Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan downloader infection


  • This topic is locked This topic is locked
9 replies to this topic

#1 Profetus

Profetus

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 03 June 2015 - 05:44 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Edi (administrator) on EDI-PC on 03-06-2015 13:36:32
Running from C:\Users\Edi\Downloads
Loaded Profiles: Edi (Available Profiles: Edi)
Platform: Windows 7 Professional (X64) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Users\Edi\AppData\Roaming\A0AA3900-1432063789-81E3-3292-50465DE9D4D3\nse6229.tmp
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Users\Edi\AppData\Local\A0AA3900-1432074794-81E3-3292-50465DE9D4D3\snswD30C.tmp
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Windows\AsScrPro.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(AB Team) C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-07] (Intel Corporation)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2015-05-18] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-18] (Avast Software s.r.o.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3064971071-774296852-2689919416-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-3064971071-774296852-2689919416-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3064971071-774296852-2689919416-1000\...\Run: [Steam] => D:\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-3064971071-774296852-2689919416-1000\...\MountPoints2: {d9d2e147-fda6-11e4-b831-806e6f6e6963} - F:\InstAll.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175880 2015-05-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-05-28] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-18] (Avast Software s.r.o.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3064971071-774296852-2689919416-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX
HKU\S-1-5-21-3064971071-774296852-2689919416-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3064971071-774296852-2689919416-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX
SearchScopes: HKU\S-1-5-21-3064971071-774296852-2689919416-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-18] (Avast Software s.r.o.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-18] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-18] (Avast Software s.r.o.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-18] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 95.77.94.88 78.96.7.88
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-18] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-18] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3064971071-774296852-2689919416-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Edi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-05-12] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-18]
 
