Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

unisales 2.0


  • This topic is locked This topic is locked
19 replies to this topic

#1 barefeat

barefeat

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:30 PM

Posted 22 January 2015 - 01:45 PM

Greetings

 

 

Was asked to post combofix log .   I have the uNisales 2.0  malware

 

 

 

 

ComboFix 15-01-18.01 - Mustard-Tiger 01/21/2015  15:45:35.1.2 - x86
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.1.1033.18.1989.1195 [GMT -8:00]
Running from: i:\users\Mustard-Tiger\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
i:\programdata\18277273340906737070
i:\programdata\18277273340906737070\cd5b15e575e1c3d01e7fe8747e3e8129.ini
i:\users\Mustard-Tiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Android Control.exe.lnk
i:\users\Mustard-Tiger\AppData\Roaming\Mozilla\Firefox\Profiles\5f1b60zv.default\extensions\staged\zQVnyA@Y.net
i:\users\Mustard-Tiger\AppData\Roaming\Mozilla\Firefox\Profiles\5f1b60zv.default\extensions\staged\zQVnyA@Y.net\bootstrap.js
i:\users\Mustard-Tiger\AppData\Roaming\Mozilla\Firefox\Profiles\5f1b60zv.default\extensions\staged\zQVnyA@Y.net\chrome.manifest
i:\users\Mustard-Tiger\AppData\Roaming\Mozilla\Firefox\Profiles\5f1b60zv.default\extensions\staged\zQVnyA@Y.net\content\bg.js
i:\users\Mustard-Tiger\AppData\Roaming\Mozilla\Firefox\Profiles\5f1b60zv.default\extensions\staged\zQVnyA@Y.net\install.rdf
i:\windows\system32\drivers\npf.sys
i:\windows\system32\Packet.dll
i:\windows\system32\pthreadVC.dll
i:\windows\system32\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
(((((((((((((((((((((((((   Files Created from 2014-12-22 to 2015-01-22  )))))))))))))))))))))))))))))))
.
.
2015-01-21 21:34 . 2015-01-21 22:01 -------- d-----w- i:\programdata\Spybot - Search & Destroy
2015-01-21 21:34 . 2015-01-21 21:38 -------- d-----w- i:\program files\Spybot - Search & Destroy
2015-01-20 18:35 . 2014-10-13 05:57 89856 ----a-w- i:\windows\system32\drivers\ssudbus.sys
2015-01-20 18:35 . 2014-10-13 05:57 184192 ----a-w- i:\windows\system32\drivers\ssudmdm.sys
2015-01-20 17:46 . 2014-05-08 01:42 144664 ----a-w- i:\windows\system32\secman.dll
2015-01-20 17:37 . 2015-01-20 17:37 -------- d-----w- i:\programdata\dpddlocaabohcolmdipnombeecoaaene
2015-01-20 17:36 . 2015-01-20 17:53 -------- d-----w- i:\programdata\{e28ad432-5821-e223-e28a-ad43258250c9}
2015-01-19 16:35 . 2015-01-19 16:35 -------- d-----w- i:\program files\OpenOffice 4
2015-01-18 14:11 . 2015-01-18 14:11 62576 ----a-w- i:\programdata\Microsoft\Windows Defender\Definition Updates\{76BFEC37-E6D8-4758-84C9-128F082CB3AD}\offreg.dll
2015-01-17 23:19 . 2015-01-17 23:19 22328 ----a-w- i:\windows\system32\drivers\PnkBstrK.sys
2015-01-17 23:19 . 2015-01-17 23:19 107832 ----a-w- i:\windows\system32\PnkBstrB.exe
2015-01-17 23:19 . 2015-01-17 23:19 682280 ----a-w- i:\windows\system32\pbsvc.exe
2015-01-17 23:19 . 2015-01-17 23:19 66872 ----a-w- i:\windows\system32\PnkBstrA.exe
2015-01-17 23:17 . 2015-01-17 23:17 -------- d-----w- i:\program files\Activision
2015-01-13 16:22 . 2011-12-27 05:37 73712 ----a-w- i:\windows\system32\drivers\CLVirtualDrive.sys
2015-01-13 16:22 . 2015-01-13 16:22 -------- d-----w- i:\program files\Common Files\CyberLink
2015-01-13 16:19 . 2015-01-13 16:26 -------- d-----w- i:\programdata\install_clap
2015-01-13 16:19 . 2015-01-13 16:27 -------- d-----w- i:\program files\CyberLink
2015-01-13 16:18 . 2015-01-13 16:19 -------- d-----w- i:\programdata\CLSK
2015-01-13 16:18 . 2015-01-17 22:57 -------- d-----w- i:\programdata\CyberLink
2015-01-09 00:09 . 2015-01-09 00:09 -------- d-----w- i:\windows\system32\Macromed
2015-01-08 23:55 . 2015-01-08 23:55 -------- d-----w- i:\program files\EA GAMES
2015-01-08 14:31 . 2015-01-08 14:55 -------- d-----w- i:\programdata\regid.1986-12.com.adobe
2015-01-06 01:00 . 2015-01-21 20:40 -------- d-----w- i:\program files\Common Files\Adobe
2015-01-05 23:04 . 2010-05-26 19:41 470880 ----a-w- i:\windows\system32\d3dx10_43.dll
2015-01-05 23:04 . 2010-05-26 19:41 248672 ----a-w- i:\windows\system32\d3dx11_43.dll
2015-01-05 23:04 . 2010-05-26 19:41 1998168 ----a-w- i:\windows\system32\D3DX9_43.dll
2015-01-05 23:03 . 2014-12-13 00:11 1291464 ----a-w- i:\windows\system32\nvspbridge.dll
2015-01-05 23:03 . 2014-12-13 00:11 2210040 ----a-w- i:\windows\system32\nvspcap.dll
2015-01-05 23:02 . 2015-01-22 00:05 -------- d-----w- i:\programdata\NVIDIA
2015-01-05 23:02 . 2014-12-13 07:03 620176 ----a-w- i:\windows\system32\nvStreaming.exe
2015-01-05 23:02 . 2014-12-13 07:30 4403016 ----a-w- i:\windows\system32\nvcpl.dll
2015-01-05 23:02 . 2014-12-13 07:30 3056784 ----a-w- i:\windows\system32\nvsvc.dll
2015-01-05 23:02 . 2014-12-13 07:30 669840 ----a-w- i:\windows\system32\nvvsvc.exe
2015-01-05 23:02 . 2014-12-13 07:30 62784 ----a-w- i:\windows\system32\nvshext.dll
2015-01-05 23:02 . 2014-12-13 07:30 375112 ----a-w- i:\windows\system32\nvmctray.dll
2015-01-05 23:02 . 2014-12-13 07:30 2554000 ----a-w- i:\windows\system32\nvsvcr.dll
2015-01-05 23:02 . 2014-12-11 12:49 4151176 ----a-w- i:\windows\system32\nvcoproc.bin
2015-01-05 23:02 . 2014-12-13 10:02 60560 ----a-w- i:\windows\system32\OpenCL.dll
2015-01-05 23:02 . 2015-01-05 23:06 -------- d-----w- i:\programdata\NVIDIA Corporation
2015-01-05 23:00 . 2015-01-05 23:04 -------- d-----w- i:\program files\NVIDIA Corporation
2015-01-05 23:00 . 2015-01-05 23:00 -------- d-----w- I:\NVIDIA
2015-01-05 18:17 . 2014-11-26 16:40 260208 -c----w- i:\programdata\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_WinD_59ef5ccc232e906f183040f412c6f6524916529c_cab_03f1e055\crashreporter.exe
2015-01-05 04:34 . 2015-01-05 04:34 -------- d-----w- i:\program files\Mozilla Maintenance Service
2015-01-05 04:21 . 2015-01-05 04:21 -------- d-----w- i:\program files\Common Files\DivX Shared
2015-01-05 04:20 . 2013-11-01 19:44 276992 -c----w- i:\programdata\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_WinD_ecbff464c277dc611d7b363966c265d5fac4a11_cab_139663e1\Fuel.Service.exe
2015-01-05 04:19 . 2014-12-15 12:13 9054624 ----a-w- i:\programdata\Microsoft\Windows Defender\Definition Updates\{76BFEC37-E6D8-4758-84C9-128F082CB3AD}\mpengine.dll
2015-01-05 04:19 . 2014-11-24 22:04 229000 ------w- i:\windows\system32\MpSigStub.exe
2015-01-05 04:05 . 2015-01-05 04:21 -------- d-----w- i:\program files\DivX
2015-01-05 04:04 . 2015-01-12 19:39 -------- d-----w- i:\programdata\DivX
2015-01-05 04:03 . 2015-01-10 16:16 -------- d-----w- i:\program files\Google
2015-01-05 04:01 . 2015-01-05 04:01 -------- d-----w- i:\windows\system32\RTCOM
2015-01-05 03:54 . 2015-01-05 03:54 -------- d-----w- i:\programdata\AMD
2015-01-05 03:54 . 2012-08-28 12:27 45736 ----a-r- i:\windows\system32\drivers\usbfilter.sys
2015-01-05 03:54 . 2015-01-13 16:22 -------- dc----w- i:\windows\system32\DRVSTORE
2015-01-05 03:54 . 2013-05-27 19:09 178496 ----a-w- i:\windows\system32\drivers\amdxhc.sys
2015-01-05 03:54 . 2013-05-27 19:09 85312 ----a-w- i:\windows\system32\drivers\amdhub30.sys
2015-01-05 03:53 . 2015-01-14 08:15 -------- d-----w- i:\programdata\Package Cache
2015-01-05 03:51 . 2015-01-05 03:51 -------- d-----w- i:\program files\Microsoft.NET
2015-01-05 03:50 . 2009-11-25 19:47 99176 ----a-w- i:\windows\system32\PresentationHostProxy.dll
2015-01-05 03:50 . 2009-11-25 19:47 49472 ----a-w- i:\windows\system32\netfxperf.dll
2015-01-05 03:50 . 2009-11-25 19:47 297808 ----a-w- i:\windows\system32\mscoree.dll
2015-01-05 03:50 . 2009-11-25 19:47 295264 ----a-w- i:\windows\system32\PresentationHost.exe
2015-01-05 03:50 . 2009-11-25 19:47 1130824 ----a-w- i:\windows\system32\dfshim.dll
2015-01-05 03:50 . 2015-01-05 03:50 -------- d-----w- I:\MSI
2015-01-05 03:42 . 2009-11-06 16:37 699896 ----a-w- i:\windows\system32\drivers\bcmwlhigh6.sys
2015-01-05 03:42 . 2009-11-06 16:31 91376 ----a-w- i:\windows\system32\bcmwlcoi.dll
2015-01-05 03:42 . 2009-11-06 16:31 3551232 ----a-w- i:\windows\system32\bcmihvui.dll
2015-01-05 03:42 . 2009-11-06 16:31 3862528 ----a-w- i:\windows\system32\bcmihvsrv.dll
2015-01-05 03:42 . 2009-11-06 16:31 1176312 ----a-w- i:\windows\system32\WdfCoInstaller01009.dll
2015-01-05 03:42 . 2007-01-20 02:20 21728 ----a-w- i:\windows\system32\drivers\SCMNdisP.sys
2015-01-05 03:42 . 2015-01-20 17:46 -------- d--h--w- i:\program files\InstallShield Installation Information
2015-01-05 03:42 . 2015-01-05 03:42 -------- d-----w- i:\program files\NETGEAR
2015-01-05 03:19 . 2015-01-20 17:46 -------- d-----w- i:\program files\SAMSUNG
2015-01-05 03:19 . 2015-01-05 03:19 -------- d-----w- i:\programdata\Samsung
2015-01-05 03:18 . 2015-01-22 00:06 -------- d-sh--w- i:\windows\Installer
2015-01-05 03:18 . 2015-01-05 03:18 -------- d-----w- i:\program files\ATI
2015-01-05 03:18 . 2015-01-05 03:54 -------- d-----w- i:\program files\ATI Technologies
2015-01-05 03:16 . 2015-01-21 16:51 -------- d-----w- i:\windows\system32\wbem\Performance
2015-01-05 03:13 . 2015-01-20 17:56 -------- d-----w- i:\users\Mustard-Tiger
2015-01-05 03:12 . 2015-01-05 03:12 -------- d-----w- I:\Recovery
2015-01-05 02:50 . 2015-01-05 03:12 -------- d-----w- i:\windows\Panther
2015-01-04 19:05 . 2015-01-04 19:05 -------- d-----w- I:\4c8bfeb9d866cc049fed2c6807
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-06 05:42 . 2014-11-06 05:42 341848 ----a-w- i:\windows\system32\DivXControlPanelApplet.cpl
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-12-19 23:57 1059488 ----a-w- i:\program files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-12-19 23:57 1059488 ----a-w- i:\program files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-12-19 23:57 1059488 ----a-w- i:\program files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="i:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-06 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="i:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" [2013-11-01 747264]
"NUSB3MON"="i:\program files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe" [2012-04-11 97280]
"RTHDVCPL"="i:\program files\Realtek\Audio\HDA\RtkNGUI.exe" [2013-12-06 6635224]
"DivXMediaServer"="i:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2014-11-17 448856]
"DivXUpdate"="i:\program files\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
"NvBackend"="i:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
"ShadowPlay"="i:\windows\system32\nvspcap.dll" [2014-12-13 2210040]
"AdobeAAMUpdater-1.0"="i:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-10-14 557768]
"Adobe Creative Cloud"="i:\program files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2015-01-08 2694320]
"CLMLServer_For_P2G8"="i:\program files\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2012-06-08 111120]
"CLVirtualDrive"="i:\program files\CyberLink\Power2Go8\VirtualDrive.exe" [2012-06-22 490096]
.
i:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WNA3100 Smart Wizard.lnk - i:\program files\NETGEAR\WNA3100\WNA3100.exe [2015-1-4 4577760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 WSWNA3100;WSWNA3100;i:\program files\NETGEAR\WNA3100\WifiSvc.exe [2010-08-27 285152]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);i:\windows\system32\DRIVERS\ssudbus.sys [2014-10-13 89856]
R3 MSICDSetup;MSICDSetup;D:\CDriver.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;D:\NTIOLib.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);i:\windows\system32\DRIVERS\ssudmdm.sys [2014-10-13 184192]
S0 SCMNdisP;General NDIS Protocol Driver;i:\windows\system32\DRIVERS\scmndisp.sys [2007-01-20 21728]
S1 CLVirtualDrive;CLVirtualDrive;i:\windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 73712]
S2 AMD FUEL Service;AMD FUEL Service;i:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-11-01 276992]
S2 AODDriver4.2.0;AODDriver4.2.0;i:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2013-09-20 50432]
S2 GfExperienceService;NVIDIA GeForce Experience Service;i:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-12-13 915600]
S2 NvNetworkService;NVIDIA Network Service;i:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-12-13 1701520]
S2 NvStreamSvc;NVIDIA Streamer Service;i:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-12-13 18186896]
S2 SBSDWSCService;SBSD Security Center Service;i:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;i:\program files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;i:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-12-13 410768]
S3 amdhub30;AMD USB 3.0 Hub Driver;i:\windows\system32\DRIVERS\amdhub30.sys [2013-05-27 85312]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;i:\windows\system32\DRIVERS\amdxhc.sys [2013-05-27 178496]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;i:\windows\system32\DRIVERS\bcmwlhigh6.sys [2009-11-06 699896]
S3 NvStreamKms;NvStreamKms;i:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-12-13 18576]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);i:\windows\system32\drivers\nvvad32v.sys [2014-11-22 32912]
S3 usbfilter;AMD USB Filter Driver;i:\windows\system32\DRIVERS\usbfilter.sys [2012-08-28 45736]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-16 14:08 1087816 ----a-w- i:\program files\Google\Chrome\Application\39.0.2171.99\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-01-22 i:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- i:\program files\Google\Update\GoogleUpdate.exe [2015-01-05 04:03]
.
2015-01-22 i:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- i:\program files\Google\Update\GoogleUpdate.exe [2015-01-05 04:03]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - i:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - i:\users\Mustard-Tiger\AppData\Roaming\Mozilla\Firefox\Profiles\5f1b60zv.default\
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-Power2GoExpress8 - (no file)
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CLVirtualDrive]
"ImagePath"="system32\DRIVERS\CLVirtualDrive.sys"
"ImagePath:"="i:\users\Mustard-Tiger\Documents\COD.WaW.iso"
"ImagePath"="system32\DRIVERS\CLVirtualDrive.sys"
"ImagePath:"="i:\users\Mustard-Tiger\Documents\COD.WaW.iso"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
i:\windows\system32\nvvsvc.exe
i:\program files\NVIDIA Corporation\Display\nvxdsync.exe
i:\windows\system32\nvvsvc.exe
i:\windows\system32\WLANExt.exe
i:\windows\system32\conhost.exe
i:\windows\system32\PnkBstrA.exe
i:\windows\system32\PnkBstrB.exe
i:\program files\CyberLink\Shared files\RichVideo.exe
i:\windows\system32\conhost.exe
i:\windows\system32\conhost.exe
i:\windows\system32\taskhost.exe
i:\windows\system32\conhost.exe
i:\program files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
i:\program files\NVIDIA Corporation\Display\nvtray.exe
i:\program files\Windows Media Player\wmpnetwk.exe
i:\program files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
i:\windows\system32\msiexec.exe
i:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
i:\program files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
i:\program files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
i:\program files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
.
**************************************************************************
.
Completion time: 2015-01-21  16:13:48 - machine was rebooted
ComboFix-quarantined-files.txt  2015-01-22 00:13
ComboFix2.txt  2011-08-03 14:57
.
Pre-Run: 91,932,155,904 bytes free
Post-Run: 91,719,106,560 bytes free
.
- - End Of File - - 428967D2AE6701D7B561843B2F7EF6BA
A36C5E4F47E84449FF07ED3517B43A31
 


BC AdBot (Login to Remove)

 


m

#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:30 AM

Posted 23 January 2015 - 05:38 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 barefeat

barefeat
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:30 PM

Posted 24 January 2015 - 10:34 AM

Thanks here are the scan results.

