120]
R0 Saibad64;Volume Filter Driver;C:\Windows\System32\drivers\Saibad64.sys [2013-4-28 19952]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-11-5 21184]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1506000.020\symds64.sys [2014-10-15 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1506000.020\symefa64.sys [2014-10-15 1148120]
R0 SysCow;SysCow;C:\Windows\System32\drivers\syscowad64v.sys [2010-5-23 164848]
R1 anodlwf;ANOD Network Security Filter driver;C:\Windows\System32\drivers\anodlwfx.sys [2013-4-10 15872]
R1 AvgTdiA;AVG8 Network Redirector x64;C:\Windows\System32\drivers\avgtdia.sys [2013-9-23 133640]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2012-8-20 416072]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-2-20 357184]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-2-20 789824]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-8-3 939224]
S1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2014-9-17 26176]
S1 a2injectiondriver;a2injectiondriver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [2014-9-17 45208]
S1 a2util;a-squared Malware-IDS utility driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [2014-9-17 23088]
S1 AntiLog32;AntiLog32;C:\Windows\System32\drivers\AntiLog64.sys [2014-7-26 49752]
S1 AvgLdx64;AVG AVI Loader Driver x64;C:\Windows\System32\drivers\avgldx64.sys [2013-9-23 427016]
S1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64;C:\Windows\System32\drivers\avgmfx64.sys [2013-9-23 33416]
S1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141016.001\BHDrvx64.sys [2014-10-20 1587416]
S1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1506000.020\ccsetx64.sys [2014-10-15 162392]
S1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20141021.001\IDSviA64.sys [2014-10-21 633560]
S1 SaibVdAd64;Virtual Disk Driver;C:\Windows\System32\drivers\SaibVdAd64.sys [2013-4-28 27632]
S1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1506000.020\ironx64.sys [2014-10-15 266968]
S1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1506000.020\symnets.sys [2014-10-15 593112]
S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2011-2-9 457200]
S2 a2AntiMalware;Emsisoft Protection Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2014-9-17 4816568]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-8-15 893216]
S2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~2\AVG\AVG8\avgemc.exe [2013-9-23 908056]
S2 avg8wd;AVG8 WatchDog; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 CltMngSvc;Search Protect Service;C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2014-10-1 3015128]
S2 D-Link Wireless N Dual Band DWA-160 _WPS;D-Link Wireless N Dual Band DWA-160 _WPS Service;C:\Program Files (x86)\D-Link\DWA-160\ANIWConnService.exe [2013-4-10 53248]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe [2014-5-21 49464]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-2-20 13592]
S2 IDVaultSvc;CGPS Service;C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2014-9-22 40240]
S2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-6-21 342336]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-2-20 166720]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-1-20 2282272]
S2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe [2014-10-15 265040]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-7-13 340976]
S2 SamsungAllShareV2.0;Samsung AllShare PC;C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-3-2 25504]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-10-5 411936]
S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-2-20 365376]
S3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2014-9-17 71472]
S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2012-8-20 138568]
S3 cleanhlp;cleanhlp;C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [2014-9-17 57024]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-10-3 142640]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-2-23 169752]
S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-2-20 342528]
S3 Linksys_adapter_H;Linksys Adapter Network Driver;C:\Windows\System32\drivers\AE1200w764.sys [2011-3-30 1254464]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2009-1-1 19456]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2014-6-27 34848]
S3 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-7-13 1095664]
S3 SimpleSlideShowServer;SimpleSlideShowServer;C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-3-2 27584]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2014-1-31 16152]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2009-1-1 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2009-1-1 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2009-1-1 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2014-6-27 23016]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-7-4 1255736]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2014-10-2 14544]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2011-7-15 21488]
S4 BOTService;BOTService;C:\Program Files (x86)\Roxio\BackOnTrack\Instant Restore\BOTService.exe [2011-7-14 211440]
S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2014-6-27 23048]
S4 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-3-28 19936]
S4 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-3-28 13280]
.
=============== Created Last 30 ================
.
2014-10-22 12:33:13    --------    d-----w-    C:\Users\Den's\AppData\Local\SearchProtect
2014-10-22 12:33:08    --------    d-----w-    C:\Program Files (x86)\SearchProtect
2014-10-22 12:32:58    --------    d-----w-    C:\Users\Den's\AppData\Roaming\VOPackage
2014-10-22 12:32:46    --------    d-----w-    C:\ProgramData\Systweak
2014-10-22 12:32:45    16896    ----a-w-    C:\Windows\System32\sasnative64.exe
2014-10-22 12:32:45    --------    d-----w-    C:\Program Files (x86)\ASP
2014-10-22 12:32:39    --------    d-----w-    C:\Users\Den's\AppData\Local\Local_Weather_LLC
2014-10-22 12:32:36    --------    d-----w-    C:\Users\Den's\AppData\Local\WeatherAlerts
2014-10-22 12:32:33    20296    ----a-w-    C:\Windows\System32\roboot64.exe
2014-10-22 12:32:33    --------    d-----w-    C:\Users\Den's\AppData\Roaming\Systweak
2014-10-22 12:32:32    --------    d-----w-    C:\Program Files (x86)\RCP
2014-10-15 18:57:12    876248    ----a-w-    C:\Windows\System32\drivers\N360x64\1506000.020\srtsp64.sys
2014-10-15 18:57:12    593112    ----a-w-    C:\Windows\System32\drivers\N360x64\1506000.020\symnets.sys
2014-10-15 18:57:12    493656    ----a-r-    C:\Windows\System32\drivers\N360x64\1506000.020\symds64.sys
2014-10-15 18:57:12    37592    ----a-w-    C:\Windows\System32\drivers\N360x64\1506000.020\srtspx64.sys
2014-10-15 18:57:12    266968    ----a-w-    C:\Windows\System32\drivers\N360x64\1506000.020\ironx64.sys
2014-10-15 18:57:12    23568    ----a-r-    C:\Windows\System32\drivers\N360x64\1506000.020\symelam.sys
2014-10-15 18:57:12    162392    ----a-r-    C:\Windows\System32\drivers\N360x64\1506000.020\ccsetx64.sys
2014-10-15 18:57:12    1148120    ----a-w-    C:\Windows\System32\drivers\N360x64\1506000.020\symefa64.sys
