Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to remove svchost.exe Bitcoin-mining trojan?


  • This topic is locked This topic is locked
11 replies to this topic

#1 Vishmister

Vishmister

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:53 PM

Posted 22 May 2015 - 06:22 PM

Hi Guys,

I have had an issue with a file causing excessive CPU usage for about 2 weeks. Using Task Manager, I located the high CPU usage file as being svchost.exe, and as it wasn't in it's usual folder (it is in C:\Windows\Temp), I guessed it was a trojan, so I killed the process and deleted the file, yet it re manifests on a reboot of the PC. Using Process Explorer in admin-mode, I have now been able to determine that it is a Bitcoin-miner installed on my PC, as the file links to tcp://pool.monerocrypt.com (shown in attached picture). How can I permanently remove this file when Microsoft Security Essentials views it as harmless and Malwarebytes consistently fails on quarantining the file properly? I can't see the process in msconfig and I would love to get rid of it forever instead of having to kill the process on every reboot.

 

Attached Files


Edited by Vishmister, 22 May 2015 - 06:27 PM.


BC AdBot (Login to Remove)

 


m

#2 Vishmister

Vishmister
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:53 PM

Posted 22 May 2015 - 06:26 PM

FRST.txt log:

 

Platform: Windows 7 Ultimate N Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(PeerBlock, LLC) C:\Program Files\PeerBlock\peerblock.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\Smart TimeLock\TimeMgmtDaemon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
() C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe
(Flux Software LLC) C:\Users\Vishal\AppData\Local\FluxSoftware\Flux\flux.exe
() C:\Program Files (x86)\puush\puush.exe
(Cristi) C:\Program Files (x86)\Dual Monitor\DualMonitor.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Spotify Ltd) C:\Users\Vishal\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Corsair Components  Inc) C:\Program Files (x86)\Corsair\M45 Mouse\M45Hid.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Corsair Components  Inc) C:\Program Files (x86)\Corsair\M45 Mouse\CorsTra.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\Gigabyte\SIV\thermald.exe
(Gigabyte Technology CO.) C:\Program Files\Gigabyte\SmartRecovery2\RPMDaemon.exe
() C:\Windows\Temp\svchost.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\Smart TimeLock\AlarmClock.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Sysinternals - www.sysinternals.com) C:\Users\Vishal\Desktop\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\Vishal\AppData\Local\Temp\procexp64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM-x32\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [Sound Blaster X-Fi MB 3] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe [2109440 2013-04-23] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Corsair M45 Mouse] => C:\Program Files (x86)\Corsair\M45 Mouse\M45Hid.exe [1768960 2014-02-07] (Corsair Components  Inc)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [11318368 2015-04-22] (Corsair Components, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [RPMKickstart] => C:\Program Files\Gigabyte\SmartRecovery2\RPMKickstartEx.exe [2320384 2014-04-01] (TODO: <Company name>)
HKLM-x32\...\RunOnce: [SIV] => C:\Program Files (x86)\Gigabyte\SIV\sivro.exe [12096 2014-11-06] (GIGA-BYTE TECHNOLOGY CO., LTD.)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] ()
HKLM-x32\...\RunOnce: [EasyTune] => C:\Program Files (x86)\Gigabyte\EasyTune\etro.exe [5632 2014-08-18] (GIGA-BYTE TECHNOLOGY CO., LTD.)
HKU\S-1-5-21-1480767794-1644671672-3338347343-1000\...\Run: [NvLedServiceHost] => C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe [87184 2015-05-08] ()
HKU\S-1-5-21-1480767794-1644671672-3338347343-1000\...\Run: [f.lux] => C:\Users\Vishal\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1480767794-1644671672-3338347343-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-03-30] ()
HKU\S-1-5-21-1480767794-1644671672-3338347343-1000\...\Run: [dualmonitor] => C:\Program Files (x86)\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
HKU\S-1-5-21-1480767794-1644671672-3338347343-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1480767794-1644671672-3338347343-1000\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC)
HKU\S-1-5-21-1480767794-1644671672-3338347343-1000\...\Run: [GoogleChromeAutoLaunch_EDE3596432E9572D5574C1B66A2E2535] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866120 2015-05-05] (Google Inc.)
HKU\S-1-5-21-1480767794-1644671672-3338347343-1000\...\Run: [Spotify Web Helper] => C:\Users\Vishal\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2022968 2015-05-21] (Spotify Ltd)
HKU\S-1-5-21-1480767794-1644671672-3338347343-1000\...\MountPoints2: G - G:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-12-03]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\Users\Vishal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop.scf [2014-12-04] ()
Startup: C:\Users\Vishal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2014-12-13]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1480767794-1644671672-3338347343-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-gb/?ocid=iehp
HKU\S-1-5-21-1480767794-1644671672-3338347343-501\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-gb/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\Vishal\AppData\Roaming\Mozilla\Firefox\Profiles\90ttm7tl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-03-24] (Unity Technologies ApS)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1480767794-1644671672-3338347343-1000: @acestream.net/acestreamplugin,version=2.2.7-next -> C:\Users\Vishal\AppData\Roaming\ACEStream\player\npace_plugin.dll [2014-06-13] (Innovative Digital Technologies)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: AdBlock for Firefox - C:\Users\Vishal\AppData\Roaming\Mozilla\Firefox\Profiles\90ttm7tl.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2015-03-22]
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR StartupUrls: Default -> ""
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-03]
CHR Extension: (Google Docs) - C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-03]
CHR Extension: (Google Drive) - C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-10]
CHR Extension: (YouTube) - C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-03]
CHR Extension: (Aero Black) - C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default\Extensions\capaaamcbcohgihblokedmflnippdobo [2015-04-11]
CHR Extension: (Google Search) - C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-03]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-03-07]
CHR Extension: (Google Sheets) - C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-03]
