Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Got sourceapp from somewhere, cant remove it so far

Started by Deathtomalware , Dec 13 2014 12:57 PM

  • This topic is locked This topic is locked
11 replies to this topic

#1 Deathtomalware

Deathtomalware

    New Member

  • Authentic Member
  • Pip
  • 13 posts

Posted 13 December 2014 - 12:57 PM

 Farbar log

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2014
Ran by Igor (administrator) on IGOR-PC on 13-12-2014 12:39:02
Running from C:\Users\Igor\Documents
Loaded Profile: Igor (Available profiles: Igor)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\runSW.exe
() C:\Program Files (x86)\Linksys WUSB6300\WifiSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek) C:\Windows\SwUSB.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Beepa P/L) C:\Fraps\fraps.exe
(Beepa P/L) C:\Fraps\fraps64.dat
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.5383\Battle.net.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Steam\SteamApps\common\Prototype 2\prototype2.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-13] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\Run: [Facebook Update] => C:\Users\Igor\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-08-30] (Facebook Inc.)
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3639568 2014-07-10] (Disc Soft Ltd)
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\MountPoints2: E - E:\autorun.exe
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\MountPoints2: {1d39732e-7eda-11e4-8bb3-e03f497acee8} - E:\autorun.exe
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\MountPoints2: {e609e7cd-21ba-11e4-8bbe-806e6f6e6963} - D:\autorun.exe
Startup: C:\Users\Igor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Assassin's Creed.LNK
ShortcutTarget: Registration Assassin's Creed.LNK -> C:\Program Files (x86)\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe (Ubisoft)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-1626927325-613763113-2581705868-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Igor\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-1626927325-613763113-2581705868-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-13]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://search.findwide.com/?guid={3E5F75C6-FA73-40AD-9788-FBFDAF7B9B82}&serpv=29
CHR Profile: C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-11]
CHR Extension: (Google Drive) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-11]
CHR Extension: (YouTube) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-11]
CHR Extension: (Google Search) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-11]
CHR Extension: (Avast Online Security) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-14]
CHR Extension: (Crackle) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2014-08-11]
CHR Extension: (SourceApp) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaecljocfhdjcdhckepieoehdmpnjjp [2014-12-08]
CHR Extension: (Google Wallet) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-11]
CHR Extension: (Gmail) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-13]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [112640 2014-09-15] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-13] (AVAST Software)
R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [887056 2014-07-10] (Disc Soft Ltd)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-08-30] (Macrovision Europe Ltd.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 RunSwUSB; C:\Windows\runSW.exe [44104 2013-05-23] ()
R2 WSWUSB6300; C:\Program Files (x86)\Linksys WUSB6300\WifiSvc.exe [312144 2013-07-22] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [293088 2014-09-15] (Advanced Micro Devices)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-13] ()
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29696 2014-12-08] (Disc Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [2355416 2013-06-14] (Realtek Semiconductor Corporation                           )
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-13 12:39 - 2014-12-13 12:39 - 00014226 _____ () C:\Users\Igor\Documents\FRST.txt
2014-12-13 12:38 - 2014-12-13 12:39 - 00000000 ____D () C:\FRST
2014-12-13 12:29 - 2014-12-13 12:29 - 02119168 _____ (Farbar) C:\Users\Igor\Documents\FRST64.exe
2014-12-13 12:28 - 2014-12-13 12:28 - 05198336 _____ (AVAST Software) C:\Users\Igor\Documents\aswMBR.exe
2014-12-13 07:08 - 2014-12-13 07:08 - 00000000 ____D () C:\Users\Igor\Documents\activision
2014-12-12 05:43 - 2014-12-13 12:16 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-12 05:43 - 2014-12-12 05:43 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-12 05:43 - 2014-12-12 05:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-12 05:43 - 2014-12-12 05:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-12 05:43 - 2014-12-12 05:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-12 05:43 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-12 05:43 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-12 05:43 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-12 05:42 - 2014-12-12 05:42 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Igor\Documents\mbam-setup-2.0.4.1028.exe
2014-12-10 05:27 - 2014-12-10 05:27 - 00000000 __SHD () C:\Users\Igor\AppData\Local\EmieBrowserModeList
2014-12-10 00:02 - 2014-11-10 21:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 00:02 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 00:01 - 2014-11-26 19:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 00:01 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 00:01 - 2014-11-21 21:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 00:01 - 2014-11-21 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 00:01 - 2014-11-21 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 00:01 - 2014-11-21 20:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 00:01 - 2014-11-21 20:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 00:01 - 2014-11-21 20:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 00:01 - 2014-11-21 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 00:01 - 2014-11-21 20:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 00:01 - 2014-11-21 20:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 00:01 - 2014-11-21 20:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 00:01 - 2014-11-21 20:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 00:01 - 2014-11-21 20:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 00:01 - 2014-11-21 20:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 00:01 - 2014-11-21 20:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 00:01 - 2014-11-21 20:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 00:01 - 2014-11-21 20:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 00:01 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 00:01 - 2014-11-21 20:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 00:01 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 00:01 - 2014-11-21 20:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 00:01 - 2014-11-21 20:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 00:01 - 2014-11-21 20:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 00:01 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 00:01 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 00:01 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 00:01 - 2014-11-21 20:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 00:01 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 00:01 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 00:01 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 00:01 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 00:01 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 00:01 - 2014-11-21 19:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 00:01 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 00:01 - 2014-11-21 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 00:01 - 2014-11-21 19:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 00:01 - 2014-11-21 19:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 00:01 - 2014-11-21 19:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 00:01 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 00:01 - 2014-11-21 19:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 00:01 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 00:01 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 00:01 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 00:01 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 00:01 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 00:01 - 2014-11-21 19:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 00:01 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 00:01 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 00:01 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 00:01 - 2014-11-21 19:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 00:01 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 00:01 - 2014-11-21 19:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 00:01 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 00:01 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 00:01 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 07:27 - 2014-12-09 07:27 - 00001416 _____ () C:\Users\Igor\Downloads\default.cfg
2014-12-08 23:46 - 2014-12-08 23:46 - 00000464 __RSH () C:\ProgramData\ntuser.pol
2014-12-08 15:31 - 2014-12-08 15:31 - 00000000 ____D () C:\Users\Igor\AppData\Local\Disc_Soft_Ltd
2014-12-08 15:02 - 2014-12-08 15:02 - 00002214 _____ () C:\Users\Public\Desktop\Doom 3 BFG Edition.lnk
2014-12-08 15:02 - 2014-12-08 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
2014-12-08 14:49 - 2014-12-08 14:49 - 00000000 ____D () C:\Program Files (x86)\Bethesda Softworks
2014-12-08 14:47 - 2014-12-08 14:49 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\DAEMON Tools Ultra
2014-12-08 14:47 - 2014-12-08 14:48 - 00029696 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtscsibus.sys
2014-12-08 14:47 - 2014-12-08 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Ultra
2014-12-08 14:47 - 2014-12-08 14:48 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Ultra
2014-12-08 14:47 - 2014-12-08 14:47 - 00001989 _____ () C:\Users\Public\Desktop\DAEMON Tools Ultra.lnk
2014-12-08 14:47 - 2014-12-08 14:47 - 00000000 ____D () C:\ProgramData\DAEMON Tools Ultra
2014-12-08 07:04 - 2014-12-08 12:09 - 00000000 ____D () C:\Users\Igor\Downloads\Doom 3 BFG Ultimate Edition
2014-12-07 07:06 - 2014-12-07 07:07 - 24287084 _____ () C:\Users\Igor\Documents\dafuq.mp4
2014-12-06 08:06 - 2014-12-06 08:06 - 00000000 ____D () C:\Users\Igor\AppData\Local\Skyrim
2014-12-04 12:24 - 2014-12-04 12:24 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\RenPy
2014-12-04 12:24 - 2014-12-04 12:24 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\AMD
2014-12-03 00:20 - 2014-12-03 00:21 - 00160064 _____ () C:\Users\Igor\Documents\Welcome to  the  Machine.mp3.sfk
2014-12-03 00:16 - 2014-12-03 00:16 - 00154792 _____ () C:\Users\Igor\Documents\Pink Floyd - Welcome To The Machine.mp3.sfk
2014-12-03 00:16 - 2014-12-03 00:16 - 00074000 _____ () C:\Users\Igor\Documents\Skrillex - Ruffneck - FULL Flex [Music Video].mp3.sfk
2014-12-02 09:42 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-12-02 09:42 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-12-02 09:42 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-12-02 09:42 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-12-02 09:42 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-12-02 09:42 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-12-02 09:42 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-12-02 09:42 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-12-02 09:42 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-12-02 09:42 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-12-02 09:42 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-12-02 09:42 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-12-02 09:41 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-12-02 09:41 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-12-02 09:41 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-12-02 09:41 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-12-02 09:41 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-12-02 09:41 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-12-02 09:41 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-12-02 09:41 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-12-02 09:41 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-12-02 09:41 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-12-02 09:41 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-12-02 09:41 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-12-02 09:41 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-12-02 09:41 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-12-02 09:41 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-12-02 09:41 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-12-02 09:41 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-12-02 09:41 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-12-02 09:41 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-12-02 09:41 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-12-02 09:41 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-12-02 09:41 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-12-02 09:41 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-12-02 09:41 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-12-02 09:41 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-12-02 09:41 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-12-02 09:41 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-12-02 09:41 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-12-02 09:41 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-12-02 09:41 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-12-02 09:41 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-12-02 09:41 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-12-02 09:41 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-12-02 09:41 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-12-02 09:41 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-12-02 09:41 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-12-02 09:41 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-12-02 09:41 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-12-02 09:41 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-12-02 09:41 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-12-02 09:41 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-12-02 09:41 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-12-02 09:41 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-12-02 09:41 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-12-02 09:41 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-12-02 09:41 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-12-02 09:41 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-12-02 09:41 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-12-02 09:41 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-12-02 09:41 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-12-02 09:41 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-12-02 09:41 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-12-02 09:41 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-12-02 09:41 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-12-02 09:41 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-12-02 09:41 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-12-02 09:41 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-12-02 09:41 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-12-02 09:41 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-12-02 09:41 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-12-02 09:41 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-12-02 09:41 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-12-02 09:41 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-12-02 09:41 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-12-02 09:41 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-12-02 09:41 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-12-02 09:41 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-12-02 09:41 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-12-02 09:41 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-12-02 09:41 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-12-02 09:41 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-12-02 09:41 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-12-02 09:41 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-12-02 09:41 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-12-02 09:41 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-12-02 09:41 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-12-02 09:41 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-12-02 09:41 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-12-02 09:41 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-12-02 09:41 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-12-02 09:41 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-12-02 09:41 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-12-02 09:41 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-12-02 09:41 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-12-02 09:41 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-12-02 09:41 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-12-02 09:41 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-12-02 09:41 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-12-02 09:41 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-12-02 09:41 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-12-02 09:41 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-11-28 04:43 - 2014-11-28 04:43 - 00000436 _____ () C:\Users\Igor\Documents\df.txt
2014-11-18 12:31 - 2014-11-10 21:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 12:31 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 12:31 - 2014-11-10 20:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 12:31 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-15 14:14 - 2014-11-15 14:14 - 00000224 _____ () C:\Users\Igor\Documents\Jib.mp3.sfk
2014-11-15 05:42 - 2014-11-15 05:42 - 00001752 _____ () C:\Users\Igor\Documents\End of Days.mp3.sfk
2014-11-15 05:40 - 2014-11-15 05:40 - 00001240 _____ () C:\Users\Igor\Documents\Madness.mp3.sfk
2014-11-15 05:37 - 2014-11-15 05:43 - 00045192 _____ () C:\Users\Igor\Documents\Yogg Saron Audio.mp3.sfk
2014-11-14 20:35 - 2014-11-14 20:26 - 00032380 _____ () C:\Users\Igor\Documents\Save0003.sav
2014-11-14 20:28 - 2014-11-14 20:29 - 00000000 ____D () C:\Users\Igor\Documents\Editor
2014-11-14 12:20 - 2014-11-14 12:20 - 00001014 _____ () C:\Users\Igor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2014-11-14 12:19 - 2014-11-14 12:23 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\Curse Client
2014-11-14 12:19 - 2014-11-14 12:19 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\Curse
2014-11-14 12:18 - 2014-11-14 12:19 - 30958736 _____ (Curse) C:\Users\Igor\Documents\CurseClientSetup.exe
2014-11-13 23:26 - 2014-11-13 23:30 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\Curse Advertising
2014-11-13 23:26 - 2014-11-13 23:26 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-11-13 23:23 - 2014-11-13 23:23 - 00402696 _____ () C:\Users\Igor\Documents\setup.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-13 12:35 - 2014-08-11 23:48 - 00000000 ____D () C:\Users\Igor\AppData\Local\Battle.net
2014-12-13 12:24 - 2014-08-12 02:42 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-13 12:23 - 2014-08-12 21:22 - 00366659 _____ () C:\Windows\DirectX.log
2014-12-13 11:59 - 2014-08-11 22:42 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-13 10:52 - 2014-08-30 03:47 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1626927325-613763113-2581705868-1000UA.job
2014-12-13 05:25 - 2009-07-13 22:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-13 05:25 - 2009-07-13 22:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-13 05:21 - 2014-08-12 08:57 - 01621046 _____ () C:\Windows\WindowsUpdate.log
2014-12-13 05:20 - 2014-10-24 13:20 - 00003134 _____ () C:\Windows\System32\Tasks\FRAPS
2014-12-13 05:20 - 2014-10-24 13:20 - 00000000 ____D () C:\Fraps
2014-12-13 05:20 - 2014-09-23 19:20 - 00242135 _____ () C:\Windows\runSW.log
2014-12-13 05:20 - 2014-08-11 22:42 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-13 05:18 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-13 05:17 - 2009-07-13 22:51 - 00048759 _____ () C:\Windows\setupact.log
2014-12-12 20:31 - 2014-09-15 14:44 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-12-12 20:27 - 2014-08-11 22:44 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\Skype
2014-12-12 16:31 - 2010-11-20 21:47 - 00045998 _____ () C:\Windows\PFRO.log
2014-12-12 04:52 - 2014-08-30 03:47 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1626927325-613763113-2581705868-1000Core.job
2014-12-12 01:57 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-12-12 00:03 - 2014-08-11 22:42 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-11 13:27 - 2014-08-13 10:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-11 05:54 - 2014-09-12 03:13 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\vlc
2014-12-10 17:12 - 2014-08-11 23:48 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-10 06:06 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-09 21:26 - 2014-10-14 18:45 - 00000000 ____D () C:\Users\Igor\AppData\Local\._LiveCode_
2014-12-09 05:57 - 2009-07-13 20:34 - 00000505 _____ () C:\Windows\win.ini
2014-12-08 21:52 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-12-08 14:34 - 2014-08-27 19:48 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\uTorrent
2014-12-07 16:03 - 2014-10-28 14:00 - 00000000 ____D () C:\Program Files (x86)\Glyph
2014-12-06 08:04 - 2014-08-15 01:59 - 00000000 ____D () C:\Users\Igor\Documents\my games
2014-12-06 08:04 - 2009-07-13 23:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-05 19:38 - 2009-07-13 23:13 - 00781694 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-04 05:50 - 2014-09-14 14:37 - 00000000 ____D () C:\Users\Igor\AppData\Local\dxhr
2014-12-03 15:54 - 2014-08-11 22:25 - 00000000 ____D () C:\World of Warcraft
2014-12-03 04:54 - 2014-08-11 18:07 - 00000000 ____D () C:\Users\Igor
2014-12-02 09:06 - 2014-09-15 05:03 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft Public Test
2014-11-21 13:10 - 2014-08-13 10:13 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-19 03:36 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-15 14:14 - 2014-08-30 15:57 - 00000000 ____D () C:\Users\Igor\Documents\rt
2014-11-15 13:21 - 2014-08-30 23:08 - 00000000 ____D () C:\Users\Igor\Documents\New Folder (2)
2014-11-15 13:17 - 2014-09-15 05:23 - 00002584 _____ () C:\Users\Igor\Documents\Talk dirty ringtone.mp3.sfk
2014-11-15 13:15 - 2014-08-30 22:12 - 00000000 ____D () C:\Users\Igor\Downloads\New folder
2014-11-14 11:54 - 2014-08-11 22:42 - 00000000 ____D () C:\Users\Igor\AppData\Local\Deployment
2014-11-14 11:40 - 2014-08-15 02:07 - 00000000 ____D () C:\Users\Igor\Documents\Dragon Nest
2014-11-13 04:54 - 2014-08-11 22:42 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 04:54 - 2014-08-11 22:42 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
 
