Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I open firefox but it opens chrome instead, looks like a virus


  • This topic is locked This topic is locked
6 replies to this topic

#1 Tarash_bulba

Tarash_bulba

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:08 AM

Posted 29 January 2015 - 04:21 PM

Hello everybody,

 

I think my PC got infected with a virus or malware.

 

When it happened: maybe 1hour ago.

 

What Happened: While browsing youtube I came upon a video called "Strange event in China" or something like that. It said I need to install Adobe Flash Player 5.0. Stupidly, I clicked and downloaded a small executable. When I clicked on the executable, an error message appeared. Then the strange thing happened.

 

How it manifests: I click on the icon of firefox and it opens for like 1 second and then closes and opens google chrome instead. If I am offline, then it opens firefox in safe mode. Whenever I go online it  only opens google chrome. It's like something is forcing to open google chrome instead of firefox.I am writing on the forum from chrome at this very moment (never used it until now).

 

Other things: I tried to download something, and I usually got up to 10 mb/sec of download speed but now, it's strange because I only get like 50 to 60 kb/sec (something stealing my bandwidth?).

 

What I tried:  Installed trojan guarder ( I have it from a while ago) and it said it found a trojan and deleted it. Re-started the PC the same behavior (related to firefox) as explained above happened. Furthermore, when I tried to close Trojan Guarder it gave errors and it did not let me close it (related to above problem? Same "virus" maybe? So I uninstalled Trojan Guarder.

 

Then I searched the web for possible causes. Did not find anything related to what I experienced. But found many topics in the category of malwares and trojans and they got me scared (what with things like stealing passwords, accounts, history and so on) and now I don't know what to do. I am quite inexperienced with PC viruses and malwares.

 

Operating system: I have Windows 8.1 PRO. I don't have any other anti virus or malware programs installed.

 

So I guess I'm asking for help in order to identify the issue and fix it. Any help would be much appreciated!

If this is not the correct area to post this message I kindly ask an admin to move it to the relevant section.

 

Cheers,

Tarash_bulba

 

 



BC AdBot (Login to Remove)

 


#2 Tarash_bulba

Tarash_bulba
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:08 AM

Posted 30 January 2015 - 12:06 PM

Hello again,

 

I've ran malware bytes and found a virus classed as a trojan. It was quarantined and removed. Name was "Trojan.Agent.ADPGen". Unfortunatly after a while it has taken control of the firefox and switched to chrome again...If you think it can help I can post the logs of the scan. I've updated the definitions of malware and run it again and caught it again (4 findings or items, just as first times). Again I quarantined and deleted via malware bytes and for now it seems in order....but maybe it will comeback...

 

After searching a bit it seem it's related to a new virus that is distributed via Facebook through a "strange events in china video" that redirects to a site that is identical to youtube and asks to update adobe flash player....The guy writing this says that 12 out of 52 antivirus software can find it and remove it...malwarebytes apparently can but then why did it return?

 

Can anyone help?

 

Many thanks,

Tarash



#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,778 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:08 PM

Posted 31 January 2015 - 10:46 PM

Greetings Tarash and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop <<< Important
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Edited by Oh My!, 31 January 2015 - 10:47 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,778 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:08 PM

Posted 02 February 2015 - 09:54 AM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Tarash_bulba

Tarash_bulba
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:08 AM

Posted 02 February 2015 - 05:03 PM

Hello Oh My!...thank you for the reply and offer for help...I was gone from home (hence my late reply) but just before that i found this handy guide regarding removal of trojans . I'll just post it here (if it's not allowed, please delete it) : Edit : the link did not appear :)

Anyway the system seems to be working ok since then (not that I've used it much).

 

But I still did the steps mentioned by you (just to be safe I guess, maybe you can tell me after seeing it if further steps need to be done or not - I'm kinda relying on your experience with these issues). Please see below the logs and the attached system information as per the instructions in the first mail.

 

I'll enter next evening again, usually after work hours (I'm on +2 CET )

 

Many thanks. :)

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by pc (administrator) on CTRLSOFT-JPQEDG on 03-02-2015 00:00:33
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available profiles: pc)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-3916875082-2217434685-1822874357-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3916875082-2217434685-1822874357-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3916875082-2217434685-1822874357-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3916875082-2217434685-1822874357-1001\...\RunOnce: [Adobe Speed Launcher] => 1422892072

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3916875082-2217434685-1822874357-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\..\Interfaces\{D5447D1C-ACF9-4642-831E-5CDC81FC05AA}: [NameServer] 193.231.252.1 213.154.124.1