CHR Extension: (AdBlock) - C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-03]
CHR Extension: (Bookmark Manager) - C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-12-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-19]
CHR Extension: (Poppit!) - C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-12-03]
CHR Extension: (Google Wallet) - C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-03]
CHR Extension: (Gmail) - C:\Users\Vishal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-03]
CHR HKU\S-1-5-21-1480767794-1644671672-3338347343-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-09-11] (CyberLink Corp.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-12-04] (Creative Labs) []
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-12-04] (Creative Labs) []
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [406016 2011-09-14] (Creative Technology Ltd) []
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-09-11] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-09-11] (CyberLink)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2015-02-09] (Futuremark)
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16896 2015-04-14] () []
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-08] (NVIDIA Corporation)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62784 2014-11-06] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-08] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-08] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-22] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-12-24] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-12-24] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) []
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [102400 2013-02-22] (Gigabyte Technology CO., LTD.) []
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
R3 CORM45; C:\Windows\System32\drivers\CORM45.sys [25600 2013-11-28] ( )
R3 CorsairVBusDriver; C:\Windows\System32\DRIVERS\CorsairVBusDriver.sys [48808 2015-02-03] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\DRIVERS\CorsairVHidDriver.sys [22696 2015-02-03] (Corsair)
R3 etocdrv; C:\Windows\etocdrv.sys [15584 2013-10-30] (Giga-Byte Technology CO., LTD.)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
R2 GhFlt; C:\Windows\system32\drivers\ghflt.sys [16856 2014-12-04] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-12-04] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation)
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [147704 2012-09-11] (CyberLink Corp.)
S3 cpuz137; \??\C:\Users\Vishal\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 GPU-Z; \??\C:\Users\Vishal\AppData\Local\Temp\GPU-Z.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-23 00:23 - 2015-05-23 00:23 - 02108416 _____ (Farbar) C:\Users\Vishal\Downloads\FRST64.exe
2015-05-23 00:23 - 2015-05-23 00:23 - 00028233 _____ () C:\Users\Vishal\Downloads\FRST.txt
2015-05-23 00:23 - 2015-05-23 00:23 - 00000000 ____D () C:\FRST
2015-05-22 23:47 - 2015-03-09 15:48 - 02508440 _____ (Sysinternals - www.sysinternals.com) C:\Users\Vishal\Desktop\procexp.exe
2015-05-22 23:35 - 2015-05-22 23:35 - 01190415 _____ () C:\Users\Vishal\Downloads\ProcessExplorer.zip
2015-05-22 23:19 - 2015-05-22 23:19 - 00000178 ____H () C:\Windows\Tasks\Microsoft_Hardware_Launch_vVX3000_exe.job
2015-05-22 23:05 - 2015-05-22 23:05 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-22 23:05 - 2015-05-22 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-22 23:04 - 2015-05-22 23:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-22 23:04 - 2015-05-22 23:04 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Vishal\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-22 23:04 - 2015-05-22 23:04 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Vishal\Downloads\mbam-setup-2.1.6.1022 (1).exe
2015-05-22 23:04 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-22 23:04 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-22 23:04 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-22 14:35 - 2015-05-22 14:35 - 00013687 _____ () C:\Users\Vishal\Desktop\Origin.lnk
2015-05-22 14:28 - 2015-05-22 14:28 - 00000000 ____D () C:\ProgramData\EA Core
2015-05-22 11:34 - 2015-05-22 11:34 - 00000000 ____D () C:\Users\Vishal\AppData\Roaming\NVIDIA
2015-05-21 19:48 - 2015-05-21 19:49 - 00010024 _____ () C:\Users\Vishal\Documents\exam timetable.xlsx
2015-05-20 16:25 - 2015-05-20 16:25 - 00057527 _____ () C:\Users\Vishal\Downloads\European heatwave 2003.pptx
2015-05-20 15:23 - 2015-05-20 15:23 - 00000477 _____ () C:\Users\Vishal\Downloads\qnix (1).zip
2015-05-20 14:49 - 2015-05-22 22:29 - 00000000 ____D () C:\Users\Vishal\AppData\Local\Spotify
2015-05-20 14:49 - 2015-05-20 14:49 - 00001815 _____ () C:\Users\Vishal\Desktop\Spotify.lnk
2015-05-20 14:49 - 2015-05-20 14:49 - 00001801 _____ () C:\Users\Vishal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-05-20 14:48 - 2015-05-22 19:53 - 00000000 ____D () C:\Users\Vishal\AppData\Roaming\Spotify
2015-05-20 14:48 - 2015-05-20 14:48 - 00155296 _____ (Spotify Ltd) C:\Users\Vishal\Downloads\SpotifySetup.exe
2015-05-20 14:22 - 2015-05-20 14:22 - 00085083 _____ () C:\Users\Vishal\Downloads\nvlddmkm-patcher-1.3.2.zip
2015-05-20 13:10 - 2015-05-20 13:10 - 01716291 _____ () C:\Users\Vishal\Downloads\2 The Economic Cycle.pptx
2015-05-20 13:05 - 2015-05-22 23:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-20 13:05 - 2015-05-12 04:30 - 06872392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-20 13:05 - 2015-05-12 04:30 - 03490448 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-20 13:05 - 2015-05-12 04:30 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-20 13:05 - 2015-05-12 04:30 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-20 13:05 - 2015-05-12 04:30 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-20 13:05 - 2015-05-12 04:30 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-20 13:05 - 2015-05-12 03:34 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-05-20 13:05 - 2015-05-11 18:01 - 04391871 _____ () C:\Windows\system32\nvcoproc.bin