2014-10-15 18:57:08    --------    d-----w-    C:\Windows\System32\drivers\N360x64\1506000.020
2014-10-09 09:13:44    --------    d-----w-    C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-06 01:40:52    --------    d-----w-    C:\Users\Den's\AppData\Local\NVIDIA
2014-10-06 01:38:33    609240    ----a-w-    C:\Windows\SysWow64\nvStreaming.exe
2014-09-30 07:02:17    119808    ----a-r-    C:\Users\Den's\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2014-09-25 08:45:50    --------    d-----w-    C:\Users\Den's\New folder
2014-09-25 08:45:32    --------    d-----w-    C:\Users\Den's\vscan
2014-09-24 18:35:28    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-09-24 18:35:27    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2014-09-24 04:12:46    7168    ----a-w-    C:\Windows\SysWow64\KBDYAK.DLL
2014-09-24 04:12:46    7168    ----a-w-    C:\Windows\System32\KBDYAK.DLL
2014-09-24 04:12:46    7168    ----a-w-    C:\Windows\System32\KBDBASH.DLL
2014-09-24 04:12:46    6656    ----a-w-    C:\Windows\SysWow64\KBDBASH.DLL
.
==================== Find3M  ====================
.
2014-10-09 09:36:43    122584    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-10-09 09:12:15    92888    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-10-04 02:46:46    49752    ----a-w-    C:\Windows\System32\drivers\AntiLog64.sys
2014-10-02 06:23:02    7731160    ----a-w-    C:\Windows\apppatch\spbin\SPVC32.dll
2014-10-02 06:23:02    5515736    ----a-w-    C:\Windows\apppatch\spbin\cltmng.exe
2014-10-02 06:23:02    4831192    ----a-w-    C:\Windows\apppatch\spbin\SPVC64.dll
2014-10-02 06:23:02    225752    ----a-w-    C:\Windows\apppatch\spbin\SPVC64Loader.dll
2014-10-02 06:23:02    225752    ----a-w-    C:\Windows\apppatch\AppPatch64\SPVCLdr64.dll
2014-10-02 06:23:02    183768    ----a-w-    C:\Windows\apppatch\spbin\SPVC32Loader.dll
2014-10-02 06:23:02    1727448    ----a-w-    C:\Windows\apppatch\spbin\SPTool64.exe
2014-09-24 04:36:56    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-24 04:36:56    701104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-09-11 03:08:36    2565120    ----a-w-    C:\Windows\System32\d3d10warp.dll
2014-09-11 03:08:36    1987584    ----a-w-    C:\Windows\SysWow64\d3d10warp.dll
2014-09-11 03:05:32    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-09-11 03:05:32    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-09-11 03:05:32    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-09-11 03:05:32    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-09-11 03:05:32    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-09-11 03:03:27    2777088    ----a-w-    C:\Windows\System32\msmpeg2vdec.dll
2014-09-11 03:03:27    2285056    ----a-w-    C:\Windows\SysWow64\msmpeg2vdec.dll
2014-09-11 03:02:37    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2014-09-11 03:02:37    3163648    ----a-w-    C:\Windows\System32\win32k.sys
2014-09-11 03:02:37    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2014-09-11 03:01:22    664064    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2014-09-11 03:01:22    1216000    ----a-w-    C:\Windows\System32\rpcrt4.dll
2014-09-11 03:01:12    985536    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2014-09-11 03:00:57    504320    ----a-w-    C:\Windows\System32\msihnd.dll
2014-09-11 03:00:57    337408    ----a-w-    C:\Windows\SysWow64\msihnd.dll
2014-09-11 03:00:57    3241984    ----a-w-    C:\Windows\System32\msi.dll
2014-09-11 03:00:57    2363392    ----a-w-    C:\Windows\SysWow64\msi.dll
2014-09-11 03:00:57    1941504    ----a-w-    C:\Windows\System32\authui.dll
2014-09-11 03:00:57    1805824    ----a-w-    C:\Windows\SysWow64\authui.dll
2014-09-11 03:00:57    112064    ----a-w-    C:\Windows\System32\consent.exe
2014-09-11 02:59:55    99480    ----a-w-    C:\Windows\SysWow64\infocardapi.dll
2014-09-11 02:59:55    8856    ----a-w-    C:\Windows\SysWow64\icardres.dll
2014-09-11 02:59:55    8856    ----a-w-    C:\Windows\System32\icardres.dll
2014-09-11 02:59:55    619672    ----a-w-    C:\Windows\SysWow64\icardagt.exe
2014-09-11 02:59:55    35480    ----a-w-    C:\Windows\SysWow64\TsWpfWrp.exe
2014-09-11 02:59:55    35480    ----a-w-    C:\Windows\System32\TsWpfWrp.exe
2014-09-11 02:59:55    171160    ----a-w-    C:\Windows\System32\infocardapi.dll
2014-09-11 02:59:55    1389208    ----a-w-    C:\Windows\System32\icardagt.exe
2014-08-31 21:17:34    692736    ----a-w-    C:\Windows\System32\osk.exe
2014-08-31 21:17:34    646144    ----a-w-    C:\Windows\SysWow64\osk.exe
2014-08-31 21:17:21    497152    ----a-w-    C:\Windows\System32\drivers\afd.sys
2014-08-31 21:16:06    86528    ----a-w-    C:\Windows\System32\TSpkg.dll
2014-08-31 21:16:06    65536    ----a-w-    C:\Windows\SysWow64\TSpkg.dll
2014-08-31 21:16:06    340992    ----a-w-    C:\Windows\System32\schannel.dll
2014-08-31 21:16:06    314880    ----a-w-    C:\Windows\System32\msv1_0.dll
2014-08-31 21:16:06    307200    ----a-w-    C:\Windows\System32\ncrypt.dll
2014-08-31 21:16:06    259584    ----a-w-    C:\Windows\SysWow64\msv1_0.dll
2014-08-31 21:16:06    247808    ----a-w-    C:\Windows\SysWow64\schannel.dll
2014-08-31 21:16:06    220160    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
2014-08-31 21:16:06    22016    ----a-w-    C:\Windows\System32\credssp.dll
2014-08-31 21:16:06    210944    ----a-w-    C:\Windows\System32\wdigest.dll
2014-08-31 21:16:06    17408    ----a-w-    C:\Windows\SysWow64\credssp.dll
2014-08-31 21:16:06    172032    ----a-w-    C:\Windows\SysWow64\wdigest.dll
2014-08-31 21:15:26    624128    ----a-w-    C:\Windows\System32\qedit.dll
2014-08-31 21:15:26    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2014-08-20 05:15:16    18626304    ----a-w-    C:\Windows\System32\nvwgf2umx.dll
2014-08-20 05:15:14    16122344    ----a-w-    C:\Windows\SysWow64\nvwgf2um.dll
2014-08-20 05:15:08    965312    ----a-w-    C:\Windows\System32\nvumdshimx.dll
2014-08-20 05:15:08    846832    ----a-w-    C:\Windows\SysWow64\nvumdshim.dll
2014-08-20 05:15:04    13922752    ----a-w-    C:\Windows\System32\nvopencl.dll
2014-08-20 05:15:04    11283344    ----a-w-    C:\Windows\SysWow64\nvopencl.dll
2014-08-20 05:15:02    31512520    ----a-w-    C:\Windows\System32\nvoglv64.dll
2014-08-20 05:15:00    24196896    ----a-w-    C:\Windows\SysWow64\nvoglv32.dll
2014-08-20 05:13:58    2814656    ----a-w-    C:\Windows\SysWow64\nvapi.dll
2014-08-04 05:10:42    107552    ----a-w-    C:\Windows\System32\RTNUninst64.dll
2014-08-04 05:10:41    939224    ----a-w-    C:\Windows\System32\drivers\Rt64win7.sys
2014-08-04 05:10:41    73800    ----a-w-    C:\Windows\System32\RtNicProp64.dll
2014-07-28 21:52:00    6112072    ----a-w-    C:\Windows\System32\usbaaplrc.dll
2014-07-28 21:52:00    54784    ----a-w-    C:\Windows\System32\drivers\usbaapl64.sys
2014-07-25 09:35:46    875688    ----a-w-    C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 06:47:06    869544    ----a-w-    C:\Windows\System32\msvcr120_clr0400.dll
.
============= FINISH:  5:40:06.95 ===============[attachment=156589