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\p3ewk5mr.default-1422596523485
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Raw Manager) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\caipkhppmjbppefcdohjhbniihldppbf [2015-01-30]
CHR Extension: (Google Wallet) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-01-30] (SurfRight B.V.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 cleanhlp; C:\Program Files (x86)\Emsisoft\bin\cleanhlp64.sys [57024 2015-01-30] (Emsisoft GmbH)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-01-24] (Disc Soft Ltd)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
S3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39240 2015-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 00:00 - 2015-02-03 00:00 - 00011415 _____ () C:\Users\pc\Desktop\FRST.txt
2015-02-03 00:00 - 2015-02-03 00:00 - 00000000 ____D () C:\FRST
2015-02-02 23:57 - 2015-02-02 23:57 - 01156562 _____ () C:\Users\pc\Desktop\Summary.nfo
2015-02-02 23:56 - 2015-02-02 23:56 - 02131456 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2015-02-02 22:27 - 2015-02-02 22:27 - 01090560 _____ () C:\Users\pc\Desktop\HRO Job Openings.xls
2015-01-30 20:42 - 2015-01-30 20:42 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-01-30 20:37 - 2015-01-30 20:37 - 00000000 ____D () C:\Users\pc\AppData\Roaming\chrome
2015-01-30 20:37 - 2015-01-30 20:37 - 00000000 ____D () C:\Users\pc\AppData\Local\Google
2015-01-30 20:29 - 2015-01-30 20:29 - 00000000 ____D () C:\Windows\ERUNT
2015-01-30 20:19 - 2015-01-30 21:54 - 00000000 ____D () C:\AdwCleaner
2015-01-30 20:02 - 2015-01-30 20:54 - 00000000 ____D () C:\Program Files (x86)\Emsisoft
2015-01-30 20:02 - 2015-01-30 20:02 - 00001552 _____ () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Emsisoft Emergency Kit.lnk
2015-01-30 20:00 - 2015-01-30 20:00 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2015-01-30 19:58 - 2015-01-30 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-01-30 19:58 - 2015-01-30 19:58 - 00000000 ____D () C:\Program Files\HitmanPro
2015-01-30 19:57 - 2015-01-30 20:00 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-30 08:02 - 2015-01-31 08:50 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-30 08:02 - 2015-01-30 08:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-30 08:02 - 2015-01-30 08:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-30 08:02 - 2015-01-30 08:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-30 08:02 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-30 08:02 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-30 08:02 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-29 22:18 - 2015-01-29 22:18 - 00000000 _____ () C:\Windows\SysWOW64\sys_dll.dll
2015-01-25 01:43 - 2015-01-25 01:43 - 00000000 ____D () C:\Users\pc\Documents\4A Games
2015-01-25 01:36 - 2015-01-25 01:36 - 00000000 ____D () C:\Users\pc\AppData\Local\4A Games
2015-01-25 01:35 - 2015-01-25 01:35 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Steam
2015-01-25 01:30 - 2015-01-25 01:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro 2033 Redux
2015-01-24 22:18 - 2015-01-24 22:18 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Wargaming.net
2015-01-24 22:17 - 2015-01-24 22:17 - 00009895 _____ () C:\Windows\DirectX.log
2015-01-24 22:17 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-01-24 22:17 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-01-24 22:17 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-01-24 22:17 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-01-24 22:17 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-01-24 22:17 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-01-24 22:17 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-01-24 22:17 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-01-24 22:17 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-01-24 22:17 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-01-24 22:17 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-01-24 22:17 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-01-24 22:17 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-01-24 22:17 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-01-24 22:17 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-01-24 22:17 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-01-24 22:17 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-01-24 22:17 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-01-24 22:17 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-01-24 22:17 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-01-24 22:17 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-01-24 22:17 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-01-24 22:17 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-01-24 22:17 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-01-24 22:17 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-01-24 22:17 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-01-24 22:17 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-01-24 22:17 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-01-24 22:17 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-01-24 22:17 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-01-24 22:17 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-01-24 22:17 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-01-24 22:17 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-01-24 22:17 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-01-24 22:17 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-01-24 22:17 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-01-24 22:17 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-01-24 22:17 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-01-24 22:17 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-01-24 22:17 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-01-24 22:17 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-01-24 22:17 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-01-24 22:17 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-01-24 22:17 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-01-24 22:17 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-01-24 22:17 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-01-24 22:17 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-01-24 22:17 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-01-24 22:17 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-01-24 22:17 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-01-24 22:17 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-01-24 22:17 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-01-24 22:17 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-01-24 22:17 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-01-24 22:17 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-01-24 22:17 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-01-24 22:17 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-01-24 22:17 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-01-24 22:17 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-01-24 22:17 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-01-24 22:17 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-01-24 22:17 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-01-24 22:17 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-01-24 22:17 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-01-24 22:17 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-01-24 22:17 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-01-24 22:17 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-01-24 22:17 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-01-24 22:17 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-01-24 22:17 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-01-24 22:17 