Some content of TEMP:
====================
C:\Users\Igor\AppData\Local\Temp\bitool.dll
C:\Users\Igor\AppData\Local\Temp\NGMDll.dll
C:\Users\Igor\AppData\Local\Temp\NGMResource.dll
C:\Users\Igor\AppData\Local\Temp\raptrpatch.exe
C:\Users\Igor\AppData\Local\Temp\raptr_stub.exe
C:\Users\Igor\AppData\Local\Temp\Syndicate.exe
C:\Users\Igor\AppData\Local\Temp\tmpC3F.exe
C:\Users\Igor\AppData\Local\Temp\unicows.dll
C:\Users\Igor\AppData\Local\Temp\_is96A4.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-06 20:50
 
==================== End Of Log ============================
 
aswMBR
 
aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2014-12-13 12:41:15
-----------------------------
12:41:15.370    OS Version: Windows x64 6.1.7601 Service Pack 1
12:41:15.370    Number of processors: 2 586 0x1001
12:41:15.371    ComputerName: IGOR-PC  UserName: Igor
12:41:16.695    Initialize success
12:41:16.707    VM: initialized successfully
12:41:16.710    VM: Amd CPU supported virtualized 
12:41:19.965    AVAST engine defs: 14121301
12:41:29.882    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000068
12:41:29.885    Disk 0 Vendor: WDC_WD50 18.0 Size: 476940MB BusType: 11
12:41:29.992    Disk 0 MBR read successfully
12:41:29.997    Disk 0 MBR scan
12:41:30.007    Disk 0 Windows 7 default MBR code
12:41:30.014    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
12:41:30.042    Disk 0 scanning C:\Windows\system32\drivers
12:41:37.459    Service scanning
12:41:53.826    Modules scanning
12:41:53.854    Disk 0 trace - called modules:
12:41:53.881    ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys 
12:41:53.892    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045ae060]
12:41:53.903    3 CLASSPNP.SYS[fffff880019ba43f] -> nt!IofCallDriver -> [0xfffffa80040a4ac0]
12:41:53.911    5 amd_xata.sys[fffff88001072d00] -> nt!IofCallDriver -> \Device\00000068[0xfffffa80040a0770]
12:41:54.433    AVAST engine scan C:\Windows
12:41:55.985    AVAST engine scan C:\Windows\system32
12:44:22.191    AVAST engine scan C:\Windows\system32\drivers
12:44:31.239    AVAST engine scan C:\Users\Igor
12:49:35.594    AVAST engine scan C:\ProgramData
12:50:56.554    Disk 0 statistics 4012943/0/0 @ 4.50 MB/s
12:50:56.573    Scan finished successfully
12:52:50.184    Disk 0 MBR has been saved successfully to "C:\Users\Igor\Documents\MBR.dat"
12:52:50.190    The log file has been saved successfully to "C:\Users\Igor\Documents\aswMBR.txt"
 
 
 

    Advertisements

Register to Remove

#2 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 13 December 2014 - 09:37 PM

Hello Deathtomalware, welcome to WhatTheTech's Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that.   :)
 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

  • Please ensure you read through my instructions thoroughly, and carry out each step in the order specified.
  • Please do not post logs using the CODEQUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation and providing the best set of instructions for you.
  • Please backup important files before proceeding with my instructions. Malware removal can be unpredictable.  
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
  • Topics are locked if no response is made after 4 days. Please inform me if you require additional time to complete my instructions.
  • Ensure you are following this topic. Click etYzdbu.png at the top of the page. 
     

======================================================
 
STEP 1
BY4dvz9.png AdwCleaner

  • Please download AdwCleaner and save the file to your Desktop.
  • Right-Click AdwCleaner.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts. 
  • Click Scan
  • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. 
  • Ensure anything you know to be legitimate does not have a checkmark, and click Clean
  • Follow the prompts and allow your computer to reboot
  • After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.
 
 
STEP 2
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
     

STEP 3
E3feWj5.png Junkware Removal Tool (JRT)

  • Please download Junkware Removal Tool and save the file to your Desktop.
  • Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click JRT.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts and allow the scan to run uninterrupted. 
  • Upon completion, a log (JRT.txt) will open on your desktop.
  • Re-enable your anti-virus software.
  • Copy the contents of JRT.txt and paste in your next reply.

 
======================================================
 
STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • AdwCleaner[S0].txt
  • FRST.txt
  • Addition.txt
  • JRT.txt

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

#3 Deathtomalware

Deathtomalware

    New Member

  • Authentic Member
  • Pip
  • 13 posts

Posted 14 December 2014 - 05:43 AM

i really just have the forum name because it asked me to make one. you can use my real name 