 

 

:attach.txt]

 

link to first post

http://www.bleepingcomputer.com/forums/t/551240/search-and-address-bar-flashes-and-cant-type-in-them/

Attached Files



BC AdBot (Login to Remove)

 


#2 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 PM

Posted 27 October 2014 - 01:05 PM

Hello raylicker1, welcome to Bleeping Computer's Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. smile.png
 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

  • Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
  • Please do not post logs using the CODEQUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation and providing the best set of instructions for you.
  • Please backup important files before proceeding with my instructions. Malware removal can be unpredictable.  
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
  • Topics are locked if no response is made after 4 days. Please inform me if you require additional time to complete my instructions.
  • Ensure you are following this topic. Click etYzdbu.png at the top of the page. 
     

======================================================
 
Unfortunately, your computer is badly infected, and I must ensure you are aware of the following. Please read the warning below, let me know what you think and how you wish to proceed. 
 

goGMWSt.gifBACKDOOR WARNING
 
------------------------------

One or more of the identified infections is known to use a backdoor, that allows attackers to remotely control your computer, download/execute files and steal critical system, financial and personal information.

If your computer was used for online banking, has credit card information or other sensitive data, using a non-infected computer/device you should immediately change all account information (including those used for banking, Email, eBay, Paypal, online forums, etc).

Banking and credit card institutions should be notified of the possible security breach immediately. Please read the following article for more information: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

Whilst the identified infection(s) can be removed, there is no way to guarantee the trustworthiness of your computer unless you reformat your Hard Drive and reinstall your Operating System. This is due to the nature of the infection, which allows the attacker remote control over the machine. Many experts in the security community believe that once infected with this type of malware, the best course of action is to reformat/reinstall. Please read the following articles for more information.

You now have the choice between cleaning the infection(s) present or reformatting your computer. Ultimately, this decision is personal, and down to you and what you're most comfortable with. Please let me know how you wish to proceed, and if you have any questions.

Posted Image

#3 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 PM

Posted 29 October 2014 - 08:05 PM

Hello, 

 

Do you still require assistance?


Posted Image

#4 raylicker1

raylicker1
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:44 PM

Posted 29 October 2014 - 11:22 PM

I am just starting now, was gone a few days. Thanks for your help so far, i'm sure I require more.



#5 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 PM

Posted 30 October 2014 - 11:08 AM

No problem.

 

Have you read the backdoor warning? How do you wish to proceed?


Posted Image

#6 raylicker1

raylicker1
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:44 PM

Posted 30 October 2014 - 08:55 PM

So you think I should do a reinstall?? I have used it for banking and paypal. I went to that one link you have and they tried to get thru my router and couldn't or got no responce



#7 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 PM

Posted 30 October 2014 - 09:00 PM

Hello,

Pease read the warning, and the articles linked.

Due to the nature of the infection present, the recommended course of action is a reformat and reinstall.

How we proceed is up to you. Clean or reformat. You need to tell me what you wish to do.
Posted Image

#8 raylicker1

raylicker1
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:44 PM

Posted 02 November 2014 - 10:37 PM

 I did a reformat and install and started doing the same thing



#9 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 PM

Posted 02 November 2014 - 10:41 PM

How did you go about reformatting and reinstalling?

What started doing the same thing?
Posted Image

#10 raylicker1

raylicker1
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:44 PM

Posted 02 November 2014 - 10:45 PM

 I had a copy of windows 7 on another hard drive and used that and got an anti-virus from same folder. Did the format with the disk



#11 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 PM

Posted 03 November 2014 - 07:09 PM

Please answer my other question.


Posted Image

#12 raylicker1

raylicker1
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:44 PM

Posted 04 November 2014 - 03:42 AM

OK, it started to do the flashing or blinking of address and search  boxes and won't let you type in them also brings up mutable search windows.  But here is the kicker. I have a new 2 tb hard drive, never used, and had a copy of window 7 on a disk that I know is good and partition it and formatted and without being on line or opening any of my other hard drive it started to do that same thing so I shut  computer down and restarted it, but hasn't done it since. So what do you think is going on?  Thanks so much for your help so far. I can take a video of what it's doing next time it does it if there is a way to post it here.



#13 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 PM

Posted 04 November 2014 - 10:46 AM

Lets see what's going on. Please run the following programme. 

 

xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Please download Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 

Posted Image

#14 raylicker1

raylicker1
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:44 PM

Posted 04 November 2014 - 10:23 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by dens (administrator) on DENS-PC on 04-11-2014 19:05:39
Running from C:\Users\dens\Downloads
Loaded Profile: dens (Available profiles: dens)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic Professional\LiveBoost.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic Professional\ioloGovernor64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\dens\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSPanel.exe [3353472 2012-09-17] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096 2014-11-03] (RealNetworks, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-03] (AVAST Software)
HKU\S-1-5-21-2736642126-3490864007-832014749-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3111264 2012-10-03] (DT Soft Ltd)
HKU\S-1-5-21-2736642126-3490864007-832014749-1000\...\MountPoints2: {0cfe4159-63d9-11e4-ac25-806e6f6e6963} - M:\autorun.exe
HKU\S-1-5-21-2736642126-3490864007-832014749-1000\...\MountPoints2: {af7adde2-6361-11e4-9e69-806e6f6e6963} - M:\autorun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
BootExecute: autocheck autochk * 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6CE3B6BF66F8CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
FireFox:
========
FF ProfilePath: C:\Users\dens\AppData\Roaming\Mozilla\Firefox\Profiles\00iar3c2.default
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2014-11-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-03]
 