Chrome: 
=======
CHR Profile: C:\Users\Edi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Edi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-18]
CHR Extension: (Google Docs) - C:\Users\Edi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-18]
CHR Extension: (Google Drive) - C:\Users\Edi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-18]
CHR Extension: (YouTube) - C:\Users\Edi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-18]
CHR Extension: (Google Search) - C:\Users\Edi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-18]
CHR Extension: (Avast SafePrice) - C:\Users\Edi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-06-02]
CHR Extension: (Google Sheets) - C:\Users\Edi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-18]
CHR Extension: (Bookmark Manager) - C:\Users\Edi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-18]
CHR Extension: (Avast Online Security) - C:\Users\Edi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-18]
CHR Extension: (Google Wallet) - C:\Users\Edi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-18]
CHR Extension: (Gmail) - C:\Users\Edi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-18]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-18]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-18] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-05-18] (Avast Software s.r.o.)
R2 duwekotu; C:\Users\Edi\AppData\Roaming\A0AA3900-1432063789-81E3-3292-50465DE9D4D3\nse6229.tmp [218624 2015-05-22] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 mihyfyzi; C:\Users\Edi\AppData\Local\A0AA3900-1432074794-81E3-3292-50465DE9D4D3\snswD30C.tmp [128000 2015-05-19] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-07-13] (Windows ® Win 7 DDK provider)
S3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [19104 2012-07-13] (ASUS)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-18] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-05-18] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-18] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-05-18] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-18] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-18] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-18] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-18] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-18] ()
S3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [49824 2012-07-13] (ASUS Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2015-05-18] (DT Soft Ltd)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 ASUSProcObsrv; \??\F:\I386\AsPrOb64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-03 13:36 - 2015-06-03 13:36 - 00019060 _____ () C:\Users\Edi\Downloads\FRST.txt
2015-06-03 13:36 - 2015-06-03 13:36 - 00000000 ____D () C:\FRST
2015-06-03 13:35 - 2015-06-03 13:35 - 02108928 _____ (Farbar) C:\Users\Edi\Downloads\FRST64.exe
2015-06-02 20:09 - 2015-06-02 20:09 - 00000000 ____D () C:\Users\Edi\Documents\Call of Juarez - Bound in Blood
2015-06-02 15:17 - 2015-06-02 15:17 - 00613255 _____ (CMI Limited) C:\Users\Edi\AppData\Local\nspF1FA.tmp
2015-06-02 14:39 - 2015-06-02 14:39 - 00040872 _____ () C:\Users\Edi\Downloads\Call_Of_Juarez_Bound_In_Blood-Razor1911.torrent
2015-06-01 20:08 - 2015-06-01 20:08 - 00000000 ____D () C:\Windows\SysWOW64\NV
2015-06-01 20:08 - 2015-06-01 20:08 - 00000000 ____D () C:\Windows\system32\NV
2015-06-01 20:06 - 2015-06-01 20:06 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-06-01 20:06 - 2015-05-28 10:04 - 42719888 _____ () C:\Windows\system32\nvcompiler.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 37741712 _____ () C:\Windows\SysWOW64\nvcompiler.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-01 20:06 - 2015-05-28 10:04 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-01 20:06 - 2015-05-28 10:04 - 00031560 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-05-31 12:30 - 2015-05-31 12:30 - 00134752 _____ () C:\Users\Edi\Downloads\Game.of.Thrones.S04.720p.HDTV.x264-FiLELiST.torrent
2015-05-30 13:25 - 2015-05-30 13:25 - 01101016 _____ () C:\Windows\Minidump\053015-19609-01.dmp
2015-05-28 12:12 - 2015-05-28 12:12 - 00130511 _____ () C:\Users\Edi\Downloads\Empire_Total_War_Special_Forces_Edition-Razor1911.torrent
2015-05-28 12:08 - 2015-05-28 12:08 - 00024067 _____ () C:\Users\Edi\Downloads\Focus.T25.Workout-FiLELiST.torrent
2015-05-26 14:36 - 2015-05-26 14:37 - 01103240 _____ () C:\Windows\Minidump\052615-21153-01.dmp
2015-05-25 19:54 - 2015-05-25 19:54 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\Unity
2015-05-25 19:53 - 2015-05-25 19:53 - 00000000 ____D () C:\Users\Edi\AppData\Local\Unity
2015-05-24 22:36 - 2015-05-24 22:37 - 01102312 _____ () C:\Windows\Minidump\052415-20592-01.dmp
2015-05-24 21:37 - 2015-05-24 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
2015-05-24 13:56 - 2015-05-24 13:56 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-24 13:55 - 2015-05-25 13:38 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-24 13:55 - 2015-05-24 13:55 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-24 13:55 - 2015-05-24 13:55 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-22 15:09 - 2015-05-22 15:09 - 00000000 ____D () C:\Users\Edi\AppData\Local\Chromium
2015-05-22 14:57 - 2015-05-22 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2015-05-21 15:53 - 2015-05-21 15:58 - 00000000 ____D () C:\Users\Edi\Documents\Assassin's Creed Unity
2015-05-21 15:48 - 2015-05-21 15:48 - 00000000 ____D () C:\ProgramData\Orbit
2015-05-21 15:43 - 2015-05-30 13:25 - 419642363 _____ () C:\Windows\MEMORY.DMP
2015-05-21 15:43 - 2015-05-30 13:25 - 00000000 ____D () C:\Windows\Minidump
2015-05-21 15:43 - 2015-05-21 15:44 - 00313752 _____ () C:\Windows\Minidump\052115-33774-01.dmp
2015-05-21 15:16 - 2015-05-21 15:16 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\Assassin's Creed Unity
2015-05-21 11:22 - 2015-05-21 11:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medieval 2 Total War Gold
2015-05-20 12:47 - 2015-06-02 15:38 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2015-05-20 12:47 - 2015-06-02 15:37 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2015-05-20 12:47 - 2015-06-02 15:37 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2015-05-20 12:47 - 2015-06-02 15:18 - 00002824 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2015-05-20 12:47 - 2015-06-02 15:18 - 00002822 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2015-05-20 12:47 - 2015-06-02 15:18 - 00002822 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2015-05-20 12:45 - 2015-05-20 12:45 - 00000000 ____D () C:\Windows\SysWOW64\Flash
2015-05-20 12:44 - 2015-05-20 12:44 - 00613255 _____ (CMI Limited) C:\Users\Edi\AppData\Local\nsiC9E4.tmp
2015-05-20 12:44 - 2015-05-20 12:44 - 00000000 __SHD () C:\Users\Edi\AppData\Roaming\AnyProtectEx
2015-05-20 12:44 - 2015-02-19 13:09 - 00020248 _____ () C:\Windows\system32\roboot64.exe
2015-05-20 12:42 - 2015-05-20 12:42 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk.1432116196.old
2015-05-20 12:42 - 2015-05-20 12:42 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\Opera Software
2015-05-20 11:52 - 2015-05-20 11:52 - 00002984 _____ () C:\Windows\System32\Tasks\ATKOSD2
2015-05-19 22:45 - 2010-03-04 07:40 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-05-19 22:45 - 2010-03-04 07:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2015-05-19 22:44 - 2010-02-18 11:07 - 14163456 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-05-19 22:44 - 2010-02-18 10:34 - 12867072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-05-19 22:44 - 2009-12-11 13:29 - 00153160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-19 22:44 - 2009-12-11 12:24 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-19 22:44 - 2009-12-11 10:39 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-19 22:44 - 2009-12-11 10:36 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-19 22:33 - 2015-06-03 10:14 - 00000000 ____D () C:\Users\Edi\AppData\Local\A0AA3900-1432074794-81E3-3292-50465DE9D4D3
2015-05-19 22:30 - 2009-06-11 00:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hp.bak
2015-05-19 22:29 - 2015-05-27 13:24 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\A0AA3900-1432063789-81E3-3292-50465DE9D4D3
2015-05-19 22:29 - 2015-05-19 22:29 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-05-19 21:10 - 2015-05-19 21:10 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2015-05-19 19:46 - 2015-05-19 19:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-05-19 19:46 - 2015-05-19 19:46 - 00000000 ____D () C:\Windows\system32\appraiser
2015-05-19 19:45 - 2015-03-23 04:51 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-05-19 19:45 - 2015-03-23 04:51 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-05-19 19:45 - 2015-03-23 04:51 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-05-19 19:45 - 2015-03-23 04:51 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-05-19 19:45 - 2015-03-23 04:51 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-05-19 19:45 - 2015-03-23 04:51 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-05-19 19:45 - 2015-03-23 04:47 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-05-19 19:45 - 2015-03-19 06:07 - 05503416 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-19 19:45 - 2015-03-19 05:57 - 03963320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-19 19:45 - 2015-03-19 05:57 - 03908024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-19 19:45 - 2015-01-28 02:23 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-05-19 19:45 - 2014-12-04 05:31 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-05-19 19:45 - 2014-09-15 03:44 - 03195392 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-19 19:45 - 2013-03-19 08:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-19 19:45 - 2013-03-19 07:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-19 19:45 - 2013-03-19 06:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-19 19:45 - 2011-04-09 09:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-19 19:45 - 2011-04-09 08:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-19 16:21 - 2015-05-19 16:21 - 00000000 ____D () C:\Users\Edi\Documents\Assassin's Creed Rogue
2015-05-19 16:21 - 2015-05-19 16:21 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\uplay
2015-05-19 16:19 - 2015-05-19 16:19 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-19 16:18 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-05-19 16:18 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-05-19 16:18 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-05-19 16:18 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-05-19 16:18 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-05-19 16:18 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-05-19 16:16 - 2015-05-19 16:16 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-05-19 16:16 - 2015-05-19 16:16 - 00000000 ____D () C:\Users\Edi\AppData\Local\Ubisoft Game Launcher
2015-05-19 16:16 - 2015-05-19 16:16 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-05-19 15:16 - 2015-05-19 15:16 - 00000000 ____D () C:\Users\Edi\AppData\Local\Rockstar Games
2015-05-19 15:15 - 2015-05-19 15:15 - 00000000 ____D () C:\ProgramData\Steam
2015-05-19 15:15 - 2015-05-19 15:15 - 00000000 ____D () C:\ProgramData\Socialclub
2015-05-19 15:15 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-05-19 15:15 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-05-19 15:15 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-05-19 15:15 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-05-19 15:15 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-05-19 15:15 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-05-19 15:15 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-05-19 15:15 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-05-19 15:15 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-05-19 15:15 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-05-19 15:15 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-05-19 15:15 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-05-19 15:15 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-05-19 15:15 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-05-19 15:15 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-05-19 15:15 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-05-19 15:15 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-05-19 15:15 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-05-19 15:15 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-05-19 15:15 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-05-19 15:15 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-05-19 15:15 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-05-19 15:15 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-05-19 15:15 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-05-19 15:15 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-05-19 15:15 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-05-19 15:15 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-05-19 15:15 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-05-19 15:15 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-05-19 15:15 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-05-19 15:15 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-05-19 