FRST log

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2014
Ran by Igor (administrator) on IGOR-PC on 13-12-2014 12:39:02
Running from C:\Users\Igor\Documents
Loaded Profile: Igor (Available profiles: Igor)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\runSW.exe
() C:\Program Files (x86)\Linksys WUSB6300\WifiSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek) C:\Windows\SwUSB.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Beepa P/L) C:\Fraps\fraps.exe
(Beepa P/L) C:\Fraps\fraps64.dat
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.5383\Battle.net.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Steam\SteamApps\common\Prototype 2\prototype2.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-13] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\Run: [Facebook Update] => C:\Users\Igor\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-08-30] (Facebook Inc.)
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3639568 2014-07-10] (Disc Soft Ltd)
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\MountPoints2: E - E:\autorun.exe
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\MountPoints2: {1d39732e-7eda-11e4-8bb3-e03f497acee8} - E:\autorun.exe
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\MountPoints2: {e609e7cd-21ba-11e4-8bbe-806e6f6e6963} - D:\autorun.exe
Startup: C:\Users\Igor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Assassin's Creed.LNK
ShortcutTarget: Registration Assassin's Creed.LNK -> C:\Program Files (x86)\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe (Ubisoft)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-1626927325-613763113-2581705868-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Igor\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-1626927325-613763113-2581705868-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-13]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://search.findwide.com/?guid={3E5F75C6-FA73-40AD-9788-FBFDAF7B9B82}&serpv=29
CHR Profile: C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-11]
CHR Extension: (Google Drive) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-11]
CHR Extension: (YouTube) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-11]
CHR Extension: (Google Search) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-11]
CHR Extension: (Avast Online Security) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-14]
CHR Extension: (Crackle) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2014-08-11]
CHR Extension: (SourceApp) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaecljocfhdjcdhckepieoehdmpnjjp [2014-12-08]
CHR Extension: (Google Wallet) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-11]
CHR Extension: (Gmail) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-13]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [112640 2014-09-15] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-13] (AVAST Software)
R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [887056 2014-07-10] (Disc Soft Ltd)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-08-30] (Macrovision Europe Ltd.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 RunSwUSB; C:\Windows\runSW.exe [44104 2013-05-23] ()
R2 WSWUSB6300; C:\Program Files (x86)\Linksys WUSB6300\WifiSvc.exe [312144 2013-07-22] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [293088 2014-09-15] (Advanced Micro Devices)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-13] ()
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29696 2014-12-08] (Disc Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [2355416 2013-06-14] (Realtek Semiconductor Corporation                           )
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-13 12:39 - 2014-12-13 12:39 - 00014226 _____ () C:\Users\Igor\Documents\FRST.txt
2014-12-13 12:38 - 2014-12-13 12:39 - 00000000 ____D () C:\FRST
2014-12-13 12:29 - 2014-12-13 12:29 - 02119168 _____ (Farbar) C:\Users\Igor\Documents\FRST64.exe
2014-12-13 12:28 - 2014-12-13 12:28 - 05198336 _____ (AVAST Software) C:\Users\Igor\Documents\aswMBR.exe
2014-12-13 07:08 - 2014-12-13 07:08 - 00000000 ____D () C:\Users\Igor\Documents\activision
2014-12-12 05:43 - 2014-12-13 12:16 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-12 05:43 - 2014-12-12 05:43 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-12 05:43 - 2014-12-12 05:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-12 05:43 - 2014-12-12 05:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-12 05:43 - 2014-12-12 05:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-12 05:43 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-12 05:43 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-12 05:43 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-12 05:42 - 2014-12-12 05:42 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Igor\Documents\mbam-setup-2.0.4.1028.exe
2014-12-10 05:27 - 2014-12-10 05:27 - 00000000 __SHD () C:\Users\Igor\AppData\Local\EmieBrowserModeList
2014-12-10 00:02 - 2014-11-10 21:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 00:02 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 00:01 - 2014-11-26 19:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 00:01 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 00:01 - 2014-11-21 21:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 00:01 - 2014-11-21 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 00:01 - 2014-11-21 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 00:01 - 2014-11-21 20:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 00:01 - 2014-11-21 20:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 00:01 - 2014-11-21 20:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 00:01 - 2014-11-21 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 00:01 - 2014-11-21 20:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 00:01 - 2014-11-21 20:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 00:01 - 2014-11-21 20:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 00:01 - 2014-11-21 20:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 00:01 - 2014-11-21 20:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 00:01 - 2014-11-21 20:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 00:01 - 2014-11-21 20:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 00:01 - 2014-11-21 20:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 00:01 - 2014-11-21 20:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 00:01 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 00:01 - 2014-11-21 20:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 00:01 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 00:01 - 2014-11-21 20:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 00:01 - 2014-11-21 20:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 00:01 - 2014-11-21 20:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 00:01 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 00:01 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 00:01 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 00:01 - 2014-11-21 20:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 00:01 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 00:01 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 00:01 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 00:01 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 00:01 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 00:01 - 2014-11-21 19:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 00:01 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 00:01 - 2014-11-21 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 00:01 - 2014-11-21 19:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 00:01 - 2014-11-21 19:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 00:01 - 2014-11-21 19:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 00:01 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 00:01 - 2014-11-21 19:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 00:01 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 00:01 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 00:01 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 00:01 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 00:01 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 00:01 - 2014-11-21 19:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 00:01 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 00:01 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 00:01 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 00:01 - 2014-11-21 19:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 00:01 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 00:01 - 2014-11-21 19:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 00:01 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 00:01 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 00:01 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 07:27 - 2014-12-09 07:27 - 00001416 _____ () C:\Users\Igor\Downloads\default.cfg
2014-12-08 23:46 - 2014-12-08 23:46 - 00000464 __RSH () C:\ProgramData\ntuser.pol
2014-12-08 15:31 - 2014-12-08 15:31 - 00000000 ____D () C:\Users\Igor\AppData\Local\Disc_Soft_Ltd
2014-12-08 15:02 - 2014-12-08 15:02 - 00002214 _____ () C:\Users\Public\Desktop\Doom 3 BFG Edition.lnk
2014-12-08 15:02 - 2014-12-08 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
2014-12-08 14:49 - 2014-12-08 14:49 - 00000000 ____D () C:\Program Files (x86)\Bethesda Softworks
2014-12-08 14:47 - 2014-12-08 14:49 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\DAEMON Tools Ultra
2014-12-08 14:47 - 2014-12-08 14:48 - 00029696 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtscsibus.sys
2014-12-08 14:47 - 2014-12-08 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Ultra
2014-12-08 14:47 - 2014-12-08 14:48 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Ultra
2014-12-08 14:47 - 2014-12-08 14:47 - 00001989 _____ () C:\Users\Public\Desktop\DAEMON Tools Ultra.lnk
2014-12-08 14:47 - 2014-12-08 14:47 - 00000000 ____D () C:\ProgramData\DAEMON Tools Ultra
2014-12-08 07:04 - 2014-12-08 12:09 - 00000000 ____D () C:\Users\Igor\Downloads\Doom 3 BFG Ultimate Edition
2014-12-07 07:06 - 2014-12-07 07:07 - 24287084 _____ () C:\Users\Igor\Documents\dafuq.mp4
2014-12-06 08:06 - 2014-12-06 08:06 - 00000000 ____D () C:\Users\Igor\AppData\Local\Skyrim
2014-12-04 12:24 - 2014-12-04 12:24 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\RenPy
2014-12-04 12:24 - 2014-12-04 12:24 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\AMD
2014-12-03 00:20 - 2014-12-03 00:21 - 00160064 _____ () C:\Users\Igor\Documents\Welcome to  the  Machine.mp3.sfk
2014-12-03 00:16 - 2014-12-03 00:16 - 00154792 _____ () C:\Users\Igor\Documents\Pink Floyd - Welcome To The Machine.mp3.sfk
2014-12-03 00:16 - 2014-12-03 00:16 - 00074000 _____ () C:\Users\Igor\Documents\Skrillex - Ruffneck - FULL Flex [Music Video].mp3.sfk
2014-12-02 09:42 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-12-02 09:42 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-12-02 09:42 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-12-02 09:42 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-12-02 09:42 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-12-02 09:42 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-12-02 09:42 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-12-02 09:42 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-12-02 09:42 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-12-02 09:42 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-12-02 09:42 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-12-02 09:42 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-12-02 09:41 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-12-02 09:41 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-12-02 09:41 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-12-02 09:41 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-12-02 09:41 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-12-02 09:41 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-12-02 09:41 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-12-02 09:41 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-12-02 09:41 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-12-02 09:41 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-12-02 09:41 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-12-02 09:41 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-12-02 09:41 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-12-02 09:41 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-12-02 09:41 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-12-02 09:41 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-12-02 09:41 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-12-02 09:41 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-12-02 09:41 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-12-02 09:41 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-12-02 09:41 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-12-02 09:41 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-12-02 09:41 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-12-02 09:41 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-12-02 09:41 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-12-02 09:41 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-12-02 09:41 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-12-02 09:41 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-12-02 09:41 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-12-02 09:41 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-12-02 09:41 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-12-02 09:41 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-12-02 09:41 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-12-02 09:41 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-12-02 09:41 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-12-02 09:41 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-12-02 09:41 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-12-02 09:41 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-12-02 09:41 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-12-02 09:41 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-12-02 09:41 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-12-02 09:41 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-12-02 09:41 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-12-02 09:41 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-12-02 09:41 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-12-02 09:41 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-12-02 09:41 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-12-02 09:41 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-12-02 09:41 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-12-02 09:41 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-12-02 09:41 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-12-02 09:41 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-12-02 09:41 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-12-02 09:41 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-12-02 09:41 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-12-02 09:41 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-12-02 09:41 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-12-02 09:41 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-12-02 09:41 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-12-02 09:41 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-12-02 09:41 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-12-02 09:41 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-12-02 09:41 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-12-02 09:41 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-12-02 09:41 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-12-02 09:41 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-12-02 09:41 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-12-02 09:41 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-12-02 09:41 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-12-02 09:41 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-12-02 09:41 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-12-02 09:41 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-12-02 09:41 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-12-02 09:41 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-12-02 09:41 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-12-02 09:41 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-12-02 09:41 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-12-02 09:41 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-12-02 09:41 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-12-02 09:41 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-12-02 09:41 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-12-02 09:41 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-12-02 09:41 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-12-02 09:41 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-12-02 09:41 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-12-02 09:41 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-12-02 09:41 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-12-02 09:41 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-12-02 09:41 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-12-02 09:41 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-12-02 09:41 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-11-28 04:43 - 2014-11-28 04:43 - 00000436 _____ () C:\Users\Igor\Documents\df.txt
2014-11-18 12:31 - 2014-11-10 21:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 12:31 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 12:31 - 2014-11-10 20:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 12:31 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-15 14:14 - 2014-11-15 14:14 - 00000224 _____ () C:\Users\Igor\Documents\Jib.mp3.sfk
2014-11-15 05:42 - 2014-11-15 05:42 - 00001752 _____ () C:\Users\Igor\Documents\End of Days.mp3.sfk
2014-11-15 05:40 - 2014-11-15 05:40 - 00001240 _____ () C:\Users\Igor\Documents\Madness.mp3.sfk
2014-11-15 05:37 - 2014-11-15 05:43 - 00045192 _____ () C:\Users\Igor\Documents\Yogg Saron Audio.mp3.sfk
2014-11-14 20:35 - 2014-11-14 20:26 - 00032380 _____ () C:\Users\Igor\Documents\Save0003.sav
2014-11-14 20:28 - 2014-11-14 20:29 - 00000000 ____D () C:\Users\Igor\Documents\Editor
2014-11-14 12:20 - 2014-11-14 12:20 - 00001014 _____ () C:\Users\Igor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2014-11-14 12:19 - 2014-11-14 12:23 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\Curse Client
2014-11-14 12:19 - 2014-11-14 12:19 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\Curse
2014-11-14 12:18 - 2014-11-14 12:19 - 30958736 _____ (Curse) C:\Users\Igor\Documents\CurseClientSetup.exe
2014-11-13 23:26 - 2014-11-13 23:30 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\Curse Advertising
2014-11-13 23:26 - 2014-11-13 23:26 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-11-13 23:23 - 2014-11-13 23:23 - 00402696 _____ () C:\Users\Igor\Documents\setup.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-13 12:35 - 2014-08-11 23:48 - 00000000 ____D () C:\Users\Igor\AppData\Local\Battle.net
2014-12-13 12:24 - 2014-08-12 02:42 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-13 12:23 - 2014-08-12 21:22 - 00366659 _____ () C:\Windows\DirectX.log
2014-12-13 11:59 - 2014-08-11 22:42 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-13 10:52 - 2014-08-30 03:47 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1626927325-613763113-2581705868-1000UA.job
2014-12-13 05:25 - 2009-07-13 22:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-13 05:25 - 2009-07-13 22:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-13 05:21 - 2014-08-12 08:57 - 01621046 _____ () C:\Windows\WindowsUpdate.log
2014-12-13 05:20 - 2014-10-24 13:20 - 00003134 _____ () C:\Windows\System32\Tasks\FRAPS
2014-12-13 05:20 - 2014-10-24 13:20 - 00000000 ____D () C:\Fraps
2014-12-13 05:20 - 2014-09-23 19:20 - 00242135 _____ () C:\Windows\runSW.log
2014-12-13 05:20 - 2014-08-11 22:42 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-13 05:18 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-13 05:17 - 2009-07-13 22:51 - 00048759 _____ () C:\Windows\setupact.log
2014-12-12 20:31 - 2014-09-15 14:44 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-12-12 20:27 - 2014-08-11 22:44 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\Skype
2014-12-12 16:31 - 2010-11-20 21:47 - 00045998 _____ () C:\Windows\PFRO.log
2014-12-12 04:52 - 2014-08-30 03:47 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1626927325-613763113-2581705868-1000Core.job
2014-12-12 01:57 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-12-12 00:03 - 2014-08-11 22:42 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-11 13:27 - 2014-08-13 10:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-11 05:54 - 2014-09-12 03:13 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\vlc
2014-12-10 17:12 - 2014-08-11 23:48 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-10 06:06 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-09 21:26 - 2014-10-14 18:45 - 00000000 ____D () C:\Users\Igor\AppData\Local\._LiveCode_
2014-12-09 05:57 - 2009-07-13 20:34 - 00000505 _____ () C:\Windows\win.ini
2014-12-08 21:52 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-12-08 14:34 - 2014-08-27 19:48 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\uTorrent
2014-12-07 16:03 - 2014-10-28 14:00 - 00000000 ____D () C:\Program Files (x86)\Glyph
2014-12-06 08:04 - 2014-08-15 01:59 - 00000000 ____D () C:\Users\Igor\Documents\my games
2014-12-06 08:04 - 2009-07-13 23:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-05 19:38 - 2009-07-13 23:13 - 00781694 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-04 05:50 - 2014-09-14 14:37 - 00000000 ____D () C:\Users\Igor\AppData\Local\dxhr
2014-12-03 15:54 - 2014-08-11 22:25 - 00000000 ____D () C:\World of Warcraft
2014-12-03 04:54 - 2014-08-11 18:07 - 00000000 ____D () C:\Users\Igor
2014-12-02 09:06 - 2014-09-15 05:03 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft Public Test
2014-11-21 13:10 - 2014-08-13 10:13 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-19 03:36 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-15 14:14 - 2014-08-30 15:57 - 00000000 ____D () C:\Users\Igor\Documents\rt
2014-11-15 13:21 - 2014-08-30 23:08 - 00000000 ____D () C:\Users\Igor\Documents\New Folder (2)
2014-11-15 13:17 - 2014-09-15 05:23 - 00002584 _____ () C:\Users\Igor\Documents\Talk dirty ringtone.mp3.sfk
2014-11-15 13:15 - 2014-08-30 22:12 - 00000000 ____D () C:\Users\Igor\Downloads\New folder
2014-11-14 11:54 - 2014-08-11 22:42 - 00000000 ____D () C:\Users\Igor\AppData\Local\Deployment
2014-11-14 11:40 - 2014-08-15 02:07 - 00000000 ____D () C:\Users\Igor\Documents\Dragon Nest
2014-11-13 04:54 - 2014-08-11 22:42 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 04:54 - 2014-08-11 22:42 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
 