 

 

 

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2015 01
Ran by Mustard-Tiger (administrator) on MUSTARDTIGER on 24-01-2015 07:29:21
Running from I:\Users\Mustard-Tiger\Downloads
Loaded Profiles: Mustard-Tiger (Available profiles: Mustard-Tiger)
Platform: Microsoft Windows 7 Ultimate  (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) I:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) I:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) I:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) I:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() I:\Windows\System32\PnkBstrA.exe
() I:\Windows\System32\PnkBstrB.exe
() I:\Program Files\CyberLink\Shared files\RichVideo.exe
(Safer Networking Ltd.) I:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Advanced Micro Devices, Inc.) I:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(Realtek Semiconductor) I:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
() I:\Program Files\DivX\DivX Update\DivXUpdate.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Adobe Systems Incorporated) I:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(CyberLink) I:\Program Files\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Safer-Networking Ltd.) I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
() I:\Program Files\NETGEAR\WNA3100\WNA3100.exe
(Piriform Ltd) I:\Program Files\CCleaner\CCleaner.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Adobe Systems Incorporated) I:\Program Files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() I:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) I:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) I:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) I:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) I:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [StartCCC] => I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [747264 2013-11-01] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [NUSB3MON] => I:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => I:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6635224 2013-12-05] (Realtek Semiconductor)
HKLM\...\Run: [DivXMediaServer] => I:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => I:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-09] ()
HKLM\...\Run: [NvBackend] => I:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => I:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Creative Cloud] => I:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [CLMLServer_For_P2G8] => I:\Program Files\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM\...\Run: [CLVirtualDrive] => I:\Program Files\CyberLink\Power2Go8\VirtualDrive.exe [490096 2012-06-22] (CyberLink Corp.)
HKU\S-1-5-21-1694861330-368982402-2994625498-1000\...\Run: [SpybotSD TeaTimer] => I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1694861330-368982402-2994625498-1000\...\Run: [CCleaner Monitoring] => I:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
Startup: I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk
ShortcutTarget: NETGEAR WNA3100 Smart Wizard.lnk -> I:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => I:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => I:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => I:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1694861330-368982402-2994625498-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1694861330-368982402-2994625498-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1694861330-368982402-2994625498-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1694861330-368982402-2994625498-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> I:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: I:\Users\Mustard-Tiger\AppData\Roaming\Mozilla\Firefox\Profiles\5f1b60zv.default
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> I:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> I:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> I:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @nvidia.com/3DVision -> I:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> I:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> I:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> I:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> I:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> I:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Gojee Food) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajebcmdcgoggdncokkbdifohckmfpgnb [2015-01-05]
CHR Extension: (Angry Birds) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-01-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-05]
CHR Extension: (YouTube) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-05]
CHR Extension: (eBay) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2015-01-05]
CHR Extension: (Facebook) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-01-05]
CHR Extension: (Google News) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2015-01-05]
CHR Extension: (Google+) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2015-01-05]
CHR Extension: (Timer) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd [2015-01-05]
CHR Extension: (AdBlock) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-05]
CHR Extension: (NPR Infinite Player) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpcelemhneoooapbbopolpjhmbfmnbf [2015-01-05]
CHR Extension: (Crackle) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2015-01-05]
CHR Extension: (HuffingtonPost NewsGlide) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjialelnkjdomiblmnpcpjongleegef [2015-01-05]
CHR Extension: (Google Wallet) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-05]
CHR Extension: (Psykopaint) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-01-05]
CHR Extension: (uNisales) - I:\ProgramData\dpddlocaabohcolmdipnombeecoaaene\ [2015-01-05]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; I:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2013-11-01] (Advanced Micro Devices, Inc.) [File not signed]
R2 GfExperienceService; I:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2014-12-12] (NVIDIA Corporation)
R2 NvNetworkService; I:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; I:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18186896 2014-12-12] (NVIDIA Corporation)
R2 PnkBstrA; I:\Windows\system32\PnkBstrA.exe [66872 2015-01-17] ()
R2 PnkBstrB; I:\Windows\system32\PnkBstrB.exe [107832 2015-01-17] ()
R2 RichVideo; I:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2010-08-18] ()
R2 SBSDWSCService; I:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 WinDefend; I:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
S2 WSWNA3100; I:\Program Files\NETGEAR\WNA3100\WifiSvc.exe [285152 2010-08-26] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 amdhub30; I:\Windows\System32\DRIVERS\amdhub30.sys [85312 2013-05-27] (Advanced Micro Devices, INC.)
R3 amdxhc; I:\Windows\System32\DRIVERS\amdxhc.sys [178496 2013-05-27] (Advanced Micro Devices, INC.)
R2 AODDriver4.2.0; I:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50432 2013-09-19] (Advanced Micro Devices)
R3 BCMH43XX; I:\Windows\System32\DRIVERS\bcmwlhigh6.sys [699896 2009-11-06] (Broadcom Corporation)
R1 CLVirtualDrive; I:\Windows\System32\DRIVERS\CLVirtualDrive.sys [73712 2011-12-26] (CyberLink)
R3 NvStreamKms; I:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2014-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; I:\Windows\System32\drivers\nvvad32v.sys [32912 2014-11-22] (NVIDIA Corporation)
R0 SCMNdisP; I:\Windows\System32\DRIVERS\scmndisp.sys [21728 2007-01-19] (Windows ® Codename Longhorn DDK provider)
S3 catchme; \??\I:\Users\MUSTAR~1\AppData\Local\Temp\catchme.sys [X]
S3 MSICDSetup; \??\D:\CDriver.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-24 07:29 - 2015-01-24 07:29 - 00014075 _____ () I:\Users\Mustard-Tiger\Downloads\FRST.txt
2015-01-24 07:27 - 2015-01-24 07:27 - 00000000 ____D () I:\Users\Mustard-Tiger\Downloads\FRST-OlderVersion
2015-01-24 06:55 - 2014-12-27 09:01 - 23510430 _____ () I:\Users\Mustard-Tiger\Desktop\DSC_0056-3.NEF
2015-01-24 06:55 - 2014-12-27 09:01 - 23435627 _____ () I:\Users\Mustard-Tiger\Desktop\DSC_0055-3.NEF
2015-01-24 06:55 - 2014-12-27 09:01 - 23368344 _____ () I:\Users\Mustard-Tiger\Desktop\DSC_0044-3.NEF
2015-01-24 06:14 - 2015-01-24 06:24 - 437646286 _____ () I:\Users\Mustard-Tiger\Desktop\Gold_Rush_Piles_Of_Gold_S05E13___x264.mp4
2015-01-22 20:22 - 2015-01-23 09:17 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\New folder
2015-01-22 20:18 - 2015-01-22 20:18 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\Macromedia
2015-01-22 19:19 - 2015-01-22 19:25 - 95681456 _____ () I:\Users\Mustard-Tiger\Desktop\Brickleberry.S03E08._.x264-KILLERS.mp4
2015-01-22 07:43 - 2015-01-24 06:36 - 00002218 _____ () I:\Windows\setupact.log
2015-01-22 07:43 - 2015-01-22 07:43 - 00000000 _____ () I:\Windows\setuperr.log
2015-01-21 18:44 - 2015-01-24 07:29 - 00000000 ____D () I:\FRST
2015-01-21 18:43 - 2015-01-24 07:27 - 01120768 _____ (Farbar) I:\Users\Mustard-Tiger\Downloads\FRST.exe
2015-01-21 17:47 - 2015-01-21 17:47 - 00000000 ____D () I:\Users\Mustard-Tiger\Documents\backups
2015-01-21 17:32 - 2015-01-21 17:37 - 00000000 ____D () I:\AdwCleaner
2015-01-21 17:31 - 2015-01-21 17:32 - 02186752 _____ () I:\Users\Mustard-Tiger\Downloads\adwcleaner_4.108.exe
2015-01-21 16:41 - 2015-01-21 16:41 - 00000000 ____D () I:\ProgramData\Malwarebytes
2015-01-21 16:20 - 2015-01-21 16:20 - 00000969 _____ () I:\Users\Public\Desktop\CCleaner.lnk
2015-01-21 16:20 - 2015-01-21 16:20 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-21 16:20 - 2015-01-21 16:20 - 00000000 ____D () I:\Program Files\CCleaner
2015-01-21 16:19 - 2015-01-21 16:20 - 05317104 _____ (Piriform Ltd) I:\Users\Mustard-Tiger\Downloads\ccsetup501.exe
2015-01-21 16:13 - 2015-01-21 16:13 - 00017967 _____ () I:\ComboFix.txt
2015-01-21 15:43 - 2015-01-21 16:14 - 00000000 ____D () I:\Qoobox
2015-01-21 15:43 - 2015-01-21 16:11 - 00000000 ____D () I:\Windows\erdnt
2015-01-21 15:43 - 2011-06-25 22:45 - 00256000 _____ () I:\Windows\PEV.exe
2015-01-21 15:43 - 2010-11-07 09:20 - 00208896 _____ () I:\Windows\MBR.exe
2015-01-21 15:43 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) I:\Windows\NIRCMD.exe
2015-01-21 15:43 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) I:\Windows\SWREG.exe
2015-01-21 15:43 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) I:\Windows\SWSC.exe
2015-01-21 15:43 - 2000-08-30 16:00 - 00098816 _____ () I:\Windows\sed.exe
2015-01-21 15:43 - 2000-08-30 16:00 - 00080412 _____ () I:\Windows\grep.exe
2015-01-21 15:43 - 2000-08-30 16:00 - 00068096 _____ () I:\Windows\zip.exe
2015-01-21 15:42 - 2015-01-21 15:43 - 05608785 ____R (Swearware) I:\Users\Mustard-Tiger\Downloads\ComboFix.exe
2015-01-21 14:00 - 2009-06-10 13:39 - 00000824 _____ () I:\Windows\system32\Drivers\etc\hosts.20150121-140033.backup
2015-01-21 13:34 - 2015-01-21 17:50 - 00000000 ____D () I:\ProgramData\Spybot - Search & Destroy
2015-01-21 13:34 - 2015-01-21 13:38 - 00000000 ____D () I:\Program Files\Spybot - Search & Destroy
2015-01-21 13:34 - 2015-01-21 13:34 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2015-01-21 13:19 - 2015-01-21 13:19 - 16409960 _____ (Safer Networking Limited ) I:\Users\Mustard-Tiger\Downloads\spybotsd162.exe
2015-01-21 12:40 - 2015-01-21 12:40 - 00002441 _____ () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-01-21 12:40 - 2015-01-21 12:40 - 00001993 _____ () I:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-01-20 10:26 - 2015-01-20 10:27 - 16012496 _____ (SAMSUNG Electronics Co., Ltd.) I:\Users\Mustard-Tiger\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
2015-01-20 09:56 - 2015-01-20 09:56 - 00000000 ____D () I:\Users\Mustard-Tiger\.android
2015-01-20 09:47 - 2015-01-20 09:47 - 00000000 ____D () I:\Users\Public\Documents\NativeFus_Log
2015-01-20 09:46 - 2015-01-20 09:47 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\Samsung
2015-01-20 09:46 - 2015-01-20 09:46 - 00000000 ____D () I:\Users\Mustard-Tiger\Documents\SelfMV
2015-01-20 09:46 - 2015-01-20 09:46 - 00000000 ____D () I:\Users\Mustard-Tiger\Documents\samsung
2015-01-20 09:46 - 2015-01-20 09:46 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-01-20 09:46 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) I:\Windows\system32\secman.dll
2015-01-20 09:41 - 2015-01-20 09:41 - 00000000 ____D () I:\Users\Mustard-Tiger\Downloads\Tools
2015-01-20 09:38 - 2015-01-20 09:38 - 00000000 ____H () I:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-01-20 09:37 - 2015-01-20 09:37 - 00000000 ____D () I:\ProgramData\dpddlocaabohcolmdipnombeecoaaene
2015-01-20 09:36 - 2015-01-20 09:53 - 00000000 ____D () I:\ProgramData\{e28ad432-5821-e223-e28a-ad43258250c9}
2015-01-19 08:35 - 2015-01-19 08:35 - 00000000 ___SD () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-01-19 08:35 - 2015-01-19 08:35 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\OpenOffice
2015-01-19 08:35 - 2015-01-19 08:35 - 00000000 ____D () I:\Program Files\OpenOffice 4
2015-01-19 08:30 - 2015-01-19 08:33 - 140852175 _____ () I:\Users\Mustard-Tiger\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe
2015-01-18 08:35 - 2015-01-18 14:18 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\homemovies
2015-01-17 15:20 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) I:\Windows\system32\XAudio2_1.dll
2015-01-17 15:20 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) I:\Windows\system32\xactengine3_1.dll
2015-01-17 15:20 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) I:\Windows\system32\XAPOFX1_0.dll
2015-01-17 15:20 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) I:\Windows\system32\X3DAudio1_4.dll
2015-01-17 15:20 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) I:\Windows\system32\D3DX9_38.dll
2015-01-17 15:20 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) I:\Windows\system32\D3DCompiler_38.dll
2015-01-17 15:20 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) I:\Windows\system32\d3dx10_38.dll
2015-01-17 15:20 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) I:\Windows\system32\XAudio2_0.dll
2015-01-17 15:20 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) I:\Windows\system32\xactengine3_0.dll
2015-01-17 15:20 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) I:\Windows\system32\X3DAudio1_3.dll
2015-01-17 15:20 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) I:\Windows\system32\D3DX9_37.dll
2015-01-17 15:20 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) I:\Windows\system32\D3DCompiler_37.dll
2015-01-17 15:20 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) I:\Windows\system32\d3dx10_37.dll
2015-01-17 15:20 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_10.dll
2015-01-17 15:20 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) I:\Windows\system32\X3DAudio1_2.dll
2015-01-17 15:20 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_36.dll
2015-01-17 15:20 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) I:\Windows\system32\D3DCompiler_36.dll
2015-01-17 15:20 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) I:\Windows\system32\d3dx10_36.dll
2015-01-17 15:20 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_9.dll
2015-01-17 15:20 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_35.dll
2015-01-17 15:20 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) I:\Windows\system32\D3DCompiler_35.dll
2015-01-17 15:20 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) I:\Windows\system32\d3dx10_35.dll
2015-01-17 15:20 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_8.dll
2015-01-17 15:20 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_34.dll
2015-01-17 15:20 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) I:\Windows\system32\D3DCompiler_34.dll
2015-01-17 15:20 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) I:\Windows\system32\d3dx10_34.dll
2015-01-17 15:20 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_7.dll
2015-01-17 15:20 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) I:\Windows\system32\xinput1_3.dll
2015-01-17 15:20 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) I:\Windows\system32\d3dx10_33.dll
2015-01-17 15:20 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_33.dll
2015-01-17 15:20 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) I:\Windows\system32\D3DCompiler_33.dll
2015-01-17 15:20 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) I:\Windows\system32\x3daudio1_1.dll
2015-01-17 15:20 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_6.dll
2015-01-17 15:20 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_5.dll
2015-01-17 15:20 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_32.dll
2015-01-17 15:20 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) I:\Windows\system32\d3dx10.dll
2015-01-17 15:20 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_31.dll
2015-01-17 15:20 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_4.dll
2015-01-17 15:20 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_3.dll
2015-01-17 15:20 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) I:\Windows\system32\xinput1_2.dll
2015-01-17 15:20 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_2.dll
2015-01-17 15:20 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_30.dll
2015-01-17 15:20 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_1.dll
2015-01-17 15:20 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) I:\Windows\system32\xinput1_1.dll
2015-01-17 15:20 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_29.dll
2015-01-17 15:20 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_0.dll
2015-01-17 15:20 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) I:\Windows\system32\x3daudio1_0.dll
2015-01-17 15:20 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_28.dll
2015-01-17 15:20 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_27.dll
2015-01-17 15:20 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_26.dll
2015-01-17 15:19 - 2015-01-17 15:19 - 00682280 _____ () I:\Windows\system32\pbsvc.exe
2015-01-17 15:19 - 2015-01-17 15:19 - 00107832 _____ () I:\Windows\system32\PnkBstrB.exe
2015-01-17 15:19 - 2015-01-17 15:19 - 00066872 _____ () I:\Windows\system32\PnkBstrA.exe
2015-01-17 15:19 - 2015-01-17 15:19 - 00022328 _____ () I:\Windows\system32\Drivers\PnkBstrK.sys
2015-01-17 15:19 - 2015-01-17 15:19 - 00022328 _____ () I:\Users\Mustard-Tiger\AppData\Roaming\PnkBstrK.sys
2015-01-17 15:17 - 2015-01-17 15:17 - 00000000 ____D () I:\Program Files\Activision
2015-01-17 14:38 - 2015-01-17 14:57 - 3172237312 _____ () I:\Users\Mustard-Tiger\Documents\COD.WaW.iso
2015-01-17 14:37 - 2015-01-17 14:37 - 00000000 ____D () I:\Users\Public\Documents\CyberLink
2015-01-15 18:08 - 2015-01-15 18:08 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\DDMSettings
2015-01-15 07:09 - 2015-01-20 08:10 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\JPEGS
2015-01-15 07:08 - 2015-01-22 09:57 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\workstuff
2015-01-14 00:15 - 2015-01-14 00:15 - 00001283 _____ () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-01-13 08:31 - 2015-01-13 08:31 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\Power2Go8
2015-01-13 08:22 - 2015-01-17 14:37 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\CyberLink
2015-01-13 08:22 - 2015-01-13 08:22 - 00000000 ____D () I:\Program Files\Common Files\CyberLink
2015-01-13 08:22 - 2011-12-26 21:37 - 00073712 _____ (CyberLink) I:\Windows\system32\Drivers\CLVirtualDrive.sys
2015-01-13 08:19 - 2015-01-13 08:27 - 00000000 ___RD () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2015-01-13 08:19 - 2015-01-13 08:27 - 00000000 ____D () I:\Program Files\CyberLink
2015-01-13 08:19 - 2015-01-13 08:26 - 00000000 ____D () I:\ProgramData\install_clap
2015-01-13 08:18 - 2015-01-17 14:57 - 00000000 ____D () I:\ProgramData\CyberLink
2015-01-13 08:18 - 2015-01-13 08:27 - 00000000 ____D () I:\ProgramData\Temp
2015-01-13 08:18 - 2015-01-13 08:19 - 00000000 ____D () I:\ProgramData\CLSK
2015-01-12 14:19 - 2015-01-12 14:19 - 00001456 _____ () I:\Users\Mustard-Tiger\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-01-12 11:28 - 2002-12-13 00:51 - 08831488 _____ () I:\Users\Mustard-Tiger\Desktop\Video 2.avi
2015-01-10 08:16 - 2015-01-10 08:16 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-01-10 08:15 - 2015-01-10 08:16 - 17385800 _____ (Google Inc.) I:\Users\Mustard-Tiger\Downloads\picasa39-setup.exe
2015-01-08 18:11 - 2015-01-08 18:11 - 00000024 _____ () I:\Users\Mustard-Tiger\Desktop\stuff.txt
2015-01-08 16:12 - 2015-01-08 16:12 - 00000000 ____D () I:\Users\Mustard-Tiger\Documents\Battlefield 2
2015-01-08 16:12 - 2015-01-08 16:12 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-01-08 16:10 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_25.dll
2015-01-08 16:10 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_24.dll
2015-01-08 16:09 - 2015-01-08 16:09 - 00000000 ____D () I:\Windows\system32\Macromed
2015-01-08 15:55 - 2015-01-08 15:55 - 00000000 ____D () I:\Program Files\EA GAMES
2015-01-08 06:55 - 2015-01-08 06:55 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\NVIDIA
2015-01-08 06:31 - 2015-01-08 06:55 - 00000000 ____D () I:\ProgramData\regid.1986-12.com.adobe
2015-01-08 06:31 - 2015-01-08 06:31 - 00001260 _____ () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014 (32 Bit).lnk
2015-01-06 07:57 - 2015-01-06 07:57 - 00001751 _____ () I:\Users\Mustard-Tiger\Desktop\exports - Shortcut.lnk
2015-01-06 06:18 - 2015-01-06 06:18 - 00000000 ____D () I:\Users\Mustard-Tiger\Documents\Adobe
2015-01-06 01:02 - 2015-01-06 01:02 - 00000000 ____H () I:\Users\Mustard-Tiger\Documents\Default.rdp
2015-01-05 18:16 - 2015-01-21 20:41 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\Microsoft Games
2015-01-05 17:59 - 2015-01-05 17:59 - 00002071 _____ () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.6.lnk
2015-01-05 17:49 - 2015-01-05 17:49 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\Photoshop Lightroom 5.6
2015-01-05 17:45 - 2015-01-05 17:45 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\Unity
2015-01-05 17:44 - 2015-01-21 09:09 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\Unity
2015-01-05 17:14 - 2015-01-05 17:14 - 00000000 ___RD () I:\Users\Mustard-Tiger\Creative Cloud Files
2015-01-05 17:02 - 2015-01-21 12:43 - 00000000 ____D () I:\ProgramData\Adobe
2015-01-05 17:02 - 2015-01-21 12:42 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\Adobe
2015-01-05 17:00 - 2015-01-21 12:40 - 00000000 ____D () I:\Program Files\Common Files\Adobe
2015-01-05 17:00 - 2015-01-21 12:40 - 00000000 ____D () I:\Program Files\Adobe
2015-01-05 16:52 - 2015-01-24 05:48 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\Adobe
2015-01-05 16:52 - 2015-01-05 16:52 - 00672432 _____ (Adobe Systems Incorporated) I:\Users\Mustard-Tiger\Downloads\CreativeCloudSet-Up.exe