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-01-24 22:17 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-01-24 22:17 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-01-24 22:17 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-01-24 22:17 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-01-24 22:17 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-01-24 22:17 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-01-24 22:17 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-01-24 22:17 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-01-24 22:17 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-01-24 22:17 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-01-24 22:17 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-01-24 22:17 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-01-24 22:17 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-01-24 22:17 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-01-24 22:17 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-01-24 22:17 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-01-24 22:17 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-01-24 22:17 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-01-24 22:17 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-01-24 22:17 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-01-24 22:17 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-01-24 22:17 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-01-24 22:17 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-01-24 22:17 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-01-24 22:17 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-01-24 22:17 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-01-24 22:17 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-01-24 22:17 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-01-24 22:17 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-01-24 22:17 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-01-24 22:17 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-01-24 22:17 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-01-24 22:17 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-01-24 22:17 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-01-24 22:17 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-01-24 22:17 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-01-24 22:17 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-01-24 22:17 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-01-24 22:17 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-01-24 22:17 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-01-24 22:17 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-01-24 22:17 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-01-24 22:17 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-01-24 22:17 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-01-24 22:17 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-01-24 22:17 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-01-24 22:17 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-01-24 22:17 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-01-24 22:17 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-01-24 22:17 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-01-24 22:17 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-01-24 22:17 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-01-24 22:17 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-01-24 22:17 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-01-24 22:17 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-01-24 22:17 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-01-24 22:17 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-01-24 22:17 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-01-24 22:17 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-01-24 22:17 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-01-24 22:17 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-01-24 22:17 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-01-24 22:17 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-01-24 22:17 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-01-24 22:17 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-01-24 22:17 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-01-24 22:17 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-01-24 22:17 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-01-24 22:17 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-01-24 22:17 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-01-24 22:17 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-01-24 22:17 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-01-24 22:17 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-01-24 22:17 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-01-24 22:17 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-01-24 22:17 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-01-24 22:17 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-01-24 22:17 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-01-24 22:17 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-01-24 22:17 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-01-24 22:17 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-01-24 22:17 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-01-24 22:17 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-01-24 22:17 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-01-24 22:17 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-01-24 22:17 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-01-24 22:17 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-01-24 22:17 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-01-24 22:17 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-01-24 22:17 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-01-24 22:17 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-01-24 22:17 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-01-24 22:17 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-01-24 22:17 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-01-24 22:17 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-01-24 22:17 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-01-24 22:17 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-01-24 22:17 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-01-24 22:17 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-01-24 22:17 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-01-24 22:17 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-01-24 22:17 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-01-24 22:17 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-01-24 22:17 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-01-24 22:17 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-01-24 21:48 - 2015-01-24 21:52 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-01-24 21:24 - 2015-01-24 21:24 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2015-01-24 20:50 - 2015-01-24 21:40 - 00000000 ____D () C:\Users\pc\AppData\Roaming\DAEMON Tools Lite
2015-01-24 20:50 - 2015-01-24 20:50 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2015-01-24 20:50 - 2015-01-24 20:50 - 00002188 _____ () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite.lnk
2015-01-24 20:50 - 2015-01-24 20:50 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2015-01-24 20:49 - 2015-01-24 21:40 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-01-24 20:26 - 2015-01-25 03:00 - 00000000 ____D () C:\Users\pc\AppData\Roaming\uTorrent
2015-01-24 20:26 - 2015-01-24 20:26 - 00001169 _____ () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\µTorrent.lnk