15:15 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-05-19 15:15 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-05-19 15:15 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-05-19 15:15 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-05-19 15:15 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-05-19 15:15 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-05-19 15:15 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-05-19 15:15 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-05-19 15:15 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-05-19 15:15 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-05-19 15:15 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-05-19 15:15 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-05-19 15:15 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-05-19 15:15 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-05-19 15:15 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-05-19 15:15 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-05-19 15:15 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-05-19 15:15 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-05-19 15:15 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-05-19 15:15 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-05-19 15:15 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-05-19 15:15 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-05-19 15:15 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-05-19 15:15 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-05-19 15:15 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-05-19 15:15 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-05-19 15:15 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-05-19 15:15 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-05-19 15:15 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-05-19 15:15 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-05-19 15:15 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-05-19 15:15 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-05-19 15:15 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-05-19 15:15 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-05-19 15:15 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-05-19 15:15 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-05-19 15:15 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-05-19 15:15 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-05-19 15:15 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-05-19 15:15 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-05-19 15:15 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-05-19 15:15 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-05-19 15:15 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-05-19 15:15 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-05-19 15:15 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-05-19 15:15 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-05-19 15:15 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-05-19 15:15 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-05-19 15:15 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-05-19 15:15 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-05-19 15:15 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-05-19 15:15 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-05-19 15:15 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-05-19 15:15 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-05-19 15:15 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-05-19 15:15 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-05-19 15:15 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-05-19 15:15 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-05-19 15:15 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-05-19 15:15 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-05-19 15:15 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-05-19 15:15 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-05-19 15:15 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-05-19 15:15 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-05-19 15:15 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-05-19 15:15 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-05-19 15:15 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-05-19 15:15 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-05-19 15:15 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-05-19 15:14 - 2015-06-02 19:54 - 00045167 _____ () C:\Windows\DirectX.log
2015-05-19 15:14 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-05-19 15:14 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-05-19 15:14 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-05-19 15:14 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-05-19 15:14 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-05-19 15:14 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-05-19 15:14 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-05-19 15:14 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-05-19 15:14 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-05-19 15:14 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-05-19 15:14 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-05-19 15:14 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-05-19 15:14 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-05-19 15:14 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-05-19 15:14 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-05-19 15:14 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-05-19 15:14 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-05-19 15:14 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-05-19 15:14 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-05-19 15:14 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-05-19 15:14 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-05-19 15:14 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-05-19 15:14 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-05-19 15:14 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-05-19 15:14 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-05-19 15:14 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-05-19 15:14 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-05-19 15:14 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-05-19 15:14 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-05-19 15:14 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-05-19 15:14 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-05-19 15:14 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-05-19 15:14 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-05-19 15:14 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-05-19 15:14 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-05-19 15:14 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-05-19 15:14 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-05-19 15:14 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-05-19 15:14 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-05-19 15:14 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-05-19 15:14 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-05-19 15:14 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-05-19 15:14 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-05-19 15:14 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-05-19 15:14 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-05-19 15:14 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-05-19 15:14 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-05-19 15:14 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-05-19 15:14 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-05-19 15:14 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-05-19 15:14 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-05-19 15:14 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-05-19 15:14 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-05-19 15:14 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-05-19 15:14 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-05-19 15:14 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-05-19 15:14 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-05-19 15:14 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-05-19 15:14 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-05-19 15:14 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-05-19 15:14 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-05-19 15:14 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-05-19 15:14 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-05-19 15:14 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-05-19 15:14 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-05-19 15:14 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-05-19 15:14 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-05-19 15:14 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-05-19 15:14 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-05-19 15:14 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-05-19 15:14 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-05-19 15:14 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-05-19 15:14 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-05-19 15:14 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-05-19 15:14 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-05-19 15:14 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-05-19 15:11 - 2015-05-19 15:15 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-05-19 14:10 - 2015-05-19 14:10 - 00001128 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2015-05-19 14:10 - 2015-05-19 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2015-05-19 14:09 - 2015-05-20 21:54 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\BSplayer
2015-05-19 14:09 - 2015-05-19 14:09 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\BSplayer Pro
2015-05-19 14:09 - 2015-05-19 14:09 - 00000000 ____D () C:\Program Files (x86)\Webteh
2015-05-19 13:52 - 2015-05-19 13:52 - 00024576 _____ () C:\Users\Edi\AppData\Local\uninst.tmp
2015-05-19 09:40 - 2015-05-19 13:52 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-05-19 08:55 - 2012-06-03 01:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-05-19 08:55 - 2012-06-03 01:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-05-19 08:55 - 2012-06-03 01:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-05-19 08:55 - 2012-06-03 01:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-05-19 08:55 - 2012-06-03 01:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-05-19 08:55 - 2012-06-03 01:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-05-19 08:55 - 2012-06-03 01:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-05-19 08:54 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-05-19 08:54 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-05-19 08:49 - 2015-06-02 15:36 - 00006260 _____ () C:\Windows\PFRO.log
2015-05-19 01:42 - 2015-05-18 15:00 - 00000000 ____D () C:\Windows\Panther
2015-05-19 00:48 - 2015-05-19 00:48 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-05-19 00:48 - 2015-05-19 00:48 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-05-19 00:47 - 2015-05-19 00:47 - 00001313 _____ () C:\Windows\TSSysprep.log
2015-05-19 00:46 - 2015-06-03 11:52 - 00897994 _____ () C:\Windows\WindowsUpdate.log
2015-05-18 23:11 - 2015-05-18 23:11 - 00000000 ____D () C:\Users\Edi\AppData\Local\Steam
2015-05-18 23:06 - 2015-05-18 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-18 22:49 - 2015-05-23 19:11 - 00000000 ____D () C:\Users\Edi\AppData\Local\Popcorn-Time
2015-05-18 22:36 - 2015-05-18 22:36 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-05-18 22:34 - 2015-05-18 22:36 - 00000000 ____D () C:\Users\Edi\AppData\Local\Popcorn Time
2015-05-18 22:29 - 2015-05-18 22:29 - 00000000 ____D () C:\Users\Edi\Tracing
2015-05-18 22:28 - 2015-06-03 10:11 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\Skype
2015-05-18 22:28 - 2015-05-31 17:25 - 00000000 ____D () C:\ProgramData\Skype
2015-05-18 22:28 - 2015-05-18 22:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-18 22:28 - 2015-05-18 22:28 - 00000000 ____D () C:\Users\Edi\AppData\Local\Skype
2015-05-18 22:28 - 2015-05-18 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-05-18 22:20 - 2010-04-24 05:00 - 00336896 _____ (CANON INC.) C:\Windows\system32\CNMLM9W.DLL
2015-05-18 22:19 - 2015-05-24 16:26 - 00000000 ___RD () C:\Users\Edi\Desktop\programe
2015-05-18 22:18 - 2015-05-18 22:18 - 00000791 _____ () C:\Users\Edi\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-05-18 22:18 - 2015-05-18 22:18 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\Macromedia
2015-05-18 22:17 - 2015-06-02 15:36 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\uTorrent
2015-05-18 22:15 - 2015-05-18 22:15 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\AVAST Software