2015-05-20 13:04 - 2015-05-13 07:52 - 01558848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-05-20 13:04 - 2015-05-13 07:52 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-05-20 13:04 - 2015-05-13 07:52 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 42718864 _____ () C:\Windows\system32\nvcompiler.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 37741712 _____ () C:\Windows\SysWOW64\nvcompiler.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 30478992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 22945424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 17540416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 16145176 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 15858728 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 15048816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 14455296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 13263568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 12849056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 11790144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 10972304 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-05-20 13:04 - 2015-05-12 07:27 - 03363224 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 02971776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 01050256 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 00502896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 00176064 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-05-20 13:04 - 2015-05-12 07:27 - 00031710 _____ () C:\Windows\system32\nvinfo.pb
2015-05-19 21:33 - 2015-05-19 21:33 - 00032517 _____ () C:\Users\Vishal\Downloads\Louie - 05x06 - Sleepover.LOL.English.C.orig.Addic7ed.com.srt
2015-05-19 20:18 - 2015-05-19 20:18 - 00032167 _____ () C:\Users\Vishal\Downloads\Louie - 05x05 - Untitled.WEB-DL.English.HI.C.orig.Addic7ed.com.srt
2015-05-15 22:18 - 2015-05-15 22:18 - 00000000 ____D () C:\Users\Vishal\Documents\CAPCOM
2015-05-14 16:07 - 2015-05-14 16:07 - 01223120 _____ () C:\Users\Vishal\ts3_recording_15_05_14_16_7_3.wav
2015-05-13 23:15 - 2015-05-01 14:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 23:15 - 2015-05-01 14:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 08:01 - 2015-05-05 02:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 08:01 - 2015-05-05 02:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 08:01 - 2015-04-18 04:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 08:01 - 2015-04-18 03:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 08:00 - 2015-04-27 20:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 08:00 - 2015-04-27 20:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 08:00 - 2015-04-27 20:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 08:00 - 2015-04-27 20:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 08:00 - 2015-04-27 20:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 08:00 - 2015-04-27 20:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 08:00 - 2015-04-27 20:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 08:00 - 2015-04-27 20:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 08:00 - 2015-04-27 20:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 08:00 - 2015-04-27 20:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 08:00 - 2015-04-27 20:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 08:00 - 2015-04-27 20:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 08:00 - 2015-04-27 20:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 08:00 - 2015-04-27 20:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 08:00 - 2015-04-27 20:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 08:00 - 2015-04-27 20:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 08:00 - 2015-04-27 20:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 20:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 08:00 - 2015-04-27 20:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 08:00 - 2015-04-27 20:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 08:00 - 2015-04-27 20:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 08:00 - 2015-04-27 20:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 08:00 - 2015-04-27 20:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 08:00 - 2015-04-27 20:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 08:00 - 2015-04-27 20:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 08:00 - 2015-04-27 20:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 08:00 - 2015-04-27 20:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 08:00 - 2015-04-27 20:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 08:00 - 2015-04-27 20:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 08:00 - 2015-04-27 20:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 08:00 - 2015-04-27 20:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 08:00 - 2015-04-27 20:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 08:00 - 2015-04-27 20:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 08:00 - 2015-04-27 20:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 08:00 - 2015-04-27 20:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 08:00 - 2015-04-27 20:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 08:00 - 2015-04-27 20:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 08:00 - 2015-04-27 20:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 08:00 - 2015-04-27 20:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 08:00 - 2015-04-27 20:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 08:00 - 2015-04-27 20:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 08:00 - 2015-04-27 20:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 08:00 - 2015-04-27 20:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 08:00 - 2015-04-27 20:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 08:00 - 2015-04-27 20:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 19:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 08:00 - 2015-04-27 18:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 08:00 - 2015-04-27 18:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 08:00 - 2015-04-27 18:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 18:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 18:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 08:00 - 2015-04-27 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 08:00 - 2015-04-22 03:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 08:00 - 2015-04-22 02:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 08:00 - 2015-04-21 18:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 08:00 - 2015-04-21 18:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 08:00 - 2015-04-21 18:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 08:00 - 2015-04-21 17:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 08:00 - 2015-04-21 17:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 08:00 - 2015-04-21 17:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 08:00 - 2015-04-21 17:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 08:00 - 2015-04-21 17:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 08:00 - 2015-04-21 17:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 08:00 - 2015-04-21 17:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 08:00 - 2015-04-21 17:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 08:00 - 2015-04-21 17:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 08:00 - 2015-04-21 17:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 