2015-01-24 20:24 - 2015-01-24 20:24 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-01-24 20:19 - 2015-01-25 01:34 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-24 20:19 - 2015-01-24 20:19 - 00000000 ____D () C:\Users\pc\AppData\Local\Intel
2015-01-24 20:19 - 2015-01-24 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-01-24 20:19 - 2015-01-24 20:19 - 00000000 ____D () C:\Program Files (x86)\Intel Driver Update Utility
2015-01-24 19:55 - 2015-01-24 19:55 - 00000000 ____D () C:\Windows\LastGood.Tmp
2015-01-24 19:55 - 2014-03-04 16:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-24 19:55 - 2014-03-04 16:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-01-24 19:55 - 2014-03-04 16:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-01-24 19:55 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-01-24 19:55 - 2013-11-28 15:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-01-24 19:55 - 2013-11-28 15:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-01-24 19:34 - 2015-01-24 19:34 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-01-24 19:34 - 2015-01-24 19:34 - 00377856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2015-01-24 19:34 - 2015-01-24 19:34 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2015-01-24 19:34 - 2015-01-24 19:34 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2015-01-24 19:34 - 2015-01-24 19:34 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2015-01-24 19:34 - 2015-01-24 19:34 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2015-01-24 19:34 - 2015-01-24 19:34 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2015-01-24 19:34 - 2015-01-24 19:34 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2015-01-24 19:34 - 2015-01-24 19:34 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2015-01-24 19:34 - 2015-01-24 19:34 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2015-01-24 19:34 - 2015-01-24 19:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2015-01-24 19:34 - 2015-01-24 19:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2015-01-24 19:34 - 2015-01-24 19:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2015-01-24 19:34 - 2015-01-24 19:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2015-01-24 18:19 - 2015-01-24 18:19 - 00000000 _____ () C:\Users\pc\agent.log
2015-01-24 18:18 - 2015-01-24 18:18 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander XP
2015-01-24 18:18 - 2015-01-24 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander XP
2015-01-24 18:16 - 2015-01-24 18:18 - 00000055 _____ () C:\Windows\wincmd.ini
2015-01-24 18:16 - 2015-01-24 18:18 - 00000000 ____D () C:\Program Files\totalcmd
2015-01-24 18:16 - 2015-01-24 18:16 - 00001193 _____ () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp.lnk
2015-01-24 18:15 - 2015-01-24 18:15 - 00003244 _____ () C:\Windows\System32\Tasks\{B099BD7F-5AAA-456F-9511-F7313F2F950D}
2015-01-24 18:13 - 2015-01-24 18:13 - 00000299 _____ () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2015-01-24 18:10 - 2005-02-02 06:51 - 00000545 _____ () C:\Windows\UC.PIF
2015-01-24 18:10 - 2005-02-02 06:51 - 00000545 _____ () C:\Windows\RAR.PIF
2015-01-24 18:10 - 2005-02-02 06:51 - 00000545 _____ () C:\Windows\PKZIP.PIF
2015-01-24 18:10 - 2005-02-02 06:51 - 00000545 _____ () C:\Windows\PKUNZIP.PIF
2015-01-24 18:10 - 2005-02-02 06:51 - 00000545 _____ () C:\Windows\NOCLOSE.PIF
2015-01-24 18:10 - 2005-02-02 06:51 - 00000545 _____ () C:\Windows\LHA.PIF
2015-01-24 18:10 - 2005-02-02 06:51 - 00000545 _____ () C:\Windows\ARJ.PIF
2015-01-24 18:08 - 2015-01-10 10:07 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434725.dll
2015-01-24 18:08 - 2015-01-10 10:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434725.dll
2015-01-24 18:08 - 2015-01-10 10:07 - 00833864 _____ () C:\Windows\system32\nvmcumd.dll
2015-01-24 18:08 - 2015-01-10 10:07 - 00100496 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-01-24 18:08 - 2015-01-10 10:07 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-01-24 18:08 - 2014-03-04 16:35 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-01-24 18:08 - 2014-03-04 16:35 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-01-24 18:08 - 2013-11-22 10:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-01-24 18:00 - 2015-01-24 18:00 - 00000000 ____D () C:\Users\pc\AppData\Local\Macromedia
2015-01-21 07:23 - 2015-01-20 15:29 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-21 07:23 - 2013-08-05 05:50 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-01-21 07:22 - 2015-01-21 07:22 - 00000000 ____D () C:\Intel
2015-01-21 07:20 - 2015-02-02 22:28 - 00000000 ____D () C:\Users\pc\AppData\Local\Packages
2015-01-21 07:20 - 2015-02-02 21:17 - 01193008 _____ () C:\Windows\WindowsUpdate.log
2015-01-21 07:20 - 2015-02-02 17:57 - 00000000 ____D () C:\ProgramData\KMSAutoS
2015-01-21 07:20 - 2015-01-24 18:19 - 00000000 ____D () C:\Users\pc
2015-01-21 07:20 - 2015-01-24 18:10 - 00000000 ____D () C:\Users\pc\AppData\Local\VirtualStore
2015-01-21 07:20 - 2015-01-21 07:20 - 00003730 _____ () C:\Windows\System32\Tasks\KMSAutoNet
2015-01-21 07:20 - 2015-01-21 07:20 - 00001457 _____ () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-21 07:20 - 2015-01-21 07:20 - 00000020 ___SH () C:\Users\pc\ntuser.ini
2015-01-21 07:20 - 2015-01-21 07:20 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-01-21 07:20 - 2015-01-21 07:20 - 00000000 ____D () C:\Users\pc\AppData\Local\MSfree Inc
2015-01-21 07:20 - 2015-01-20 15:59 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Adobe
2015-01-21 07:20 - 2014-03-18 12:05 - 00000000 ___RD () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-21 07:20 - 2014-03-18 12:05 - 00000000 ___RD () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-21 07:20 - 2014-03-18 11:55 - 00000369 _____ () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-01-21 07:20 - 2014-03-18 11:55 - 00000369 _____ () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-01-21 07:20 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-21 07:20 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-21 07:19 - 2015-01-21 07:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-01-21 07:18 - 2015-01-21 07:20 - 00000000 ____D () C:\Windows\Panther
2015-01-20 16:04 - 2015-01-20 16:04 - 00004608 _____ () C:\Windows\SECOH-QAD.exe
2015-01-20 16:04 - 2015-01-20 16:04 - 00003584 _____ () C:\Windows\SECOH-QAD.dll
2015-01-20 16:04 - 2015-01-20 16:04 - 00000000 ____D () C:\Windows\PCHEALTH
2015-01-20 16:04 - 2015-01-20 16:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-20 16:04 - 2015-01-20 16:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-01-20 16:03 - 2015-01-20 16:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-20 16:03 - 2015-01-20 16:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-20 16:03 - 2015-01-20 16:03 - 00000000 __RHD () C:\MSOCache
2015-01-20 16:03 - 2015-01-20 16:03 - 00000000 ____D () C:\Users\pc\AppData\Local\Microsoft Help
2015-01-20 16:03 - 2015-01-20 16:03 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-01-20 16:03 - 2015-01-20 16:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-01-20 16:01 - 2015-01-20 16:01 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Skype
2015-01-20 16:01 - 2015-01-20 16:01 - 00000000 ____D () C:\Users\pc\AppData\Local\Skype
2015-01-20 15:59 - 2015-01-30 22:25 - 00000000 ____D () C:\Users\pc\AppData\Roaming\vlc
2015-01-20 15:58 - 2015-01-20 15:58 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-01-20 15:58 - 2014-04-15 16:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-01-20 15:58 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-01-20 15:57 - 2015-02-02 23:48 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-20 15:57 - 2015-01-30 18:35 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Dropbox
2015-01-20 15:57 - 2015-01-24 22:48 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-20 15:57 - 2015-01-20 15:59 - 00000000 ____D () C:\Users\pc\AppData\Local\Adobe