2015-01-05 15:18 - 2015-01-22 17:22 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\DCIM
2015-01-05 15:17 - 2015-01-05 15:17 - 00000000 ____H () I:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-01-05 15:08 - 2015-01-23 19:21 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\DivX Movies
2015-01-05 15:07 - 2015-01-12 11:18 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\music_vids
2015-01-05 15:05 - 2015-01-05 15:05 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\NVIDIA Corporation
2015-01-05 15:04 - 2015-01-05 15:06 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\NVIDIA
2015-01-05 15:04 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) I:\Windows\system32\D3DX9_43.dll
2015-01-05 15:04 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) I:\Windows\system32\d3dx10_43.dll
2015-01-05 15:04 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) I:\Windows\system32\d3dx11_43.dll
2015-01-05 15:03 - 2015-01-23 20:19 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\tv
2015-01-05 15:03 - 2015-01-05 15:30 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-05 15:03 - 2014-12-12 16:11 - 02210040 _____ (NVIDIA Corporation) I:\Windows\system32\nvspcap.dll
2015-01-05 15:03 - 2014-12-12 16:11 - 01291464 _____ (NVIDIA Corporation) I:\Windows\system32\nvspbridge.dll
2015-01-05 15:02 - 2015-01-24 05:38 - 00000000 ____D () I:\ProgramData\NVIDIA
2015-01-05 15:02 - 2015-01-05 15:06 - 00000000 ____D () I:\ProgramData\NVIDIA Corporation
2015-01-05 15:02 - 2014-12-13 02:02 - 00060560 _____ (Khronos Group) I:\Windows\system32\OpenCL.dll
2015-01-05 15:02 - 2014-12-12 23:30 - 04403016 _____ (NVIDIA Corporation) I:\Windows\system32\nvcpl.dll
2015-01-05 15:02 - 2014-12-12 23:30 - 03056784 _____ (NVIDIA Corporation) I:\Windows\system32\nvsvc.dll
2015-01-05 15:02 - 2014-12-12 23:30 - 02554000 _____ (NVIDIA Corporation) I:\Windows\system32\nvsvcr.dll
2015-01-05 15:02 - 2014-12-12 23:30 - 00669840 _____ (NVIDIA Corporation) I:\Windows\system32\nvvsvc.exe
2015-01-05 15:02 - 2014-12-12 23:30 - 00375112 _____ (NVIDIA Corporation) I:\Windows\system32\nvmctray.dll
2015-01-05 15:02 - 2014-12-12 23:30 - 00062784 _____ (NVIDIA Corporation) I:\Windows\system32\nvshext.dll
2015-01-05 15:02 - 2014-12-12 23:03 - 00620176 _____ (NVIDIA Corporation) I:\Windows\system32\nvStreaming.exe
2015-01-05 15:02 - 2014-12-11 04:49 - 04151176 _____ () I:\Windows\system32\nvcoproc.bin
2015-01-05 15:01 - 2014-12-13 02:02 - 24764048 _____ (NVIDIA Corporation) I:\Windows\system32\nvoglv32.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 20465808 _____ (NVIDIA Corporation) I:\Windows\system32\nvcompiler.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 16039176 _____ (NVIDIA Corporation) I:\Windows\system32\nvwgf2um.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 14128496 _____ (NVIDIA Corporation) I:\Windows\system32\nvd3dum.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 10771128 _____ (NVIDIA Corporation) I:\Windows\system32\nvopencl.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 10710344 _____ (NVIDIA Corporation) I:\Windows\system32\nvcuda.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 08536208 _____ (NVIDIA Corporation) I:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-05 15:01 - 2014-12-13 02:02 - 03249984 _____ (NVIDIA Corporation) I:\Windows\system32\nvcuvid.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 02897640 _____ (NVIDIA Corporation) I:\Windows\system32\nvapi.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 01047696 _____ (NVIDIA Corporation) I:\Windows\system32\nvdispco3234709.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 00927888 _____ (NVIDIA Corporation) I:\Windows\system32\NvIFR.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 00911504 _____ (NVIDIA Corporation) I:\Windows\system32\nvdispgenco3234709.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 00905360 _____ (NVIDIA Corporation) I:\Windows\system32\NvFBC.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 00877984 _____ (NVIDIA Corporation) I:\Windows\system32\nvumdshim.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 00305136 _____ (NVIDIA Corporation) I:\Windows\system32\nvoglshim32.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 00164752 _____ (NVIDIA Corporation) I:\Windows\system32\nvinit.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 00022896 _____ () I:\Windows\system32\nvinfo.pb
2015-01-05 15:01 - 2014-11-22 02:46 - 00032912 _____ (NVIDIA Corporation) I:\Windows\system32\Drivers\nvvad32v.sys
2015-01-05 15:01 - 2014-11-22 02:46 - 00032400 _____ (NVIDIA Corporation) I:\Windows\system32\nvaudcap32v.dll
2015-01-05 15:01 - 2014-10-09 09:02 - 00161424 _____ (NVIDIA Corporation) I:\Windows\system32\Drivers\nvhda32v.sys
2015-01-05 15:01 - 2014-10-09 09:02 - 00027280 _____ (NVIDIA Corporation) I:\Windows\system32\nvhdap32.dll
2015-01-05 15:01 - 2014-10-08 23:17 - 00908608 _____ (NVIDIA Corporation) I:\Windows\system32\nvhdagenco32.dll
2015-01-05 15:00 - 2015-01-05 15:04 - 00000000 ____D () I:\Program Files\NVIDIA Corporation
2015-01-05 14:46 - 2015-01-05 14:59 - 249214576 _____ (NVIDIA Corporation) I:\Users\Mustard-Tiger\Downloads\347.09-desktop-win8-win7-winvista-32bit-international-whql.exe
2015-01-05 14:30 - 2015-01-21 08:48 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\Downloaded files
2015-01-05 06:05 - 2015-01-21 16:23 - 00000000 ____D () I:\Windows\Minidump
2015-01-04 20:35 - 2015-01-05 06:08 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\Mozilla
2015-01-04 20:35 - 2015-01-04 20:35 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\Mozilla
2015-01-04 20:34 - 2015-01-04 20:34 - 00001121 _____ () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-04 20:34 - 2015-01-04 20:34 - 00000000 ____D () I:\ProgramData\Mozilla
2015-01-04 20:34 - 2015-01-04 20:34 - 00000000 ____D () I:\Program Files\Mozilla Maintenance Service
2015-01-04 20:34 - 2015-01-04 20:34 - 00000000 ____D () I:\Program Files\Mozilla Firefox
2015-01-04 20:21 - 2015-01-23 19:26 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\DivX
2015-01-04 20:21 - 2015-01-04 20:21 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-01-04 20:21 - 2015-01-04 20:21 - 00000000 ____D () I:\Program Files\Common Files\DivX Shared
2015-01-04 20:19 - 2014-11-24 14:04 - 00229000 ____N (Microsoft Corporation) I:\Windows\system32\MpSigStub.exe
2015-01-04 20:14 - 2015-01-04 20:14 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-04 20:05 - 2015-01-04 20:21 - 00000000 ____D () I:\Program Files\DivX
2015-01-04 20:04 - 2015-01-12 11:39 - 00000000 ____D () I:\ProgramData\DivX
2015-01-04 20:03 - 2015-01-24 07:08 - 00000900 _____ () I:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-04 20:03 - 2015-01-24 05:39 - 00000896 _____ () I:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-04 20:03 - 2015-01-19 11:02 - 00144232 _____ () I:\Users\Mustard-Tiger\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-04 20:03 - 2015-01-10 08:17 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\Google
2015-01-04 20:03 - 2015-01-10 08:16 - 00000000 ____D () I:\Program Files\Google
2015-01-04 20:03 - 2015-01-04 20:03 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\Deployment
2015-01-04 20:03 - 2015-01-04 20:03 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\Apps\2.0
2015-01-04 20:01 - 2015-01-04 20:01 - 00000000 ____H () I:\ProgramData\DP45977C.lfl
2015-01-04 20:01 - 2015-01-04 20:01 - 00000000 ____D () I:\Windows\system32\RTCOM
2015-01-04 20:00 - 2015-01-13 08:22 - 00000000 ____D () I:\Program Files\Common Files\InstallShield
2015-01-04 20:00 - 2015-01-04 20:01 - 00000000 ___HD () I:\Program Files\Temp
2015-01-04 20:00 - 2015-01-04 20:00 - 00000000 ____D () I:\Program Files\Realtek
2015-01-04 20:00 - 2013-12-10 04:35 - 43342848 _____ (Realtek Semiconductor Corp.) I:\Windows\system32\RCoRes.dat
2015-01-04 20:00 - 2013-12-10 04:20 - 02937432 _____ (Realtek Semiconductor Corp.) I:\Windows\system32\Drivers\RTKVHDA.sys
2015-01-04 20:00 - 2013-12-09 18:17 - 00693385 _____ () I:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-04 20:00 - 2013-12-05 04:21 - 00125144 _____ (Realtek Semiconductor Corp.) I:\Windows\system32\RtkCoInstII.dll
2015-01-04 20:00 - 2013-12-04 00:27 - 01892056 _____ (Realtek Semiconductor Corp.) I:\Windows\system32\RTSndMgr.cpl
2015-01-04 20:00 - 2013-12-02 00:55 - 05681196 _____ () I:\Windows\system32\Drivers\rtvienna.dat
2015-01-04 20:00 - 2013-11-25 01:20 - 02080472 ____R (Realtek Semiconductor Corp.) I:\Windows\RtlExUpd.dll
2015-01-04 20:00 - 2013-11-24 23:59 - 02547928 _____ (Realtek Semiconductor Corp.) I:\Windows\system32\RtkPgExt.dll
2015-01-04 20:00 - 2013-11-24 23:59 - 02329304 _____ (Realtek Semiconductor Corp.) I:\Windows\system32\RtkAPO.dll
2015-01-04 20:00 - 2013-11-13 02:53 - 00860416 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioAPOShell.dll
2015-01-04 20:00 - 2013-11-13 02:52 - 13881600 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioRealtek.dll
2015-01-04 20:00 - 2013-11-13 02:52 - 01935104 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioEQ.dll
2015-01-04 20:00 - 2013-11-13 02:48 - 03629824 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioVnN.dll
2015-01-04 20:00 - 2013-11-13 02:38 - 01677568 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioRealtek2.dll
2015-01-04 20:00 - 2013-11-13 01:56 - 01824000 _____ (Waves Audio Ltd.) I:\Windows\system32\WavesGUILib.dll
2015-01-04 20:00 - 2013-11-13 01:56 - 01097984 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioAPO50.dll
2015-01-04 20:00 - 2013-11-04 19:21 - 00865592 _____ (Nahimic Inc) I:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2015-01-04 20:00 - 2013-11-04 19:18 - 05115672 _____ (Nahimic Inc) I:\Windows\system32\NAHIMICAPOlfx.dll
2015-01-04 20:00 - 2013-10-28 01:29 - 00782040 _____ (Realtek Semiconductor Corp.) I:\Windows\system32\RtkApoApi.dll
2015-01-04 20:00 - 2013-10-15 11:43 - 00182472 _____ (Andrea Electronics Corporation) I:\Windows\system32\AERTACap.dll
2015-01-04 20:00 - 2013-10-10 20:47 - 00092584 _____ (Real Sound Lab SIA) I:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-01-04 20:00 - 2013-10-10 19:31 - 00919600 _____ (Sony Corporation) I:\Windows\system32\SFSS_APO.dll
2015-01-04 20:00 - 2013-10-09 04:13 - 00926976 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxSpeechAPO.dll
2015-01-04 20:00 - 2013-10-09 04:12 - 27369216 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioVnA.dll
2015-01-04 20:00 - 2013-10-06 08:14 - 00426944 _____ (DTS) I:\Windows\system32\DTSU2PLFX32.dll
2015-01-04 20:00 - 2013-10-06 08:14 - 00403392 _____ (DTS) I:\Windows\system32\DTSU2PGFX32.dll
2015-01-04 20:00 - 2013-10-06 08:14 - 00346048 _____ (DTS) I:\Windows\system32\DTSU2PREC32.dll
2015-01-04 20:00 - 2013-09-09 12:02 - 06176944 _____ (Dolby Laboratories) I:\Windows\system32\DDPP32A.dll
2015-01-04 20:00 - 2013-09-09 12:02 - 00272048 _____ (Dolby Laboratories) I:\Windows\system32\DDPO32A.dll
2015-01-04 20:00 - 2013-09-09 12:01 - 01489072 _____ (Dolby Laboratories) I:\Windows\system32\DDPD32A.dll
2015-01-04 20:00 - 2013-09-09 12:01 - 00219312 _____ (Dolby Laboratories) I:\Windows\system32\DDPA32.dll
2015-01-04 20:00 - 2013-08-23 11:14 - 00938752 _____ (SRS Labs, Inc.) I:\Windows\system32\slcnt32.dll
2015-01-04 20:00 - 2013-08-23 11:14 - 00823040 _____ (DTS, Inc.) I:\Windows\system32\sl3apo32.dll
2015-01-04 20:00 - 2013-08-23 11:14 - 00604928 _____ (DTS, Inc.) I:\Windows\system32\sltech32.dll
2015-01-04 20:00 - 2013-08-23 11:14 - 00218368 _____ (TODO: <Company name>) I:\Windows\system32\slprp32.dll
2015-01-04 20:00 - 2013-08-20 01:36 - 00502584 _____ () I:\Windows\system32\audioLibVc.dll
2015-01-04 20:00 - 2013-08-14 00:36 - 00873728 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioAPO40.dll
2015-01-04 20:00 - 2013-08-14 00:36 - 00509184 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxVolumeSDAPO.dll
2015-01-04 20:00 - 2013-08-14 00:35 - 00761088 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxVoiceAPO20.dll
2015-01-04 20:00 - 2013-08-14 00:35 - 00509184 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioAPO30.dll
2015-01-04 20:00 - 2013-08-05 02:10 - 02395680 _____ (Fortemedia Corporation) I:\Windows\system32\FMAPO.dll
2015-01-04 20:00 - 2013-06-17 04:20 - 00188696 _____ () I:\Windows\system32\AcpiServiceVnA.dll
2015-01-04 20:00 - 2013-04-02 22:12 - 00852016 _____ (Sony Corporation) I:\Windows\system32\MISS_APO.dll
2015-01-04 20:00 - 2012-08-31 03:17 - 07162128 _____ (Dolby Laboratories) I:\Windows\system32\R4EEP32A.dll
2015-01-04 20:00 - 2012-08-31 03:17 - 00352016 _____ (Dolby Laboratories) I:\Windows\system32\R4EED32A.dll
2015-01-04 20:00 - 2012-08-31 03:17 - 00106768 _____ (Dolby Laboratories) I:\Windows\system32\R4EEL32A.dll
2015-01-04 20:00 - 2012-08-31 03:17 - 00091920 _____ (Dolby Laboratories) I:\Windows\system32\R4EEA32A.dll
2015-01-04 20:00 - 2012-08-31 03:17 - 00062224 _____ (Dolby Laboratories) I:\Windows\system32\R4EEG32A.dll
2015-01-04 20:00 - 2012-03-07 19:47 - 00095840 _____ (Andrea Electronics Corporation) I:\Windows\system32\AERTARen.dll
2015-01-04 20:00 - 2012-01-29 19:42 - 00819648 _____ (TOSHIBA Corporation) I:\Windows\system32\tadefxapo2.dll
2015-01-04 20:00 - 2012-01-09 18:20 - 00058264 _____ (TOSHIBA CORPORATION.) I:\Windows\system32\TepeqAPO.dll
2015-01-04 20:00 - 2011-11-22 00:28 - 00013416 _____ (Realtek Semiconductor Corp.) I:\Windows\system32\RtkCoLDR.dll
2015-01-04 20:00 - 2011-09-01 22:21 - 00214368 _____ (Synopsys, Inc.) I:\Windows\system32\SFNHK.dll
2015-01-04 20:00 - 2011-09-01 22:21 - 00074080 _____ (Synopsys, Inc.) I:\Windows\system32\SFCOM.dll
2015-01-04 20:00 - 2011-09-01 22:21 - 00068960 _____ (Synopsys, Inc.) I:\Windows\system32\SFAPO.dll
2015-01-04 20:00 - 2011-08-23 01:00 - 00357712 _____ (Knowles Acoustics ) I:\Windows\system32\KAAPORT.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 01509480 _____ (DTS) I:\Windows\system32\DTSS2SpeakerDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 01292904 _____ (DTS) I:\Windows\system32\DTSS2HeadphoneDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 01220200 _____ (DTS) I:\Windows\system32\DTSBoostDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00654952 _____ (DTS) I:\Windows\system32\DTSBassEnhancementDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00631400 _____ (DTS) I:\Windows\system32\DTSSymmetryDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00601704 _____ (DTS) I:\Windows\system32\DTSVoiceClarityDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00458344 _____ (DTS) I:\Windows\system32\DTSNeoPCDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00389736 _____ (DTS) I:\Windows\system32\DTSGainCompensatorDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00375400 _____ (DTS) I:\Windows\system32\DTSLimiterDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00218728 _____ (DTS) I:\Windows\system32\DTSGFXAPONS.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00218728 _____ (DTS) I:\Windows\system32\DTSGFXAPO.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00218216 _____ (DTS) I:\Windows\system32\DTSLFXAPO.dll
2015-01-04 20:00 - 2011-03-16 20:16 - 01379760 _____ (TOSHIBA Corporation) I:\Windows\system32\tosade.dll
2015-01-04 20:00 - 2011-03-07 01:03 - 00134584 _____ (TOSHIBA Corporation) I:\Windows\system32\tadefxapo.dll
2015-01-04 20:00 - 2010-11-07 15:31 - 00359768 _____ (Dolby Laboratories, Inc.) I:\Windows\system32\RTEEP32A.dll
2015-01-04 20:00 - 2010-11-07 15:31 - 00295768 _____ (Dolby Laboratories, Inc.) I:\Windows\system32\RP3DHT32.dll
2015-01-04 20:00 - 2010-11-07 15:31 - 00295768 _____ (Dolby Laboratories, Inc.) I:\Windows\system32\RP3DAA32.dll
2015-01-04 20:00 - 2010-11-07 15:31 - 00170840 _____ (Dolby Laboratories, Inc.) I:\Windows\system32\RTEED32A.dll
2015-01-04 20:00 - 2010-11-07 15:31 - 00078680 _____ (Dolby Laboratories, Inc.) I:\Windows\system32\RTEEL32A.dll
2015-01-04 20:00 - 2010-11-07 15:31 - 00064856 _____ (Dolby Laboratories, Inc.) I:\Windows\system32\RTEEG32A.dll
2015-01-04 20:00 - 2010-09-26 17:34 - 00232792 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioAPO20.dll
2015-01-04 20:00 - 2009-12-03 23:43 - 00132368 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioAPO.dll
2015-01-04 20:00 - 2009-11-23 17:55 - 00345328 _____ (SRS Labs, Inc.) I:\Windows\system32\SRSTSXT.dll
2015-01-04 20:00 - 2009-11-23 17:55 - 00185584 _____ (SRS Labs, Inc.) I:\Windows\system32\SRSTSHD.dll
2015-01-04 20:00 - 2009-11-23 17:55 - 00173296 _____ (SRS Labs, Inc.) I:\Windows\system32\SRSHP360.dll
2015-01-04 20:00 - 2009-11-23 17:55 - 00140528 _____ (SRS Labs, Inc.) I:\Windows\system32\SRSWOW.dll
2015-01-04 20:00 - 2009-11-18 02:42 - 01783056 _____ (Waves Audio Ltd.) I:\Windows\system32\WavesLib.dll
2015-01-04 19:56 - 2015-01-04 19:56 - 00000000 ____H () I:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh6_01009.Wdf
2015-01-04 19:54 - 2015-01-04 19:54 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-04 19:54 - 2015-01-04 19:54 - 00000000 ____D () I:\ProgramData\AMD
2015-01-04 19:54 - 2013-05-27 11:09 - 00178496 _____ (Advanced Micro Devices, INC.) I:\Windows\system32\Drivers\amdxhc.sys
2015-01-04 19:54 - 2013-05-27 11:09 - 00085312 _____ (Advanced Micro Devices, INC.) I:\Windows\system32\Drivers\amdhub30.sys
2015-01-04 19:54 - 2012-08-28 04:27 - 00045736 ____R (Advanced Micro Devices) I:\Windows\system32\Drivers\usbfilter.sys
2015-01-04 19:53 - 2015-01-14 00:15 - 00000000 ____D () I:\ProgramData\Package Cache
2015-01-04 19:51 - 2015-01-04 19:51 - 00000000 ____D () I:\Program Files\Microsoft.NET
2015-01-04 19:50 - 2015-01-04 19:50 - 00000000 ____D () I:\MSI
2015-01-04 19:50 - 2009-11-25 11:47 - 01130824 _____ (Microsoft Corporation) I:\Windows\system32\dfshim.dll
2015-01-04 19:50 - 2009-11-25 11:47 - 00297808 _____ (Microsoft Corporation) I:\Windows\system32\mscoree.dll
2015-01-04 19:50 - 2009-11-25 11:47 - 00295264 _____ (Microsoft Corporation) I:\Windows\system32\PresentationHost.exe
2015-01-04 19:50 - 2009-11-25 11:47 - 00099176 _____ (Microsoft Corporation) I:\Windows\system32\PresentationHostProxy.dll
2015-01-04 19:50 - 2009-11-25 11:47 - 00049472 _____ (Microsoft Corporation) I:\Windows\system32\netfxperf.dll
2015-01-04 19:42 - 2015-01-20 09:46 - 00000000 ___HD () I:\Program Files\InstallShield Installation Information
2015-01-04 19:42 - 2015-01-04 19:42 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100 Smart Wizard
2015-01-04 19:42 - 2015-01-04 19:42 - 00000000 ____D () I:\Program Files\NETGEAR
2015-01-04 19:42 - 2009-11-06 08:37 - 00699896 _____ (Broadcom Corporation) I:\Windows\system32\Drivers\bcmwlhigh6.sys
2015-01-04 19:42 - 2009-11-06 08:31 - 03862528 _____ (Broadcom Corporation) I:\Windows\system32\bcmihvsrv.dll
2015-01-04 19:42 - 2009-11-06 08:31 - 03551232 _____ (Broadcom Corporation) I:\Windows\system32\bcmihvui.dll
2015-01-04 19:42 - 2009-11-06 08:31 - 01176312 _____ (Microsoft Corporation) I:\Windows\system32\WdfCoInstaller01009.dll
2015-01-04 19:42 - 2009-11-06 08:31 - 00091376 _____ (Broadcom Corporation) I:\Windows\system32\bcmwlcoi.dll
2015-01-04 19:42 - 2007-01-19 18:20 - 00021728 _____ (Windows ® Codename Longhorn DDK provider) I:\Windows\system32\Drivers\SCMNdisP.sys
2015-01-04 19:41 - 2015-01-04 19:41 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\InstallShield
2015-01-04 19:19 - 2015-01-20 09:46 - 00000000 ____D () I:\Program Files\SAMSUNG
2015-01-04 19:19 - 2015-01-04 19:19 - 00000000 ____D () I:\ProgramData\Samsung
2015-01-04 19:18 - 2015-01-04 19:54 - 00000000 ____D () I:\Program Files\ATI Technologies
2015-01-04 19:18 - 2015-01-04 19:18 - 00000000 ____D () I:\Program Files\ATI
2015-01-04 19:17 - 2015-01-24 05:42 - 00781298 _____ () I:\Windows\system32\PerfStringBackup.INI
2015-01-04 19:14 - 2015-01-24 05:41 - 00195446 _____ () I:\Windows\WindowsUpdate.log
2015-01-04 19:13 - 2015-01-20 09:56 - 00000000 ____D () I:\Users\Mustard-Tiger
2015-01-04 19:13 - 2015-01-08 16:12 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\VirtualStore
2015-01-04 19:13 - 2015-01-04 19:13 - 00001417 _____ () I:\Users\Mustard-Tiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-04 19:13 - 2015-01-04 19:13 - 00000020 ___SH () I:\Users\Mustard-Tiger\ntuser.ini
2015-01-04 19:13 - 2009-07-13 20:42 - 00000000 ___RD () I:\Users\Mustard-Tiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-04 19:13 - 2009-07-13 20:37 - 00000000 ___RD () I:\Users\Mustard-Tiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-04 19:12 - 2015-01-04 19:12 - 00000000 ____D () I:\Recovery
2015-01-04 18:53 - 2015-01-04 18:53 - 00001345 _____ () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-01-04 18:53 - 2015-01-04 18:53 - 00001326 _____ () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-01-04 18:50 - 2015-01-21 16:23 - 00000000 ____D () I:\Windows\Panther
2015-01-04 11:05 - 2015-01-04 11:05 - 00000000 ____D () I:\4c8bfeb9d866cc049fed2c6807
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-24 05:43 - 2009-07-13 20:34 - 00014016 ____H () I:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-24 05:43 - 2009-07-13 20:34 - 00014016 ____H () I:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-24 05:38 - 2009-07-13 20:53 - 00000006 ____H () I:\Windows\Tasks\SA.DAT
2015-01-21 16:14 - 2009-07-13 18:37 - 00000000 __RHD () I:\Users\Default
2015-01-21 16:14 - 2009-07-13 18:37 - 00000000 ___RD () I:\Users\Public
2015-01-21 16:05 - 2009-07-13 18:04 - 00000215 _____ () I:\Windows\system.ini
2015-01-21 16:04 - 2009-07-13 18:03 - 33816576 _____ () I:\Windows\system32\config\SOFTWARE.bak
2015-01-21 16:04 - 2009-07-13 18:03 - 20447232 _____ () I:\Windows\system32\config\SYSTEM.bak
2015-01-21 16:04 - 2009-07-13 18:03 - 04980736 _____ () I:\Windows\system32\config\DEFAULT.bak
2015-01-21 16:04 - 2009-07-13 18:03 - 00262144 _____ () I:\Windows\system32\config\SECURITY.bak
2015-01-21 16:04 - 2009-07-13 18:03 - 00262144 _____ () I:\Windows\system32\config\SAM.bak
2015-01-19 21:38 - 2009-07-13 20:33 - 03973152 _____ () I:\Windows\system32\FNTCACHE.DAT
2015-01-18 14:11 - 2009-07-13 18:37 - 00000000 ____D () I:\Windows\system32\LogFiles
2015-01-17 15:20 - 2009-07-13 20:52 - 00000000 ___RD () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-13 10:55 - 2009-07-13 18:37 - 00000000 __RHD () I:\Users\Public\Libraries
2015-01-08 16:10 - 2009-07-13 18:37 - 00000000 ____D () I:\Windows\Microsoft.NET
2015-01-05 15:02 - 2009-07-13 18:37 - 00000000 ____D () I:\Windows\Help
2015-01-04 19:41 - 2009-07-13 20:52 - 00000000 ____D () I:\Windows\system32\restore
2015-01-04 19:18 - 2009-07-13 18:37 - 00000000 ____D () I:\Program Files\Common Files\microsoft shared
2015-01-04 19:12 - 2009-07-13 18:37 - 00000000 ____D () I:\Windows\rescache
2015-01-04 18:53 - 2009-07-13 18:37 - 00000000 ___RD () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-04 18:51 - 2009-07-13 23:49 - 00000000 ____D () I:\Windows\CSC
2015-01-04 18:50 - 2009-07-13 20:57 - 00025600 ___SH () I:\Windows\system32\config\BCD-Template.LOG
2015-01-04 18:50 - 2009-07-13 20:52 - 00028672 _____ () I:\Windows\system32\config\BCD-Template
 