08:00 - 2015-04-21 17:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 08:00 - 2015-04-21 17:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 08:00 - 2015-04-21 17:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 08:00 - 2015-04-21 17:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 08:00 - 2015-04-21 17:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 08:00 - 2015-04-21 17:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 08:00 - 2015-04-21 17:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 08:00 - 2015-04-21 17:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 08:00 - 2015-04-21 17:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 08:00 - 2015-04-21 17:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 08:00 - 2015-04-21 17:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 08:00 - 2015-04-21 17:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 08:00 - 2015-04-21 17:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 08:00 - 2015-04-21 17:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 08:00 - 2015-04-21 17:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 08:00 - 2015-04-21 17:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 08:00 - 2015-04-21 17:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 08:00 - 2015-04-21 17:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 08:00 - 2015-04-21 17:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 08:00 - 2015-04-21 17:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 08:00 - 2015-04-21 17:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 08:00 - 2015-04-21 16:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 08:00 - 2015-04-21 16:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 08:00 - 2015-04-21 16:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 08:00 - 2015-04-21 16:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 08:00 - 2015-04-21 16:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 08:00 - 2015-04-21 16:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 08:00 - 2015-04-21 16:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 08:00 - 2015-04-21 16:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 08:00 - 2015-04-21 16:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 08:00 - 2015-04-21 16:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 08:00 - 2015-04-21 16:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 08:00 - 2015-04-21 16:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 08:00 - 2015-04-21 16:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 08:00 - 2015-04-21 16:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 08:00 - 2015-04-21 16:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 08:00 - 2015-04-21 16:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 08:00 - 2015-04-21 16:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 08:00 - 2015-04-21 16:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 08:00 - 2015-04-21 16:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 08:00 - 2015-04-21 16:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 08:00 - 2015-04-21 16:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 08:00 - 2015-04-21 16:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 08:00 - 2015-04-21 15:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 08:00 - 2015-04-21 15:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 08:00 - 2015-04-20 04:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 08:00 - 2015-04-20 04:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 08:00 - 2015-04-20 03:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 08:00 - 2015-04-20 03:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 08:00 - 2015-04-13 04:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 08:00 - 2015-04-08 04:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 08:00 - 2015-04-08 04:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 08:00 - 2015-04-08 04:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 08:00 - 2015-03-04 05:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 08:00 - 2015-03-04 05:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 08:00 - 2015-03-04 05:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 08:00 - 2015-03-04 05:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 08:00 - 2015-03-04 05:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 08:00 - 2015-03-04 05:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 08:00 - 2015-03-04 05:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 08:00 - 2015-02-18 08:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 08:00 - 2015-02-18 08:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 08:00 - 2015-01-29 04:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 08:00 - 2015-01-29 04:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-09 13:35 - 2015-05-09 13:35 - 17295270 _____ () C:\Users\Vishal\Downloads\Samsung_Magician_Setup_v46.zip
2015-05-09 12:14 - 2015-05-09 12:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-05-09 12:08 - 2015-05-22 15:10 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2015-05-09 11:56 - 2015-05-09 12:55 - 00000000 ____D () C:\Users\Vishal\Documents\Heroes of the Storm
2015-05-09 10:31 - 2015-05-22 23:12 - 00134466 _____ () C:\Windows\PFRO.log
2015-05-09 00:00 - 2015-05-14 13:06 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-09 00:00 - 2015-05-09 00:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-08 23:59 - 2015-05-23 00:11 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-08 23:59 - 2015-05-22 23:46 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-08 23:59 - 2015-05-18 11:06 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-08 23:59 - 2015-05-18 11:06 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-08 23:59 - 2015-05-08 23:59 - 00880208 _____ (Google Inc.) C:\Users\Vishal\Downloads\ChromeSetup.exe
2015-05-08 18:39 - 2015-05-08 18:39 - 04094375 _____ () C:\Users\Vishal\Downloads\clip3.wmv
2015-05-07 12:17 - 2015-05-07 12:17 - 00003596 _____ () C:\Windows\System32\Tasks\Peerblock
2015-05-06 19:20 - 2015-05-06 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
2015-05-06 19:19 - 2015-05-06 19:19 - 02374320 _____ (PeerBlock, LLC ) C:\Users\Vishal\Downloads\PeerBlock-Setup_v1.2_r693.exe
2015-05-03 16:44 - 2015-05-03 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm Public Test
2015-05-03 16:37 - 2015-05-09 13:33 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm Public Test
2015-05-03 13:45 - 2015-05-03 13:45 - 00002926 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_vVX3000_exe
2015-05-02 15:43 - 2015-05-02 15:43 - 00000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-05-02 15:43 - 2015-05-02 15:43 - 00000000 ____D () C:\Users\Vishal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthstoneTracker
2015-05-02 15:43 - 2015-05-02 15:43 - 00000000 ____D () C:\Users\Vishal\AppData\Local\HearthstoneTracker
2015-05-02 15:43 - 2015-05-02 15:43 - 00000000 ____D () C:\Program Files (x86)\HearthstoneTracker
2015-05-02 15:42 - 2015-05-02 15:43 - 10382707 _____ (HearthstoneTracker.com) C:\Users\Vishal\Downloads\HearthstoneTracker-Setup.exe
2015-04-25 11:20 - 2015-04-25 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2015-04-24 19:09 - 2015-04-24 19:09 - 00040761 _____ () C:\Users\Vishal\Downloads\Tinkermans-Goalscoring-Strikeforce_700C96D2-16FC-4E79-87BE-BAFA1E359CBB (1).fmf
2015-04-24 17:32 - 2015-04-24 17:32 - 00000691 _____ () C:\Users\Public\Desktop\FM Genie Scout 15.lnk
2015-04-24 17:32 - 2015-04-24 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FM Genie Scout 15
2015-04-24 17:32 - 2015-04-24 17:32 - 00000000 ____D () C:\FM Genie Scout 15
2015-04-24 17:31 - 2015-04-24 17:31 - 07363531 _____ () C:\Users\Vishal\Downloads\genie15_setup_15.3.2_b514.zip
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-22 23:54 - 2009-07-14 05:50 - 00021488 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-22 23:54 - 2009-07-14 05:50 - 00021488 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-22 23:52 - 2009-07-14 06:12 - 00798874 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-22 23:50 - 2014-12-08 18:57 - 03170170 _____ () C:\lm.log
2015-05-22 23:50 - 2014-12-03 23:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-22 23:49 - 2014-12-01 16:59 - 01348284 _____ () C:\Windows\WindowsUpdate.log
2015-05-22 23:47 - 2014-12-24 20:24 - 00000000 ____D () C:\Program Files\PeerBlock
2015-05-22 23:47 - 2014-12-04 18:37 - 00000014 _____ () C:\Windows\OCStatus.ini
2015-05-22 23:47 - 2014-12-04 17:53 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\etdrv.sys
2015-05-22 23:47 - 2014-12-04 17:48 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-05-22 23:46 - 2015-04-02 09:51 - 00015892 _____ () C:\Windows\setupact.log
2015-05-22 23:46 - 2015-03-28 12:54 - 00061653 _____ () C:\Windows\temp023423.vbe
2015-05-22 23:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-22 23:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Web
2015-05-22 22:38 - 2014-12-04 20:29 - 00000000 ____D () C:\Users\Vishal\AppData\Roaming\uTorrent
2015-05-22 22:14 - 2014-12-31 23:41 - 00000000 ____D () C:\Users\Vishal\AppData\Local\Battle.net
2015-05-22 21:43 - 2014-12-15 22:03 - 00000000 ____D () C:\Users\Vishal\AppData\Roaming\vlc
2015-05-22 16:44 - 2014-12-18 22:43 - 00000000 ____D () C:\Users\Vishal\AppData\Roaming\Skype
2015-05-22 15:24 - 2015-04-22 14:29 - 00000000 ____D () C:\Users\Vishal\AppData\Roaming\TS3Client
2015-05-22 14:36 - 2014-12-24 03:14 - 00000000 ____D () C:\ProgramData\Origin
2015-05-22 14:28 - 2014-12-24 03:15 - 00000000 ____D () C:\Users\Vishal\AppData\Local\Origin
2015-05-22 14:23 - 2014-12-24 03:14 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-05-22 11:35 - 2014-12-07 01:55 - 00014480 _____ () C:\Windows\system32\Drivers\nvflash.sys
2015-05-20 15:15 - 2015-04-05 03:00 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-20 15:15 - 2015-04-05 03:00 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-20 13:05 - 2014-12-04 00:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-20 13:05 - 2014-12-04 00:48 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-20 13:05 - 2014-12-04 00:48 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-05-20 13:05 - 2014-12-04 00:48 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-05-20 13:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2015-05-20 12:59 - 2014-12-04 00:50 - 00001383 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-05-19 00:12 - 2014-12-04 19:56 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-18 10:18 - 2015-03-21 15:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-17 14:58 - 2015-03-22 16:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-15 15:44 - 2015-03-06 22:58 - 00000000 ____D () C:\Users\Vishal\AppData\Roaming\Dual Monitor
2015-05-14 20:03 - 2014-12-31 23:52 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-05-14 16:07 - 2014-12-03 18:31 - 00000000 ____D () C:\Users\Vishal
2015-05-14 14:27 - 2014-12-31 23:41 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-05-14 08:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-05-14 07:59 - 2009-07-14 05:50 - 00445488 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 07:58 - 2009-09-01 02:15 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 07:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 23:21 - 2015-01-11 19:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-13 23:21 - 2015-01-11 19:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-13 23:20 - 2014-12-04 17:51 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-05-13 23:20 - 2014-12-04 17:50 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-05-13 23:20 - 2014-12-04 17:50 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-05-13 23:20 - 2014-12-04 17:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-05-13 23:19 - 2014-12-04 17:14 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 23:17 - 2014-12-04 17:14 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 23:17 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2015-05-13 23:14 - 2015-01-11 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 23:14 - 2015-01-11 13:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 23:14 - 2015-01-11 13:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-12 20:05 - 2014-12-05 19:34 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-09 11:56 - 2014-12-31 23:41 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-05-09 00:00 - 2014-12-03 21:23 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-08 12:37 - 2015-01-06 21:23 - 00000000 ____D () C:\Users\Vishal\AppData\Roaming\.minecraft
2015-05-08 10:32 - 2009-07-14 06:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-08 01:35 - 2014-12-04 00:49 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-08 01:35 - 2014-12-04 00:49 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-08 01:34 - 2014-12-04 00:49 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-08 01:34 - 2014-12-04 00:49 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-05 17:28 - 2014-12-18 22:43 - 00000000 ____D () C:\ProgramData\Skype
2015-05-02 15:44 - 2015-01-24 00:02 - 00000000 ____D () C:\Users\Vishal\Desktop\Utilities
2015-04-25 11:20 - 2014-12-04 00:55 - 00000000 ____D () C:\Program Files (x86)\Corsair
2015-04-24 17:34 - 2014-12-03 21:22 - 00112288 _____ () C:\Users\Vishal\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-24 17:30 - 2015-02-02 21:31 - 00000000 ____D () C:\Users\Vishal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-04-24 17:30 - 2015-02-02 21:31 - 00000000 ____D () C:\ProgramData\ManiaPlanet
 