Some content of TEMP:
====================
C:\Users\Igor\AppData\Local\Temp\bitool.dll
C:\Users\Igor\AppData\Local\Temp\NGMDll.dll
C:\Users\Igor\AppData\Local\Temp\NGMResource.dll
C:\Users\Igor\AppData\Local\Temp\raptrpatch.exe
C:\Users\Igor\AppData\Local\Temp\raptr_stub.exe
C:\Users\Igor\AppData\Local\Temp\Syndicate.exe
C:\Users\Igor\AppData\Local\Temp\tmpC3F.exe
C:\Users\Igor\AppData\Local\Temp\unicows.dll
C:\Users\Igor\AppData\Local\Temp\_is96A4.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-06 20:50
 
==================== End Of Log ============================
 
 
ADW Cleaner
 
# AdwCleaner v4.105 - Report created 14/12/2014 at 05:28:08
# Updated 08/12/2014 by Xplode
# Database : 2014-12-13.4 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Igor - IGOR-PC
# Running from : C:\Users\Igor\Documents\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
 
-\\ Google Chrome v39.0.2171.95
 
[C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.findwide.com/serp?guid={3E5F75C6-FA73-40AD-9788-FBFDAF7B9B82}&action=default_search&serpv=29&k={searchTerms}
[C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.findwide.com/serp?guid={3E5F75C6-FA73-40AD-9788-FBFDAF7B9B82}&action=default_search&serpv=29&k={searchTerms}
[C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [2677 octets] - [14/12/2014 05:25:53]
AdwCleaner[S0].txt - [2618 octets] - [14/12/2014 05:28:08]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2678 octets] ##########
 
 
JRT
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Professional x64
Ran by Igor on Sun 12/14/2014 at  5:32:26.16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Users\Igor\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Igor\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal"
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 12/14/2014 at  5:39:40.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Edited by Deathtomalware, 14 December 2014 - 05:44 AM.

#4 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 14 December 2014 - 12:07 PM

Hello, 

 

Please reread my instructions. 

 

I asked you to rerun FRST after AdwCleaner. 

You've only posted the log from the first scan. 

 

-----------------

 

Rerun FRST. Ensure you place a checkmark next to Addition.txt and click Scan

Include both FRST.txt AND Addition.txt in your next reply. 


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

#5 Deathtomalware

Deathtomalware

    New Member

  • Authentic Member
  • Pip
  • 13 posts

Posted 15 December 2014 - 09:37 AM

sorry. must have gotten them messed up.

 