Chrome: 
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\gcswf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks™ Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\dens\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\dens\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-03]
CHR Extension: (YouTube) - C:\Users\dens\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-03]
CHR Extension: (Google Search) - C:\Users\dens\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-03]
CHR Extension: (Search in The Pirate Bay) - C:\Users\dens\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimkmcfjdhegkopmfkcocmfpnacpieea [2014-11-03]
CHR Extension: (Avast Online Security) - C:\Users\dens\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-03]
CHR Extension: (Search Kickass Torrents) - C:\Users\dens\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglelepocjjcbmphmnenipjjhlgifmi [2014-11-03]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\dens\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-11-03]
CHR Extension: (Video Converter) - C:\Users\dens\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcjjnhgakghmggnimjkldjmmpabhnhne [2014-11-04]
CHR Extension: (Google Wallet) - C:\Users\dens\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-03]
CHR Extension: (Gmail) - C:\Users\dens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-03]
CHR Extension: (YouConcert) - C:\Users\dens\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppbcnlaeackedfbfpandkmnoibbmmajk [2014-11-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-03]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2014-11-03]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-03] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-16] (NVIDIA Corporation)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4700872 2014-08-12] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-16] (NVIDIA Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-03] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-11-03] (DT Soft Ltd)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-09-18] (EldoS Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-10-16] (NVIDIA Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-08-12] (EldoS Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-04 19:05 - 2014-11-04 19:05 - 02114560 _____ (Farbar) C:\Users\dens\Downloads\FRST64 (1).exe
2014-11-04 19:05 - 2014-11-04 19:05 - 00016723 _____ () C:\Users\dens\Downloads\FRST.txt
2014-11-04 19:04 - 2014-11-04 19:05 - 00000000 ____D () C:\FRST
2014-11-04 19:03 - 2014-11-04 19:03 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-04 19:03 - 2014-11-04 19:03 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-04 19:03 - 2014-11-04 19:03 - 00000000 ____D () C:\Users\dens\AppData\Roaming\Mozilla
2014-11-04 19:03 - 2014-11-04 19:03 - 00000000 ____D () C:\Users\dens\AppData\Local\Mozilla
2014-11-04 19:03 - 2014-11-04 19:03 - 00000000 ____D () C:\ProgramData\Mozilla
2014-11-04 19:03 - 2014-11-04 19:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-04 19:03 - 2014-11-04 19:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-04 19:01 - 2014-11-04 19:01 - 02114560 _____ (Farbar) C:\Users\dens\Downloads\FRST64.exe
2014-11-04 11:55 - 2014-11-04 11:55 - 00000406 _____ () C:\Windows\system32\ioloBootDefrag.cfg
2014-11-04 11:54 - 2014-11-04 11:54 - 00003148 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-11-04 11:54 - 2014-11-04 11:54 - 00003144 _____ () C:\Windows\System32\Tasks\iolo Process Governor
2014-11-04 11:54 - 2014-11-04 11:54 - 00001481 _____ () C:\Users\dens\Desktop\LiveBoost.lnk
2014-11-04 11:54 - 2014-11-04 11:54 - 00001477 _____ () C:\Users\dens\Desktop\System Mechanic Professional.lnk
2014-11-04 11:54 - 2014-11-04 11:54 - 00000000 ____D () C:\Users\dens\AppData\Roaming\ioloGovernor
2014-11-04 11:54 - 2014-11-04 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic Professional
2014-11-04 11:54 - 2014-11-04 11:54 - 00000000 ____D () C:\ProgramData\ioloGovernor
2014-11-04 11:54 - 2014-08-12 23:57 - 00057584 _____ (iolo technologies, LLC) C:\Windows\system32\iolobtdfg.exe
2014-11-04 11:54 - 2014-08-12 23:57 - 00026184 _____ (iolo technologies, LLC) C:\Windows\system32\smrgdf.exe
2014-11-04 11:54 - 2014-08-12 23:41 - 02155152 _____ (iolo technologies, LLC) C:\Windows\system32\Incinerator64.dll
2014-11-04 11:54 - 2014-08-12 23:41 - 02097984 _____ (iolo technologies, LLC) C:\Windows\SysWOW64\Incinerator32.dll
2014-11-04 11:54 - 2014-08-12 23:35 - 00082160 _____ (Raxco Software, Inc.) C:\Windows\system32\Drivers\PDFsFilter.sys
2014-11-04 11:53 - 2014-11-04 11:53 - 00000000 ____D () C:\Program Files (x86)\iolo
2014-11-04 11:53 - 2014-08-12 23:35 - 00069000 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2014-11-04 11:53 - 2014-08-12 23:35 - 00056200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2014-11-04 11:45 - 2014-08-12 23:38 - 00032912 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rawdsk3.sys
2014-11-04 11:43 - 2013-09-18 21:12 - 00030752 _____ (EldoS Corporation) C:\Windows\system32\Drivers\ElRawDsk.sys
2014-11-04 11:40 - 2014-11-04 14:08 - 00000000 ____D () C:\ProgramData\iolo
2014-11-04 11:40 - 2014-11-04 13:09 - 00000000 ____D () C:\Users\dens\AppData\Roaming\iolo
2014-11-04 11:40 - 2014-11-04 11:40 - 00074703 _____ () C:\Windows\SysWOW64\mfc45.dat
2014-11-04 03:28 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-11-04 03:28 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-11-04 03:28 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-11-04 03:28 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-11-04 03:28 - 2014-05-14 08:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-11-04 03:28 - 2014-05-14 08:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-11-04 03:28 - 2014-05-14 08:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-11-04 03:28 - 2014-05-14 08:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-11-04 03:28 - 2014-05-14 08:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-11-04 03:28 - 2014-05-14 08:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-11-04 03:28 - 2014-05-14 08:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-11-04 03:28 - 2014-05-14 08:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-11-04 03:28 - 2014-05-14 08:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-11-04 03:28 - 2014-05-14 08:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-11-03 23:09 - 2014-11-03 23:09 - 00001347 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-11-03 23:05 - 2014-11-03 23:09 - 00000000 ____D () C:\Users\dens\AppData\Local\NVIDIA Corporation
2014-11-03 23:05 - 2014-11-03 23:09 - 00000000 ____D () C:\Users\dens\AppData\Local\NVIDIA
2014-11-03 23:05 - 2014-11-03 23:05 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-11-03 23:05 - 2014-10-16 08:54 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-11-03 23:05 - 2014-10-16 08:54 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-11-03 23:05 - 2014-10-16 08:54 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-11-03 23:05 - 2014-10-16 08:54 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-11-03 23:04 - 2014-10-16 04:27 - 00614544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-11-03 23:03 - 2014-11-03 23:03 - 00771962 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-11-03 22:59 - 2014-10-16 08:54 - 31890064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 24555840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 20968040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 20922696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 19966856 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 18499648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 17260864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 14029400 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 13942368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 13190288 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-11-03 22:59 - 2014-10-16 08:54 - 11395672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 11333848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 04289856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 04009672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 02849224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434448.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434448.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 00962376 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 00931984 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 00921928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 00895176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 00870112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 00500880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 00418112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 00392008 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 00348488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-11-03 22:59 - 2014-10-16 08:54 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-11-03 22:59 - 2014-10-16 08:54 - 00034976 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-11-03 22:59 - 2014-10-16 08:54 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-11-03 22:56 - 2014-11-03 22:57 - 306270552 _____ (NVIDIA Corporation) C:\Users\dens\Downloads\344.48-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-11-03 22:39 - 2014-11-03 22:39 - 00000000 ____D () C:\Users\dens\AppData\Roaming\AVAST Software
2014-11-03 22:35 - 2014-11-03 22:35 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-03 22:35 - 2014-11-03 22:35 - 00244032 _____ () C:\Users\dens\Downloads\Firefox Setup Stub 33.0.2.exe
2014-11-03 22:35 - 2014-11-03 22:35 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-03 22:35 - 2014-11-03 22:35 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-03 22:35 - 2014-11-03 22:35 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-03 22:35 - 2014-11-03 22:35 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-03 22:34 - 2014-11-03 22:35 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-03 22:34 - 2014-11-03 22:35 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-03 22:31 - 2014-11-03 22:31 - 00002042 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-11-03 22:31 - 2014-11-03 22:31 - 00002040 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-11-03 22:31 - 2014-11-03 22:31 - 00002030 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-11-03 22:31 - 2014-11-03 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-03 22:30 - 2014-11-03 23:06 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-03 22:30 - 2014-11-03 23:06 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-11-03 22:30 - 2014-11-03 22:35 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-11-03 22:30 - 2014-11-03 22:35 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-03 22:30 - 2014-11-03 22:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-03 22:30 - 2014-11-03 22:34 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-03 22:30 - 2014-11-03 22:34 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-11-03 22:30 - 2014-11-03 22:30 - 00000000 ____D () C:\Program Files\AVAST Software
2014-11-03 22:30 - 2012-10-30 15:50 - 00227648 _____ (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2014-11-03 20:22 - 2014-11-03 20:22 - 00000000 ____D () C:\Users\dens\AppData\Roaming\Intel Corporation
2014-11-03 20:21 - 2014-11-03 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-11-03 20:12 - 2014-11-03 20:12 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-11-03 20:11 - 2014-11-03 20:12 - 00000000 ____D () C:\Program Files (x86)\EVGA Precision X
2014-11-03 20:11 - 2014-11-03 20:11 - 00001088 _____ () C:\Users\dens\Desktop\EVGA Precision X.lnk
2014-11-03 20:11 - 2014-11-03 20:11 - 00000000 ____D () C:\Users\dens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVGA Precision X