2015-05-18 22:15 - 2015-05-18 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-18 22:14 - 2015-06-03 10:10 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-18 22:14 - 2015-05-18 22:13 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-18 22:14 - 2015-05-18 22:13 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-18 22:14 - 2015-05-18 22:13 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-18 22:14 - 2015-05-18 22:13 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-18 22:14 - 2015-05-18 22:13 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-18 22:14 - 2015-05-18 22:13 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-18 22:14 - 2015-05-18 22:13 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-18 22:14 - 2015-05-18 22:13 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-18 22:14 - 2015-05-18 22:13 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-18 22:14 - 2015-05-18 22:13 - 00028144 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-05-18 22:13 - 2015-05-18 22:13 - 00449896 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-05-18 22:13 - 2015-05-18 22:13 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-18 22:11 - 2015-05-18 22:11 - 00000000 ____D () C:\Program Files\AVAST Software
2015-05-18 22:10 - 2015-05-18 22:10 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-18 22:09 - 2015-05-18 22:09 - 00270912 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2015-05-18 22:09 - 2015-05-18 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-05-18 22:09 - 2015-05-18 22:09 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2015-05-18 22:08 - 2015-05-22 14:21 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\DAEMON Tools Lite
2015-05-18 22:08 - 2015-05-18 22:08 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-05-18 22:07 - 2015-06-03 13:31 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-18 22:07 - 2015-05-24 13:57 - 00000000 ____D () C:\Users\Edi\AppData\Local\Adobe
2015-05-18 22:07 - 2015-05-18 22:07 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-18 22:07 - 2015-05-18 22:07 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-18 22:07 - 2015-05-18 22:07 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-18 22:07 - 2015-05-18 22:07 - 00000000 ____D () C:\Windows\system32\Macromed
2015-05-18 22:03 - 2015-05-18 22:03 - 00000000 ____D () C:\ProgramData\Sun
2015-05-18 22:03 - 2015-05-18 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-18 22:03 - 2015-05-18 22:02 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-05-18 22:02 - 2015-05-18 22:02 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-18 22:02 - 2015-05-18 22:02 - 00000000 ____D () C:\Program Files (x86)\Java
2015-05-18 22:00 - 2015-05-18 22:00 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\WinRAR
2015-05-18 22:00 - 2015-05-18 22:00 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2015-05-18 21:59 - 2015-06-01 20:00 - 00000000 ____D () C:\Users\Edi\AppData\Local\NVIDIA
2015-05-18 21:55 - 2015-05-19 22:57 - 00772886 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-18 21:50 - 2009-11-25 22:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-05-18 21:50 - 2009-11-25 22:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-05-18 21:50 - 2009-11-25 22:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2015-05-18 21:50 - 2009-11-25 22:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2015-05-18 21:50 - 2009-11-25 22:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2015-05-18 21:50 - 2009-11-25 22:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2015-05-18 21:50 - 2009-11-25 22:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2015-05-18 21:50 - 2009-11-25 22:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2015-05-18 21:50 - 2009-11-25 22:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2015-05-18 21:50 - 2009-11-25 22:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2015-05-18 21:49 - 2015-02-24 04:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-05-18 21:48 - 2015-05-28 10:04 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-18 21:48 - 2015-05-28 10:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-05-18 21:48 - 2015-05-28 10:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-05-18 21:48 - 2015-05-12 09:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-05-18 21:48 - 2015-05-12 09:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-05-18 21:48 - 2014-11-22 13:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-05-18 21:48 - 2014-11-22 13:46 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-05-18 21:48 - 2014-11-22 13:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-05-18 21:47 - 2015-05-24 13:57 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\Adobe
2015-05-18 21:46 - 2015-05-18 21:46 - 00000000 ____D () C:\NVIDIA
2015-05-18 21:36 - 2015-05-19 11:29 - 00000000 ____D () C:\Users\Edi\AppData\Local\Axialis
2015-05-18 21:32 - 2015-06-03 12:43 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-18 21:32 - 2015-06-03 10:10 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-18 21:32 - 2015-05-20 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-18 21:32 - 2015-05-19 15:38 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 21:32 - 2015-05-19 15:38 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-18 21:32 - 2015-05-18 21:32 - 00000000 ____D () C:\Users\Edi\AppData\Local\Google
2015-05-18 21:32 - 2015-05-18 21:32 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-18 21:31 - 2015-05-18 21:32 - 00000000 ____D () C:\Users\Edi\AppData\Local\Deployment
2015-05-18 21:31 - 2015-05-18 21:31 - 00000000 ____D () C:\Users\Edi\AppData\Local\Apps\2.0
2015-05-18 21:29 - 2015-05-18 21:29 - 00000000 ____D () C:\ProgramData\USBChargerPlus
2015-05-18 21:26 - 2015-05-18 21:26 - 03058304 _____ (ASUS) C:\Windows\AsScrPro.exe
2015-05-18 21:26 - 2015-05-18 21:26 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-05-18 21:25 - 2015-05-18 21:25 - 00003110 _____ () C:\Windows\System32\Tasks\ASUS Wireless Console 3
2015-05-18 21:25 - 2015-05-18 21:25 - 00003026 _____ () C:\Windows\System32\Tasks\ASUS USB Charger Plus
2015-05-18 21:24 - 2015-05-18 21:24 - 00003230 _____ () C:\Windows\System32\Tasks\SidebarExecute
2015-05-18 21:24 - 2015-05-18 21:24 - 00000000 ____D () C:\Program Files\ASUS
2015-05-18 21:24 - 2012-02-21 14:49 - 00162456 _____ (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
2015-05-18 21:23 - 2015-05-19 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-05-18 21:23 - 2009-07-20 12:29 - 00015416 _____ ( ) C:\Windows\system32\Drivers\kbfiltr.sys
2015-05-18 21:22 - 2015-05-18 21:22 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
2015-05-18 21:22 - 2011-10-06 06:15 - 00070753 _____ () C:\Windows\system32\athrextx.cat
2015-05-18 21:22 - 2011-10-03 23:49 - 02770944 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2015-05-18 21:22 - 2011-10-03 23:49 - 02770944 _____ (Atheros Communications, Inc.) C:\Windows\system32\athrx.sys
2015-05-18 21:20 - 2015-05-18 21:20 - 00000000 ____D () C:\ProgramData\Qualcomm Atheros
2015-05-18 21:18 - 2011-08-23 16:57 - 00565352 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-05-18 21:18 - 2011-08-23 16:57 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-05-18 21:18 - 2011-08-23 16:57 - 00074272 _____ () C:\Windows\system32\RtNicProp64.dll
2015-05-18 21:17 - 2015-05-18 21:17 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-05-18 21:17 - 2015-05-18 21:17 - 00000000 ____D () C:\Program Files\Realtek
2015-05-18 21:16 - 2012-07-17 16:26 - 04094608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-05-18 21:16 - 2012-07-16 14:23 - 00109200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-05-18 21:16 - 2012-07-16 12:09 - 00317061 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-05-18 21:16 - 2012-07-16 09:16 - 03643024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2015-05-18 21:16 - 2012-07-16 09:11 - 05821952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-05-18 21:16 - 2012-07-03 12:14 - 02692752 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-05-18 21:16 - 2012-07-02 10:39 - 01264272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-05-18 21:16 - 2012-06-27 09:38 - 07860600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2015-05-18 21:16 - 2012-06-27 09:37 - 02603896 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2015-05-18 21:16 - 2012-06-21 06:00 - 00583808 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-05-18 21:16 - 2012-06-15 06:20 - 07163784 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-05-18 21:16 - 2012-06-15 06:20 - 00433544 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-05-18 21:16 - 2012-06-15 06:20 - 00141192 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-05-18 21:16 - 2012-06-15 06:20 - 00123784 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-05-18 21:16 - 2012-06-15 06:20 - 00074632 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-05-18 21:16 - 2012-06-06 05:44 - 00869520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-05-18 21:16 - 2012-04-10 09:40 - 02533952 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-05-18 21:16 - 2012-04-03 13:42 - 01345368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2015-05-18 21:16 - 2012-04-03 13:42 - 01015640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-05-18 21:16 - 2012-02-17 10:54 - 00396632 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-05-18 21:16 - 2012-01-30 06:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-05-18 21:16 - 2012-01-23 17:30 - 00537456 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-05-18 21:16 - 2012-01-23 17:30 - 00524656 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-05-18 21:16 - 2012-01-23 17:30 - 00449392 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-05-18 21:16 - 2012-01-10 05:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-05-18 21:16 - 2011-12-20 10:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-05-18 21:16 - 2011-12-18 12:58 - 02131288 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2015-05-18 21:16 - 2011-12-13 11:58 - 01560168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-05-18 21:16 - 2011-11-22 11:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-05-18 21:16 - 2011-09-02 09:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-05-18 21:16 - 2011-09-02 09:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-05-18 21:16 - 2011-09-02 09:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-05-18 21:16 - 2011-08-23 12:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-05-18 21:16 - 2011-05-31 04:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-05-18 21:16 - 2011-03-17 07:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-05-18 21:16 - 2011-03-07 12:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-05-18 21:16 - 2010-11-08 02:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-05-18 21:16 - 2010-11-08 02:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-05-18 21:16 - 2010-11-08 02:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-05-18 21:16 - 2010-11-08 02:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-05-18 21:16 - 2010-11-08 02:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-05-18 21:16 - 2010-11-08 02:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-05-18 21:16 - 2010-11-03 13:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-05-18 21:16 - 2010-10-03 08:46 - 00341336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-05-18 21:16 - 2010-09-27 04:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-05-18 21:16 - 2010-07-22 11:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-05-18 21:16 - 2009-11-24 04:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-05-18 21:16 - 2009-11-24 04:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-05-18 21:16 - 2009-11-24 04:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-05-18 21:16 - 2009-11-24 04:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-05-18 21:15 - 2015-05-18 21:17 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-05-18 21:15 - 2015-05-18 21:15 - 00000000 ____D () C:\Windows\SysWOW64\sda
2015-05-18 21:15 - 2012-06-20 12:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-05-18 21:15 - 2012-05-25 13:06 - 01706640 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-05-18 21:15 - 2012-03-08 06:47 - 00202336 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-05-18 21:15 - 2012-03-08 06:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-05-18 21:15 - 2012-02-01 12:06 - 09888872 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsBaStorIcon.dll
2015-05-18 21:15 - 2011-05-31 04:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-05-18 21:15 - 2011-05-31 04:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-05-18 21:15 - 2011-05-31 04:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-05-18 21:15 - 2011-05-31 04:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-05-18 21:15 - 2011-05-31 04:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-05-18 21:15 - 2011-05-31 04:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-05-18 21:15 - 2011-05-31 04:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-05-18 21:15 - 2011-05-31 04:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-05-18 21:15 - 2011-05-31 04:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-05-18 21:15 - 2011-05-31 04:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-05-18 21:15 - 2011-05-31 04:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-05-18 21:14 - 2015-05-18 21:17 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-05-18 21:14 - 2012-02-01 12:06 - 00292968 ____R (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsBaStor.sys