==================== Files in the root of some directories =======
 
2015-01-17 15:19 - 2015-01-17 15:19 - 0022328 _____ () I:\Users\Mustard-Tiger\AppData\Roaming\PnkBstrK.sys
2015-01-12 14:19 - 2015-01-12 14:19 - 0001456 _____ () I:\Users\Mustard-Tiger\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-01-04 20:01 - 2015-01-04 20:01 - 0000000 ____H () I:\ProgramData\DP45977C.lfl
 
Some content of TEMP:
====================
I:\Users\Mustard-Tiger\AppData\Local\Temp\Quarantine.exe
I:\Users\Mustard-Tiger\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
I:\Windows\explorer.exe => File is digitally signed
I:\Windows\system32\winlogon.exe => File is digitally signed
I:\Windows\system32\wininit.exe => File is digitally signed
I:\Windows\system32\svchost.exe => File is digitally signed
I:\Windows\system32\services.exe => File is digitally signed
I:\Windows\system32\User32.dll => File is digitally signed
I:\Windows\system32\userinit.exe => File is digitally signed
I:\Windows\system32\rpcss.dll => File is digitally signed
I:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-14 10:38
 
==================== End Of Log ============================

 

 

 

 

 

 

 

 

______________

 

Addition.txt

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-01-2015 01
Ran by Mustard-Tiger at 2015-01-24 07:29:56
Running from I:\Users\Mustard-Tiger\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (32 Bit) (HKLM\...\{7C25E7A0-A0A1-4B87-BB30-BF0FBDC37878}) (Version: 15.2.2 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.6 (HKLM\...\{213D5223-CD40-4B7B-B292-6D5242AE5039}) (Version: 5.6.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{44537D5C-4CB8-CFCD-2D95-9205FF380CCC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Battlefield 2™ (HKLM\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Call of Duty® - World at War™ (HKLM\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty® - World at War™ (Version: 1.0 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CyberLink Media Suite 10 (HKLM\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HydraVision (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
15-01-2015 11:05:08 Scheduled Checkpoint
17-01-2015 14:35:06 Installed Call of Duty® - World at War™
17-01-2015 15:06:25 Installed Call of Duty® - World at War™
17-01-2015 15:15:51 Installed Call of Duty® - World at War™
19-01-2015 08:34:48 Installed OpenOffice 4.1.1
20-01-2015 09:46:11 Installed Samsung Kies3
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 18:04 - 2015-01-21 16:05 - 00000027 ____A I:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {06024D4A-D951-4AFF-82AE-8762BB8635C9} - System32\Tasks\AdobeAAMUpdater-1.0-MustardTiger-Mustard-Tiger => I:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14] (Adobe Systems Incorporated)
Task: {1BF39C0C-4D88-4539-A39C-DCE5C0BA85B1} - System32\Tasks\GoogleUpdateTaskMachineCore => I:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-04] (Google Inc.)
Task: {73E7080E-87F6-42DB-B2D9-83C1C49793CB} - System32\Tasks\GoogleUpdateTaskMachineUA => I:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-04] (Google Inc.)
Task: {BE982663-B0DF-4992-AB57-F58CB4C0BF7F} - System32\Tasks\CCleanerSkipUAC => I:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {E1A480E0-BDEA-4063-8439-5448C2DFBFFF} - System32\Tasks\{42420389-EAA5-4789-92A2-CE8876C80BC5} => pcalua.exe -a "I:\Program Files\SAMSUNG\USB Drivers\Uninstall.exe"
Task: {F18A9DF9-B110-4BA9-9CEE-652D33AF2F19} - System32\Tasks\Adobe Acrobat Update Task => I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: I:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => I:\Program Files\Google\Update\GoogleUpdate.exe
Task: I:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => I:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2015-01-05 15:02 - 2014-12-12 23:30 - 00107664 _____ () I:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-11-01 11:45 - 2013-11-01 11:45 - 00114688 _____ () I:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-01-17 15:19 - 2015-01-17 15:19 - 00066872 _____ () I:\Windows\system32\PnkBstrA.exe
2015-01-17 15:19 - 2015-01-17 15:19 - 00107832 _____ () I:\Windows\system32\PnkBstrB.exe
2015-01-13 08:26 - 2010-08-18 10:43 - 00247152 ____N () I:\Program Files\CyberLink\Shared files\RichVideo.exe
2014-12-19 15:57 - 2014-12-19 15:57 - 01059488 _____ () I:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
2014-01-09 21:26 - 2014-01-09 21:26 - 01861968 _____ () I:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-09 21:28 - 2014-01-09 21:28 - 00100688 _____ () I:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2015-01-07 21:27 - 2015-01-07 21:27 - 36730032 _____ () I:\Program Files\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2015-01-13 08:21 - 2012-06-07 19:34 - 00627216 _____ () I:\Program Files\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () I:\Program Files\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-01-04 19:42 - 2010-08-26 17:47 - 04577760 _____ () I:\Program Files\NETGEAR\WNA3100\WNA3100.exe
2015-01-04 19:42 - 2010-02-03 11:31 - 00282624 _____ () I:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll
2014-12-19 15:57 - 2014-12-19 15:57 - 05979808 _____ () I:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-01-07 21:27 - 2015-01-07 21:27 - 00746160 _____ () I:\Program Files\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2015-01-07 21:27 - 2015-01-07 21:27 - 00136368 _____ () I:\Program Files\Adobe\Adobe Creative Cloud\CEF\libegl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: ShadowPlay => I:\Windows\system32\rundll32.exe I:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-1694861330-368982402-2994625498-500 - Administrator - Disabled)
Guest (S-1-5-21-1694861330-368982402-2994625498-501 - Limited - Disabled)
Kris (S-1-5-21-1694861330-368982402-2994625498-1004 - Administrator - Enabled)
Mustard-Tiger (S-1-5-21-1694861330-368982402-2994625498-1000 - Administrator - Enabled) => I:\Users\Mustard-Tiger
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/23/2015 02:46:02 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
 
Error: (01/23/2015 02:45:34 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/23/2015 11:42:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Photoshop.exe, version: 15.2.2.310, time stamp: 0x5480306d
Faulting module name: MMXCore.8bx, version: 15.2.2.310, time stamp: 0x54803980
Exception code: 0xc0000005
Fault offset: 0x00014fd3
Faulting process id: 0xfa4
Faulting application start time: 0xPhotoshop.exe0
Faulting application path: Photoshop.exe1
Faulting module path: Photoshop.exe2
Report Id: Photoshop.exe3
 
Error: (01/22/2015 06:36:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: lightroom.exe, version: 5.6.0.10, time stamp: 0x53ce7a40
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0xc0000005
Fault offset: 0x000026df
Faulting process id: 0x13f8
Faulting application start time: 0xlightroom.exe0
Faulting application path: lightroom.exe1
Faulting module path: lightroom.exe2
Report Id: lightroom.exe3
 
Error: (01/22/2015 05:53:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: lightroom.exe, version: 5.6.0.10, time stamp: 0x53ce7a40
Faulting module name: ui.dll, version: 5.6.0.10, time stamp: 0x53ce791b
Exception code: 0xc0000005
Fault offset: 0x000e245e
Faulting process id: 0x17e0
Faulting application start time: 0xlightroom.exe0
Faulting application path: lightroom.exe1
Faulting module path: lightroom.exe2
Report Id: lightroom.exe3
 
Error: (01/22/2015 09:24:50 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
 
Error: (01/22/2015 09:24:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/21/2015 02:25:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
 
Error: (01/21/2015 02:24:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/21/2015 09:09:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: aUQIYOxnORDUEK.exe, version: 0.0.0.0, time stamp: 0x54a01d76
Faulting module name: aUQIYOxnORDUEK.exe, version: 0.0.0.0, time stamp: 0x54a01d76
Exception code: 0xc0000005
Fault offset: 0x000057d3
Faulting process id: 0x14dc
Faulting application start time: 0xaUQIYOxnORDUEK.exe0
Faulting application path: aUQIYOxnORDUEK.exe1
Faulting module path: aUQIYOxnORDUEK.exe2
Report Id: aUQIYOxnORDUEK.exe3
 
 
System errors:
=============
Error: (01/23/2015 07:58:11 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/23/2015 07:58:01 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/23/2015 07:57:51 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/23/2015 07:57:42 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/23/2015 07:57:32 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/23/2015 07:57:23 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/23/2015 07:57:14 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/23/2015 07:57:04 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/23/2015 07:56:55 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/23/2015 07:56:45 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
 