==================== Files in the root of some directories =======
 
2014-12-03 21:17 - 2014-12-03 21:17 - 0000000 _____ () C:\Users\Vishal\AppData\Local\Driver_LOM_8161Present.flag
2014-12-04 01:28 - 2014-12-22 17:32 - 2128896 _____ () C:\Users\Vishal\AppData\Local\file__0.localstorage
2015-02-10 13:11 - 2015-02-10 13:11 - 0000218 _____ () C:\Users\Vishal\AppData\Local\recently-used.xbel
2015-03-27 22:41 - 2015-03-30 18:17 - 0061653 _____ () C:\Users\Vishal\AppData\Local\temp023423.vbe
2015-05-02 15:43 - 2015-05-02 15:43 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
 
Files to move or delete:
====================
C:\Users\Vishal\AppData\Roaming\Origin\update.vbe
 
 
Some files in TEMP:
====================
C:\Users\Vishal\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Vishal\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Vishal\AppData\Local\Temp\nvStInst.exe
C:\Users\Vishal\AppData\Local\Temp\procexp64.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-14 08:40
 
==================== End of log ============================


#3 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:53 AM

Posted 23 May 2015 - 04:06 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

Step 1

frst.pngfrstfix.png

Press thew7.png + R on your keyboard at the same time. Type notepad and click OK.

  • Copy the entire content of the codebox below and paste into the notepad document:
    CloseProcesses:
    C:\Windows\System32\config\systemprofile\AppData\Roaming\Origin\update.vbe
    C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Origin\update.vbe
    C:\Users\Vishal\AppData\Roaming\Origin\update.vbe 
    Task: {EC984502-5CE0-4FCC-BCAB-A72E57C64C84} - System32\Tasks\Origin => C:\Users\Vishal\AppData\Roaming\Origin\update.vbe
    EmptyTemp:
    
  • Click File, Save As and type fixlist.txt as the File Name.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

Step 2

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:

settings.png

  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed, click on Finish.
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.

esetlog.png

Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#4 Vishmister

Vishmister
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:53 PM

Posted 23 May 2015 - 09:06 AM

Fixlog.txt:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-05-2015 01
Ran by Vishal at 2015-05-23 10:52:29 Run:1
Running from C:\Users\Vishal\Downloads
Loaded Profiles: Vishal (Available Profiles: Vishal & Guest)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
C:\Windows\System32\config\systemprofile\AppData\Roaming\Origin\update.vbe
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Origin\update.vbe
C:\Users\Vishal\AppData\Roaming\Origin\update.vbe 
Task: {EC984502-5CE0-4FCC-BCAB-A72E57C64C84} - System32\Tasks\Origin => C:\Users\Vishal\AppData\Roaming\Origin\update.vbe
EmptyTemp:
*****************
 