2015-05-18 21:12 - 2015-05-20 11:51 - 00000000 ____D () C:\Program Files (x86)\ASUS
2015-05-18 21:12 - 2015-05-19 13:54 - 00007964 _____ () C:\Windows\DPINST.LOG
2015-05-18 21:12 - 2015-05-18 21:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2015-05-18 21:12 - 2015-05-18 21:12 - 00000000 ____D () C:\Program Files\DIFX
2015-05-18 21:11 - 2012-02-07 07:12 - 00787736 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2015-05-18 21:11 - 2012-02-07 07:12 - 00356120 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2015-05-18 21:11 - 2012-02-07 07:12 - 00016152 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2015-05-18 21:10 - 2015-05-18 21:10 - 00000000 ____D () C:\ProgramData\Intel
2015-05-18 21:10 - 2015-05-18 21:10 - 00000000 ____D () C:\Program Files\Intel
2015-05-18 21:10 - 2012-06-25 10:42 - 00015168 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-05-18 21:09 - 2015-06-02 19:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-18 21:09 - 2015-05-18 21:09 - 00015392 _____ () C:\Windows\system32\results.xml
2015-05-18 21:09 - 2015-05-18 21:09 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\InstallShield
2015-05-18 21:09 - 2012-07-02 15:16 - 00062784 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2015-05-18 21:07 - 2015-06-01 20:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-18 21:06 - 2015-06-01 20:08 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-18 21:06 - 2015-06-01 20:08 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-05-18 21:06 - 2015-05-28 07:15 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-18 21:06 - 2015-05-28 07:15 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-18 21:06 - 2015-05-28 07:15 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-18 21:06 - 2015-05-28 07:15 - 01059472 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-05-18 21:06 - 2015-05-28 07:15 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-18 21:06 - 2015-05-28 07:15 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-18 21:06 - 2015-05-28 07:15 - 00075080 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-05-18 21:06 - 2015-05-28 07:15 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-18 21:06 - 2015-05-27 13:48 - 04408727 _____ () C:\Windows\system32\nvcoproc.bin
2015-05-18 21:05 - 2015-06-01 20:08 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-05-18 21:05 - 2015-05-28 10:04 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-18 21:05 - 2015-05-28 10:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-05-18 21:05 - 2015-05-28 10:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-05-18 21:05 - 2015-05-28 10:04 - 00030966 _____ () C:\Windows\system32\nvinfo.pb
2015-05-18 21:05 - 2012-04-24 03:17 - 01737536 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco64.dll
2015-05-18 21:05 - 2012-04-24 03:17 - 01466176 _____ (NVIDIA Corporation) C:\Windows\system32\nvgenco64.dll
2015-05-18 21:05 - 2012-04-24 03:17 - 00364352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdecodemft.dll
2015-05-18 21:05 - 2012-04-24 03:17 - 00301376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvdecodemft.dll
2015-05-18 21:04 - 2015-05-18 21:04 - 00000000 ____D () C:\Program Files\Common Files\Intel
2015-05-18 21:04 - 2012-02-22 10:18 - 28979200 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 23463424 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 17213440 _____ () C:\Windows\system32\ig7icd64.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 14692224 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2015-05-18 21:04 - 2012-02-22 10:18 - 13020160 _____ () C:\Windows\SysWOW64\ig7icd32.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 09605632 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 09007616 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 08086528 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 07794688 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 06120960 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 05886232 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2015-05-18 21:04 - 2012-02-22 10:18 - 03747840 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 02967040 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 02866688 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 02321408 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 01981696 _____ () C:\Windows\system32\iglhxa64.cpa
2015-05-18 21:04 - 2012-02-22 10:18 - 00735796 _____ () C:\Windows\SysWOW64\igkrng700.bin
2015-05-18 21:04 - 2012-02-22 10:18 - 00735796 _____ () C:\Windows\system32\igkrng700.bin
2015-05-18 21:04 - 2012-02-22 10:18 - 00588800 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00561508 _____ () C:\Windows\SysWOW64\igfcg700m.bin
2015-05-18 21:04 - 2012-02-22 10:18 - 00561508 _____ () C:\Windows\system32\igfcg700m.bin
2015-05-18 21:04 - 2012-02-22 10:18 - 00524800 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00519680 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00516608 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00511768 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2015-05-18 21:04 - 2012-02-22 10:18 - 00440600 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2015-05-18 21:04 - 2012-02-22 10:18 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00430592 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00430080 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00410624 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00398616 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2015-05-18 21:04 - 2012-02-22 10:18 - 00386048 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00321024 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2015-05-18 21:04 - 2012-02-22 10:18 - 00276248 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2015-05-18 21:04 - 2012-02-22 10:18 - 00250136 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2015-05-18 21:04 - 2012-02-22 10:18 - 00237056 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00236032 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00221099 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2015-05-18 21:04 - 2012-02-22 10:18 - 00213504 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00193024 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00188416 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00177152 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00172032 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00170264 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2015-05-18 21:04 - 2012-02-22 10:18 - 00143155 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2015-05-18 21:04 - 2012-02-22 10:18 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2015-05-18 21:04 - 2012-02-22 10:18 - 00124962 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2015-05-18 21:04 - 2012-02-22 10:18 - 00123467 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2015-05-18 21:04 - 2012-02-22 10:18 - 00110592 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2653.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00079360 _____ () C:\Windows\system32\igdde64.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00063488 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00059425 _____ () C:\Windows\system32\iglhxo64.vp
2015-05-18 21:04 - 2012-02-22 10:18 - 00059398 _____ () C:\Windows\system32\iglhxg64.vp
2015-05-18 21:04 - 2012-02-22 10:18 - 00059230 _____ () C:\Windows\system32\iglhxc64.vp
2015-05-18 21:04 - 2012-02-22 10:18 - 00059104 _____ () C:\Windows\system32\iglhxc64_dev.vp
2015-05-18 21:04 - 2012-02-22 10:18 - 00058880 _____ () C:\Windows\SysWOW64\igdde32.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00058796 _____ () C:\Windows\system32\iglhxg64_dev.vp
2015-05-18 21:04 - 2012-02-22 10:18 - 00058109 _____ () C:\Windows\system32\iglhxo64_dev.vp
2015-05-18 21:04 - 2012-02-22 10:18 - 00052736 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00051200 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2015-05-18 21:04 - 2012-02-22 10:18 - 00018520 _____ () C:\Windows\system32\iglhxs64.vp
2015-05-18 21:04 - 2012-02-22 10:18 - 00009216 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2015-05-18 21:04 - 2012-02-22 10:17 - 00207830 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00191775 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00184600 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2015-05-18 21:04 - 2012-02-22 10:17 - 00164334 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00161613 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00157226 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00148033 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00146675 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00145687 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00145579 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00144338 _____ () C:\Windows\system32\Gfxres.ro-RO.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00143805 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00142664 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00142335 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00142189 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00141644 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00141435 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00140923 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00140885 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00140549 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00140122 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00139487 _____ () C:\Windows\system32\Gfxres.hr-HR.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00136451 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00136369 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00135868 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2015-05-18 21:04 - 2012-02-22 10:17 - 00131317 _____ () C:\Windows\system32\Gfxres.en-US.resources
2015-05-18 21:04 - 2012-02-20 05:31 - 00331264 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2015-05-18 21:04 - 2012-02-20 05:31 - 00014848 _____ (Intel® Corporation) C:\Windows\system32\IntcDAuC.dll
2015-05-18 21:02 - 2015-05-18 21:11 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-05-18 21:02 - 2015-05-18 21:03 - 00000000 ____D () C:\Intel
2015-05-18 21:02 - 2011-12-19 07:14 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-05-18 21:01 - 2015-05-20 11:53 - 01773448 _____ () C:\Windows\AsDebug.log
2015-05-18 21:01 - 2015-05-20 11:53 - 00563996 _____ () C:\Windows\AsCDProc.log
2015-05-18 15:08 - 2015-05-18 15:08 - 00000000 ____D () C:\Users\Edi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-05-18 15:07 - 2015-05-18 15:07 - 00057560 _____ () C:\Users\Edi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-18 15:04 - 2015-05-20 13:03 - 00001409 _____ () C:\Users\Edi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-05-18 15:04 - 2015-05-19 15:50 - 00000000 ____D () C:\Users\Edi\AppData\Local\VirtualStore
2015-05-18 15:04 - 2015-05-18 15:04 - 00000020 ___SH () C:\Users\Edi\ntuser.ini
2015-05-18 15:03 - 2015-05-18 22:29 - 00000000 ____D () C:\Users\Edi
2015-05-18 15:03 - 2009-07-14 07:54 - 00000000 ___RD () C:\Users\Edi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-18 15:03 - 2009-07-14 07:49 - 00000000 ___RD () C:\Users\Edi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-03 10:16 - 2009-07-14 08:13 - 00779038 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-06-03 10:16 - 2009-07-14 07:45 - 00020512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-03 10:16 - 2009-07-14 07:45 - 00020512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-03 10:09 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-03 10:09 - 2009-07-14 07:51 - 00025867 _____ () C:\Windows\setupact.log
2015-06-02 19:53 - 2009-07-14 08:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-21 14:25 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache
2015-05-20 13:17 - 2009-07-14 05:34 - 00000505 _____ () C:\Windows\win.ini
2015-05-20 11:13 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-19 19:47 - 2009-07-14 07:45 - 00265552 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-19 01:42 - 2009-07-14 08:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-05-19 01:42 - 2009-07-14 08:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-05-19 00:53 - 2009-07-14 07:51 - 00000269 _____ () C:\Windows\setuperr.log
2015-05-19 00:48 - 2009-07-14 06:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-19 00:47 - 2009-07-14 07:46 - 00001774 _____ () C:\Windows\DtcInstall.log
2015-05-19 00:47 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-05-19 00:43 - 2009-07-14 10:46 - 00000000 ____D () C:\Windows\CSC
2015-05-18 21:17 - 2012-12-18 19:27 - 00002295 _____ () C:\RHDSetup.log
2015-05-18 21:15 - 2012-12-18 19:25 - 00000204 _____ () C:\setup.log
2015-05-18 21:15 - 2009-07-14 08:32 - 00000000 ____D () C:\Windows\system32\restore
2015-05-18 21:10 - 2009-07-14 06:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-18 21:06 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\Help
2015-05-18 15:16 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-18 15:00 - 2009-07-14 07:45 - 00000000 ____D () C:\Windows\Setup
2015-05-18 14:59 - 2012-12-18 19:06 - 00000000 __SHD () C:\Recovery
 