2014-11-03 20:07 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-11-03 20:07 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-11-03 20:07 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-11-03 20:07 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-11-03 20:07 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-11-03 20:07 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-11-03 20:07 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-11-03 20:07 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-11-03 20:07 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-11-03 20:07 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-11-03 20:07 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-11-03 20:07 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-11-03 20:07 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-11-03 20:07 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-11-03 20:07 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-11-03 20:07 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-11-03 20:07 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-11-03 20:07 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-11-03 20:07 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-11-03 20:07 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-11-03 20:07 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-11-03 20:07 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-11-03 20:07 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-11-03 20:07 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-11-03 20:07 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-11-03 20:07 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-11-03 20:07 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-11-03 20:07 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-11-03 20:07 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-11-03 20:07 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-11-03 20:07 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-11-03 20:07 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-11-03 20:07 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-11-03 20:07 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-11-03 20:07 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-11-03 20:07 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-11-03 20:07 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-11-03 20:07 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-11-03 20:07 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-11-03 20:07 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-11-03 20:07 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-11-03 20:07 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-11-03 20:07 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-11-03 20:07 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-11-03 20:07 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-11-03 20:07 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-11-03 20:07 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-11-03 20:07 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-11-03 20:07 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-11-03 20:07 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-11-03 20:07 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-11-03 20:07 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-11-03 20:07 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-11-03 20:07 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-11-03 20:07 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-11-03 20:07 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-11-03 20:07 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-11-03 20:07 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-11-03 20:07 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-11-03 20:07 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-11-03 20:07 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-11-03 20:07 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-11-03 20:07 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-11-03 20:07 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-11-03 20:07 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-11-03 20:07 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-11-03 20:07 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-11-03 20:07 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-11-03 20:07 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-11-03 20:07 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-11-03 20:07 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-11-03 20:07 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-11-03 20:07 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-11-03 20:07 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-11-03 20:07 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-11-03 20:07 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-11-03 20:07 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-11-03 20:07 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-11-03 20:06 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-11-03 20:06 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-11-03 20:06 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-11-03 20:06 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-11-03 20:06 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-11-03 20:06 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-11-03 20:06 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-11-03 20:06 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-11-03 20:06 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-11-03 20:06 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-11-03 20:06 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-11-03 20:06 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-11-03 20:06 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-11-03 20:06 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-11-03 20:06 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-11-03 20:06 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-11-03 20:06 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-11-03 20:06 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-11-03 20:06 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-11-03 20:06 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-11-03 20:06 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-11-03 20:06 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-11-03 20:06 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-11-03 20:06 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-11-03 20:06 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-11-03 20:06 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-11-03 20:06 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-11-03 20:06 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-11-03 20:06 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-11-03 20:06 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-11-03 20:06 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-11-03 20:06 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-11-03 20:06 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-11-03 20:06 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-11-03 20:06 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-11-03 20:06 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-11-03 20:06 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-11-03 20:06 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-11-03 20:06 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-11-03 20:06 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-11-03 20:06 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-11-03 20:06 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-11-03 20:06 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-11-03 20:06 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-11-03 20:06 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-11-03 20:06 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-11-03 20:06 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-11-03 20:06 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-11-03 20:06 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-11-03 20:06 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-11-03 20:06 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-11-03 20:06 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-11-03 20:06 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-11-03 20:06 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-11-03 20:06 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-11-03 20:06 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-11-03 20:06 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-11-03 20:06 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-11-03 20:06 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-11-03 20:06 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-11-03 20:06 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-11-03 20:06 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-11-03 20:06 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-11-03 20:06 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-11-03 20:06 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-11-03 20:06 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-11-03 20:06 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-11-03 20:06 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-11-03 20:06 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-11-03 20:06 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-11-03 20:06 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-11-03 20:06 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-11-03 20:06 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-11-03 20:06 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-11-03 20:06 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-11-03 20:06 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-11-03 20:06 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-11-03 20:06 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-11-03 20:06 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-11-03 20:06 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-11-03 20:06 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-11-03 20:06 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-11-03 20:06 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-11-03 20:06 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-11-03 20:06 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-11-03 20:06 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-11-03 20:06 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-11-03 20:06 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-11-03 20:06 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-11-03 20:06 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-11-03 20:06 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-11-03 20:06 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-11-03 20:06 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-11-03 20:06 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-11-03 20:06 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-11-03 20:06 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-11-03 20:06 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-11-03 20:06 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-11-03 20:06 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-11-03 20:06 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-11-03 20:06 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-11-03 20:06 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-11-03 20:06 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-11-03 20:06 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-11-03 19:54 - 2014-11-04 14:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-03 19:54 - 2014-10-16 06:11 - 06883136 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-03 19:54 - 2014-10-16 06:11 - 03533632 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-03 19:54 - 2014-10-16 06:11 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-03 19:54 - 2014-10-16 06:11 - 00933064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-03 19:54 - 2014-10-16 06:11 - 00384200 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-03 19:54 - 2014-10-16 06:11 - 00061640 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-03 19:54 - 2014-10-14 16:48 - 04047877 _____ () C:\Windows\system32\nvcoproc.bin
2014-11-03 19:53 - 2014-11-03 23:09 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-11-03 19:53 - 2014-11-03 23:05 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-03 19:53 - 2014-11-03 19:53 - 00000000 ____D () C:\temp
2014-11-03 19:53 - 2014-10-16 08:54 - 00072904 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-11-03 19:53 - 2014-10-16 08:54 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-11-03 19:52 - 2014-10-16 08:54 - 16886168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-11-03 19:52 - 2014-10-16 08:54 - 03237528 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-03 19:52 - 2014-10-16 08:54 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-11-03 19:52 - 2014-10-16 08:54 - 00987008 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-11-03 19:52 - 2014-10-16 08:54 - 00027024 _____ () C:\Windows\system32\nvinfo.pb
2014-11-03 19:52 - 2012-09-06 17:17 - 02725224 _____ (NVIDIA Corporation) C:\Windows\system32\SET87DB.tmp
2014-11-03 19:52 - 2012-09-06 17:17 - 01760104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco64.dll
2014-11-03 19:52 - 2012-09-06 17:17 - 01482600 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco64.dll
2014-11-03 19:52 - 2012-09-06 17:17 - 00971624 _____ (NVIDIA Corporation) C:\Windows\system32\SET9619.tmp
2014-11-03 19:52 - 2012-07-02 23:37 - 01472360 _____ (NVIDIA Corporation) C:\Windows\system32\SETF624.tmp
2014-11-03 19:22 - 2014-11-03 23:05 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-11-03 19:21 - 2014-11-03 19:21 - 00000000 ____D () C:\NVIDIA
2014-11-03 19:19 - 2014-11-03 19:20 - 00000000 ____D () C:\ProgramData\Real
2014-11-03 19:19 - 2014-11-03 19:19 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-11-03 19:19 - 2014-11-03 19:19 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-11-03 19:19 - 2014-11-03 19:19 - 00272896 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2014-11-03 19:19 - 2014-11-03 19:19 - 00198864 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-11-03 19:19 - 2014-11-03 19:19 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2014-11-03 19:19 - 2014-11-03 19:19 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2014-11-03 19:19 - 2014-11-03 19:19 - 00001264 _____ () C:\Users\Public\Desktop\RealPlayer.lnk
2014-11-03 19:19 - 2014-11-03 19:19 - 00000000 ____D () C:\Users\dens\AppData\Roaming\Real
2014-11-03 19:19 - 2014-11-03 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2014-11-03 19:19 - 2014-11-03 19:19 - 00000000 ____D () C:\Program Files (x86)\Real