Processes closed successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\Origin\update.vbe => Moved successfully.
"C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Origin\update.vbe" => File/Folder not found.
C:\Users\Vishal\AppData\Roaming\Origin\update.vbe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EC984502-5CE0-4FCC-BCAB-A72E57C64C84}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC984502-5CE0-4FCC-BCAB-A72E57C64C84}" => key Removed successfully
C:\Windows\System32\Tasks\Origin => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Origin" => key Removed successfully
EmptyTemp: => Removed 2 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 10:52:37 ====
 
 
 
log.txt
 
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=a58f602677c9e64f97493d4f2d7355f1
# engine=23984
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-05-23 01:29:46
# local_time=2015-05-23 02:29:46 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 832144 55364580 0 0
# scanned=1120464
# found=24
# cleaned=0
# scan_time=11922
sh=3878FC7F6B6B96412F18E29BADB26B81DA32DA46 ft=0 fh=0000000000000000 vn="VBS/CoinMiner.AD trojan" ac=I fn="C:\FRST\Quarantine\C\Users\Vishal\AppData\Roaming\Origin\update.vbe.xBAD"
sh=3878FC7F6B6B96412F18E29BADB26B81DA32DA46 ft=0 fh=0000000000000000 vn="VBS/CoinMiner.AD trojan" ac=I fn="C:\FRST\Quarantine\C\Windows\System32\config\systemprofile\AppData\Roaming\Origin\update.vbe.xBAD"
sh=0CAFD66109CA461C46E39A262AC9074AF5538FAE ft=1 fh=01a9fce44d004e8d vn="a variant of Win32/TFTPD32.A potentially unsafe application" ac=I fn="C:\Program Files (x86)\EaseUS\Todo Backup\bin\PxeServer.dll"
sh=0CAFD66109CA461C46E39A262AC9074AF5538FAE ft=1 fh=01a9fce44d004e8d vn="a variant of Win32/TFTPD32.A potentially unsafe application" ac=I fn="C:\Program Files (x86)\EaseUS\Todo Backup\BUILDPE\EaseUS\tb\bin\PxeServer.dll"
sh=CF196691DBB60BB565E174F3F0F284398A279BA2 ft=0 fh=0000000000000000 vn="VBS/Kryptik.DC trojan" ac=I fn="C:\ProgramData\Origin\update.vbe"
sh=CF196691DBB60BB565E174F3F0F284398A279BA2 ft=0 fh=0000000000000000 vn="VBS/Kryptik.DC trojan" ac=I fn="C:\Users\All Users\Origin\update.vbe"
sh=CF196691DBB60BB565E174F3F0F284398A279BA2 ft=0 fh=0000000000000000 vn="VBS/Kryptik.DC trojan" ac=I fn="C:\Users\Vishal\AppData\Local\temp023423.vbe"
sh=95515E5CD54F8D3B375FAFB34E53C0C1D2E7C344 ft=1 fh=00a7bfbc17a0357b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Vishal\Downloads\ccsetup504.exe"
sh=B53C9EB9AD2C3FDE3C06C0695FDB0D7A93B2CA21 ft=1 fh=a0b8dcac16fe4774 vn="a variant of Win32/OpenCandy.C potentially unsafe application" ac=I fn="C:\Users\Vishal\Downloads\FreeVideoToSonyPSPConverter.exe"
sh=76368B0ED14563E31081D4C796A3E041ADBE2D5A ft=0 fh=0000000000000000 vn="Win32/Somoto.E potentially unwanted application" ac=I fn="C:\Users\Vishal\Downloads\genie15_setup_15.2.1_b510.zip"
sh=F619E4883FCB358B772868A9E17DDF9F9D9E372F ft=0 fh=0000000000000000 vn="Win32/Somoto.E potentially unwanted application" ac=I fn="C:\Users\Vishal\Downloads\genie15_setup_15.3.1_b513_no.zip"
sh=DA7728C80A37F66074985C1884D87AE490DAD102 ft=1 fh=c71c001164b505f4 vn="a variant of Win32/Adware.MultiPlug.ED application" ac=I fn="C:\Users\Vishal\Downloads\nvlddmkm-patcher-1.2.5.zip.exe"
sh=4BD3C4C36BF12121406CAF47D1F487E0DC5D3E8C ft=1 fh=0585296d087c6f3b vn="a variant of Win32/ClientConnect.A potentially unwanted application" ac=I fn="C:\Users\Vishal\Downloads\PowerISO6-x64.exe"
sh=2F3FAFAC28D2A0191B524704ED6B8B0E533B3630 ft=1 fh=17a186c0e2f206d3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Vishal\Downloads\spsetup126.exe"
sh=1E331E9B90A7E95DE0F4A73E48E5A6D289CD07CA ft=1 fh=04da1d0b1c45b54a vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Vishal\Downloads\spsetup128.exe"
sh=CF196691DBB60BB565E174F3F0F284398A279BA2 ft=0 fh=0000000000000000 vn="VBS/Kryptik.DC trojan" ac=I fn="C:\Windows\temp023423.vbe"
sh=5C90574FABC05166B14C327EB56AFD1146D4770A ft=1 fh=73ecce773d820d0d vn="a variant of Win32/HackTool.Crack.CS potentially unsafe application" ac=I fn="E:\GRID Autosport\steam_api.dll"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/HackTool.Crack.CS potentially unsafe application" ac=I fn="E:\GRID.Autosport-RELOADED[rarbg]\rld-grau.iso"
sh=91A3CA4B5791D54BD6DD0F775A219389942F1184 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="E:\VISHAL-PC\Backup Set 2015-02-04 235601\Backup Files 2015-02-04 235601\Backup files 39.zip"
sh=D394140890CA69A828D0736BCA0403E8F03CF2DA ft=0 fh=0000000000000000 vn="a variant of Win32/Adware.MultiPlug.ED application" ac=I fn="E:\VISHAL-PC\Backup Set 2015-02-04 235601\Backup Files 2015-02-04 235601\Backup files 42.zip"
sh=CB119763404F379F9556DB13F1EF3DB10F88FA0A ft=0 fh=0000000000000000 vn="a variant of Win32/ClientConnect.A potentially unwanted application" ac=I fn="E:\VISHAL-PC\Backup Set 2015-02-04 235601\Backup Files 2015-02-04 235601\Backup files 43.zip"
sh=2B3732EB7022DE2AE1CAC25E8BDF1EBD22042300 ft=0 fh=0000000000000000 vn="Win32/Somoto.E potentially unwanted application" ac=I fn="E:\VISHAL-PC\Backup Set 2015-02-04 235601\Backup Files 2015-02-05 082134\Backup files 352.zip"
sh=D2A47B9F1B5C5E4C5D0B52BB44E0D63DF17E350E ft=0 fh=0000000000000000 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="E:\VISHAL-PC\Backup Set 2015-02-04 235601\Backup Files 2015-02-08 190002\Backup files 6.zip"
sh=25C150A95896F7966AB083D04D64F32FC251FD86 ft=0 fh=0000000000000000 vn="a variant of Win32/OpenCandy.C potentially unsafe application" ac=I fn="E:\VISHAL-PC\Backup Set 2015-02-04 235601\Backup Files 2015-02-15 190001\Backup files 8.zip"
 