here is the post adw frst log

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by Igor (administrator) on IGOR-PC on 15-12-2014 09:02:38
Running from C:\Users\Igor\Documents
Loaded Profile: Igor (Available profiles: Igor)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\runSW.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Beepa P/L) C:\Fraps\fraps.exe
(Realtek) C:\Windows\SwUSB.exe
() C:\Program Files (x86)\Linksys WUSB6300\WifiSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Beepa P/L) C:\Fraps\fraps64.dat
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Igor\Documents\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-13] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\Run: [Facebook Update] => C:\Users\Igor\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-08-30] (Facebook Inc.)
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3639568 2014-07-10] (Disc Soft Ltd)
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\MountPoints2: E - E:\autorun.exe
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\MountPoints2: {1d39732e-7eda-11e4-8bb3-e03f497acee8} - E:\autorun.exe
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\MountPoints2: {e609e7cd-21ba-11e4-8bbe-806e6f6e6963} - D:\autorun.exe
Startup: C:\Users\Igor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Assassin's Creed.LNK
ShortcutTarget: Registration Assassin's Creed.LNK -> C:\Program Files (x86)\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe (Ubisoft)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1626927325-613763113-2581705868-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-1626927325-613763113-2581705868-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Igor\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-1626927325-613763113-2581705868-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-13]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://search.findwide.com/?guid={3E5F75C6-FA73-40AD-9788-FBFDAF7B9B82}&serpv=29
CHR Profile: C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-11]
CHR Extension: (Google Drive) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-11]
CHR Extension: (YouTube) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-11]
CHR Extension: (Google Search) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-11]
CHR Extension: (Avast Online Security) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-14]
CHR Extension: (Crackle) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2014-08-11]
CHR Extension: (SourceApp) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaecljocfhdjcdhckepieoehdmpnjjp [2014-12-08]
CHR Extension: (Google Wallet) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-11]
CHR Extension: (Gmail) - C:\Users\Igor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-13]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [112640 2014-09-15] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-13] (AVAST Software)
R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [887056 2014-07-10] (Disc Soft Ltd)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-08-30] (Macrovision Europe Ltd.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 RunSwUSB; C:\Windows\runSW.exe [44104 2013-05-23] ()
R2 WSWUSB6300; C:\Program Files (x86)\Linksys WUSB6300\WifiSvc.exe [312144 2013-07-22] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [293088 2014-09-15] (Advanced Micro Devices)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-13] ()
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29696 2014-12-08] (Disc Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [2355416 2013-06-14] (Realtek Semiconductor Corporation                           )
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-15 09:01 - 2014-12-15 09:01 - 02119168 _____ (Farbar) C:\Users\Igor\Documents\FRST64 (1).exe
2014-12-14 05:39 - 2014-12-14 05:39 - 00000930 _____ () C:\Users\Igor\Desktop\JRT.txt
2014-12-14 05:32 - 2014-12-14 05:32 - 01707646 _____ (Thisisu) C:\Users\Igor\Documents\JRT.exe
2014-12-14 05:32 - 2014-12-14 05:32 - 00000000 ____D () C:\Windows\ERUNT
2014-12-14 05:30 - 2014-12-14 05:30 - 00002770 _____ () C:\Users\Igor\Desktop\AdwCleaner[S0].txt
2014-12-14 05:25 - 2014-12-15 08:58 - 00000000 ____D () C:\AdwCleaner
2014-12-14 05:25 - 2014-12-14 05:25 - 02166272 _____ () C:\Users\Igor\Documents\AdwCleaner.exe
2014-12-13 12:52 - 2014-12-13 12:52 - 00001960 _____ () C:\Users\Igor\Documents\aswMBR.txt
2014-12-13 12:52 - 2014-12-13 12:52 - 00000512 _____ () C:\Users\Igor\Documents\MBR.dat
2014-12-13 12:41 - 2014-12-13 12:41 - 00053144 _____ () C:\Users\Igor\Desktop\FRST.txt
2014-12-13 12:39 - 2014-12-15 09:02 - 00013949 _____ () C:\Users\Igor\Documents\FRST.txt
2014-12-13 12:39 - 2014-12-13 12:40 - 00026582 _____ () C:\Users\Igor\Documents\Addition.txt
2014-12-13 12:38 - 2014-12-15 09:02 - 00000000 ____D () C:\FRST
2014-12-13 12:29 - 2014-12-13 12:29 - 02119168 _____ (Farbar) C:\Users\Igor\Documents\FRST64.exe
2014-12-13 12:28 - 2014-12-13 12:28 - 05198336 _____ (AVAST Software) C:\Users\Igor\Documents\aswMBR.exe
2014-12-13 07:08 - 2014-12-13 07:08 - 00000000 ____D () C:\Users\Igor\Documents\activision
2014-12-12 05:43 - 2014-12-15 09:02 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-12 05:43 - 2014-12-12 05:43 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-12 05:43 - 2014-12-12 05:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-12 05:43 - 2014-12-12 05:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-12 05:43 - 2014-12-12 05:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-12 05:43 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-12 05:43 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-12 05:43 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-12 05:42 - 2014-12-12 05:42 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Igor\Documents\mbam-setup-2.0.4.1028.exe
2014-12-10 05:27 - 2014-12-10 05:27 - 00000000 __SHD () C:\Users\Igor\AppData\Local\EmieBrowserModeList
2014-12-10 00:02 - 2014-11-10 21:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 00:02 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 00:01 - 2014-11-26 19:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 00:01 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 00:01 - 2014-11-21 21:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 00:01 - 2014-11-21 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 00:01 - 2014-11-21 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 00:01 - 2014-11-21 20:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 00:01 - 2014-11-21 20:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 00:01 - 2014-11-21 20:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 00:01 - 2014-11-21 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 00:01 - 2014-11-21 20:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 00:01 - 2014-11-21 20:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 00:01 - 2014-11-21 20:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 00:01 - 2014-11-21 20:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 00:01 - 2014-11-21 20:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 00:01 - 2014-11-21 20:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 00:01 - 2014-11-21 20:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 00:01 - 2014-11-21 20:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 00:01 - 2014-11-21 20:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 00:01 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 00:01 - 2014-11-21 20:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 00:01 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 00:01 - 2014-11-21 20:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 00:01 - 2014-11-21 20:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 00:01 - 2014-11-21 20:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 00:01 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 00:01 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 00:01 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 00:01 - 2014-11-21 20:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 00:01 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 00:01 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 00:01 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 00:01 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 00:01 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 00:01 - 2014-11-21 19:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 00:01 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 00:01 - 2014-11-21 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 00:01 - 2014-11-21 19:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 00:01 - 2014-11-21 19:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 00:01 - 2014-11-21 19:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 00:01 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 00:01 - 2014-11-21 19:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 00:01 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 00:01 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 00:01 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 00:01 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 00:01 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 00:01 - 2014-11-21 19:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 00:01 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 00:01 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 00:01 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 00:01 - 2014-11-21 19:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 00:01 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 00:01 - 2014-11-21 19:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 00:01 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 00:01 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 00:01 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 07:27 - 2014-12-09 07:27 - 00001416 _____ () C:\Users\Igor\Downloads\default.cfg
2014-12-08 23:46 - 2014-12-08 23:46 - 00000464 __RSH () C:\ProgramData\ntuser.pol
2014-12-08 15:31 - 2014-12-08 15:31 - 00000000 ____D () C:\Users\Igor\AppData\Local\Disc_Soft_Ltd
2014-12-08 15:02 - 2014-12-08 15:02 - 00002214 _____ () C:\Users\Public\Desktop\Doom 3 BFG Edition.lnk
2014-12-08 15:02 - 2014-12-08 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
2014-12-08 14:49 - 2014-12-08 14:49 - 00000000 ____D () C:\Program Files (x86)\Bethesda Softworks
2014-12-08 14:47 - 2014-12-08 14:49 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\DAEMON Tools Ultra
2014-12-08 14:47 - 2014-12-08 14:48 - 00029696 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtscsibus.sys
2014-12-08 14:47 - 2014-12-08 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Ultra
2014-12-08 14:47 - 2014-12-08 14:48 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Ultra
2014-12-08 14:47 - 2014-12-08 14:47 - 00001989 _____ () C:\Users\Public\Desktop\DAEMON Tools Ultra.lnk
2014-12-08 14:47 - 2014-12-08 14:47 - 00000000 ____D () C:\ProgramData\DAEMON Tools Ultra
2014-12-08 07:04 - 2014-12-08 12:09 - 00000000 ____D () C:\Users\Igor\Downloads\Doom 3 BFG Ultimate Edition
2014-12-07 07:06 - 2014-12-07 07:07 - 24287084 _____ () C:\Users\Igor\Documents\dafuq.mp4
2014-12-06 08:06 - 2014-12-06 08:06 - 00000000 ____D () C:\Users\Igor\AppData\Local\Skyrim
2014-12-04 12:24 - 2014-12-04 12:24 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\RenPy
2014-12-04 12:24 - 2014-12-04 12:24 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\AMD
2014-12-03 00:20 - 2014-12-03 00:21 - 00160064 _____ () C:\Users\Igor\Documents\Welcome to  the  Machine.mp3.sfk
2014-12-03 00:16 - 2014-12-03 00:16 - 00154792 _____ () C:\Users\Igor\Documents\Pink Floyd - Welcome To The Machine.mp3.sfk
2014-12-03 00:16 - 2014-12-03 00:16 - 00074000 _____ () C:\Users\Igor\Documents\Skrillex - Ruffneck - FULL Flex [Music Video].mp3.sfk