2014-11-03 19:17 - 2014-11-03 19:17 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-11-03 19:17 - 2014-11-03 19:17 - 00001932 _____ () C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
2014-11-03 19:17 - 2014-11-03 19:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro
2014-11-03 19:16 - 2014-11-03 19:18 - 00000000 ____D () C:\Users\dens\AppData\Roaming\DAEMON Tools Pro
2014-11-03 19:16 - 2014-11-03 19:17 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Pro
2014-11-03 19:16 - 2014-11-03 19:16 - 00000000 ____D () C:\ProgramData\DAEMON Tools Pro
2014-11-03 19:08 - 2014-11-03 19:08 - 00057560 _____ () C:\Users\dens\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-03 19:08 - 2014-11-03 19:08 - 00001259 _____ () C:\Users\Public\Desktop\WebStorage.lnk
2014-11-03 19:08 - 2014-11-03 19:08 - 00000000 ____D () C:\Users\dens\Documents\Asus WebStorage
2014-11-03 19:08 - 2014-11-03 19:08 - 00000000 ____D () C:\Users\dens\AppData\Roaming\ASUS WebStorage
2014-11-03 19:08 - 2014-11-03 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-11-03 19:08 - 2014-11-03 19:08 - 00000000 ____D () C:\ProgramData\ASUS WebStorage
2014-11-03 19:08 - 2014-11-03 19:08 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-11-03 19:04 - 2014-11-03 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2014-11-03 19:04 - 2011-09-15 23:12 - 00032360 ____R (Realtek Corporation) C:\Windows\system32\Drivers\RtVlan620.sys
2014-11-03 19:04 - 2011-06-15 05:11 - 00048416 ____R (Realtek Corporation) C:\Windows\system32\Drivers\RtTeam60.sys
2014-11-03 19:04 - 2011-06-15 05:11 - 00032544 ____R (Realtek ) C:\Windows\system32\Drivers\RtNdPt60.sys
2014-11-03 19:02 - 2014-11-03 19:02 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-11-03 19:01 - 2012-05-20 08:25 - 00789824 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2014-11-03 19:01 - 2012-05-20 08:25 - 00357184 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2014-11-03 19:01 - 2012-05-20 08:25 - 00019264 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2014-11-03 19:00 - 2014-11-03 19:00 - 00000000 ____D () C:\Users\dens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
2014-11-03 19:00 - 2014-11-03 19:00 - 00000000 ____D () C:\Program Files (x86)\Marvell
2014-11-03 18:59 - 2014-11-03 18:59 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-11-03 18:58 - 2012-02-01 16:16 - 00568600 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2014-11-03 18:54 - 2014-11-03 18:54 - 00000000 ____D () C:\ProgramData\Intel
2014-11-03 18:54 - 2014-11-03 18:54 - 00000000 ____D () C:\Program Files\Intel
2014-11-03 18:54 - 2012-06-25 10:42 - 00015168 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2014-11-03 18:53 - 2014-11-03 18:53 - 00000000 ____D () C:\Intel
2014-11-03 18:53 - 2012-07-02 15:16 - 00062784 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2014-11-03 18:52 - 2014-11-03 19:01 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-11-03 18:52 - 2014-11-03 18:52 - 00000000 ____D () C:\Users\dens\AppData\Roaming\InstallShield
2014-11-03 18:51 - 2014-11-03 18:52 - 00007688 _____ () C:\Windows\DPINST.LOG
2014-11-03 18:51 - 2014-11-03 18:51 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2014-11-03 18:50 - 2012-06-12 06:00 - 00726160 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-11-03 18:50 - 2012-06-12 06:00 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-11-03 18:50 - 2012-06-12 06:00 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-11-03 18:49 - 2014-11-03 18:49 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-11-03 18:49 - 2014-11-03 18:49 - 00000000 ____D () C:\Program Files\Realtek
2014-11-03 18:49 - 2012-06-12 02:10 - 04060560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-11-03 18:49 - 2012-06-10 22:44 - 00290813 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-11-03 18:49 - 2012-06-08 00:18 - 03615888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-11-03 18:49 - 2012-06-05 19:14 - 00584320 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-11-03 18:49 - 2012-06-05 18:44 - 00869520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-11-03 18:49 - 2012-06-04 19:38 - 05096448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-11-03 18:49 - 2012-05-31 17:37 - 02674320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-11-03 18:49 - 2012-05-31 02:08 - 00105616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-11-03 18:49 - 2012-05-16 19:29 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-11-03 18:49 - 2012-05-16 19:29 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-11-03 18:49 - 2012-05-16 19:29 - 00141152 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-11-03 18:49 - 2012-05-16 19:29 - 00123744 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-11-03 18:49 - 2012-05-16 19:29 - 00074592 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-11-03 18:49 - 2012-05-09 23:22 - 01262696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-11-03 18:49 - 2012-04-09 22:40 - 02533952 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-11-03 18:49 - 2012-04-03 02:42 - 01345368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-11-03 18:49 - 2012-04-03 02:42 - 01015640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-11-03 18:49 - 2012-03-07 19:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-11-03 18:49 - 2012-02-21 03:45 - 02605400 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2014-11-03 18:49 - 2012-02-16 23:54 - 00396632 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-11-03 18:49 - 2012-02-13 08:05 - 08363864 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2014-11-03 18:49 - 2012-01-29 19:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-11-03 18:49 - 2012-01-23 06:30 - 00537456 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-11-03 18:49 - 2012-01-23 06:30 - 00524656 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-11-03 18:49 - 2012-01-23 06:30 - 00449392 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-11-03 18:49 - 2012-01-09 18:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-11-03 18:49 - 2011-12-19 23:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-11-03 18:49 - 2011-12-18 01:58 - 02131288 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-11-03 18:49 - 2011-12-13 00:58 - 01560168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-11-03 18:49 - 2011-11-22 00:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-11-03 18:49 - 2011-09-01 22:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-11-03 18:49 - 2011-09-01 22:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-11-03 18:49 - 2011-09-01 22:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-11-03 18:49 - 2011-08-23 01:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-11-03 18:49 - 2011-05-30 17:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-11-03 18:49 - 2011-05-30 17:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-11-03 18:49 - 2011-05-30 17:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-11-03 18:49 - 2011-05-30 17:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-11-03 18:49 - 2011-05-30 17:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-11-03 18:49 - 2011-05-30 17:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-11-03 18:49 - 2011-05-30 17:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-11-03 18:49 - 2011-05-30 17:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-11-03 18:49 - 2011-05-30 17:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-11-03 18:49 - 2011-05-30 17:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-11-03 18:49 - 2011-05-30 17:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-11-03 18:49 - 2011-05-30 17:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-11-03 18:49 - 2011-03-16 20:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-11-03 18:49 - 2011-03-07 01:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-11-03 18:49 - 2010-11-07 15:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-11-03 18:49 - 2010-11-07 15:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-11-03 18:49 - 2010-11-07 15:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-11-03 18:49 - 2010-11-07 15:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-11-03 18:49 - 2010-11-07 15:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-11-03 18:49 - 2010-11-07 15:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-11-03 18:49 - 2010-11-03 02:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-11-03 18:49 - 2010-10-02 21:46 - 00341336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-11-03 18:49 - 2010-09-26 17:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-11-03 18:49 - 2010-07-22 00:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-11-03 18:49 - 2009-11-23 17:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-11-03 18:49 - 2009-11-23 17:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-11-03 18:49 - 2009-11-23 17:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-11-03 18:49 - 2009-11-23 17:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-11-03 18:48 - 2014-11-03 19:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-03 18:48 - 2014-11-03 19:04 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-11-03 18:48 - 2014-11-03 18:49 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-11-03 18:48 - 2012-05-25 02:06 - 01706640 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-11-03 18:48 - 2012-03-07 19:47 - 00202336 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-11-03 18:43 - 2014-11-04 18:53 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-03 18:43 - 2014-11-04 13:15 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-03 18:43 - 2014-11-03 22:54 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-03 18:43 - 2014-11-03 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-03 18:43 - 2014-11-03 22:48 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-03 18:43 - 2014-11-03 22:48 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-03 18:42 - 2014-11-03 22:31 - 00000000 ____D () C:\Users\dens\AppData\Local\Google
2014-11-03 18:42 - 2014-11-03 22:31 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-03 18:42 - 2014-11-03 18:48 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-11-03 18:41 - 2014-11-03 18:41 - 00016896 _____ (ASUS) C:\Windows\AsTaskSched.dll
2014-11-03 18:41 - 2012-10-29 19:21 - 00000000 ____D () C:\Windows\Chipset
2014-11-03 18:41 - 2011-02-24 22:25 - 00296320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-11-03 18:36 - 2014-11-03 18:36 - 00045437 _____ () C:\Windows\Ascd_tmp.ini
2014-11-03 18:36 - 2014-11-03 18:36 - 00001769 _____ () C:\Windows\Language_trs.ini
2014-11-03 06:12 - 2014-11-04 18:29 - 01148918 _____ () C:\Windows\WindowsUpdate.log
2014-11-03 06:12 - 2014-11-03 06:12 - 00001443 _____ () C:\Users\dens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-03 06:12 - 2014-11-03 06:12 - 00001409 _____ () C:\Users\dens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-11-03 06:12 - 2014-11-03 06:12 - 00000020 ___SH () C:\Users\dens\ntuser.ini
2014-11-03 06:12 - 2014-11-03 06:12 - 00000000 __SHD () C:\Recovery
2014-11-03 06:12 - 2014-11-03 06:12 - 00000000 ____D () C:\Users\dens\AppData\Local\VirtualStore
2014-11-03 06:12 - 2014-11-03 06:12 - 00000000 ____D () C:\Users\dens
2014-11-03 06:12 - 2009-07-13 20:54 - 00000000 ___RD () C:\Users\dens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-03 06:12 - 2009-07-13 20:49 - 00000000 ___RD () C:\Users\dens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-03 06:03 - 2014-11-03 06:03 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-11-03 06:03 - 2014-11-03 06:03 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-11-03 06:02 - 2014-11-03 06:02 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-11-03 06:01 - 2014-11-03 06:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-11-03 05:59 - 2014-11-03 06:12 - 00000000 ____D () C:\Windows\Panther
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-04 14:08 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-11-04 13:21 - 2009-07-13 21:13 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-04 13:17 - 2009-07-13 20:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-04 13:17 - 2009-07-13 20:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-04 13:15 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-04 13:15 - 2009-07-13 20:51 - 00025234 _____ () C:\Windows\setupact.log
2014-11-04 12:00 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-11-03 22:38 - 2010-11-20 19:47 - 00176698 _____ () C:\Windows\PFRO.log
2014-11-03 19:54 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Help
2014-11-03 18:54 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-03 18:41 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\system32\restore
2014-11-03 10:28 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-03 06:12 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-11-03 06:04 - 2009-07-13 20:45 - 00274320 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-03 06:03 - 2009-07-13 21:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-03 06:03 - 2009-07-13 19:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-03 06:02 - 2009-07-13 20:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-11-03 06:02 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-11-03 06:00 - 2011-04-12 00:28 - 00000000 ____D () C:\Windows\CSC
2014-11-03 05:59 - 2009-07-13 21:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-11-03 05:59 - 2009-07-13 21:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-10-28 05:34 - 2010-11-20 19:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-03 06:35
 