#5 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:53 AM

Posted 23 May 2015 - 10:13 AM

Step 1

frst.pngfrstfix.png

Press thew7.png + R on your keyboard at the same time. Type notepad and click OK.
  • Copy the entire content of the codebox below and paste into the notepad document:
    C:\ProgramData\Origin\update.vbe
    C:\Users\Vishal\AppData\Local\temp023423.vbe
    C:\Windows\temp023423.vbe
    
  • Click File, Save As and type fixlist.txt as the File Name.
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please post it to your reply.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#6 Vishmister

Vishmister
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:53 PM

Posted 23 May 2015 - 10:16 AM

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-05-2015 01
Ran by Vishal at 2015-05-23 16:16:27 Run:2
Running from C:\Users\Vishal\Downloads
Loaded Profiles: Vishal (Available Profiles: Vishal & Guest)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
C:\ProgramData\Origin\update.vbe
C:\Users\Vishal\AppData\Local\temp023423.vbe
C:\Windows\temp023423.vbe
*****************
 
C:\ProgramData\Origin\update.vbe => Moved successfully.
C:\Users\Vishal\AppData\Local\temp023423.vbe => Moved successfully.
C:\Windows\temp023423.vbe => Moved successfully.
 
==== End of Fixlog 16:16:27 ====


#7 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:53 AM

Posted 23 May 2015 - 10:19 AM


lesestoff.png

Can you please tell me which problems still persist now?
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#8 Vishmister

Vishmister
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:53 PM

Posted 23 May 2015 - 10:23 AM

I believe that the problem of the svchost.exe issue has been resolved now - should I run ESET scanner again to see if any threats remain?



#9 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:53 AM

Posted 23 May 2015 - 10:29 AM

should I run ESET scanner again to see if any threats remain?


No.

That's it! abklatsch.gif
Your logs look clean to me at the moment. :thumbup2:
We're gonna clean up everything now, close security holes on your computer and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.


My help is free for everybody, however...
If I have helped you fix your PC, then please consider donating to continue the fight against malware: btn_donate_SM.gif
Thank you!


Clean Upcleanupm.PNG

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:

  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download delfix.pngDelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.

Closing security holes

Many infections happen via drive-by downloads that run unnoticed in the background while the user visits an infected website. To achieve this malware exploits security holes in installed software (e.g. browser or its plugins). Older versions of such software often have lots of known exploitable holes. Therefore it's very important to always keep your software up-to-date.


Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#10 Vishmister

Vishmister
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:53 PM

Posted 23 May 2015 - 11:27 AM

Thank you for your help!



#11 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:53 AM

Posted 23 May 2015 - 11:28 AM

You are welcome. Take care!


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#12 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:53 AM

Posted 23 May 2015 - 12:07 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users