2014-12-02 09:42 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-12-02 09:42 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-12-02 09:42 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-12-02 09:42 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-12-02 09:42 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-12-02 09:42 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-02 09:42 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-12-02 09:42 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-12-02 09:42 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-12-02 09:42 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-12-02 09:42 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-12-02 09:42 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-12-02 09:42 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-12-02 09:42 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-12-02 09:42 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-12-02 09:42 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-12-02 09:42 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-12-02 09:42 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-12-02 09:42 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-12-02 09:42 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-12-02 09:41 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-12-02 09:41 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-12-02 09:41 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-12-02 09:41 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-12-02 09:41 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-12-02 09:41 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-12-02 09:41 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-12-02 09:41 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-12-02 09:41 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-12-02 09:41 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-12-02 09:41 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-12-02 09:41 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-12-02 09:41 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-12-02 09:41 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-12-02 09:41 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-12-02 09:41 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-12-02 09:41 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-12-02 09:41 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-12-02 09:41 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-12-02 09:41 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-12-02 09:41 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-12-02 09:41 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-12-02 09:41 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-12-02 09:41 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-12-02 09:41 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-12-02 09:41 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-12-02 09:41 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-12-02 09:41 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-12-02 09:41 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-12-02 09:41 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-12-02 09:41 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-12-02 09:41 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-12-02 09:41 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-12-02 09:41 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-12-02 09:41 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-12-02 09:41 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-12-02 09:41 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-12-02 09:41 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-12-02 09:41 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-12-02 09:41 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-12-02 09:41 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-12-02 09:41 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-12-02 09:41 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-12-02 09:41 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-12-02 09:41 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-12-02 09:41 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-12-02 09:41 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-12-02 09:41 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-12-02 09:41 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-12-02 09:41 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-12-02 09:41 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-12-02 09:41 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-12-02 09:41 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-12-02 09:41 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-12-02 09:41 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-12-02 09:41 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-12-02 09:41 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-12-02 09:41 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-12-02 09:41 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-12-02 09:41 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-12-02 09:41 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-12-02 09:41 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-12-02 09:41 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-12-02 09:41 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-12-02 09:41 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-12-02 09:41 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-12-02 09:41 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-12-02 09:41 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-12-02 09:41 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-12-02 09:41 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-12-02 09:41 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-12-02 09:41 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-12-02 09:41 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-12-02 09:41 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-12-02 09:41 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-12-02 09:41 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-12-02 09:41 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-12-02 09:41 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-12-02 09:41 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-12-02 09:41 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-12-02 09:41 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-12-02 09:41 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-12-02 09:41 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-12-02 09:41 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-12-02 09:41 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-12-02 09:41 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-12-02 09:41 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-12-02 09:41 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-12-02 09:41 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-12-02 09:41 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-12-02 09:41 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-12-02 09:41 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-12-02 09:41 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-12-02 09:41 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-11-28 04:43 - 2014-11-28 04:43 - 00000436 _____ () C:\Users\Igor\Documents\df.txt
2014-11-18 12:31 - 2014-11-10 21:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 12:31 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 12:31 - 2014-11-10 20:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 12:31 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-15 14:14 - 2014-11-15 14:14 - 00000224 _____ () C:\Users\Igor\Documents\Jib.mp3.sfk
2014-11-15 05:42 - 2014-11-15 05:42 - 00001752 _____ () C:\Users\Igor\Documents\End of Days.mp3.sfk
2014-11-15 05:40 - 2014-11-15 05:40 - 00001240 _____ () C:\Users\Igor\Documents\Madness.mp3.sfk
2014-11-15 05:37 - 2014-11-15 05:43 - 00045192 _____ () C:\Users\Igor\Documents\Yogg Saron Audio.mp3.sfk
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-15 08:59 - 2014-08-11 22:42 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-15 08:58 - 2014-10-24 13:20 - 00003134 _____ () C:\Windows\System32\Tasks\FRAPS
2014-12-15 08:58 - 2014-10-24 13:20 - 00000000 ____D () C:\Fraps
2014-12-15 08:58 - 2014-08-11 22:42 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-15 08:57 - 2014-09-23 19:20 - 00248176 _____ () C:\Windows\runSW.log
2014-12-15 08:57 - 2014-09-15 14:44 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-12-15 08:57 - 2014-08-12 08:57 - 01708552 _____ () C:\Windows\WindowsUpdate.log
2014-12-15 08:57 - 2010-11-20 21:47 - 00046622 _____ () C:\Windows\PFRO.log
2014-12-15 08:57 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-15 08:57 - 2009-07-13 22:51 - 00048983 _____ () C:\Windows\setupact.log
2014-12-15 08:57 - 2009-07-13 22:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-15 08:57 - 2009-07-13 22:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-14 05:52 - 2014-08-11 23:48 - 00000000 ____D () C:\Users\Igor\AppData\Local\Battle.net
2014-12-14 04:52 - 2014-08-30 03:47 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1626927325-613763113-2581705868-1000UA.job
2014-12-14 04:52 - 2014-08-30 03:47 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1626927325-613763113-2581705868-1000Core.job
2014-12-13 18:51 - 2014-08-11 22:44 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\Skype
2014-12-13 12:59 - 2014-08-12 02:42 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-13 12:23 - 2014-08-12 21:22 - 00366659 _____ () C:\Windows\DirectX.log
2014-12-12 01:57 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-12-12 00:03 - 2014-08-11 22:42 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-11 13:27 - 2014-08-13 10:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-11 05:54 - 2014-09-12 03:13 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\vlc
2014-12-10 17:12 - 2014-08-11 23:48 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-10 06:06 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-09 21:26 - 2014-10-14 18:45 - 00000000 ____D () C:\Users\Igor\AppData\Local\._LiveCode_
2014-12-09 05:57 - 2009-07-13 20:34 - 00000505 _____ () C:\Windows\win.ini
2014-12-08 21:52 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-12-08 14:34 - 2014-08-27 19:48 - 00000000 ____D () C:\Users\Igor\AppData\Roaming\uTorrent
2014-12-07 16:03 - 2014-10-28 14:00 - 00000000 ____D () C:\Program Files (x86)\Glyph
2014-12-06 08:04 - 2014-08-15 01:59 - 00000000 ____D () C:\Users\Igor\Documents\my games
2014-12-06 08:04 - 2009-07-13 23:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-05 19:38 - 2009-07-13 23:13 - 00781694 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-04 05:50 - 2014-09-14 14:37 - 00000000 ____D () C:\Users\Igor\AppData\Local\dxhr
2014-12-03 15:54 - 2014-08-11 22:25 - 00000000 ____D () C:\World of Warcraft
2014-12-03 04:54 - 2014-08-11 18:07 - 00000000 ____D () C:\Users\Igor
2014-12-02 09:06 - 2014-09-15 05:03 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft Public Test
2014-11-21 13:10 - 2014-08-13 10:13 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-19 03:36 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-15 14:14 - 2014-08-30 15:57 - 00000000 ____D () C:\Users\Igor\Documents\rt
2014-11-15 13:21 - 2014-08-30 23:08 - 00000000 ____D () C:\Users\Igor\Documents\New Folder (2)
2014-11-15 13:17 - 2014-09-15 05:23 - 00002584 _____ () C:\Users\Igor\Documents\Talk dirty ringtone.mp3.sfk
2014-11-15 13:15 - 2014-08-30 22:12 - 00000000 ____D () C:\Users\Igor\Downloads\New folder
 