==================== Files in the root of some directories =======
 
2015-05-20 12:44 - 2015-05-20 12:44 - 0613255 _____ (CMI Limited) C:\Users\Edi\AppData\Local\nsiC9E4.tmp
2015-06-02 15:17 - 2015-06-02 15:17 - 0613255 _____ (CMI Limited) C:\Users\Edi\AppData\Local\nspF1FA.tmp
2015-05-19 13:52 - 2015-05-19 13:52 - 0024576 _____ () C:\Users\Edi\AppData\Local\uninst.tmp
 
Some files in TEMP:
====================
C:\Users\Edi\AppData\Local\Temp\CoJBiBLauncher.exe
C:\Users\Edi\AppData\Local\Temp\msvcr80.dll
C:\Users\Edi\AppData\Local\Temp\SimPack.exe
C:\Users\Edi\AppData\Local\Temp\Uninstall.exe
C:\Users\Edi\AppData\Local\Temp\zlib1.dll
C:\Users\Edi\AppData\Local\Temp\_is338D.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-26 20:12
 
==================== End of log ============================
 
 
 
Hi, I've done as asked and posted in this topic. Here's a link to my previous topic http://www.bleepingcomputer.com/forums/t/578170/possible-infenction/
 
 
So, as I stated in the last topic, I wanted to update Windows 7 Ultimate to SP1 as it was requesting it. Instead of downloading actual files, it downloaded various malicious programs and suspicious browsers/anti-virus programs/software. I immediately deleted them and uninstalled them after the download. Just yesterday, I got my first pop up 2 weeks after downloading the malicious software. I rushed to uninstall, close the window and immediately run a virus scan. I use Avast anti-virus and I deleted all the detected infected files. I ran another scan this morning and no infected files were detected, however I'm not 100% sure my PC is safe.
 
Should you have any further questions or want further clarification, ask me and I'll answer ASAP!
PS: I have followed the Prep guide as requested.

Attached Files


Edited by Profetus, 03 June 2015 - 02:25 PM.


BC AdBot (Login to Remove)

 


m

#2 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:03:15 AM

Posted 04 June 2015 - 12:10 PM

Hi, Profetus! I'm going to try to help you out. :)

Before we get started, here are some things I need you to remember:

  • Please don't make any changes to your computer, or run programs, without asking me first! This will make it practically impossible for me to assist you.
  • Always read my posts completely before doing anything, and follow the instructions in the order I give them to you, unless stated otherwise.
  • If you're getting help elsewhere, or have already resolved the problem, please let me know so I can close this thread.
  • Please respond to me within five days of me replying to you. If you need more time, please let me know. I will close topics that I have not received a response from within five days.
  • Please be patient with me. I need some time to analyze your logs and responses so I can correctly help you. I should respond to you within two days, but if I haven't, please send me a PM! I may have missed your response. Bribing me with candy for faster replies is not advised.
  • If something goes wrong, you don't understand something, or you don't know what to do, please stop and ask me before proceeding with any further steps!

Farbar Recovery Scan Tool

First, let's clean out some infections. I need you to run a fix with FRST.

  • Open up Notepad, and copy and paste the text in the following box into the Notepad text field:
    C:\Users\Edi\AppData\Roaming\A0AA3900-1432063789-81E3-3292-50465DE9D4D3
    C:\Users\Edi\AppData\Local\A0AA3900-1432074794-81E3-3292-50465DE9D4D3
    HKU\S-1-5-21-3064971071-774296852-2689919416-1000\...\MountPoints2: {d9d2e147-fda6-11e4-b831-806e6f6e6963} - F:\InstAll.exe
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX&q={searchTerms}
    HKU\S-1-5-21-3064971071-774296852-2689919416-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX
    HKU\S-1-5-21-3064971071-774296852-2689919416-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX&q={searchTerms}
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3064971071-774296852-2689919416-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3064971071-774296852-2689919416-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX&q={searchTerms}
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1432063737&z=8752e25cdc155922dbcc5bcgez1cao8e8q4c8m7c9m&from=cvs&uid=HitachiXHTS545050A7E380_TA85113VDHB8TNDHB8TNX
    R2 duwekotu; C:\Users\Edi\AppData\Roaming\A0AA3900-1432063789-81E3-3292-50465DE9D4D3\nse6229.tmp [218624 2015-05-22] () [File not signed]
    R2 mihyfyzi; C:\Users\Edi\AppData\Local\A0AA3900-1432074794-81E3-3292-50465DE9D4D3\snswD30C.tmp [128000 2015-05-19] () [File not signed]
    S3 ASUSProcObsrv; \??\F:\I386\AsPrOb64.sys [X]
    C:\Users\Edi\AppData\Roaming\AnyProtectEx
    C:\Windows\system32\roboot64.exe
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk.1432116196.old
    C:\Users\Edi\AppData\Roaming\Opera Software
    C:\Windows\system32\Drivers\etc\hp.bak
    C:\ProgramData\IHProtectUpDate
    C:\Users\Edi\AppData\Local\uninst.tmp
    C:\Users\Edi\AppData\Local\nsiC9E4.tmp
    C:\Users\Edi\AppData\Local\nspF1FA.tmp
    C:\Users\Edi\AppData\Local\Temp\CoJBiBLauncher.exe
    C:\Users\Edi\AppData\Local\Temp\msvcr80.dll
    C:\Users\Edi\AppData\Local\Temp\SimPack.exe
    C:\Users\Edi\AppData\Local\Temp\Uninstall.exe
    C:\Users\Edi\AppData\Local\Temp\zlib1.dll
    C:\Users\Edi\AppData\Local\Temp\_is338D.exe
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    C:\Program Files (x86)\AnyProtectEx
    Task: {000F030B-1B14-47A5-A1BA-A3A3A5AD1A61} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: {57EE536D-D258-4F10-8B7F-B6DD997F76B2} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: {6BC3E971-E673-4C10-B2BC-2C244B1F09C2} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    FirewallRules: [TCP Query User{17465449-B31B-42CD-A653-6AF9781A0B80}C:\users\edi\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\edi\appdata\local\popcorn time\node-webkit\popcorn time.exe
    FirewallRules: [UDP Query User{91BE4F73-D509-455F-9FC9-C45141C6C44A}C:\users\edi\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\edi\appdata\local\popcorn time\node-webkit\popcorn time.exe
    Save it to the same location as FRST as fixlist.txt.
  • Open up FRST, and click the Fix button. If it asks you to reboot in order to complete the fix, please do so.
  • Once it's done fixing things, it will create Fixlog.txt in the same folder. Please copy and paste it into your reply.

Uninstall Programs

 

Next, I need you to uninstall some programs using either Programs and Features or Revo Uninstaller.