Microsoft Office Sessions:
=========================
Error: (01/23/2015 02:46:02 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*i:\program files\spybot - search & destroy\DelZip179.dlli:\program files\spybot - search & destroy\DelZip179.dll8
 
Error: (01/23/2015 02:45:34 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"i:\program files\cyberlink\powerdirector\muitransfer\MUIStartMenuX64.exe
 
Error: (01/23/2015 11:42:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Photoshop.exe15.2.2.3105480306dMMXCore.8bx15.2.2.31054803980c000000500014fd3fa401d0373fcb2f4307I:\Program Files\Adobe\Adobe Photoshop CC 2014 (32 Bit)\Photoshop.exeI:\Program Files\Adobe\Adobe Photoshop CC 2014 (32 Bit)\Required\Plug-ins\Extensions\MMXCore.8bxfc4d4af0-a337-11e4-9e4c-a3f9185cdc1a
 
Error: (01/22/2015 06:36:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: lightroom.exe5.6.0.1053ce7a40MSVCR100.dll10.0.40219.3254df2be1ec0000005000026df13f801d036af7b531deeI:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exeI:\Windows\system32\MSVCR100.dlla61252a0-a2a8-11e4-a0f2-927853f04203
 
Error: (01/22/2015 05:53:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: lightroom.exe5.6.0.1053ce7a40ui.dll5.6.0.1053ce791bc0000005000e245e17e001d036ab09ef384cI:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exeI:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\ui.dll9d15ed15-a2a2-11e4-a0f2-927853f04203
 
Error: (01/22/2015 09:24:50 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*i:\program files\spybot - search & destroy\DelZip179.dlli:\program files\spybot - search & destroy\DelZip179.dll8
 
Error: (01/22/2015 09:24:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"i:\program files\cyberlink\powerdirector\muitransfer\MUIStartMenuX64.exe
 
Error: (01/21/2015 02:25:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*i:\program files\spybot - search & destroy\DelZip179.dlli:\program files\spybot - search & destroy\DelZip179.dll8
 
Error: (01/21/2015 02:24:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"i:\program files\cyberlink\powerdirector\muitransfer\MUIStartMenuX64.exe
 
Error: (01/21/2015 09:09:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: aUQIYOxnORDUEK.exe0.0.0.054a01d76aUQIYOxnORDUEK.exe0.0.0.054a01d76c0000005000057d314dc01d0359cf64e6873I:\Users\MUSTAR~1\AppData\Local\Temp\HCOURK.tmp\aUQIYOxnORDUEK.exeI:\Users\MUSTAR~1\AppData\Local\Temp\HCOURK.tmp\aUQIYOxnORDUEK.exe371dab7d-a190-11e4-a1f6-d083572b0515
 
 
==================== Memory info =========================== 
 
Processor: AMD A4-5300 APU with Radeon™ HD Graphics 
Percentage of memory in use: 31%
Total physical RAM: 1989.45 MB
Available physical RAM: 1359.27 MB
Total Pagefile: 3978.9 MB
Available Pagefile: 2737.8 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.88 MB
 
==================== Drives ================================
 
Drive c: (WINDOZE) (Fixed) (Total:195.31 GB) (Free:185.06 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Picasa CD) (CDROM) (Total:4.38 GB) (Free:0 GB) UDF
Drive h: (CODWAW) (CDROM) (Total:6.95 GB) (Free:0 GB) UDF
Drive i: (FREE) (Fixed) (Total:195.31 GB) (Free:82.74 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3062996E)
Partition 1: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=195.3 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:30 AM

Posted 24 January 2015 - 11:44 AM

Hi,
please uninstall your google chrome version and install the latest stable one: http://www.google.com/chrome/
 
Afterwards please install an antivirus program as well:
 

warning.gif No resident protection warning

Always have one (and no more than one!) Antivirus program, as the resident protection is absolutely a must-have on any Windows!

Each paid-for Anti-Virus comes with a free trial if you wish to try the software before purchasing. Alternatively, you may wish to use the trial, and revert to a free anti-virus afterwards.

For a paid solution, my choice of anti-virus is ESET NOD32. For a free solution, my choice of anti-virus is avast!. However, please be aware that there is no universal solution that works for everyone, and there is no single best anti-virus. What works for me may not work for you and your machine.

 
After that:
 
Step 1

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.
Step 2

Please download and install mbam.pngMalwarebytes Anti-Malware
  • Please open Malwarebytes Anti-Malware.
  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine All" [5]. Then click the button: Apply Actions. [6]
  • A window with an option to view the detailed log will appear.
    mbamlog.png
  • Click on "View detailed log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.
mbameng.gif


Step 3


frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

Edited by deeprybka, 24 January 2015 - 11:45 AM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 barefeat

barefeat
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:30 PM

Posted 24 January 2015 - 04:43 PM

# AdwCleaner v4.109 - Report created 24/01/2015 at 13:32:08
# Updated 24/01/2015 by Xplode
# Database : 2015-01-24.4 [Live]
# Operating System : Windows 7 Ultimate  (32 bits)
# Username : Mustard-Tiger - MUSTARDTIGER
# Running from : I:\Users\Mustard-Tiger\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found : I:\ProgramData\dpddlocaabohcolmdipnombeecoaaene
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7600.16385
 
 
-\\ Mozilla Firefox v34.0.5 (x86 en-US)
 
 
-\\ Google Chrome v40.0.2214.91
 
 
*************************
 
AdwCleaner[R1].txt - [798 octets] - [24/01/2015 13:32:08]
 
########## EOF - I:\AdwCleaner\AdwCleaner[R1].txt - [857 octets] ##########
 
 
 
 
 
 
 
 
 
running malwarebytes now


#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:30 AM

Posted 24 January 2015 - 04:46 PM

 

# Option : Scan

 

After the scan has finished, click on the Clean button.

Please follow the instructions exactly :)


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 barefeat

barefeat
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:30 PM

Posted 24 January 2015 - 04:51 PM

Sorry. I will pay closer attention. haven't started malware yet so no harm.

 

I will re run it now.



#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:30 AM

Posted 24 January 2015 - 04:52 PM

Sorry. I will pay closer attention.

 

OK. :)


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 barefeat

barefeat
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:30 PM

Posted 24 January 2015 - 04:55 PM

# AdwCleaner v4.109 - Report created 24/01/2015 at 13:52:30

# Updated 24/01/2015 by Xplode
# Database : 2015-01-24.4 [Live]
# Operating System : Windows 7 Ultimate  (32 bits)
# Username : Mustard-Tiger - MUSTARDTIGER
# Running from : I:\Users\Mustard-Tiger\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : I:\ProgramData\dpddlocaabohcolmdipnombeecoaaene
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7600.16385
 
 
-\\ Mozilla Firefox v34.0.5 (x86 en-US)
 
 
-\\ Google Chrome v40.0.2214.91
 
 
*************************
 
AdwCleaner[R1].txt - [936 octets] - [24/01/2015 13:32:08]
AdwCleaner[R2].txt - [995 octets] - [24/01/2015 13:49:37]
AdwCleaner[S1].txt - [921 octets] - [24/01/2015 13:52:30]
 
########## EOF - I:\AdwCleaner\AdwCleaner[S1].txt - [980 octets] ##########


#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:30 AM

Posted 24 January 2015 - 05:15 PM

:thumbup2:


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 barefeat

barefeat
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:30 PM

Posted 24 January 2015 - 05:53 PM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 1/24/2015
Scan Time: 2:01:23 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.01.24.14
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7
CPU: x86
File System: NTFS
User: Mustard-Tiger
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 313916
Time Elapsed: 27 min, 33 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#12 barefeat