Some content of TEMP:
====================
C:\Users\Igor\AppData\Local\Temp\bitool.dll
C:\Users\Igor\AppData\Local\Temp\NGMDll.dll
C:\Users\Igor\AppData\Local\Temp\NGMResource.dll
C:\Users\Igor\AppData\Local\Temp\Quarantine.exe
C:\Users\Igor\AppData\Local\Temp\raptrpatch.exe
C:\Users\Igor\AppData\Local\Temp\raptr_stub.exe
C:\Users\Igor\AppData\Local\Temp\sqlite3.dll
C:\Users\Igor\AppData\Local\Temp\Syndicate.exe
C:\Users\Igor\AppData\Local\Temp\tmpC3F.exe
C:\Users\Igor\AppData\Local\Temp\unicows.dll
C:\Users\Igor\AppData\Local\Temp\_is96A4.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-06 20:50
 
==================== End Of Log ============================
 
were the others ok?

#6 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 15 December 2014 - 02:00 PM

Hello,
 

Include both FRST.txt AND Addition.txt in your next reply. 


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

#7 Deathtomalware

Deathtomalware

    New Member

  • Authentic Member
  • Pip
  • 13 posts

Posted 16 December 2014 - 02:49 AM

sorry, forgot to check the addition box. 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2014 01
Ran by Igor at 2014-12-16 02:47:26
Running from C:\Users\Igor\Documents
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.10.0.0 - AppEx Networks)
Analogue: A Hate Story (HKLM-x32\...\Steam App 209370) (Version:  - Love Conquers All Games)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-1626927325-613763113-2581705868-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 2.4.0.0280 - Disc Soft Ltd)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Doom 3 BFG Edition (Crack) 1.00 (HKLM-x32\...\Doom 3 BFG Edition (Crack) 1.00) (Version:  - )
Doom 3 BFG Edition (HKLM-x32\...\Doom 3 BFG Edition_is1) (Version:  - )
DragonNest (HKLM-x32\...\DragonNest) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Linksys Dual Band Wireless-AC USB Adapter (HKLM-x32\...\{C094F1A2-5EDF-4550-AE67-5FC1F4D2186F}) (Version: 1.0.0.17 - Linksys LLC)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PROTOTYPE 2 (HKLM-x32\...\Steam App 115320) (Version:  - Radical Entertainment)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.6 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
RIFT (HKLM-x32\...\Glyph RIFT) (Version:  - Trion Worlds, Inc.)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sony Noise Reduction Plug-In 2.0e (HKLM-x32\...\{D533C9D4-ED96-4191-B9C3-279C0DD6BABA}) (Version: 2.0.444 - Sony)
Sony Sound Forge 9.0 (HKLM-x32\...\{6842DCCB-2840-4E46-8AF3-BEA9CFF3455B}) (Version: 9.0.297 - Sony)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version:  - Yager)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Syndicate™ (HKLM-x32\...\{FA602928-EB59-449c-B9F7-1FBE1291B63D}) (Version: 1.0.0.1 - Electronic Arts)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version:  - Blizzard Entertainment)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1626927325-613763113-2581705868-1000_Classes\CLSID\{de00dffc-8098-4f8a-a084-cc8bc8b29102}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
02-12-2014 06:35:24 Windows Update
02-12-2014 15:40:38 Installed DirectX
05-12-2014 07:11:58 Windows Update
06-12-2014 14:04:38 Installed DirectX
06-12-2014 14:07:12 Installed DirectX
09-12-2014 10:37:20 Windows Update
10-12-2014 09:00:19 Windows Update
13-12-2014 18:21:32 Installed DirectX
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0B44A051-C92E-41DB-B1CC-CDBA3FA2F248} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1626927325-613763113-2581705868-1000UA => C:\Users\Igor\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-30] (Facebook Inc.)
Task: {129EA357-34A1-4FC8-817F-9F34C325A3E1} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2011-07-31] (Beepa P/L)
Task: {3C995624-D3EE-4BA3-8DE7-129568C4083C} - System32\Tasks\{EBF526C0-023F-4FA3-96F5-ADA22E93E092} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {471668AD-FA56-467C-99D8-6B70655D6862} - System32\Tasks\avastBCLRestartS-1-5-21-1626927325-613763113-2581705868-1000 => Chrome.exe 
Task: {49F52D30-FFAF-4274-831E-BD74B90D59A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-11] (Google Inc.)
Task: {97F8409E-E9BD-46A5-8CD5-2EECEE810DBF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-11] (Google Inc.)
Task: {A02C5F26-07B0-4C3C-B51B-AB4F5153E0E1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1626927325-613763113-2581705868-1000Core => C:\Users\Igor\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-30] (Facebook Inc.)
Task: {A6AC5622-9F4D-4EF3-8922-8AD782BADDCB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A76A97A3-7CF6-4AF8-A17B-774CA1B89933} - System32\Tasks\{671BF237-F7A5-4513-BB2A-70ECB3A9D44B} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {F2B5A34A-308E-4993-B473-8C1F57062672} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-13] (AVAST Software)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1626927325-613763113-2581705868-1000Core.job => C:\Users\Igor\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1626927325-613763113-2581705868-1000UA.job => C:\Users\Igor\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-09-15 17:13 - 2014-09-15 17:13 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-09-15 17:09 - 2014-09-15 17:09 - 00112640 _____ () C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
2014-09-23 19:19 - 2013-05-23 14:33 - 00044104 _____ () C:\Windows\runSW.exe
2014-09-23 19:19 - 2013-07-22 17:53 - 00312144 _____ () C:\Program Files (x86)\Linksys WUSB6300\WifiSvc.exe
2014-09-15 17:13 - 2014-09-15 17:13 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-08-13 10:13 - 2014-08-13 10:13 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-12-15 13:05 - 2014-12-15 13:05 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121502\algo.dll
2014-12-16 02:15 - 2014-12-16 02:15 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121600\algo.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-23 19:19 - 2013-07-19 16:01 - 00446464 _____ () C:\Program Files (x86)\Linksys WUSB6300\WifiLib.dll
2014-08-13 10:13 - 2014-08-13 10:13 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00237352 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2014-12-10 12:27 - 2014-12-10 12:27 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\libcef.dll
2014-12-10 12:27 - 2014-12-10 12:27 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\libGLESv2.dll
2014-12-10 12:27 - 2014-12-10 12:27 - 00907776 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\platforms\qwindows.dll
2014-12-10 12:27 - 2014-12-10 12:27 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\libEGL.dll
2014-12-10 12:27 - 2014-12-10 12:27 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qgif.dll
2014-12-10 12:27 - 2014-12-10 12:27 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qico.dll
2014-12-10 12:27 - 2014-12-10 12:27 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qjpeg.dll
2014-12-10 12:27 - 2014-12-10 12:27 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qmng.dll
2014-12-10 12:27 - 2014-12-10 12:27 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qsvg.dll
2014-12-10 12:27 - 2014-12-10 12:27 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qtiff.dll
2014-12-10 12:27 - 2014-12-10 12:27 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\qml\QtQuick.2\qtquick2plugin.dll
2014-12-10 12:27 - 2014-12-10 12:27 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2014-12-10 12:27 - 2014-12-10 12:27 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5383\qml\QtQml\Models.2\modelsplugin.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-1626927325-613763113-2581705868-500 - Administrator - Disabled)
Guest (S-1-5-21-1626927325-613763113-2581705868-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1626927325-613763113-2581705868-1003 - Limited - Enabled)
Igor (S-1-5-21-1626927325-613763113-2581705868-1000 - Administrator - Enabled) => C:\Users\Igor
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/15/2014 10:14:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/15/2014 08:58:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/15/2014 08:50:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (12/15/2014 10:12:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.3 service failed to start due to the following error: 
%%2
 