 

I see you have µTorrent installed. This is a peer-to-peer program, and although it is useful for sharing files, it is an extreme security risk. Even if not using it for illegal purposes, you may have your personal information shared without your knowledge, and can both download and even spread infections without knowing as well. The risk of this greatly increases with the sharing of illegal data. Because of the risks of using this program, I highly recommend you remove it from your computer. If you still want to keep it, let me know, and don't use it until we're done fixing your computer problems.

If you want to use Programs and Features:

  • Go to Start > Control Panel > Programs and Features.
  • Once it loads all the programs, uninstall the following, if present, one at a time:
    µTorrent

    BS.Player FREE

    From Sound

    Popcorn Time
    by clicking Change/Remove, and following the prompts in the uninstaller.

If you have any problems uninstalling a program using Programs and Features, proceed to the below method.

If you want to use Revo Uninstaller (which does a better job at cleaning up):

  • Download Revo from here, and save it to your desktop.
  • Double click the installer on your desktop, and let the program install.
  • Once it's done, double click the Revo Uninstaller shortcut on your desktop to run it. Once it loads all the programs, uninstall the following, if present, one at a time:
    µTorrent

    BS.Player FREE

    From Sound

    Popcorn Time

  • Double click the program, and say Yes on the prompt. Ensure the Moderate option is ticked, and click Next.
  • Follow the prompts in the built-in uninstaller, and then click Next in Revo.
  • If any registry remnants are found, check the bold items only. If there is a closed folder visible, click the + to expand it until you find the bold item. Then Delete the remnants.
  • Proceed again, and if any files/folders were found, delete those, too.

After all of this, I would like you to rerun a scan with FRST and post the log, so that I may get a fresh look at your system. Please also let me know things are running. :)

 

Gunto


Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#3 Profetus

Profetus
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 04 June 2015 - 12:42 PM

I have uninstalled Popcorn Time, From Sound, but I don't really want to uninstall utorrent and BS Player Free. How does BS Player affect my computer? Also, what are the current risks of my computer? Apologise if my questions bother you.

 

I hope BS player is not illegal, is it? I remember it was Free for personal use, not for commercial one.


Edited by Profetus, 04 June 2015 - 12:44 PM.


#4 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:03:15 AM

Posted 04 June 2015 - 01:44 PM

Hi,

 

Don't worry about asking questions! It's always best to learn :)

 

BS.Player is commonly known to bundle some malware with it upon installation. While this doesn't inherently make the program bad, using it could risk the program itself having some unwanted properties, and in general it's best to avoid software that's associated with malware. From what I've read about what it does, you could easily replace it with something such as VLC media player.

 

I have not found anything that would seriously worry me on your system, but I still see some very questionable items that should definitely be removed, especially considering your recent situation.

 

Also, did you run the FRST fix? :)

 

Gunto


Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#5 Profetus

Profetus
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 05 June 2015 - 03:48 AM

I have uninstalled BS Player, but I decided to keep utorrent. I have run FRST as you told me. I have attached all the requested files to this answer.

Attached Files



#6 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:03:15 AM

Posted 05 June 2015 - 10:29 AM

Hi,

 

Understood. In the future, please simply copy and paste the contents of text files into your reply if possible; it makes them considerably easier to read. :)

 

Also, is the computer running well now?

 

Farbar Recovery Scan Tool

I need you to run another fix with FRST. Getting rid of a few more things.

  • Open up Notepad, and copy and paste the text in the following box into the Notepad text field:
    C:\ProgramData\boost_interprocess
    C:\Users\Edi\AppData\Roaming\BSplayer
    C:\Users\Edi\AppData\Roaming\BSplayer Pro
    C:\Program Files (x86)\Webteh
    C:\Program Files (x86)\Temp
    Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
    Save it to the same location as FRST as fixlist.txt.
  • Open up FRST, and click the Fix button. If it asks you to reboot in order to complete the fix, please do so.
  • Once it's done fixing things, it will create Fixlog.txt in the same folder. Please copy and paste it into your reply.

Malwarebytes

Next, I need you to run a scan with Malwarebytes Anti-Malware. This will check for leftovers that are hiding.

  • Download MBAM from here, and save it to your desktop.
  • Double click the installer to run it. During the installation, simply follow the prompts and let the program install. However, if you do not want to start a trial of the full version, please decline, and if offered any external toolbars/programs, feel free to uncheck to install them.
  • On the main interface, click Update Now >>, and check for updates. If a new version of MBAM is included in the update, follow the prompts and install it.
  • Once the program is done updating, click Scan at the top of the main interface. Then tick the Custom Scan option, and hit the Scan Now >> button. On this screen, make sure every box is checked, then start the scan. If there is an update available, allow MBAM to update.
  • Once the scan is finished, click Apply Actions to any found malware. If MBAM asks you to reboot, do so immediately.
  • When done, retrieve the log by clicking History on the main interface, then Application logs. View the log of the scan you just ran, then click the Copy to Clipboard button, and paste it into your reply.

Gunto


Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#7 Profetus

Profetus
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 05 June 2015 - 12:50 PM

The computer is smooth as it has always been. This is the result of Malwarebytes

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 6/5/2015
Scan Time: 6:54:48 PM
Logfile: 
Administrator: Yes
 
Version: 2.01.6.1022
Malware Database: v2015.06.05.03
Rootkit Database: v2015.06.02.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7
CPU: x64
File System: NTFS
User: Edi
 
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 426676
Time Elapsed: 1 hr, 35 min, 0 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 36
PUP.Optional.EduApp.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EBFBDD44-C0E0-4F63-A8E6-EE5F34765238}, Quarantined, [5abd486f6b1ff046b5b4e976ed1605fb], 
PUP.Optional.EduApp.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EBFBDD44-C0E0-4F63-A8E6-EE5F34765238}, Quarantined, [5abd486f6b1ff046b5b4e976ed1605fb], 
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, Quarantined, [e2354a6d6e1c3ff76854e006d42ff010], 
PUP.Optional.Crossbrowse.A, HKLM\SOFTWARE\WOW6432NODE\Crossbrowse, Quarantined, [799ec9ee7911f73f00d10fdb42c123dd], 
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\GAMESDESKTOP, Quarantined, [34e3c1f65a301422a1bd0defff04847c], 
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, Quarantined, [839412a51d6df640efa6956317ec6b95], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, Quarantined, [3fd880377a102a0c69dd89aed82ca25e], 
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, Quarantined, [7f9804b38406ba7c635410ef4eb521df], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, Quarantined, [57c03d7ae1a9b77f7aa364071bea39c7], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance, Quarantined, [3add40772e5cf04684ca48ad45be768a], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, Quarantined, [55c283347911989e72fab53dd52e639d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, Quarantined, [1ef95e59860488aeff6cf101d82bbe42], 
PUP.Optional.VoPackage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, Quarantined, [26f11d9a42480036e7d7d8a1ac59c739], 
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, Quarantined, [63b42394781285b17da720e0689cb44c], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, Quarantined, [b364c2f569217bbb7dec1ed443c01fe1], 
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, Quarantined, [55c2952209811620f3a472a30ef65fa1], 
PUP.Optional.Tuto4Pc.A, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS, Quarantined, [47d020976c1e979f598ac9adfd08af51], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Quarantined, [5fb814a3e3a7a096176dc73b60a48080], 
PUP.Optional.Crossbrowse.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\Crossbrowse, Quarantined, [9a7dc3f4b1d9b6806e621ad0c63d2ed2], 
PUP.Optional.Crossbrowse.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\CrossBrowser, Quarantined, [a572d7e0e3a73105686827c35ca7a55b], 
PUP.Optional.HomeTab.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\HomeTab, Quarantined, [9d7a9621cbbf1d19f47759c436ce946c], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\SearchProtectWS, Quarantined, [e433b3047911cd694a24a15150b3ee12], 
PUP.Optional.TNT.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\TNT2, Quarantined, [dd3ac2f592f8af879b81fdf7b84be818], 
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\TutoTag, Quarantined, [12058e292664f442ab240a6319eca55b], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\WajIntEnhance, Quarantined, [22f5ccebdfab5bdb6ce3d421b15206fa], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, Quarantined, [f720288f246642f4a65d09e60af99c64], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, Quarantined, [4ec913a46c1e290dd133e80733d0d52b], 
PUP.Optional.Linkey.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, Quarantined, [f2252e89216957dfff0621cefc071ce4], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, Quarantined, [4dcad2e5f199af8765250974ad5845bb], 
PUP.Optional.Vosteran.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, Quarantined, [8a8d486f8cfe4cea20e65c938182f60a], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, Quarantined, [ba5dfdba325873c38087cc235aa96a96], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\SIMPLYTECH\HomeTabWajIEnhance, Quarantined, [dd3a02b5cfbba6908edcd31ffd06c23e], 
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\SYSTWEAK\ssd, Quarantined, [d047c5f22d5de3534d49e035ee1611ef], 
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\TUTORIALS\updatetutorialeshp, Quarantined, [5eb9793e2a60c47258547f7435ce9d63], 
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\TUTORIALS\updatetutorialshp, Quarantined, [e82fb3041872e84edad38a692ed52ad6], 
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-3064971071-774296852-2689919416-1000\SOFTWARE\TUTORIALS\updv, Quarantined, [3add199ea1e984b200ae50a3ce35d12f], 
 