2015-01-20 15:57 - 2015-01-20 15:59 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-20 15:57 - 2015-01-20 15:57 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-20 15:57 - 2015-01-20 15:57 - 00000000 ____D () C:\ProgramData\Skype
2015-01-20 15:57 - 2015-01-20 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-20 15:57 - 2015-01-20 15:57 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-20 15:56 - 2015-01-20 15:59 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Winamp
2015-01-20 15:56 - 2015-01-20 15:56 - 00000000 ____D () C:\ProgramData\Yahoo!
2015-01-20 15:56 - 2015-01-20 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2015-01-20 15:56 - 2015-01-20 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-01-20 15:56 - 2015-01-20 15:56 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2015-01-20 15:56 - 2015-01-20 15:56 - 00000000 ____D () C:\Program Files (x86)\Winamp
2015-01-20 15:56 - 2015-01-20 15:56 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-01-20 15:55 - 2015-01-29 22:00 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-20 15:55 - 2015-01-24 19:22 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-20 15:55 - 2015-01-24 19:22 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-20 15:55 - 2015-01-24 19:21 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-20 15:55 - 2015-01-24 19:21 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-20 15:55 - 2015-01-24 19:21 - 00000000 ____D () C:\Program Files\Java
2015-01-20 15:55 - 2015-01-20 15:55 - 00001065 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-20 15:55 - 2015-01-20 15:55 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-20 15:55 - 2015-01-20 15:55 - 00000000 ____D () C:\ProgramData\Sun
2015-01-20 15:55 - 2015-01-20 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-20 15:55 - 2015-01-20 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-20 15:55 - 2015-01-20 15:55 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-20 15:55 - 2015-01-20 15:55 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-20 15:54 - 2015-01-29 22:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-20 15:54 - 2015-01-27 07:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-20 15:54 - 2015-01-20 15:54 - 00001181 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-20 15:54 - 2015-01-20 15:54 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Mozilla
2015-01-20 15:54 - 2015-01-20 15:54 - 00000000 ____D () C:\Users\pc\AppData\Local\Mozilla
2015-01-20 15:54 - 2015-01-20 15:54 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-20 15:42 - 2015-01-20 15:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-01-20 15:32 - 2015-01-24 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-20 15:32 - 2015-01-24 18:03 - 00000000 ____D () C:\Users\pc\AppData\Local\NVIDIA
2015-01-20 15:32 - 2015-01-24 18:02 - 00000000 ____D () C:\Users\pc\AppData\Local\NVIDIA Corporation
2015-01-20 15:32 - 2015-01-20 15:32 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-01-20 15:32 - 2015-01-16 08:41 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-01-20 15:32 - 2015-01-16 08:41 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-01-20 15:32 - 2015-01-16 08:41 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-01-20 15:32 - 2015-01-16 08:41 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-01-20 15:32 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-01-20 15:32 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-01-20 15:32 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-01-20 15:32 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-01-20 15:32 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-01-20 15:32 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-01-20 15:31 - 2015-01-30 21:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-20 15:31 - 2015-01-20 15:33 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-01-20 15:31 - 2015-01-20 15:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-20 15:31 - 2015-01-10 10:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-01-20 15:31 - 2015-01-10 01:29 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-01-20 15:31 - 2014-12-13 12:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
2015-01-20 15:31 - 2014-12-13 12:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
2015-01-20 15:31 - 2014-11-22 12:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-01-20 15:31 - 2014-11-22 12:46 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-01-20 15:31 - 2014-11-22 12:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-01-20 15:31 - 2014-10-09 09:17 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2015-01-20 15:31 - 2014-03-04 16:35 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-01-20 15:31 - 2014-03-04 16:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-01-20 15:31 - 2014-03-04 16:35 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-01-20 15:31 - 2014-03-04 16:35 - 00062408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-01-20 15:31 - 2014-03-04 16:35 - 00054216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-01-20 15:31 - 2014-03-04 16:35 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2015-01-20 15:31 - 2014-03-04 15:06 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-01-20 15:31 - 2014-03-04 15:06 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-01-20 15:31 - 2014-03-04 15:05 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2015-01-20 15:31 - 2014-03-04 15:05 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-01-20 15:31 - 2014-03-04 15:05 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-01-20 15:31 - 2014-03-04 15:05 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-01-20 15:31 - 2013-08-07 12:01 - 00046568 _____ () C:\Windows\system32\Drivers\ISCTD64.sys
2015-01-20 15:30 - 2015-01-24 19:55 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-20 15:30 - 2015-01-20 15:30 - 00000000 ____D () C:\NVIDIA
2015-01-20 15:29 - 2015-02-02 23:57 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2DA61D72-2255-4CE8-8382-20D1576C67C1}
2015-01-20 15:29 - 2015-01-20 15:29 - 00003936 _____ () C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2015-01-20 15:29 - 2015-01-20 15:29 - 00003690 _____ () C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2015-01-20 15:29 - 2015-01-20 15:29 - 00000000 __SHD () C:\Users\pc\AppData\Local\EmieUserList
2015-01-20 15:29 - 2015-01-20 15:29 - 00000000 __SHD () C:\Users\pc\AppData\Local\EmieSiteList
2015-01-20 15:29 - 2015-01-20 15:29 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Macromedia
2015-01-20 15:29 - 2015-01-20 15:29 - 00000000 _____ () C:\Windows\SysWOW64\agent.log
2015-01-20 15:29 - 2013-07-26 09:07 - 00827096 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
2015-01-20 15:29 - 2013-07-26 09:07 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-01-20 15:28 - 2015-01-20 15:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-20 15:28 - 2015-01-20 15:29 - 00000000 ____D () C:\ProgramData\Intel
2015-01-20 15:28 - 2015-01-20 15:28 - 00835482 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-20 15:28 - 2015-01-20 15:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-01-20 15:28 - 2015-01-20 15:28 - 00000000 ____D () C:\Users\pc\Intel
2015-01-20 15:28 - 2015-01-20 15:28 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Intel Corporation
2015-01-20 15:28 - 2015-01-20 15:28 - 00000000 ____D () C:\Users\pc\AppData\Roaming\InstallShield
2015-01-20 15:28 - 2015-01-20 15:28 - 00000000 ____D () C:\Program Files\Intel
2015-01-20 15:28 - 2013-08-19 11:10 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-01-20 15:28 - 2013-08-19 11:10 - 00099288 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2015-01-20 15:28 - 2013-08-19 11:10 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-01-20 15:27 - 2015-01-20 15:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-20 15:27 - 2015-01-20 15:29 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-20 15:27 - 2015-01-20 15:27 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-01-20 15:27 - 2015-01-20 15:27 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-20 15:27 - 2015-01-20 15:27 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-01-20 15:27 - 2015-01-20 15:27 - 00000000 ____D () C:\Program Files\Realtek