barefeat
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:30 PM

Posted 24 January 2015 - 06:07 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2015 01
Ran by Mustard-Tiger (administrator) on MUSTARDTIGER on 24-01-2015 15:03:54
Running from I:\Users\Mustard-Tiger\Desktop
Loaded Profiles: Mustard-Tiger (Available profiles: Mustard-Tiger)
Platform: Microsoft Windows 7 Ultimate  (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) I:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) I:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) I:\Windows\System32\wlanext.exe
(AVAST Software) I:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) I:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() I:\Windows\System32\PnkBstrA.exe
() I:\Windows\System32\PnkBstrB.exe
() I:\Program Files\CyberLink\Shared files\RichVideo.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer Networking Ltd.) I:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) I:\Windows\System32\rundll32.exe
(Avast Software) I:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) I:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) I:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
() I:\Program Files\NETGEAR\WNA3100\WNA3100.exe
(Microsoft Corporation) I:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) I:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) I:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) I:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) I:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) I:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) I:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) I:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AvastUI.exe] => I:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-24] (AVAST Software)
Startup: I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk
ShortcutTarget: NETGEAR WNA3100 Smart Wizard.lnk -> I:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => I:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => I:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => I:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => I:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1694861330-368982402-2994625498-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1694861330-368982402-2994625498-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1694861330-368982402-2994625498-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKU\S-1-5-21-1694861330-368982402-2994625498-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1694861330-368982402-2994625498-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-1694861330-368982402-2994625498-1000 -> {D923984E-8CDE-4CE8-B971-8C2C9FBD8B81} URL = https://www.google.com/search?q={searchTerms}
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> I:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> I:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: I:\Users\Mustard-Tiger\AppData\Roaming\Mozilla\Firefox\Profiles\5f1b60zv.default
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> I:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> I:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> I:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @nvidia.com/3DVision -> I:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> I:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> I:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> I:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> I:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> I:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - I:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - I:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-24]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Gojee Food) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajebcmdcgoggdncokkbdifohckmfpgnb [2015-01-05]
CHR Extension: (Angry Birds) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-01-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-05]
CHR Extension: (YouTube) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-05]
CHR Extension: (eBay) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2015-01-05]
CHR Extension: (Facebook) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-01-05]
CHR Extension: (Google News) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2015-01-05]
CHR Extension: (Google+) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2015-01-05]
CHR Extension: (Timer) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd [2015-01-05]
CHR Extension: (AdBlock) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-05]
CHR Extension: (NPR Infinite Player) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpcelemhneoooapbbopolpjhmbfmnbf [2015-01-05]
CHR Extension: (Crackle) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2015-01-05]
CHR Extension: (HuffingtonPost NewsGlide) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjialelnkjdomiblmnpcpjongleegef [2015-01-05]
CHR Extension: (Google Wallet) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-05]
CHR Extension: (Psykopaint) - I:\Users\Mustard-Tiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-01-05]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - I:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-24]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; I:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2013-11-01] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; I:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-24] (AVAST Software)
R3 AvastVBoxSvc; I:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2015-01-24] (Avast Software)
R2 GfExperienceService; I:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2014-12-12] (NVIDIA Corporation)
R2 NvNetworkService; I:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; I:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18186896 2014-12-12] (NVIDIA Corporation)
R2 PnkBstrA; I:\Windows\system32\PnkBstrA.exe [66872 2015-01-17] ()
R2 PnkBstrB; I:\Windows\system32\PnkBstrB.exe [107832 2015-01-17] ()
R2 RichVideo; I:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2010-08-18] ()
R2 SBSDWSCService; I:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 WinDefend; I:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
S2 WSWNA3100; I:\Program Files\NETGEAR\WNA3100\WifiSvc.exe [285152 2010-08-26] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 amdhub30; I:\Windows\System32\DRIVERS\amdhub30.sys [85312 2013-05-27] (Advanced Micro Devices, INC.)
R3 amdxhc; I:\Windows\System32\DRIVERS\amdxhc.sys [178496 2013-05-27] (Advanced Micro Devices, INC.)
R2 AODDriver4.2.0; I:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50432 2013-09-19] (Advanced Micro Devices)
R2 aswHwid; I:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-24] ()
R2 aswMonFlt; I:\Windows\system32\drivers\aswMonFlt.sys [73480 2015-01-24] (AVAST Software)
R1 aswRdr; I:\Windows\system32\drivers\aswRdr2.sys [81768 2015-01-24] (AVAST Software)
R0 aswRvrt; I:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-24] ()
R1 aswSnx; I:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-24] (AVAST Software)
R1 aswSP; I:\Windows\system32\drivers\aswSP.sys [423784 2015-01-24] (AVAST Software)
S2 aswStm; I:\Windows\system32\drivers\aswStm.sys [91496 2015-01-24] (AVAST Software)
R0 aswVmm; I:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-24] ()
R3 BCMH43XX; I:\Windows\System32\DRIVERS\bcmwlhigh6.sys [699896 2009-11-06] (Broadcom Corporation)
R1 CLVirtualDrive; I:\Windows\System32\DRIVERS\CLVirtualDrive.sys [73712 2011-12-26] (CyberLink)
R3 NvStreamKms; I:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2014-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; I:\Windows\System32\drivers\nvvad32v.sys [32912 2014-11-22] (NVIDIA Corporation)
R0 SCMNdisP; I:\Windows\System32\DRIVERS\scmndisp.sys [21728 2007-01-19] (Windows ® Codename Longhorn DDK provider)
U4 VBoxAswDrv; I:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2015-01-24] (Avast Software)
S3 catchme; \??\I:\Users\MUSTAR~1\AppData\Local\Temp\catchme.sys [X]
S3 MSICDSetup; \??\D:\CDriver.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-24 15:03 - 2015-01-24 15:04 - 00014134 _____ () I:\Users\Mustard-Tiger\Desktop\FRST.txt
2015-01-24 15:02 - 2015-01-24 15:02 - 01120768 _____ (Farbar) I:\Users\Mustard-Tiger\Desktop\FRST.exe
2015-01-24 13:57 - 2015-01-24 14:01 - 00114904 _____ (Malwarebytes Corporation) I:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-24 13:57 - 2015-01-24 13:57 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-24 13:57 - 2015-01-24 13:57 - 00000000 ____D () I:\Program Files\Malwarebytes Anti-Malware
2015-01-24 13:57 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) I:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-24 13:57 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) I:\Windows\system32\Drivers\mwac.sys
2015-01-24 13:57 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) I:\Windows\system32\Drivers\mbam.sys
2015-01-24 13:55 - 2015-01-24 13:56 - 20447072 _____ (Malwarebytes Corporation ) I:\Users\Mustard-Tiger\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-01-24 13:46 - 2015-01-24 13:47 - 20447072 _____ (Malwarebytes Corporation ) I:\Users\Mustard-Tiger\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-24 13:32 - 2015-01-24 13:52 - 00000000 ____D () I:\AdwCleaner
2015-01-24 13:28 - 2015-01-24 13:28 - 02194432 _____ () I:\Users\Mustard-Tiger\Desktop\AdwCleaner.exe
2015-01-24 09:32 - 2015-01-24 09:32 - 00000247 _____ () I:\Windows\system32\2015-01-24-17-32-49.079-aswFe.exe-5212.log
2015-01-24 09:32 - 2015-01-24 09:32 - 00000197 _____ () I:\Windows\system32\2015-01-24-17-32-47.080-AvastVBoxSVC.exe-3012.log
2015-01-24 09:30 - 2015-01-24 13:54 - 00001066 _____ () I:\Windows\PFRO.log
2015-01-24 09:25 - 2015-01-24 09:25 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\Dropbox
2015-01-24 09:23 - 2015-01-24 09:23 - 00000247 _____ () I:\Windows\system32\2015-01-24-17-23-44.074-aswFe.exe-5836.log
2015-01-24 09:23 - 2015-01-24 09:23 - 00000197 _____ () I:\Windows\system32\2015-01-24-17-23-41.020-AvastVBoxSVC.exe-4124.log
2015-01-24 09:22 - 2015-01-24 09:22 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\AVAST Software
2015-01-24 09:21 - 2015-01-24 09:21 - 00000000 ____D () I:\Windows\system32\vbox
2015-01-24 09:20 - 2015-01-24 09:20 - 00787800 _____ (AVAST Software) I:\Windows\system32\Drivers\aswsnx.sys
2015-01-24 09:20 - 2015-01-24 09:20 - 00423784 _____ (AVAST Software) I:\Windows\system32\Drivers\aswsp.sys
2015-01-24 09:20 - 2015-01-24 09:20 - 00291352 _____ (AVAST Software) I:\Windows\system32\aswBoot.exe
2015-01-24 09:20 - 2015-01-24 09:20 - 00206248 _____ () I:\Windows\system32\Drivers\aswVmm.sys
2015-01-24 09:20 - 2015-01-24 09:20 - 00091496 _____ (AVAST Software) I:\Windows\system32\Drivers\aswStm.sys
2015-01-24 09:20 - 2015-01-24 09:20 - 00081768 _____ (AVAST Software) I:\Windows\system32\Drivers\aswRdr2.sys
2015-01-24 09:20 - 2015-01-24 09:20 - 00073480 _____ (AVAST Software) I:\Windows\system32\Drivers\aswmonflt.sys
2015-01-24 09:20 - 2015-01-24 09:20 - 00049944 _____ () I:\Windows\system32\Drivers\aswRvrt.sys
2015-01-24 09:20 - 2015-01-24 09:20 - 00043152 _____ (AVAST Software) I:\Windows\avastSS.scr
2015-01-24 09:20 - 2015-01-24 09:20 - 00024184 _____ () I:\Windows\system32\Drivers\aswHwid.sys
2015-01-24 09:20 - 2015-01-24 09:20 - 00002121 _____ () I:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-24 09:20 - 2015-01-24 09:20 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-24 09:17 - 2015-01-24 09:17 - 00000000 ____D () I:\Program Files\AVAST Software
2015-01-24 09:16 - 2015-01-24 09:17 - 00000000 ____D () I:\ProgramData\AVAST Software
2015-01-24 09:16 - 2015-01-24 09:16 - 05006864 _____ (AVAST Software) I:\Users\Mustard-Tiger\Downloads\avast_free_antivirus_setup_online.exe
2015-01-24 09:14 - 2015-01-24 09:14 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-24 09:13 - 2015-01-24 14:18 - 00000900 _____ () I:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-24 09:13 - 2015-01-24 13:54 - 00000896 _____ () I:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-24 07:29 - 2015-01-24 07:30 - 00055791 _____ () I:\Users\Mustard-Tiger\Downloads\FRST.txt
2015-01-24 07:29 - 2015-01-24 07:30 - 00021185 _____ () I:\Users\Mustard-Tiger\Downloads\Addition.txt
2015-01-24 07:27 - 2015-01-24 07:27 - 00000000 ____D () I:\Users\Mustard-Tiger\Downloads\FRST-OlderVersion
2015-01-22 20:22 - 2015-01-24 10:44 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\New folder
2015-01-22 20:18 - 2015-01-22 20:18 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\Macromedia
2015-01-22 07:43 - 2015-01-24 14:48 - 00004394 _____ () I:\Windows\setupact.log
2015-01-22 07:43 - 2015-01-22 07:43 - 00000000 _____ () I:\Windows\setuperr.log
2015-01-21 18:44 - 2015-01-24 15:03 - 00000000 ____D () I:\FRST
2015-01-21 17:47 - 2015-01-21 17:47 - 00000000 ____D () I:\Users\Mustard-Tiger\Documents\backups
2015-01-21 16:41 - 2015-01-21 16:41 - 00000000 ____D () I:\ProgramData\Malwarebytes
2015-01-21 16:20 - 2015-01-21 16:20 - 00000969 _____ () I:\Users\Public\Desktop\CCleaner.lnk
2015-01-21 16:20 - 2015-01-21 16:20 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-21 16:20 - 2015-01-21 16:20 - 00000000 ____D () I:\Program Files\CCleaner
2015-01-21 16:19 - 2015-01-21 16:20 - 05317104 _____ (Piriform Ltd) I:\Users\Mustard-Tiger\Downloads\ccsetup501.exe
2015-01-21 16:13 - 2015-01-21 16:13 - 00017967 _____ () I:\ComboFix.txt
2015-01-21 15:43 - 2015-01-21 16:14 - 00000000 ____D () I:\Qoobox
2015-01-21 15:43 - 2015-01-21 16:11 - 00000000 ____D () I:\Windows\erdnt
2015-01-21 15:43 - 2011-06-25 22:45 - 00256000 _____ () I:\Windows\PEV.exe
2015-01-21 15:43 - 2010-11-07 09:20 - 00208896 _____ () I:\Windows\MBR.exe
2015-01-21 15:43 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) I:\Windows\NIRCMD.exe
2015-01-21 15:43 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) I:\Windows\SWREG.exe
2015-01-21 15:43 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) I:\Windows\SWSC.exe
2015-01-21 15:43 - 2000-08-30 16:00 - 00098816 _____ () I:\Windows\sed.exe
2015-01-21 15:43 - 2000-08-30 16:00 - 00080412 _____ () I:\Windows\grep.exe
2015-01-21 15:43 - 2000-08-30 16:00 - 00068096 _____ () I:\Windows\zip.exe
2015-01-21 15:42 - 2015-01-21 15:43 - 05608785 ____R (Swearware) I:\Users\Mustard-Tiger\Downloads\ComboFix.exe
2015-01-21 14:00 - 2009-06-10 13:39 - 00000824 _____ () I:\Windows\system32\Drivers\etc\hosts.20150121-140033.backup
2015-01-21 13:34 - 2015-01-21 17:50 - 00000000 ____D () I:\ProgramData\Spybot - Search & Destroy
2015-01-21 13:34 - 2015-01-21 13:38 - 00000000 ____D () I:\Program Files\Spybot - Search & Destroy
2015-01-21 13:34 - 2015-01-21 13:34 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2015-01-21 13:19 - 2015-01-21 13:19 - 16409960 _____ (Safer Networking Limited ) I:\Users\Mustard-Tiger\Downloads\spybotsd162.exe
2015-01-21 12:40 - 2015-01-21 12:40 - 00002441 _____ () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-01-21 12:40 - 2015-01-21 12:40 - 00001993 _____ () I:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-01-20 10:26 - 2015-01-20 10:27 - 16012496 _____ (SAMSUNG Electronics Co., Ltd.) I:\Users\Mustard-Tiger\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
2015-01-20 09:56 - 2015-01-20 09:56 - 00000000 ____D () I:\Users\Mustard-Tiger\.android
2015-01-20 09:47 - 2015-01-20 09:47 - 00000000 ____D () I:\Users\Public\Documents\NativeFus_Log
2015-01-20 09:46 - 2015-01-20 09:47 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\Samsung
2015-01-20 09:46 - 2015-01-20 09:46 - 00000000 ____D () I:\Users\Mustard-Tiger\Documents\SelfMV
2015-01-20 09:46 - 2015-01-20 09:46 - 00000000 ____D () I:\Users\Mustard-Tiger\Documents\samsung
2015-01-20 09:46 - 2015-01-20 09:46 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-01-20 09:46 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) I:\Windows\system32\secman.dll
2015-01-20 09:41 - 2015-01-20 09:41 - 00000000 ____D () I:\Users\Mustard-Tiger\Downloads\Tools
2015-01-20 09:38 - 2015-01-20 09:38 - 00000000 ____H () I:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-01-20 09:36 - 2015-01-20 09:53 - 00000000 ____D () I:\ProgramData\{e28ad432-5821-e223-e28a-ad43258250c9}
2015-01-19 08:35 - 2015-01-19 08:35 - 00000000 ___SD () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-01-19 08:35 - 2015-01-19 08:35 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\OpenOffice
2015-01-19 08:35 - 2015-01-19 08:35 - 00000000 ____D () I:\Program Files\OpenOffice 4
2015-01-19 08:30 - 2015-01-19 08:33 - 140852175 _____ () I:\Users\Mustard-Tiger\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe
2015-01-18 08:35 - 2015-01-18 14:18 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\homemovies
2015-01-17 15:20 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) I:\Windows\system32\XAudio2_1.dll
2015-01-17 15:20 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) I:\Windows\system32\xactengine3_1.dll
2015-01-17 15:20 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) I:\Windows\system32\XAPOFX1_0.dll
2015-01-17 15:20 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) I:\Windows\system32\X3DAudio1_4.dll
2015-01-17 15:20 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) I:\Windows\system32\D3DX9_38.dll
2015-01-17 15:20 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) I:\Windows\system32\D3DCompiler_38.dll
2015-01-17 15:20 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) I:\Windows\system32\d3dx10_38.dll
2015-01-17 15:20 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) I:\Windows\system32\XAudio2_0.dll
2015-01-17 15:20 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) I:\Windows\system32\xactengine3_0.dll
2015-01-17 15:20 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) I:\Windows\system32\X3DAudio1_3.dll
2015-01-17 15:20 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) I:\Windows\system32\D3DX9_37.dll
2015-01-17 15:20 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) I:\Windows\system32\D3DCompiler_37.dll
2015-01-17 15:20 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) I:\Windows\system32\d3dx10_37.dll
2015-01-17 15:20 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_10.dll
2015-01-17 15:20 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) I:\Windows\system32\X3DAudio1_2.dll
2015-01-17 15:20 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_36.dll
2015-01-17 15:20 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) I:\Windows\system32\D3DCompiler_36.dll
2015-01-17 15:20 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) I:\Windows\system32\d3dx10_36.dll
2015-01-17 15:20 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_9.dll
2015-01-17 15:20 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_35.dll
2015-01-17 15:20 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) I:\Windows\system32\D3DCompiler_35.dll
2015-01-17 15:20 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) I:\Windows\system32\d3dx10_35.dll
2015-01-17 15:20 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_8.dll
2015-01-17 15:20 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_34.dll
2015-01-17 15:20 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) I:\Windows\system32\D3DCompiler_34.dll
2015-01-17 15:20 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) I:\Windows\system32\d3dx10_34.dll
2015-01-17 15:20 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_7.dll
2015-01-17 15:20 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) I:\Windows\system32\xinput1_3.dll
2015-01-17 15:20 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) I:\Windows\system32\d3dx10_33.dll
2015-01-17 15:20 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_33.dll
2015-01-17 15:20 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) I:\Windows\system32\D3DCompiler_33.dll
2015-01-17 15:20 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) I:\Windows\system32\x3daudio1_1.dll
2015-01-17 15:20 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_6.dll
2015-01-17 15:20 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_5.dll
2015-01-17 15:20 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_32.dll
2015-01-17 15:20 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) I:\Windows\system32\d3dx10.dll
2015-01-17 15:20 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_31.dll
2015-01-17 15:20 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_4.dll
2015-01-17 15:20 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_3.dll
2015-01-17 15:20 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) I:\Windows\system32\xinput1_2.dll
2015-01-17 15:20 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_2.dll
2015-01-17 15:20 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_30.dll
2015-01-17 15:20 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_1.dll
2015-01-17 15:20 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) I:\Windows\system32\xinput1_1.dll
2015-01-17 15:20 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_29.dll
2015-01-17 15:20 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) I:\Windows\system32\xactengine2_0.dll
2015-01-17 15:20 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) I:\Windows\system32\x3daudio1_0.dll
2015-01-17 15:20 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_28.dll
2015-01-17 15:20 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_27.dll
2015-01-17 15:20 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_26.dll
2015-01-17 15:19 - 2015-01-17 15:19 - 00682280 _____ () I:\Windows\system32\pbsvc.exe
2015-01-17 15:19 - 2015-01-17 15:19 - 00107832 _____ () I:\Windows\system32\PnkBstrB.exe
2015-01-17 15:19 - 2015-01-17 15:19 - 00066872 _____ () I:\Windows\system32\PnkBstrA.exe
2015-01-17 15:19 - 2015-01-17 15:19 - 00022328 _____ () I:\Windows\system32\Drivers\PnkBstrK.sys
2015-01-17 15:19 - 2015-01-17 15:19 - 00022328 _____ () I:\Users\Mustard-Tiger\AppData\Roaming\PnkBstrK.sys
2015-01-17 15:17 - 2015-01-17 15:17 - 00000000 ____D () I:\Program Files\Activision
2015-01-17 14:38 - 2015-01-17 14:57 - 3172237312 _____ () I:\Users\Mustard-Tiger\Documents\COD.WaW.iso
2015-01-17 14:37 - 2015-01-17 14:37 - 00000000 ____D () I:\Users\Public\Documents\CyberLink
2015-01-15 18:08 - 2015-01-15 18:08 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\DDMSettings
2015-01-15 07:09 - 2015-01-20 08:10 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\JPEGS
2015-01-15 07:08 - 2015-01-22 09:57 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\workstuff
2015-01-14 00:15 - 2015-01-14 00:15 - 00001283 _____ () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-01-13 08:31 - 2015-01-13 08:31 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\Power2Go8
2015-01-13 08:22 - 2015-01-17 14:37 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\CyberLink
2015-01-13 08:22 - 2015-01-13 08:22 - 00000000 ____D () I:\Program Files\Common Files\CyberLink
2015-01-13 08:22 - 2011-12-26 21:37 - 00073712 _____ (CyberLink) I:\Windows\system32\Drivers\CLVirtualDrive.sys
2015-01-13 08:19 - 2015-01-13 08:27 - 00000000 ___RD () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2015-01-13 08:19 - 2015-01-13 08:27 - 00000000 ____D () I:\Program Files\CyberLink
2015-01-13 08:19 - 2015-01-13 08:26 - 00000000 ____D () I:\ProgramData\install_clap
2015-01-13 08:18 - 2015-01-17 14:57 - 00000000 ____D () I:\ProgramData\CyberLink
2015-01-13 08:18 - 2015-01-13 08:27 - 00000000 ____D () I:\ProgramData\Temp
2015-01-13 08:18 - 2015-01-13 08:19 - 00000000 ____D () I:\ProgramData\CLSK
2015-01-12 14:19 - 2015-01-12 14:19 - 00001456 _____ () I:\Users\Mustard-Tiger\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-01-12 11:28 - 2002-12-13 00:51 - 08831488 _____ () I:\Users\Mustard-Tiger\Desktop\Video 2.avi
2015-01-10 08:16 - 2015-01-10 08:16 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-01-10 08:15 - 2015-01-10 08:16 - 17385800 _____ (Google Inc.) I:\Users\Mustard-Tiger\Downloads\picasa39-setup.exe
2015-01-08 16:12 - 2015-01-08 16:12 - 00000000 ____D () I:\Users\Mustard-Tiger\Documents\Battlefield 2
2015-01-08 16:12 - 2015-01-08 16:12 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-01-08 16:10 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_25.dll
2015-01-08 16:10 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) I:\Windows\system32\d3dx9_24.dll
2015-01-08 16:09 - 2015-01-08 16:09 - 00000000 ____D () I:\Windows\system32\Macromed
2015-01-08 15:55 - 2015-01-08 15:55 - 00000000 ____D () I:\Program Files\EA GAMES