==================== End Of Log ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014
Ran by dens at 2014-11-04 19:06:43
Running from C:\Users\dens\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.11.125 - ASUS Cloud Corporation)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2206 - AVAST Software)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.1.0.0336 - DT Soft Ltd)
EVGA Precision X 3.0.3 (HKLM-x32\...\PrecisionX) (Version: 3.0.3 - EVGA Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iolo technologies' System Mechanic Professional (HKLM-x32\...\{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1) (Version: 14.0.1 - iolo technologies, LLC)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1014 - Marvell)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 en-US)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
NVIDIA 3D Vision Controller Driver 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.48 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.48 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.5 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
27-12-2012 06:36:45 Windows Backup
02-11-2014 11:23:33 Device Driver Package Install: NVIDIA Display adapters
02-11-2014 11:23:34 Installed AVG 2012
02-11-2014 11:24:13 Device Driver Package Install: NVIDIA Universal Serial Bus controllers
02-11-2014 11:46:24 Windows Update
02-11-2014 11:47:38 Installed Realtek Ethernet Controller Driver
02-11-2014 11:48:37 Windows Update
02-11-2014 11:49:28 Installed Asmedia ASM104x USB 3.0 Host Controller Driver.
02-11-2014 16:52:37 Windows Update
02-11-2014 22:13:18 Windows Update
04-11-2014 06:34:19 avast! antivirus system restore point
04-11-2014 06:59:39 Windows Update
04-11-2014 07:05:26 Installed DirectX
04-11-2014 11:27:31 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {1AD1449E-B1EE-434A-994B-8F6ECD2F70C2} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic Professional\iologovernor64.exe [2014-08-13] (iolo technologies, LLC)
Task: {93D657B3-C562-41AD-BEA6-63F0A190FFFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-03] (Google Inc.)
Task: {9569CC34-0A07-4056-8FBC-7FFFB56A9DCA} - System32\Tasks\ASUS\i-Setup184825 => C:\Windows\Chipset\AsusSetup.exe [2010-09-07] (ASUSTeK Computer Inc.)
Task: {A2A7AA1A-3E65-4A08-9A2B-B07C56347873} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-03] (AVAST Software)
Task: {E3A63E23-3862-431D-A088-DFBB61ABBC9E} - System32\Tasks\ASUS\i-Setup184118 => C:\Windows\Chipset\AsusSetup.exe [2010-09-07] (ASUSTeK Computer Inc.)
Task: {FA640D7A-2866-4B57-A9DB-D2A913DAA229} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-03] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-11-03 19:54 - 2014-10-16 06:11 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-04 02:59 - 2014-11-04 02:59 - 02899456 _____ () C:\Program Files\AVAST Software\Avast\defs\14110400\algo.dll
2014-11-04 13:16 - 2014-11-04 13:16 - 02899456 _____ () C:\Program Files\AVAST Software\Avast\defs\14110401\algo.dll
2014-11-03 22:35 - 2014-11-03 22:35 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-03 18:59 - 2014-11-03 18:59 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b6584c7e1f3d6d28c1a2b189a5d8831f\IsdiInterop.ni.dll
2014-11-03 18:59 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-11-03 18:54 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-11-03 22:54 - 2014-10-21 20:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-11-03 22:54 - 2014-10-21 20:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-11-03 22:54 - 2014-10-21 20:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-11-03 22:54 - 2014-10-21 20:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-11-03 22:54 - 2014-10-21 20:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
2014-11-04 19:03 - 2014-10-27 18:01 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-2736642126-3490864007-832014749-500 - Administrator - Disabled)
dens (S-1-5-21-2736642126-3490864007-832014749-1000 - Administrator - Enabled) => C:\Users\dens
Guest (S-1-5-21-2736642126-3490864007-832014749-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/04/2014 01:15:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/04/2014 11:42:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program autorun.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 15a4
 