2015-01-20 15:27 - 2013-07-30 14:16 - 03564376 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-01-20 15:27 - 2013-07-30 11:14 - 02585304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2015-01-20 15:27 - 2013-07-30 07:47 - 00620273 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-20 15:27 - 2013-07-29 12:41 - 00147672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-01-20 15:27 - 2013-07-29 07:48 - 30311936 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-01-20 15:27 - 2013-07-26 21:56 - 06219096 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-01-20 15:27 - 2013-07-26 21:55 - 01908568 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-01-20 15:27 - 2013-07-26 21:55 - 00312152 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-01-20 15:27 - 2013-07-26 21:55 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-01-20 15:27 - 2013-07-26 08:26 - 05694504 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2015-01-20 15:27 - 2013-07-26 08:05 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-01-20 15:27 - 2013-07-24 04:07 - 27519232 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2015-01-20 15:27 - 2013-07-24 04:07 - 14042880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-01-20 15:27 - 2013-07-24 04:07 - 03604224 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2015-01-20 15:27 - 2013-07-24 04:07 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2015-01-20 15:27 - 2013-07-24 04:07 - 02032896 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-01-20 15:27 - 2013-07-24 04:07 - 01904384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2015-01-20 15:27 - 2013-07-24 04:07 - 01044736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-01-20 15:27 - 2013-07-24 04:07 - 00933120 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-01-20 15:27 - 2013-07-24 04:07 - 00920832 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-01-20 15:27 - 2013-07-24 04:07 - 00660224 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-01-20 15:27 - 2013-07-24 04:07 - 00650496 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-01-20 15:27 - 2013-07-23 19:45 - 00875776 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-01-20 15:27 - 2013-07-23 19:45 - 00845568 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-01-20 15:27 - 2013-07-23 19:45 - 00720128 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-01-20 15:27 - 2013-07-23 19:45 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-01-20 15:27 - 2013-07-22 09:37 - 01004248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-01-20 15:27 - 2013-07-19 09:55 - 02080472 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-01-20 15:27 - 2013-07-18 08:48 - 02795224 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-01-20 15:27 - 2013-07-17 10:17 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-01-20 15:27 - 2013-07-08 12:32 - 04810008 _____ (ASUSTeKcomputer.Inc) C:\Windows\system32\RTKSMlfx.dll
2015-01-20 15:27 - 2013-07-08 12:31 - 00758104 _____ (A-Volute) C:\Windows\system32\RTKSMSettingsIPC.dll
2015-01-20 15:27 - 2013-06-25 06:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2015-01-20 15:27 - 2013-06-25 06:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2015-01-20 15:27 - 2013-06-25 06:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2015-01-20 15:27 - 2013-06-21 05:01 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2015-01-20 15:27 - 2013-06-18 11:00 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-01-20 15:27 - 2013-06-05 15:42 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-01-20 15:27 - 2013-04-24 11:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-01-20 15:27 - 2013-04-03 08:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-01-20 15:27 - 2013-02-20 12:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-01-20 15:27 - 2012-10-02 08:41 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-01-20 15:27 - 2012-10-02 08:41 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-01-20 15:27 - 2012-10-02 08:41 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-01-20 15:27 - 2012-08-31 13:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-01-20 15:27 - 2012-08-31 13:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-01-20 15:27 - 2012-08-31 13:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-01-20 15:27 - 2012-08-31 13:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-01-20 15:27 - 2012-08-31 13:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-01-20 15:27 - 2012-07-15 15:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-01-20 15:27 - 2012-06-20 11:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-01-20 15:27 - 2012-03-08 05:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-01-20 15:27 - 2012-01-30 05:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-01-20 15:27 - 2012-01-10 04:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-01-20 15:27 - 2011-12-20 09:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-01-20 15:27 - 2011-11-22 10:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-01-20 15:27 - 2011-09-02 08:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-01-20 15:27 - 2011-09-02 08:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-01-20 15:27 - 2011-09-02 08:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-01-20 15:27 - 2011-08-23 11:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-01-20 15:27 - 2011-05-31 03:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-01-20 15:27 - 2011-05-31 03:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-01-20 15:27 - 2011-05-31 03:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-01-20 15:27 - 2011-05-31 03:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-01-20 15:27 - 2011-05-31 03:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-01-20 15:27 - 2011-05-31 03:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-01-20 15:27 - 2011-05-31 03:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-01-20 15:27 - 2011-05-31 03:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-01-20 15:27 - 2011-05-31 03:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-01-20 15:27 - 2011-05-31 03:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-01-20 15:27 - 2011-05-31 03:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-01-20 15:27 - 2011-05-31 03:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-01-20 15:27 - 2011-03-17 06:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-01-20 15:27 - 2011-03-07 11:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-01-20 15:27 - 2010-11-08 01:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-01-20 15:27 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-01-20 15:27 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-01-20 15:27 - 2010-11-08 01:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-01-20 15:27 - 2010-11-08 01:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-01-20 15:27 - 2010-11-08 01:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-01-20 15:27 - 2010-11-03 12:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-01-20 15:27 - 2010-09-27 03:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-01-20 15:27 - 2010-07-22 10:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-01-20 15:27 - 2009-11-24 03:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-01-20 15:27 - 2009-11-24 03:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-01-20 15:27 - 2009-11-24 03:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-01-20 15:27 - 2009-11-24 03:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-01-20 15:25 - 2015-01-30 20:15 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3916875082-2217434685-1822874357-1001