2015-01-08 06:55 - 2015-01-08 06:55 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\NVIDIA
2015-01-08 06:31 - 2015-01-08 06:55 - 00000000 ____D () I:\ProgramData\regid.1986-12.com.adobe
2015-01-08 06:31 - 2015-01-08 06:31 - 00001260 _____ () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014 (32 Bit).lnk
2015-01-06 07:57 - 2015-01-06 07:57 - 00001751 _____ () I:\Users\Mustard-Tiger\Desktop\exports - Shortcut.lnk
2015-01-06 06:18 - 2015-01-06 06:18 - 00000000 ____D () I:\Users\Mustard-Tiger\Documents\Adobe
2015-01-06 01:02 - 2015-01-06 01:02 - 00000000 ____H () I:\Users\Mustard-Tiger\Documents\Default.rdp
2015-01-05 18:16 - 2015-01-21 20:41 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\Microsoft Games
2015-01-05 17:59 - 2015-01-05 17:59 - 00002071 _____ () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.6.lnk
2015-01-05 17:49 - 2015-01-05 17:49 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\Photoshop Lightroom 5.6
2015-01-05 17:45 - 2015-01-05 17:45 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\Unity
2015-01-05 17:44 - 2015-01-21 09:09 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\Unity
2015-01-05 17:14 - 2015-01-05 17:14 - 00000000 ___RD () I:\Users\Mustard-Tiger\Creative Cloud Files
2015-01-05 17:02 - 2015-01-21 12:43 - 00000000 ____D () I:\ProgramData\Adobe
2015-01-05 17:02 - 2015-01-21 12:42 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\Adobe
2015-01-05 17:00 - 2015-01-21 12:40 - 00000000 ____D () I:\Program Files\Common Files\Adobe
2015-01-05 17:00 - 2015-01-21 12:40 - 00000000 ____D () I:\Program Files\Adobe
2015-01-05 16:52 - 2015-01-24 05:48 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\Adobe
2015-01-05 16:52 - 2015-01-05 16:52 - 00672432 _____ (Adobe Systems Incorporated) I:\Users\Mustard-Tiger\Downloads\CreativeCloudSet-Up.exe
2015-01-05 15:18 - 2015-01-22 17:22 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\DCIM
2015-01-05 15:17 - 2015-01-05 15:17 - 00000000 ____H () I:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-01-05 15:08 - 2015-01-23 19:21 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\DivX Movies
2015-01-05 15:07 - 2015-01-12 11:18 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\music_vids
2015-01-05 15:05 - 2015-01-05 15:05 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\NVIDIA Corporation
2015-01-05 15:04 - 2015-01-05 15:06 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\NVIDIA
2015-01-05 15:04 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) I:\Windows\system32\D3DX9_43.dll
2015-01-05 15:04 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) I:\Windows\system32\d3dx10_43.dll
2015-01-05 15:04 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) I:\Windows\system32\d3dx11_43.dll
2015-01-05 15:03 - 2015-01-24 10:44 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\tv
2015-01-05 15:03 - 2015-01-05 15:30 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-05 15:03 - 2014-12-12 16:11 - 02210040 _____ (NVIDIA Corporation) I:\Windows\system32\nvspcap.dll
2015-01-05 15:03 - 2014-12-12 16:11 - 01291464 _____ (NVIDIA Corporation) I:\Windows\system32\nvspbridge.dll
2015-01-05 15:02 - 2015-01-24 13:54 - 00000000 ____D () I:\ProgramData\NVIDIA
2015-01-05 15:02 - 2015-01-05 15:06 - 00000000 ____D () I:\ProgramData\NVIDIA Corporation
2015-01-05 15:02 - 2014-12-13 02:02 - 00060560 _____ (Khronos Group) I:\Windows\system32\OpenCL.dll
2015-01-05 15:02 - 2014-12-12 23:30 - 04403016 _____ (NVIDIA Corporation) I:\Windows\system32\nvcpl.dll
2015-01-05 15:02 - 2014-12-12 23:30 - 03056784 _____ (NVIDIA Corporation) I:\Windows\system32\nvsvc.dll
2015-01-05 15:02 - 2014-12-12 23:30 - 02554000 _____ (NVIDIA Corporation) I:\Windows\system32\nvsvcr.dll
2015-01-05 15:02 - 2014-12-12 23:30 - 00669840 _____ (NVIDIA Corporation) I:\Windows\system32\nvvsvc.exe
2015-01-05 15:02 - 2014-12-12 23:30 - 00375112 _____ (NVIDIA Corporation) I:\Windows\system32\nvmctray.dll
2015-01-05 15:02 - 2014-12-12 23:30 - 00062784 _____ (NVIDIA Corporation) I:\Windows\system32\nvshext.dll
2015-01-05 15:02 - 2014-12-12 23:03 - 00620176 _____ (NVIDIA Corporation) I:\Windows\system32\nvStreaming.exe
2015-01-05 15:02 - 2014-12-11 04:49 - 04151176 _____ () I:\Windows\system32\nvcoproc.bin
2015-01-05 15:01 - 2014-12-13 02:02 - 24764048 _____ (NVIDIA Corporation) I:\Windows\system32\nvoglv32.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 20465808 _____ (NVIDIA Corporation) I:\Windows\system32\nvcompiler.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 16039176 _____ (NVIDIA Corporation) I:\Windows\system32\nvwgf2um.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 14128496 _____ (NVIDIA Corporation) I:\Windows\system32\nvd3dum.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 10771128 _____ (NVIDIA Corporation) I:\Windows\system32\nvopencl.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 10710344 _____ (NVIDIA Corporation) I:\Windows\system32\nvcuda.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 08536208 _____ (NVIDIA Corporation) I:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-05 15:01 - 2014-12-13 02:02 - 03249984 _____ (NVIDIA Corporation) I:\Windows\system32\nvcuvid.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 02897640 _____ (NVIDIA Corporation) I:\Windows\system32\nvapi.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 01047696 _____ (NVIDIA Corporation) I:\Windows\system32\nvdispco3234709.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 00927888 _____ (NVIDIA Corporation) I:\Windows\system32\NvIFR.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 00911504 _____ (NVIDIA Corporation) I:\Windows\system32\nvdispgenco3234709.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 00905360 _____ (NVIDIA Corporation) I:\Windows\system32\NvFBC.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 00877984 _____ (NVIDIA Corporation) I:\Windows\system32\nvumdshim.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 00305136 _____ (NVIDIA Corporation) I:\Windows\system32\nvoglshim32.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 00164752 _____ (NVIDIA Corporation) I:\Windows\system32\nvinit.dll
2015-01-05 15:01 - 2014-12-13 02:02 - 00022896 _____ () I:\Windows\system32\nvinfo.pb
2015-01-05 15:01 - 2014-11-22 02:46 - 00032912 _____ (NVIDIA Corporation) I:\Windows\system32\Drivers\nvvad32v.sys
2015-01-05 15:01 - 2014-11-22 02:46 - 00032400 _____ (NVIDIA Corporation) I:\Windows\system32\nvaudcap32v.dll
2015-01-05 15:01 - 2014-10-09 09:02 - 00161424 _____ (NVIDIA Corporation) I:\Windows\system32\Drivers\nvhda32v.sys
2015-01-05 15:01 - 2014-10-09 09:02 - 00027280 _____ (NVIDIA Corporation) I:\Windows\system32\nvhdap32.dll
2015-01-05 15:01 - 2014-10-08 23:17 - 00908608 _____ (NVIDIA Corporation) I:\Windows\system32\nvhdagenco32.dll
2015-01-05 15:00 - 2015-01-05 15:04 - 00000000 ____D () I:\Program Files\NVIDIA Corporation
2015-01-05 14:46 - 2015-01-05 14:59 - 249214576 _____ (NVIDIA Corporation) I:\Users\Mustard-Tiger\Downloads\347.09-desktop-win8-win7-winvista-32bit-international-whql.exe
2015-01-05 14:30 - 2015-01-21 08:48 - 00000000 ____D () I:\Users\Mustard-Tiger\Desktop\Downloaded files
2015-01-05 06:05 - 2015-01-21 16:23 - 00000000 ____D () I:\Windows\Minidump
2015-01-04 20:35 - 2015-01-05 06:08 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\Mozilla
2015-01-04 20:35 - 2015-01-04 20:35 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\Mozilla
2015-01-04 20:34 - 2015-01-04 20:34 - 00001121 _____ () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-04 20:34 - 2015-01-04 20:34 - 00000000 ____D () I:\ProgramData\Mozilla
2015-01-04 20:34 - 2015-01-04 20:34 - 00000000 ____D () I:\Program Files\Mozilla Maintenance Service
2015-01-04 20:34 - 2015-01-04 20:34 - 00000000 ____D () I:\Program Files\Mozilla Firefox
2015-01-04 20:21 - 2015-01-23 19:26 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\DivX
2015-01-04 20:21 - 2015-01-04 20:21 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-01-04 20:21 - 2015-01-04 20:21 - 00000000 ____D () I:\Program Files\Common Files\DivX Shared
2015-01-04 20:19 - 2014-11-24 14:04 - 00229000 ____N (Microsoft Corporation) I:\Windows\system32\MpSigStub.exe
2015-01-04 20:05 - 2015-01-04 20:21 - 00000000 ____D () I:\Program Files\DivX
2015-01-04 20:04 - 2015-01-12 11:39 - 00000000 ____D () I:\ProgramData\DivX
2015-01-04 20:03 - 2015-01-24 09:14 - 00000000 ____D () I:\Program Files\Google
2015-01-04 20:03 - 2015-01-24 09:13 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\Deployment
2015-01-04 20:03 - 2015-01-24 09:12 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\Apps\2.0
2015-01-04 20:03 - 2015-01-19 11:02 - 00144232 _____ () I:\Users\Mustard-Tiger\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-04 20:03 - 2015-01-10 08:17 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\Google
2015-01-04 20:01 - 2015-01-04 20:01 - 00000000 ____H () I:\ProgramData\DP45977C.lfl
2015-01-04 20:01 - 2015-01-04 20:01 - 00000000 ____D () I:\Windows\system32\RTCOM
2015-01-04 20:00 - 2015-01-13 08:22 - 00000000 ____D () I:\Program Files\Common Files\InstallShield
2015-01-04 20:00 - 2015-01-04 20:01 - 00000000 ___HD () I:\Program Files\Temp
2015-01-04 20:00 - 2015-01-04 20:00 - 00000000 ____D () I:\Program Files\Realtek
2015-01-04 20:00 - 2013-12-10 04:35 - 43342848 _____ (Realtek Semiconductor Corp.) I:\Windows\system32\RCoRes.dat
2015-01-04 20:00 - 2013-12-10 04:20 - 02937432 _____ (Realtek Semiconductor Corp.) I:\Windows\system32\Drivers\RTKVHDA.sys
2015-01-04 20:00 - 2013-12-09 18:17 - 00693385 _____ () I:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-04 20:00 - 2013-12-05 04:21 - 00125144 _____ (Realtek Semiconductor Corp.) I:\Windows\system32\RtkCoInstII.dll
2015-01-04 20:00 - 2013-12-04 00:27 - 01892056 _____ (Realtek Semiconductor Corp.) I:\Windows\system32\RTSndMgr.cpl
2015-01-04 20:00 - 2013-12-02 00:55 - 05681196 _____ () I:\Windows\system32\Drivers\rtvienna.dat
2015-01-04 20:00 - 2013-11-25 01:20 - 02080472 ____R (Realtek Semiconductor Corp.) I:\Windows\RtlExUpd.dll
2015-01-04 20:00 - 2013-11-24 23:59 - 02547928 _____ (Realtek Semiconductor Corp.) I:\Windows\system32\RtkPgExt.dll
2015-01-04 20:00 - 2013-11-24 23:59 - 02329304 _____ (Realtek Semiconductor Corp.) I:\Windows\system32\RtkAPO.dll
2015-01-04 20:00 - 2013-11-13 02:53 - 00860416 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioAPOShell.dll
2015-01-04 20:00 - 2013-11-13 02:52 - 13881600 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioRealtek.dll
2015-01-04 20:00 - 2013-11-13 02:52 - 01935104 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioEQ.dll
2015-01-04 20:00 - 2013-11-13 02:48 - 03629824 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioVnN.dll
2015-01-04 20:00 - 2013-11-13 02:38 - 01677568 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioRealtek2.dll
2015-01-04 20:00 - 2013-11-13 01:56 - 01824000 _____ (Waves Audio Ltd.) I:\Windows\system32\WavesGUILib.dll
2015-01-04 20:00 - 2013-11-13 01:56 - 01097984 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioAPO50.dll
2015-01-04 20:00 - 2013-11-04 19:21 - 00865592 _____ (Nahimic Inc) I:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2015-01-04 20:00 - 2013-11-04 19:18 - 05115672 _____ (Nahimic Inc) I:\Windows\system32\NAHIMICAPOlfx.dll
2015-01-04 20:00 - 2013-10-28 01:29 - 00782040 _____ (Realtek Semiconductor Corp.) I:\Windows\system32\RtkApoApi.dll
2015-01-04 20:00 - 2013-10-15 11:43 - 00182472 _____ (Andrea Electronics Corporation) I:\Windows\system32\AERTACap.dll
2015-01-04 20:00 - 2013-10-10 20:47 - 00092584 _____ (Real Sound Lab SIA) I:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-01-04 20:00 - 2013-10-10 19:31 - 00919600 _____ (Sony Corporation) I:\Windows\system32\SFSS_APO.dll
2015-01-04 20:00 - 2013-10-09 04:13 - 00926976 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxSpeechAPO.dll
2015-01-04 20:00 - 2013-10-09 04:12 - 27369216 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioVnA.dll
2015-01-04 20:00 - 2013-10-06 08:14 - 00426944 _____ (DTS) I:\Windows\system32\DTSU2PLFX32.dll
2015-01-04 20:00 - 2013-10-06 08:14 - 00403392 _____ (DTS) I:\Windows\system32\DTSU2PGFX32.dll
2015-01-04 20:00 - 2013-10-06 08:14 - 00346048 _____ (DTS) I:\Windows\system32\DTSU2PREC32.dll
2015-01-04 20:00 - 2013-09-09 12:02 - 06176944 _____ (Dolby Laboratories) I:\Windows\system32\DDPP32A.dll
2015-01-04 20:00 - 2013-09-09 12:02 - 00272048 _____ (Dolby Laboratories) I:\Windows\system32\DDPO32A.dll
2015-01-04 20:00 - 2013-09-09 12:01 - 01489072 _____ (Dolby Laboratories) I:\Windows\system32\DDPD32A.dll
2015-01-04 20:00 - 2013-09-09 12:01 - 00219312 _____ (Dolby Laboratories) I:\Windows\system32\DDPA32.dll
2015-01-04 20:00 - 2013-08-23 11:14 - 00938752 _____ (SRS Labs, Inc.) I:\Windows\system32\slcnt32.dll
2015-01-04 20:00 - 2013-08-23 11:14 - 00823040 _____ (DTS, Inc.) I:\Windows\system32\sl3apo32.dll
2015-01-04 20:00 - 2013-08-23 11:14 - 00604928 _____ (DTS, Inc.) I:\Windows\system32\sltech32.dll
2015-01-04 20:00 - 2013-08-23 11:14 - 00218368 _____ (TODO: <Company name>) I:\Windows\system32\slprp32.dll
2015-01-04 20:00 - 2013-08-20 01:36 - 00502584 _____ () I:\Windows\system32\audioLibVc.dll
2015-01-04 20:00 - 2013-08-14 00:36 - 00873728 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioAPO40.dll
2015-01-04 20:00 - 2013-08-14 00:36 - 00509184 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxVolumeSDAPO.dll
2015-01-04 20:00 - 2013-08-14 00:35 - 00761088 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxVoiceAPO20.dll
2015-01-04 20:00 - 2013-08-14 00:35 - 00509184 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioAPO30.dll
2015-01-04 20:00 - 2013-08-05 02:10 - 02395680 _____ (Fortemedia Corporation) I:\Windows\system32\FMAPO.dll
2015-01-04 20:00 - 2013-06-17 04:20 - 00188696 _____ () I:\Windows\system32\AcpiServiceVnA.dll
2015-01-04 20:00 - 2013-04-02 22:12 - 00852016 _____ (Sony Corporation) I:\Windows\system32\MISS_APO.dll
2015-01-04 20:00 - 2012-08-31 03:17 - 07162128 _____ (Dolby Laboratories) I:\Windows\system32\R4EEP32A.dll
2015-01-04 20:00 - 2012-08-31 03:17 - 00352016 _____ (Dolby Laboratories) I:\Windows\system32\R4EED32A.dll
2015-01-04 20:00 - 2012-08-31 03:17 - 00106768 _____ (Dolby Laboratories) I:\Windows\system32\R4EEL32A.dll
2015-01-04 20:00 - 2012-08-31 03:17 - 00091920 _____ (Dolby Laboratories) I:\Windows\system32\R4EEA32A.dll
2015-01-04 20:00 - 2012-08-31 03:17 - 00062224 _____ (Dolby Laboratories) I:\Windows\system32\R4EEG32A.dll
2015-01-04 20:00 - 2012-03-07 19:47 - 00095840 _____ (Andrea Electronics Corporation) I:\Windows\system32\AERTARen.dll
2015-01-04 20:00 - 2012-01-29 19:42 - 00819648 _____ (TOSHIBA Corporation) I:\Windows\system32\tadefxapo2.dll
2015-01-04 20:00 - 2012-01-09 18:20 - 00058264 _____ (TOSHIBA CORPORATION.) I:\Windows\system32\TepeqAPO.dll
2015-01-04 20:00 - 2011-11-22 00:28 - 00013416 _____ (Realtek Semiconductor Corp.) I:\Windows\system32\RtkCoLDR.dll
2015-01-04 20:00 - 2011-09-01 22:21 - 00214368 _____ (Synopsys, Inc.) I:\Windows\system32\SFNHK.dll
2015-01-04 20:00 - 2011-09-01 22:21 - 00074080 _____ (Synopsys, Inc.) I:\Windows\system32\SFCOM.dll
2015-01-04 20:00 - 2011-09-01 22:21 - 00068960 _____ (Synopsys, Inc.) I:\Windows\system32\SFAPO.dll
2015-01-04 20:00 - 2011-08-23 01:00 - 00357712 _____ (Knowles Acoustics ) I:\Windows\system32\KAAPORT.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 01509480 _____ (DTS) I:\Windows\system32\DTSS2SpeakerDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 01292904 _____ (DTS) I:\Windows\system32\DTSS2HeadphoneDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 01220200 _____ (DTS) I:\Windows\system32\DTSBoostDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00654952 _____ (DTS) I:\Windows\system32\DTSBassEnhancementDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00631400 _____ (DTS) I:\Windows\system32\DTSSymmetryDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00601704 _____ (DTS) I:\Windows\system32\DTSVoiceClarityDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00458344 _____ (DTS) I:\Windows\system32\DTSNeoPCDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00389736 _____ (DTS) I:\Windows\system32\DTSGainCompensatorDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00375400 _____ (DTS) I:\Windows\system32\DTSLimiterDLL.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00218728 _____ (DTS) I:\Windows\system32\DTSGFXAPONS.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00218728 _____ (DTS) I:\Windows\system32\DTSGFXAPO.dll
2015-01-04 20:00 - 2011-05-30 17:42 - 00218216 _____ (DTS) I:\Windows\system32\DTSLFXAPO.dll
2015-01-04 20:00 - 2011-03-16 20:16 - 01379760 _____ (TOSHIBA Corporation) I:\Windows\system32\tosade.dll
2015-01-04 20:00 - 2011-03-07 01:03 - 00134584 _____ (TOSHIBA Corporation) I:\Windows\system32\tadefxapo.dll
2015-01-04 20:00 - 2010-11-07 15:31 - 00359768 _____ (Dolby Laboratories, Inc.) I:\Windows\system32\RTEEP32A.dll
2015-01-04 20:00 - 2010-11-07 15:31 - 00295768 _____ (Dolby Laboratories, Inc.) I:\Windows\system32\RP3DHT32.dll
2015-01-04 20:00 - 2010-11-07 15:31 - 00295768 _____ (Dolby Laboratories, Inc.) I:\Windows\system32\RP3DAA32.dll
2015-01-04 20:00 - 2010-11-07 15:31 - 00170840 _____ (Dolby Laboratories, Inc.) I:\Windows\system32\RTEED32A.dll
2015-01-04 20:00 - 2010-11-07 15:31 - 00078680 _____ (Dolby Laboratories, Inc.) I:\Windows\system32\RTEEL32A.dll
2015-01-04 20:00 - 2010-11-07 15:31 - 00064856 _____ (Dolby Laboratories, Inc.) I:\Windows\system32\RTEEG32A.dll
2015-01-04 20:00 - 2010-09-26 17:34 - 00232792 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioAPO20.dll
2015-01-04 20:00 - 2009-12-03 23:43 - 00132368 _____ (Waves Audio Ltd.) I:\Windows\system32\MaxxAudioAPO.dll
2015-01-04 20:00 - 2009-11-23 17:55 - 00345328 _____ (SRS Labs, Inc.) I:\Windows\system32\SRSTSXT.dll
2015-01-04 20:00 - 2009-11-23 17:55 - 00185584 _____ (SRS Labs, Inc.) I:\Windows\system32\SRSTSHD.dll
2015-01-04 20:00 - 2009-11-23 17:55 - 00173296 _____ (SRS Labs, Inc.) I:\Windows\system32\SRSHP360.dll
2015-01-04 20:00 - 2009-11-23 17:55 - 00140528 _____ (SRS Labs, Inc.) I:\Windows\system32\SRSWOW.dll
2015-01-04 20:00 - 2009-11-18 02:42 - 01783056 _____ (Waves Audio Ltd.) I:\Windows\system32\WavesLib.dll
2015-01-04 19:56 - 2015-01-04 19:56 - 00000000 ____H () I:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh6_01009.Wdf
2015-01-04 19:54 - 2015-01-04 19:54 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-04 19:54 - 2015-01-04 19:54 - 00000000 ____D () I:\ProgramData\AMD
2015-01-04 19:54 - 2013-05-27 11:09 - 00178496 _____ (Advanced Micro Devices, INC.) I:\Windows\system32\Drivers\amdxhc.sys
2015-01-04 19:54 - 2013-05-27 11:09 - 00085312 _____ (Advanced Micro Devices, INC.) I:\Windows\system32\Drivers\amdhub30.sys
2015-01-04 19:54 - 2012-08-28 04:27 - 00045736 ____R (Advanced Micro Devices) I:\Windows\system32\Drivers\usbfilter.sys
2015-01-04 19:53 - 2015-01-14 00:15 - 00000000 ____D () I:\ProgramData\Package Cache
2015-01-04 19:51 - 2015-01-04 19:51 - 00000000 ____D () I:\Program Files\Microsoft.NET
2015-01-04 19:50 - 2015-01-04 19:50 - 00000000 ____D () I:\MSI
2015-01-04 19:50 - 2009-11-25 11:47 - 01130824 _____ (Microsoft Corporation) I:\Windows\system32\dfshim.dll
2015-01-04 19:50 - 2009-11-25 11:47 - 00297808 _____ (Microsoft Corporation) I:\Windows\system32\mscoree.dll
2015-01-04 19:50 - 2009-11-25 11:47 - 00295264 _____ (Microsoft Corporation) I:\Windows\system32\PresentationHost.exe
2015-01-04 19:50 - 2009-11-25 11:47 - 00099176 _____ (Microsoft Corporation) I:\Windows\system32\PresentationHostProxy.dll
2015-01-04 19:50 - 2009-11-25 11:47 - 00049472 _____ (Microsoft Corporation) I:\Windows\system32\netfxperf.dll
2015-01-04 19:42 - 2015-01-20 09:46 - 00000000 ___HD () I:\Program Files\InstallShield Installation Information
2015-01-04 19:42 - 2015-01-04 19:42 - 00000000 ____D () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100 Smart Wizard
2015-01-04 19:42 - 2015-01-04 19:42 - 00000000 ____D () I:\Program Files\NETGEAR
2015-01-04 19:42 - 2009-11-06 08:37 - 00699896 _____ (Broadcom Corporation) I:\Windows\system32\Drivers\bcmwlhigh6.sys
2015-01-04 19:42 - 2009-11-06 08:31 - 03862528 _____ (Broadcom Corporation) I:\Windows\system32\bcmihvsrv.dll
2015-01-04 19:42 - 2009-11-06 08:31 - 03551232 _____ (Broadcom Corporation) I:\Windows\system32\bcmihvui.dll
2015-01-04 19:42 - 2009-11-06 08:31 - 01176312 _____ (Microsoft Corporation) I:\Windows\system32\WdfCoInstaller01009.dll
2015-01-04 19:42 - 2009-11-06 08:31 - 00091376 _____ (Broadcom Corporation) I:\Windows\system32\bcmwlcoi.dll
2015-01-04 19:42 - 2007-01-19 18:20 - 00021728 _____ (Windows ® Codename Longhorn DDK provider) I:\Windows\system32\Drivers\SCMNdisP.sys
2015-01-04 19:41 - 2015-01-04 19:41 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Roaming\InstallShield
2015-01-04 19:19 - 2015-01-20 09:46 - 00000000 ____D () I:\Program Files\SAMSUNG
2015-01-04 19:19 - 2015-01-04 19:19 - 00000000 ____D () I:\ProgramData\Samsung
2015-01-04 19:18 - 2015-01-04 19:54 - 00000000 ____D () I:\Program Files\ATI Technologies
2015-01-04 19:18 - 2015-01-04 19:18 - 00000000 ____D () I:\Program Files\ATI
2015-01-04 19:17 - 2015-01-24 13:59 - 00781298 _____ () I:\Windows\system32\PerfStringBackup.INI
2015-01-04 19:14 - 2015-01-24 13:57 - 00202599 _____ () I:\Windows\WindowsUpdate.log
2015-01-04 19:13 - 2015-01-20 09:56 - 00000000 ____D () I:\Users\Mustard-Tiger
2015-01-04 19:13 - 2015-01-08 16:12 - 00000000 ____D () I:\Users\Mustard-Tiger\AppData\Local\VirtualStore
2015-01-04 19:13 - 2015-01-04 19:13 - 00001417 _____ () I:\Users\Mustard-Tiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-04 19:13 - 2015-01-04 19:13 - 00000020 ___SH () I:\Users\Mustard-Tiger\ntuser.ini
2015-01-04 19:13 - 2009-07-13 20:42 - 00000000 ___RD () I:\Users\Mustard-Tiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-04 19:13 - 2009-07-13 20:37 - 00000000 ___RD () I:\Users\Mustard-Tiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-04 19:12 - 2015-01-04 19:12 - 00000000 ____D () I:\Recovery
2015-01-04 18:53 - 2015-01-04 18:53 - 00001345 _____ () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-01-04 18:53 - 2015-01-04 18:53 - 00001326 _____ () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-01-04 18:50 - 2015-01-21 16:23 - 00000000 ____D () I:\Windows\Panther
2015-01-04 11:05 - 2015-01-04 11:05 - 00000000 ____D () I:\4c8bfeb9d866cc049fed2c6807
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-24 13:59 - 2009-07-13 20:34 - 00014016 ____H () I:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-24 13:59 - 2009-07-13 20:34 - 00014016 ____H () I:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-24 13:54 - 2009-07-13 20:53 - 00000006 ____H () I:\Windows\Tasks\SA.DAT
2015-01-21 16:14 - 2009-07-13 18:37 - 00000000 __RHD () I:\Users\Default
2015-01-21 16:14 - 2009-07-13 18:37 - 00000000 ___RD () I:\Users\Public
2015-01-21 16:05 - 2009-07-13 18:04 - 00000215 _____ () I:\Windows\system.ini
2015-01-21 16:04 - 2009-07-13 18:03 - 33816576 _____ () I:\Windows\system32\config\SOFTWARE.bak
2015-01-21 16:04 - 2009-07-13 18:03 - 20447232 _____ () I:\Windows\system32\config\SYSTEM.bak
2015-01-21 16:04 - 2009-07-13 18:03 - 04980736 _____ () I:\Windows\system32\config\DEFAULT.bak
2015-01-21 16:04 - 2009-07-13 18:03 - 00262144 _____ () I:\Windows\system32\config\SECURITY.bak
2015-01-21 16:04 - 2009-07-13 18:03 - 00262144 _____ () I:\Windows\system32\config\SAM.bak
2015-01-19 21:38 - 2009-07-13 20:33 - 03973152 _____ () I:\Windows\system32\FNTCACHE.DAT
2015-01-18 14:11 - 2009-07-13 18:37 - 00000000 ____D () I:\Windows\system32\LogFiles
2015-01-17 15:20 - 2009-07-13 20:52 - 00000000 ___RD () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-13 10:55 - 2009-07-13 18:37 - 00000000 __RHD () I:\Users\Public\Libraries
2015-01-08 16:10 - 2009-07-13 18:37 - 00000000 ____D () I:\Windows\Microsoft.NET
2015-01-05 15:02 - 2009-07-13 18:37 - 00000000 ____D () I:\Windows\Help
2015-01-04 19:41 - 2009-07-13 20:52 - 00000000 ____D () I:\Windows\system32\restore
2015-01-04 19:18 - 2009-07-13 18:37 - 00000000 ____D () I:\Program Files\Common Files\microsoft shared
2015-01-04 19:12 - 2009-07-13 18:37 - 00000000 ____D () I:\Windows\rescache
2015-01-04 18:53 - 2009-07-13 18:37 - 00000000 ___RD () I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-04 18:51 - 2009-07-13 23:49 - 00000000 ____D () I:\Windows\CSC
2015-01-04 18:50 - 2009-07-13 20:57 - 00025600 ___SH () I:\Windows\system32\config\BCD-Template.LOG
2015-01-04 18:50 - 2009-07-13 20:52 - 00028672 _____ () I:\Windows\system32\config\BCD-Template
 