Error: (12/15/2014 08:57:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.3 service failed to start due to the following error: 
%%2
 
Error: (12/15/2014 08:48:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.3 service failed to start due to the following error: 
%%2
 
Error: (12/14/2014 05:52:34 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
 
Microsoft Office Sessions:
=========================
Error: (12/15/2014 10:14:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/15/2014 08:58:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/15/2014 08:50:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Processor: AMD A6-5400K APU with Radeon™ HD Graphics 
Percentage of memory in use: 36%
Total physical RAM: 4039.42 MB
Available physical RAM: 2582.07 MB
Total Pagefile: 8077.02 MB
Available Pagefile: 5320.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.54 GB) (Free:200.75 GB) NTFS
Drive e: (Doom 3 BFG Ultimate) (CDROM) (Total:4.04 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

#8 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 16 December 2014 - 12:41 PM

Hello, 
 
Please run the following programmes. 
 
STEP 1
XrDFflh.png CKScanner

  • Please download CKScanner and save the file to your Desktop.
  • Right-Click CKScanner.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Search For Files.
  • When the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved.
  • Please run this programme only once.
  • A log (CKFiles.txt) will be created on your DesktopCopy the contents of the log and paste in your next reply.
     

STEP 2
DmqaAZx.png MGADiag

  • Please download MGADiag and save the file to your Desktop.
  • Double-click the MGADiag icon on your Desktop.
  • Click continue.png.
  • Click copy.png.
  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Click Edit followed by Paste in Notepad.
  • Copy the contents of the log and paste in your next reply.
     

======================================================

STEP 3
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • CKFiles.txt
  • MGADiag log

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

#9 Deathtomalware

Deathtomalware

    New Member

  • Authentic Member
  • Pip
  • 13 posts

Posted 18 December 2014 - 01:43 PM

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\steam\steamapps\common\castlecrashers\data\sounds\sound_frost_crackle.xma
c:\users\igor\documents\fable\crack\fable cd key.txt
c:\users\igor\documents\fable\crack\fable.exe
c:\users\igor\documents\new folder (2)\new folder\sony soundforge 8 inc keygen\thumbs.db
scanner sequence 3.CA.11.HGNAGZ
 ----- EOF ----- 
 
 
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
 
Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-GMJQF-MYBK4-XJ2QD
Windows Product Key Hash: vKQM77NsMqDFci/7z6Vxj1tW0fE=
Windows Product ID: 00371-220-5011194-06959
Windows Product ID Type: 5
Windows License Type: Retail
Windows OS version: 6.1.7601.2.00010100.1.0.048
ID: {04B15BAD-018F-4F4C-ACA7-555832BBC6E3}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Professional
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.140706-1506
TTS Error: 
Validation Diagnostic: 
Resolution Status: N/A
 
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
 
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
 
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
 
OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
 
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
 
File Scan Data-->
 
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{04B15BAD-018F-4F4C-ACA7-555832BBC6E3}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-XJ2QD</PKey><PID>00371-220-5011194-06959</PID><PIDType>5</PIDType><SID>S-1-5-21-1626927325-613763113-2581705868</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>1202</Version><SMBIOSVersion major="2" minor="7"/><Date>20131230000000.000000+000</Date></BIOS><HWID>3D753307018400F2</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  
 
Spsys.log Content: 0x80070002
 
Licensing Data-->
Software licensing service version: 6.1.7601.17514
 
Name: Windows® 7, Professional edition
Description: Windows Operating System - Windows® 7, RETAIL channel
Activation ID: c1e88de3-96c4-4563-ad7d-775f65b1e670
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00371-00212-220-501119-00-1033-7601.0000-2242014
Installation ID: 011831518125322152336286863590394763196256532903513576
Processor Certificate URL: http://go.microsoft....k/?LinkID=88338
Product Key Certificate URL: http://go.microsoft....k/?LinkID=88340
Partial Product Key: XJ2QD
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 12/18/2014 1:40:18 PM
 
Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: N/A
HealthStatus: 0x0000000000000000
Event Time Stamp: N/A
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
 
 
HWID Data-->
HWID Hash Current: MgAAAAIAAQABAAEAAQADAAAAAQABAAEA6GHQqEWq0JyqR2jC9EJExJ7UkB6pnEa9hls=
 
OEM Activation 1.0 Data-->
N/A
 
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information: 
  ACPI Table Name OEMID Value OEMTableID Value
  APIC ALASKA A M I
  FACP ALASKA A M I
  HPET ALASKA A M I
  MCFG ALASKA A M I
  FPDT ALASKA A M I
  SSDT AMD BANTRY  
  BGRT ALASKA A M I
  SSDT AMD BANTRY  
 
 

#10 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 19 December 2014 - 12:13 AM

There is evidence of cracked software on your computer. If you wish to receive assistance at this forum, all cracked software must be removed immediately. This includes Doom 3 BFG Edition, Fable, Sony Sound Forge and any other cracked software.
 

goGMWSt.gifCRACKED SOFTWARE WARNING

------------------------------

One or more of the identified infections is a result of downloading cracked/pirated/keygen software. Participating in the use of such software is a security risk; your infected computer is evidence of this. Were you aware your machine has cracked software installed? We do not approve of nor support illegal software.

Malware authors promote and release cracked software to spread their infections. I strongly recommend you refrain from participating in this activity; your computer will be reinfected otherwise. Simply visiting a cracked software site can result in infection from exploitation of vulnerabilities in your installed software.

Continuing in this practice will ensure your computer is continuously susceptible to malware infections, remote attacks, exposure of personal information, and identity theft. In some instances an infection may cause so much damage to your system that recovery is not possible and the only option is to reformat your Hard Drive and reinstall your Operating System. Please refer to the following articles for more information.

I am prepared to continue providing assistance as long as you agree to remove all traces of cracked software immediately.

Once all cracked software has been removed, please rerun CKScanner once and post the log. 
I also need to know the make and model of your computer (or if the machine was hand-built).


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

#11 Deathtomalware

Deathtomalware

    New Member

  • Authentic Member
  • Pip
  • 13 posts

Posted 20 December 2014 - 05:41 PM

O.o i was not even aware because they were not in the program list.
and my computer is hand-built.
 
CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\steam\steamapps\common\castlecrashers\data\sounds\sound_frost_crackle.xma
scanner sequence 3.AA.11.XUABG0
 ----- EOF ----- 

#12 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 20 December 2014 - 10:47 PM

This service is provided to you, without charge, by people who volunteer their own time to help.

There is an implied trust that you will respect that donated time, and provide the information necessary to bring the dialog to a successful conclusion.

If false information is provided, that trust is violated, and we will not provide any further help.

 

There is indication that your CKScanner log has been tampered with. 

As such, this topic will be closed, and assistance no longer provided. 


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·