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 23:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-02 19:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-02 17:57 - 2013-08-22 16:46 - 00018911 _____ () C:\Windows\setupact.log
2015-01-31 09:22 - 2014-03-18 11:53 - 00820548 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-30 21:56 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-30 21:56 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-30 21:54 - 2014-03-18 11:44 - 00005738 _____ () C:\Windows\PFRO.log
2015-01-30 20:51 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\Offline Web Pages
2015-01-30 08:06 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-25 21:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\tracing
2015-01-24 23:50 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-01-24 19:34 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-21 07:20 - 2014-05-14 22:42 - 00000000 ____D () C:\Windows\CSC
2015-01-21 07:20 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-01-21 07:19 - 2013-08-22 17:37 - 00002899 _____ () C:\Windows\DtcInstall.log
2015-01-21 07:19 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\Recovery
2015-01-21 07:19 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-01-21 07:18 - 2013-08-22 17:36 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2015-01-20 16:06 - 2013-08-22 16:44 - 00409976 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-20 16:03 - 2014-03-18 11:38 - 00000000 ____D () C:\Windows\ShellNew
2015-01-20 16:03 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-20 16:03 - 2013-08-22 15:25 - 00000167 _____ () C:\Windows\win.ini
2015-01-20 15:35 - 2013-08-22 16:45 - 00000000 ____D () C:\Windows\Setup
2015-01-20 15:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Help
2015-01-20 15:28 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\restore