Registry Values: 1
PUP.Optional.Tuto4Pc.A, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS|HostGUID, 6A03271B-AB19-4C72-879A-C98DE3E0D412, Quarantined, [47d020976c1e979f598ac9adfd08af51]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 1
PUP.Optional.GamesDesktop.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP, Quarantined, [32e5bef93456bb7b330624b4c142a15f], 
 
Files: 9
PUP.Optional.AnyProtect, C:\FRST\Quarantine\C\Users\Edi\AppData\Local\nsiC9E4.tmp.xBAD, Quarantined, [d245e1d6cac090a62f5c302d788b6a96], 
PUP.Optional.AnyProtect, C:\FRST\Quarantine\C\Users\Edi\AppData\Local\nspF1FA.tmp.xBAD, Quarantined, [64b3407733571b1b2566c895e0231be5], 
PUP.Optional.AnyProtect, C:\Users\Edi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJCS81FN\AnyProtectSetup[1].exe, Quarantined, [9186e8cf8cfe2c0aa1eaff5e80830af6], 
PUP.Optional.AnyProtect.A, C:\Users\Edi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X3II1MEL\AnyProtect[1].exe, Quarantined, [74a3a512602a92a45b03611022e44ab6], 
PUP.Optional.BrowseFox, C:\Users\Edi\AppData\Local\Temp\nsuE1E8.tmp, Quarantined, [958267501971e650f170233fca3843bd], 
PUP.Optional.Crossbrowse.C, C:\Users\Edi\AppData\Local\Temp\6869\setup.exe, Quarantined, [23f4d5e2d3b77fb735fe86ec1cea5da3], 
PUP.Optional.MyStartSearch.A, C:\Users\Edi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage, Quarantined, [8691d6e1800aea4ca97513e5cb38d52b], 
PUP.Optional.MyStartSearch.A, C:\Users\Edi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal, Quarantined, [d344cbec1f6b64d268b66395c73cd42c], 
PUP.Optional.GamesDesktop.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP\GamesDesktop.lnk, Quarantined, [32e5bef93456bb7b330624b4c142a15f], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 
This is the fixlog:
 
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Edi at 2015-06-05 18:50:01 Run:2
Running from C:\Users\Edi\Downloads
Loaded Profiles: Edi (Available Profiles: Edi)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
C:\ProgramData\boost_interprocess
C:\Users\Edi\AppData\Roaming\BSplayer
C:\Users\Edi\AppData\Roaming\BSplayer Pro
C:\Program Files (x86)\Webteh
C:\Program Files (x86)\Temp
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
*****************
 
C:\ProgramData\boost_interprocess => Moved successfully.
C:\Users\Edi\AppData\Roaming\BSplayer => Moved successfully.
C:\Users\Edi\AppData\Roaming\BSplayer Pro => Moved successfully.
C:\Program Files (x86)\Webteh => Moved successfully.
C:\Program Files (x86)\Temp => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}\\SystemComponent => value Removed successfully
 
==== End of Fixlog 18:50:02 ====
 
 
 
Also, what were the infenctions I had and what were the risks? Are they fully removed now?

 



#8 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:03:15 AM

Posted 05 June 2015 - 08:31 PM

Hi,

 

Very good. :)

 

It's pretty difficult to tell you exactly what infections you had, since you did most of the cleaning on your own prior to asking for help here. As previously mentioned, though, you most likely had some form of Trojan that was downloading heaps of malware. With regards to the infections I personally helped you with, almost all of them were junk programs that typically install alongside other (questionable) software, and can do anything from nag you with ads, track your internet activity, change and lock your homepage and/or default search engine, redirect your searches, and sometimes try to get you to download more malware. There were a few things I found that I simply didn't recognize, but all things considered should be classified as questionable at best, and thus they were removed.

 

I can't say to what full extent your risks were, since I can't possibly know every single infection you had before I started helping. At best, we can assume that whatever malware you had simply existed to install more of the same and did nothing else, but of course I can't say for certain. From what I've removed, however, I'd say your biggest risk was something you already had downloading something worse. All in all, with MBAM cleaning up the leftovers and me mulling over your logs, I would say you're malware-free at this point, and that your biggest concern is probably uTorrent. :)

 

With all that said... congrats, your computer looks free of malware! :woot:

However, we'll need to clean up the tools we used to make it that way.

  • Download DelFix from here, and save it to your desktop.
  • Double click the file to run it. On the main screen, make sure the following options are checked:
    Remove disinfection tools
    Purge system restore

    Click the Run button after ensuring the above options are selected.
  • Once the program is done running, a log will pop up. Please copy and paste it into your final reply.

Here are some steps to improve how your computer works, and to help you from getting infected again.

Keep all of your software updated. This is especially true for your antivirus. Keeping your software up-to-date is one of the most important steps to keeping malware out of your system. Old versions of many different programs have security vulnerabilities that malware targets to infect your system, whereas many of these would be fixed in updates. In addition to that, outdated definitions for your antivirus (and other security programs) may fail to detect newer malware that has since been added to the database. For new software version updates, I recommend FileHippo App Manager. However, FH doesn't find all updates, so be sure to manually check for updates as well.

Browse safely. Much of the time, malware gets in because the user isn't cautious. Examples of safe browsing include:

  • Don't open emails from people you don't know, especially if it has an attachment. Files (especially those with a .bat, .com, .exe and .scr extension) should never be trusted unless you know for a fact that you can trust the source. You should also be careful with these files even from friends, since their emails might actually be from bots using their addresses.
  • Don't install things that you don't trust. For example, some websites will ask you to install programs in order to use a certain functionality, especially supposed updates to programs such as Flash and Java. If your software is up-to-date, it's probably a fake.
  • In addition to the above, be careful even when installing programs that you recognize. Sometimes, programs will install other software when a user doesn't pay attention, so always make sure to decline offers for programs you don't want or recognize.

Happy surfing! :)

Gunto


Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#9 Profetus

Profetus
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 06 June 2015 - 09:21 AM

Thank you for your tips and for everything you've done. Here's the log:

 

 

# DelFix v1.010 - Logfile created 06/06/2015 at 17:21:28
# Updated 26/04/2015 by Xplode
# Username : Edi - EDI-PC
# Operating System : Windows 7 Professional  (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\Users\Edi\Downloads\Fixlog.txt
Deleted : C:\Users\Edi\Downloads\FRST64.exe
 
~ Cleaning system restore ...
 
 
New restore point created !
 
########## - EOF - ##########
 


#10 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:03:15 AM

Posted 06 June 2015 - 12:30 PM

You're very welcome. I'm happy to help! :)

 

Since your problems seem to be solved, I'm locking this topic. However, if you still need help, please send me (or any moderator if I am unavailable) a PM asking for this topic to be unlocked.


Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users