==================== Files in the root of some directories =======
 
2015-01-17 15:19 - 2015-01-17 15:19 - 0022328 _____ () I:\Users\Mustard-Tiger\AppData\Roaming\PnkBstrK.sys
2015-01-12 14:19 - 2015-01-12 14:19 - 0001456 _____ () I:\Users\Mustard-Tiger\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-01-04 20:01 - 2015-01-04 20:01 - 0000000 ____H () I:\ProgramData\DP45977C.lfl
 
Some content of TEMP:
====================
I:\Users\Mustard-Tiger\AppData\Local\Temp\Quarantine.exe
I:\Users\Mustard-Tiger\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
I:\Windows\explorer.exe => File is digitally signed
I:\Windows\system32\winlogon.exe => File is digitally signed
I:\Windows\system32\wininit.exe => File is digitally signed
I:\Windows\system32\svchost.exe => File is digitally signed
I:\Windows\system32\services.exe => File is digitally signed
I:\Windows\system32\User32.dll => File is digitally signed
I:\Windows\system32\userinit.exe => File is digitally signed
I:\Windows\system32\rpcss.dll => File is digitally signed
I:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-24 11:21
 
==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-01-2015 01
Ran by Mustard-Tiger at 2015-01-24 15:04:33
Running from I:\Users\Mustard-Tiger\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (32 Bit) (HKLM\...\{7C25E7A0-A0A1-4B87-BB30-BF0FBDC37878}) (Version: 15.2.2 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.6 (HKLM\...\{213D5223-CD40-4B7B-B292-6D5242AE5039}) (Version: 5.6.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{44537D5C-4CB8-CFCD-2D95-9205FF380CCC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
Battlefield 2™ (HKLM\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Call of Duty® - World at War™ (HKLM\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty® - World at War™ (Version: 1.0 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CyberLink Media Suite 10 (HKLM\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HydraVision (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
17-01-2015 14:35:06 Installed Call of Duty® - World at War™
17-01-2015 15:06:25 Installed Call of Duty® - World at War™
17-01-2015 15:15:51 Installed Call of Duty® - World at War™
19-01-2015 08:34:48 Installed OpenOffice 4.1.1
20-01-2015 09:46:11 Installed Samsung Kies3
24-01-2015 09:17:23 avast! antivirus system restore point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 18:04 - 2015-01-21 16:05 - 00000027 ____A I:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {06024D4A-D951-4AFF-82AE-8762BB8635C9} - System32\Tasks\AdobeAAMUpdater-1.0-MustardTiger-Mustard-Tiger => I:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14] (Adobe Systems Incorporated)
Task: {99C56233-4608-4E8D-9188-3096FFFAC635} - System32\Tasks\GoogleUpdateTaskMachineUA => I:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-24] (Google Inc.)
Task: {BE982663-B0DF-4992-AB57-F58CB4C0BF7F} - System32\Tasks\CCleanerSkipUAC => I:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {C7CB895E-1F3C-42FC-BBB0-C5F31B320C60} - System32\Tasks\avast! Emergency Update => I:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-24] (AVAST Software)
Task: {DBFC36AF-E264-4604-8BAA-1A28D83CE28F} - System32\Tasks\GoogleUpdateTaskMachineCore => I:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-24] (Google Inc.)
Task: {E1A480E0-BDEA-4063-8439-5448C2DFBFFF} - System32\Tasks\{42420389-EAA5-4789-92A2-CE8876C80BC5} => pcalua.exe -a "I:\Program Files\SAMSUNG\USB Drivers\Uninstall.exe"
Task: {F18A9DF9-B110-4BA9-9CEE-652D33AF2F19} - System32\Tasks\Adobe Acrobat Update Task => I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: I:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => I:\Program Files\Google\Update\GoogleUpdate.exe
Task: I:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => I:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2015-01-05 15:02 - 2014-12-12 23:30 - 00107664 _____ () I:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-01-24 09:20 - 2015-01-24 09:20 - 02913280 _____ () I:\Program Files\AVAST Software\Avast\defs\15012401\algo.dll
2015-01-24 09:19 - 2015-01-24 09:19 - 02151544 _____ () I:\Program Files\AVAST Software\Avast\ng\vbox\VBoxVMM.dll
2015-01-24 09:19 - 2015-01-24 09:19 - 00021488 _____ () I:\Program Files\AVAST Software\Avast\ng\vbox\VBoxREM.dll
2015-01-24 09:19 - 2015-01-24 09:19 - 04474224 _____ () I:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2013-11-01 11:45 - 2013-11-01 11:45 - 00114688 _____ () I:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-01-17 15:19 - 2015-01-17 15:19 - 00066872 _____ () I:\Windows\system32\PnkBstrA.exe
2015-01-17 15:19 - 2015-01-17 15:19 - 00107832 _____ () I:\Windows\system32\PnkBstrB.exe
2015-01-13 08:26 - 2010-08-18 10:43 - 00247152 ____N () I:\Program Files\CyberLink\Shared files\RichVideo.exe
2014-12-19 15:57 - 2014-12-19 15:57 - 01059488 _____ () I:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
2015-01-24 09:19 - 2015-01-24 09:19 - 00317632 _____ () I:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-01-24 09:20 - 2015-01-24 09:20 - 38562088 _____ () I:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-04 19:42 - 2010-08-26 17:47 - 04577760 _____ () I:\Program Files\NETGEAR\WNA3100\WNA3100.exe
2015-01-04 19:42 - 2010-02-03 11:31 - 00282624 _____ () I:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll
2015-01-24 09:14 - 2015-01-20 19:50 - 01117512 _____ () I:\Program Files\Google\Chrome\Application\40.0.2214.91\libglesv2.dll
2015-01-24 09:14 - 2015-01-20 19:50 - 00211272 _____ () I:\Program Files\Google\Chrome\Application\40.0.2214.91\libegl.dll
2015-01-24 09:14 - 2015-01-20 19:50 - 09171272 _____ () I:\Program Files\Google\Chrome\Application\40.0.2214.91\pdf.dll
2015-01-24 09:14 - 2015-01-20 19:50 - 14913352 _____ () I:\Program Files\Google\Chrome\Application\40.0.2214.91\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe Creative Cloud => "I:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "I:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "I:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "I:\Program Files\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "I:\Program Files\CyberLink\Power2Go8\VirtualDrive.exe" /R
MSCONFIG\startupreg: DivXMediaServer => I:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "I:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: NUSB3MON => "I:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
MSCONFIG\startupreg: NvBackend => "I:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: RTHDVCPL => "I:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
MSCONFIG\startupreg: ShadowPlay => I:\Windows\system32\rundll32.exe I:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SpybotSD TeaTimer => I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: StartCCC => "I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-1694861330-368982402-2994625498-500 - Administrator - Disabled)
Guest (S-1-5-21-1694861330-368982402-2994625498-501 - Limited - Disabled)
Kris (S-1-5-21-1694861330-368982402-2994625498-1004 - Administrator - Enabled)
Mustard-Tiger (S-1-5-21-1694861330-368982402-2994625498-1000 - Administrator - Enabled) => I:\Users\Mustard-Tiger
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/24/2015 11:24:45 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
 
Error: (01/24/2015 11:23:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/24/2015 09:17:22 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {92c3bc7e-6d87-458c-91a9-d13d62b7fa42}
 
Error: (01/24/2015 09:02:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program PicasaPhotoViewer.exe version 3.9.138.151 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1244
 
Start Time: 01d037f673891212
 
Termination Time: 11356
 
Application Path: I:\Program Files\Google\Picasa3\PicasaPhotoViewer.exe
 
Report Id: cdca5a18-a3ea-11e4-9d5e-ee942aecfa0d
 
Error: (01/23/2015 02:46:02 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
 
Error: (01/23/2015 02:45:34 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/23/2015 11:42:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Photoshop.exe, version: 15.2.2.310, time stamp: 0x5480306d
Faulting module name: MMXCore.8bx, version: 15.2.2.310, time stamp: 0x54803980
Exception code: 0xc0000005
Fault offset: 0x00014fd3
Faulting process id: 0xfa4
Faulting application start time: 0xPhotoshop.exe0
Faulting application path: Photoshop.exe1
Faulting module path: Photoshop.exe2
Report Id: Photoshop.exe3
 
Error: (01/22/2015 06:36:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: lightroom.exe, version: 5.6.0.10, time stamp: 0x53ce7a40
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0xc0000005
Fault offset: 0x000026df
Faulting process id: 0x13f8
Faulting application start time: 0xlightroom.exe0
Faulting application path: lightroom.exe1
Faulting module path: lightroom.exe2
Report Id: lightroom.exe3
 
Error: (01/22/2015 05:53:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: lightroom.exe, version: 5.6.0.10, time stamp: 0x53ce7a40
Faulting module name: ui.dll, version: 5.6.0.10, time stamp: 0x53ce791b
Exception code: 0xc0000005
Fault offset: 0x000e245e
Faulting process id: 0x17e0
Faulting application start time: 0xlightroom.exe0
Faulting application path: lightroom.exe1
Faulting module path: lightroom.exe2
Report Id: lightroom.exe3
 
Error: (01/22/2015 09:24:50 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
 
 
System errors:
=============
Error: (01/24/2015 01:54:30 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Type with the following error: 
%%5
 
Error: (01/24/2015 10:33:34 AM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/24/2015 10:33:21 AM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/24/2015 10:33:11 AM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/24/2015 10:33:01 AM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/24/2015 10:32:51 AM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/24/2015 10:32:37 AM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/24/2015 10:32:27 AM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/24/2015 10:32:16 AM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (01/24/2015 10:32:06 AM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
 
Microsoft Office Sessions:
=========================
Error: (01/24/2015 11:24:45 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*i:\program files\spybot - search & destroy\DelZip179.dlli:\program files\spybot - search & destroy\DelZip179.dll8
 
Error: (01/24/2015 11:23:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"i:\program files\cyberlink\powerdirector\muitransfer\MUIStartMenuX64.exe
 
Error: (01/24/2015 09:17:22 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {92c3bc7e-6d87-458c-91a9-d13d62b7fa42}
 
Error: (01/24/2015 09:02:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: PicasaPhotoViewer.exe3.9.138.151124401d037f67389121211356I:\Program Files\Google\Picasa3\PicasaPhotoViewer.execdca5a18-a3ea-11e4-9d5e-ee942aecfa0d
 
Error: (01/23/2015 02:46:02 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*i:\program files\spybot - search & destroy\DelZip179.dlli:\program files\spybot - search & destroy\DelZip179.dll8
 
Error: (01/23/2015 02:45:34 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"i:\program files\cyberlink\powerdirector\muitransfer\MUIStartMenuX64.exe
 
Error: (01/23/2015 11:42:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Photoshop.exe15.2.2.3105480306dMMXCore.8bx15.2.2.31054803980c000000500014fd3fa401d0373fcb2f4307I:\Program Files\Adobe\Adobe Photoshop CC 2014 (32 Bit)\Photoshop.exeI:\Program Files\Adobe\Adobe Photoshop CC 2014 (32 Bit)\Required\Plug-ins\Extensions\MMXCore.8bxfc4d4af0-a337-11e4-9e4c-a3f9185cdc1a
 
Error: (01/22/2015 06:36:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: lightroom.exe5.6.0.1053ce7a40MSVCR100.dll10.0.40219.3254df2be1ec0000005000026df13f801d036af7b531deeI:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exeI:\Windows\system32\MSVCR100.dlla61252a0-a2a8-11e4-a0f2-927853f04203
 
Error: (01/22/2015 05:53:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: lightroom.exe5.6.0.1053ce7a40ui.dll5.6.0.1053ce791bc0000005000e245e17e001d036ab09ef384cI:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exeI:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\ui.dll9d15ed15-a2a2-11e4-a0f2-927853f04203
 
Error: (01/22/2015 09:24:50 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*i:\program files\spybot - search & destroy\DelZip179.dlli:\program files\spybot - search & destroy\DelZip179.dll8
 
 
==================== Memory info =========================== 
 
Processor: AMD A4-5300 APU with Radeon™ HD Graphics 
Percentage of memory in use: 77%
Total physical RAM: 1989.45 MB
Available physical RAM: 452.27 MB
Total Pagefile: 3978.9 MB
Available Pagefile: 1724.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 1904.88 MB
 
==================== Drives ================================
 
Drive c: (WINDOZE) (Fixed) (Total:195.31 GB) (Free:182.13 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive i: (FREE) (Fixed) (Total:195.31 GB) (Free:80.77 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3062996E)
Partition 1: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=195.3 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#13 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:30 AM

Posted 25 January 2015 - 05:10 AM

Let's do a final check up:

Step 1


Don't remove on your own anything that HitmanPro detects!
This scanner, as it is a really good for checking, has been known for deleting files instead of curing them, which in some cases may render the machine unbootable.
Any removals will be done manually after careful analysis of the scan results!


Please download hitmanpro_32.pngHitmanPro 32-bit / HitmanPro 64-bit by SurfRight and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
  • Right-click onhitmanpro.pngicon and select admin.PNGRun as Administrator to start the tool.
  • If the program won't run please run it while holding down the left CTRL key until it's loaded!
  • Click on the Next button (1). You must agree with the terms of EULA (2 - if asked).
  • Check the box beside "No, I only want to perform a one-time scan to check this computer" and click on the Next button. (3)
  • The program will start to scan the computer. It would only take several minutes.
  • When the scan is done click on Save Log (4) and close HitmanPro! (5)
  • Copy and paste the content of the log file in your next reply.
hitman.gif


Step 2

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:
settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.
esetlog.png
Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif

lesestoff.png

Can you please tell me which problems still persist now?
How is the computer running

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#14 barefeat

barefeat
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:30 PM

Posted 25 January 2015 - 08:05 PM

Computer is running fine now.  Do not see the extension in chrome anymore or any other evidence.

Finishing final steps now.



#15 barefeat

barefeat
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:30 PM

Posted 25 January 2015 - 08:17 PM

HitmanPro 3.7.9.234
www.hitmanpro.com
 
   Computer name . . . . : MUSTARDTIGER
   Windows . . . . . . . : 6.1.0.7600.X86/2
   User name . . . . . . : MustardTiger\Mustard-Tiger
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
 
   Scan date . . . . . . : 2015-01-25 17:04:18
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 2m 13s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 5
 
   Objects scanned . . . : 961,660
   Files scanned . . . . : 18,856
   Remnants scanned  . . : 171,482 files / 771,322 keys
 
Suspicious files ____________________________________________________________
 
   I:\Users\Mustard-Tiger\Desktop\FRST.exe
      Size . . . . . . . : 1,120,768 bytes
      Age  . . . . . . . : 1.1 days (2015-01-24 15:02:16)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : E3F2E88013C2D48FE5C561E561B577649F56268B672A06C7A4F95D8B87F0967C
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
 
 
Potential Unwanted Programs _________________________________________________
 
   HKU\S-1-5-21-1694861330-368982402-2994625498-1000\Software\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}\ (PCOptimizerPro)
   HKU\S-1-5-21-1694861330-368982402-2994625498-1000_Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}\ (PCOptimizerPro)
 
Cookies _____________________________________________________________________
 
   I:\Users\Mustard-Tiger\AppData\Roaming\Microsoft\Windows\Cookies\mustard-tiger@ad.360yield[2].txt
   I:\Users\Mustard-Tiger\AppData\Roaming\Microsoft\Windows\Cookies\mustard-tiger@ru4[1].txt
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users