==================== Files in the root of some directories =======

2015-01-20 15:27 - 2015-01-20 15:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\pc\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpt_eznd.dll
C:\Users\pc\AppData\Local\Temp\Quarantine.exe
C:\Users\pc\AppData\Local\Temp\sqlite3.dll


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\sys_dll.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-01 20:21

==================== End Of Log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by pc at 2015-02-03 00:00:49
Running from C:\Users\pc\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3916875082-2217434685-1822874357-1001\...\uTorrent) (Version: 3.4.2.37756 - BitTorrent Inc.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.234 - SurfRight B.V.)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Metro 2033 Redux (HKLM-x32\...\Metro 2033 Redux_is1) (Version:  - )
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
NVIDIA 3D Vision Controller Driver 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.25 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Total Commander 6.03a XP (HKLM-x32\...\Total Commander XP_is1) (Version: 6.03a - © Garfunkel & SAM. Original by C.Ghisler)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
World of Tanks (HKU\S-1-5-21-3916875082-2217434685-1822874357-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3916875082-2217434685-1822874357-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File

==================== Restore Points  =========================

24-01-2015 18:08:09 Installed Sygate Personal Firewall
29-01-2015 22:00:32 Removed Google Chrome

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05E2A547-9C60-4211-A929-5757B1E5A418} - System32\Tasks\{B099BD7F-5AAA-456F-9511-F7313F2F950D} => pcalua.exe -a F:\-===Kitt===-\Total.Commander.v6.54.beta4.incl.key\tc32v654.exe -d F:\-===Kitt===-\Total.Commander.v6.54.beta4.incl.key
Task: {0E65353E-DFB7-4765-8DBD-3B80DEA1D650} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24] (Adobe Systems Incorporated)
Task: {2E0AC7F4-98FF-4C11-A300-B56B9EF5B73B} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {3C2A6A4A-5022-4F96-94C7-03443AB9C90F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {5D2C1744-02B3-4BEE-909C-9050527E3AAF} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2014-05-31] (MSfree Inc.)
Task: {839E421F-4B3D-4654-A113-35D509E45C1D} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {8ACF7D3F-1A95-43B3-8BC5-E68ECD9B120C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {EAF09144-4B09-4206-90B2-CF3815B44341} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2015-01-20 15:31 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-01 20:34 - 2012-10-01 20:34 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-01-25 10:03 - 2015-01-25 10:03 - 00028160 _____ () C:\Users\pc\AppData\Local\Packages\microsoft.bingweather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.PerfTrack\d836a4a5e3d685af38b5eab4dabb9514\Microsoft.PerfTrack.ni.dll
2015-01-24 22:04 - 2015-01-24 22:04 - 00347136 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\dee88bca06c6424140d80b867baaf53d\Windows.Globalization.ni.dll
2015-01-24 22:04 - 2015-01-24 22:04 - 00363520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\9f91850f1de0938d2391835a74bb9247\Windows.Foundation.ni.dll
2015-01-24 22:04 - 2015-01-24 22:04 - 00207872 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.System\5164a5c7b7177b053debeba9d145e313\Windows.System.ni.dll
2015-01-24 22:04 - 2015-01-24 22:04 - 01278464 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Storage\6e58f09e1b47bb0854f46d6e0d9adaa1\Windows.Storage.ni.dll
2015-01-24 22:04 - 2015-01-24 22:04 - 01782272 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\37e48040ef37e8516ada41fadd79c967\Windows.ApplicationModel.ni.dll
2015-01-24 22:04 - 2015-01-24 22:04 - 01459712 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\574eaad2765ae1da8b21c3e9faba629b\Windows.UI.ni.dll
2014-03-18 11:41 - 2014-03-18 11:41 - 00280064 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.2.233_x64__8wekyb3d8bbwe\Microsoft.Bing.AppEx.Telemetry.winmd
2015-01-24 22:04 - 2015-01-24 22:04 - 00632320 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Security\868e7f8952cd1461cfdf215970713731\Windows.Security.ni.dll
2015-01-24 22:04 - 2015-01-24 22:04 - 01259520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Networking\38a730cdc593f8ff1c719543b4a28857\Windows.Networking.ni.dll
2015-01-25 10:03 - 2015-01-25 10:03 - 00117248 _____ () C:\Users\pc\AppData\Local\Packages\microsoft.bingweather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\SqliteWrapper\96822d539020b7a0e101cdd30d7af2ce\SqliteWrapper.ni.dll
2014-03-18 11:41 - 2014-03-18 11:41 - 00551440 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.2.233_x64__8wekyb3d8bbwe\SqliteWrapper.dll
2014-03-18 11:41 - 2014-03-18 11:41 - 00660920 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.2.233_x64__8wekyb3d8bbwe\Sqlite3.dll
2015-01-24 22:04 - 2015-01-24 22:04 - 01383936 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Web\d0b069b57435a82f40b69707bedbee49\Windows.Web.ni.dll
2013-08-22 09:19 - 2013-08-22 08:54 - 00049664 _____ () C:\Windows\system32\WinMetadata\Windows.Graphics.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00169472 _____ () C:\Windows\system32\WinMetadata\Windows.Devices.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00050176 _____ () C:\Windows\system32\WinMetadata\Windows.Data.winmd
2015-01-20 15:28 - 2013-08-19 11:10 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-01-20 15:54 - 2015-01-27 07:04 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35695475.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35695475.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\StartupFolder: => "Trojan Guarder Gold Version.lnk"
HKU\S-1-5-21-3916875082-2217434685-1822874357-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3916875082-2217434685-1822874357-1001\...\StartupApproved\Run: => "Messenger (Yahoo!)"

========================= Accounts: ==========================

Administrator (S-1-5-21-3916875082-2217434685-1822874357-500 - Administrator - Disabled)
Guest (S-1-5-21-3916875082-2217434685-1822874357-501 - Limited - Disabled)
pc (S-1-5-21-3916875082-2217434685-1822874357-1001 - Administrator - Enabled) => C:\Users\pc

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (02/02/2015 07:22:07 AM) (Source: DCOM) (EventID: 10010) (User: CTRLSOFT-JPQEDG)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (02/02/2015 07:21:37 AM) (Source: DCOM) (EventID: 10010) (User: CTRLSOFT-JPQEDG)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/02/2015 07:13:43 AM) (Source: DCOM) (EventID: 10010) (User: CTRLSOFT-JPQEDG)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/02/2015 07:13:13 AM) (Source: DCOM) (EventID: 10010) (User: CTRLSOFT-JPQEDG)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (02/01/2015 08:26:15 PM) (Source: DCOM) (EventID: 10010) (User: CTRLSOFT-JPQEDG)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/01/2015 08:22:04 PM) (Source: DCOM) (EventID: 10010) (User: CTRLSOFT-JPQEDG)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/01/2015 08:21:34 PM) (Source: DCOM) (EventID: 10010) (User: CTRLSOFT-JPQEDG)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/31/2015 09:49:30 AM) (Source: DCOM) (EventID: 10010) (User: CTRLSOFT-JPQEDG)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/31/2015 09:49:00 AM) (Source: DCOM) (EventID: 10010) (User: CTRLSOFT-JPQEDG)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (01/31/2015 09:15:39 AM) (Source: DCOM) (EventID: 10010) (User: CTRLSOFT-JPQEDG)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel® Core™ i3-4160 CPU @ 3.60GHz
Percentage of memory in use: 19%
Total physical RAM: 8131.34 MB
Available physical RAM: 6549.65 MB
Total Pagefile: 9411.34 MB
Available Pagefile: 7282.74 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:111.45 GB) (Free:82.51 GB) NTFS
Drive e: (Data) (Fixed) (Total:233.76 GB) (Free:74.38 GB) NTFS
Drive f: (ADATA CH94) (Fixed) (Total:465.76 GB) (Free:35.54 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 233.8 GB) (Disk ID: FDB6FDB6)
Partition 1: (Not Active) - (Size=233.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 2E8B0F8A)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 09DBE7AE)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================


Edited by Tarash_bulba, 02 February 2015 - 05:05 PM.


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,778 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:08 PM

Posted 04 February 2015 - 07:44 PM

Greetings,

 

There is evidence of illegal software on your computer. I will ask you to remove it before we continue addressing your issues. If you are willing to remove the software let me know when it has been done and we will continue.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,778 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:08 PM

Posted 07 February 2015 - 08:41 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users