Start Time: 01cff8673aa23d42
 
Termination Time: 16629
 
Application Path: M:\autorun.exe
 
Report Id: 85352012-645a-11e4-b018-3085a99d04a9
 
Error: (11/04/2014 00:29:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E.crt> with error: The specified server cannot perform the requested operation.
.
 
Error: (11/04/2014 00:29:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E.crt> with error: This operation returned because the timeout period expired.
.
 
Error: (11/03/2014 11:17:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (11/03/2014 11:17:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (11/03/2014 11:17:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (11/03/2014 11:17:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (11/03/2014 11:17:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (11/03/2014 11:04:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
 
System errors:
=============
Error: (11/03/2014 10:37:33 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (11/03/2014 08:19:38 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Group Policy Client service did not shut down properly after receiving a preshutdown control.
 
 
Microsoft Office Sessions:
=========================
Error: (11/04/2014 01:15:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/04/2014 11:42:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: autorun.exe0.0.0.015a401cff8673aa23d4216629M:\autorun.exe85352012-645a-11e4-b018-3085a99d04a9
 
Error: (11/04/2014 00:29:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
 
Error: (11/04/2014 00:29:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
 
Error: (11/03/2014 11:17:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/03/2014 11:17:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/03/2014 11:17:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/03/2014 11:17:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/03/2014 11:17:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/03/2014 11:04:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 31%
Total physical RAM: 8145.96 MB
Available physical RAM: 5572.98 MB
Total Pagefile: 16290.11 MB
Available Pagefile: 13165.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:488.28 GB) (Free:447.02 GB) NTFS
Drive d: () (Fixed) (Total:552.9 GB) (Free:449.75 GB) NTFS
Drive e: () (Fixed) (Total:701.84 GB) (Free:701.38 GB) NTFS
Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (All Data) (Fixed) (Total:936.01 GB) (Free:220.1 GB) NTFS
Drive h: (data 2) (Fixed) (Total:1161.17 GB) (Free:906.77 GB) NTFS
Drive i: () (Fixed) (Total:1561.62 GB) (Free:1021.42 GB) NTFS
Drive j: () (Fixed) (Total:374.1 GB) (Free:144.13 GB) NTFS
Drive k: () (Fixed) (Total:301.3 GB) (Free:286.09 GB) NTFS
Drive l: () (Fixed) (Total:119.14 GB) (Free:84.88 GB) NTFS
Drive n: () (Removable) (Total:29.82 GB) (Free:29.73 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 54AED7E3)
Partition 1: (Not Active) - (Size=936 GB) - (Type=OF Extended)
Partition 2: (Not Active) - (Size=552.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=374.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 9F181ABE)
Partition 1: (Not Active) - (Size=701.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1161.2 GB) - (Type=OF Extended)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 832C1C4A)
Partition 1: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 000A454C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=301.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1561.6 GB) - (Type=OF Extended)
 
========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 13954E68)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 5 (MBR Code: Windows 7 or 8) (Size: 29.8 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#15 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 PM

Posted 04 November 2014 - 11:12 PM

Your logs are clean. 
 
Please consider the following warnings. 
 

goGMWSt.gifP2P WARNING

------------------------------

I see you have peer-to-peer (P2P) file sharing software installed on your computer (Search in The Pirate Bay & Search Kickass Torrents). I advise you avoid P2P file sharing programmes; they are a security risk which can make your computer susceptible to malware. File sharing networks are thoroughly infected and infested with malware - wormsbackdoor TrojansIRCBots, and rootkits propagate via P2P file sharing networks, gaming, and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans, and spyware. The best way to reduce the risk of infection is to avoid these types of web sites and not use P2P applications. Please read the following articles for more information.

Your P2P software can be removed by following the instructions below.
  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for the aforementioned programmes, right-click and click Uninstall.
If you choose not to, please refrain from using the programme(s) during this process.

goGMWSt.gifRegistry Cleaner Warning
 
------------------------------
 
I see you have registry cleaner software (iolo technologies' System Mechanic Professional) installed on your computer. Registry cleaners and optimization tools that claim to speed up your computer should be avoided, and are potentially dangerous. By running a registry cleaner you risk rendering your machine unbootableThere is no statistical evidence to back claims that cleaning the registry will improve performance. Advertisements to do so are borderline scams intended to goad users into using an unnecessary and potential dangerous product.

  • Some registry cleaners employ aggressive cleaning routines that may cause substantial damage to your system, and could render your machine unbootable.
  • Not all registry cleaners backup the registry. When modifying the registry, one should always create a backup.
  • The usefulness of cleaning one's registry is disputable; there is no statistical evidence to support the claim that cleaning the registry will improve system performance. 
Please refer to the following article on why you should not use registry cleaner software. I suggest reading why Microsoft does not support the use of registry cleaners as well.

 
We can run a few more scans, but I doubt they will flag anything. Issues you believe to be experiencing now are unlikely related to malware. 
 
STEP 1
YjhLJro.png DeFogger (Disable)

  • Please download DeFogger and save the file to your Desktop.
  • Right-Click DeFogger.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Disable, followed by Yes.
  • Upon completion, you will see a Finished! message. Click OK to exit the programme. 
  • If CD Emulation programmes are present and have been disabled, DeFogger will now ask you to reboot your machine. Please allow it to do so by clicking OK.
     

STEP 2
2NquDoJ.png RKill

  • Please download RKill and save the file to your Desktop.
  • Right-Click RKill.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • Important: Please do NOT reboot your computer until you have carried out the steps below.
  • A log (C:\rkill.log) will open once the scan has completed. Copy the contents of the log and paste in your next reply.
     

STEP 3
YARWD1t.png TDSSKiller Scan

  • Please download TDSSKiller and save the file to your Desktop.
  • Right-Click TDSSKiller.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Change parameters. Place a checkmark next to:
    • Loaded Modules
    • Detect TDLFS file system
    • Verify file digital signatures
  • Note: If you receive the following message: Extended Monitoring Driver is required, click Reboot now, and continue from here following the reboot.
  • ​Click Start Scan. Do not use the computer during the scan.
  • If objects are found, change the action to skip.
  • Click Continue and close the window.
  • A log will be created and saved to the root directory (usually C:\). Attach the log in your next reply.
     

STEP 4
aA7bkRO.png aswMBR

  • Please download aswMBR and save the file to your Desktop
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click aswMBR.exe and select xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg Run as administrator to run the programme.
  • Click Yes when prompted to download avast! virus definitions. Wait until AVAST engine defs: ### appears. 
  • If you are prompted to enable the use of "Virtualization Technology", click Yes.
  • Click the AV Scan: drop down box and click C:\.
  • Click Scan
  • Upon completion, you will see Scan finished successfully. Click Save log. Save the log to your Desktop. 
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.

Note: Do NOT click Fix or FixMBR.
Note: A file (MBR.dat) will be created on your Desktop. Do NOT click or delete it.
 
 
STEP 5
GfiJrQ9.png Malwarebytes Anti-Malware (MBAM)

  • Please download the Malwarebytes Anti-Malware setup file to your Desktop.
  • Open mbam-setup.x.x.xxxx.exe (x represents the version #) and follow the prompts to install the programme. 
  • Open Malwarebytes Anti-Malware and click Update Now.
  • Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.
  • Click the Scan tab, ensure Threat Scan is checked and click Scan Now.
  • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. 
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • Click Copy to Clipboard and paste the log in your next reply. 
     

STEP 6
GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme. 
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Hide advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points. 
  • Click esetExport.png and save the file to your Desktop, naming it something such as "MyEsetScan".
  • Push the Back button.
  • Place a checkmark next to xKN1w2nv.png.pagespeed.ic.JWqIaEgZi7.png and click SzOC1p0.png.pagespeed.ce.OWDP45O6oG.png.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 7
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • rkill.log
  • TDSSKiller log (attached!)
  • aswMBR log
  • MBAM Scan log
  • ESET Online Scan log

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users