Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Hello, i think im infected [Solved]


  • This topic is locked This topic is locked

#1
Detected

Detected

    New Member

  • Member
  • Pip
  • 5 posts

Hello geektogo. Today i was sitting on a website called csgolounge.com where you can trade cs:go stuff. i was added ingame by a guy from there, and he whispered me:"Hello i cant add you on my main account can you please add me on here" and he linked: http://stearncornmun...het/login/home/ What happend was i typed in my login details, and i clicked login. It suddendly started downloading a file called steamguard.exe. Now i was abit worried, and i deleted the file. I later looked up on a guide on hackforums for rat-keylog removing. and i was told to download wireshark and sandboxie, then i took the program out of the trash, and opened it with sandboxie, afterwards i went onto wireshark and filtered dns where i found a dns flood (or what it was called) From that website, i pinged the addres, and i got response. And that was when i was abit scared. 

i recently build my new computer so i didnt  have any anti malware software until now. i have scanned my computer with malwarebytes anti malware and malwarebytes anti rootkit.

And it have since then said almost every 10 sec "blocked connection from that same website, so i think that it's still on my computer.

 

Summary:

windows 7 home premium 64bit

The program was called: steamguard.exe

and i scanned my computer with malwarebytes anti malware and malwarebytes anti rootkit and it didnt detect anything at the moment being.

But then suddendly around every 10 sec i got the message "blocked connection from that website (the one i linked)

 

my otl logs: xiOTL logfile created on: 14-07-2014 02:07:41 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Deca Gamer\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy
 
4,00 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 25,41% Memory free
7,99 Gb Paging File | 3,92 Gb Available in Paging File | 49,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 327,97 Gb Free Space | 70,43% Space Free | Partition Type: NTFS
 
Computer Name: DECAGAMER-PC | User Name: Deca Gamer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014-07-14 02:06:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Deca Gamer\Downloads\OTL.exe
PRC - [2014-07-12 02:53:24 | 000,542,912 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014-07-12 02:53:22 | 001,753,280 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2014-07-12 02:53:22 | 000,095,936 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\GameOverlayUI.exe
PRC - [2014-07-11 23:39:49 | 009,786,416 | ---- | M] (Blizzard Entertainment) -- C:\Program Files (x86)\Battle.net\Battle.net.4826\Battle.net.exe
PRC - [2014-07-10 17:02:46 | 009,246,256 | ---- | M] (Blizzard Entertainment) -- C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
PRC - [2014-07-05 13:54:26 | 000,103,424 | ---- | M] () -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
PRC - [2014-06-05 15:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014-06-04 09:50:12 | 000,360,592 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
PRC - [2014-06-04 09:48:24 | 000,382,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
PRC - [2014-05-30 01:35:33 | 002,352,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014-05-30 01:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014-05-20 01:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014-05-12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014-05-08 15:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-11-23 10:04:26 | 006,787,072 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtWlan.exe
PRC - [2012-05-10 10:38:06 | 000,036,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtlService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014-07-13 09:00:22 | 011,667,968 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\client.dll
MOD - [2014-07-13 09:00:22 | 009,688,064 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\server.dll
MOD - [2014-07-13 09:00:22 | 001,655,296 | ---- | M] () -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\shaderapidx9.dll
MOD - [2014-07-13 09:00:21 | 005,831,680 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\engine.dll
MOD - [2014-07-13 09:00:21 | 003,185,664 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\scaleformui.dll
MOD - [2014-07-13 09:00:21 | 001,338,880 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vguimatsurface.dll
MOD - [2014-07-13 09:00:21 | 001,239,552 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
MOD - [2014-07-13 09:00:21 | 000,969,216 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\serverbrowser.dll
MOD - [2014-07-13 09:00:21 | 000,593,408 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\matchmaking.dll
MOD - [2014-07-13 09:00:21 | 000,397,312 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vgui2.dll
MOD - [2014-07-13 09:00:21 | 000,390,144 | ---- | M] () -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\filesystem_stdio.dll
MOD - [2014-07-13 09:00:21 | 000,164,864 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\soundemittersystem.dll
MOD - [2014-07-13 09:00:21 | 000,134,656 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\valve_avi.dll
MOD - [2014-07-13 09:00:20 | 000,608,768 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\studiorender.dll
MOD - [2014-07-13 09:00:20 | 000,353,792 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\datacache.dll
MOD - [2014-07-13 09:00:20 | 000,198,144 | ---- | M] () -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\launcher.dll
MOD - [2014-07-13 09:00:20 | 000,155,648 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\inputsystem.dll
MOD - [2014-07-13 09:00:20 | 000,143,872 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\localize.dll
MOD - [2014-07-12 02:53:40 | 002,139,328 | ---- | M] () -- C:\Program Files (x86)\Steam\video.dll
MOD - [2014-07-12 02:53:26 | 001,116,672 | ---- | M] () -- C:\Program Files (x86)\Steam\libavcodec-55.dll
MOD - [2014-07-12 02:53:26 | 000,438,784 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-53.dll
MOD - [2014-07-12 02:53:26 | 000,399,360 | ---- | M] () -- C:\Program Files (x86)\Steam\libavformat-55.dll
MOD - [2014-07-12 02:53:26 | 000,331,264 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2014-07-12 02:53:24 | 001,116,864 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2014-07-11 23:39:47 | 026,065,408 | ---- | M] () -- C:\Program Files (x86)\Battle.net\Battle.net.4826\libcef.dll
MOD - [2014-07-11 23:39:47 | 000,739,840 | ---- | M] () -- C:\Program Files (x86)\Battle.net\Battle.net.4826\libglesv2.dll
MOD - [2014-07-11 23:39:47 | 000,130,048 | ---- | M] () -- C:\Program Files (x86)\Battle.net\Battle.net.4826\libegl.dll
MOD - [2014-07-05 13:54:27 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\vstdlib.dll
MOD - [2014-07-05 13:54:26 | 000,231,424 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dbg.dll
MOD - [2014-07-05 13:54:26 | 000,103,424 | ---- | M] () -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
MOD - [2014-07-05 13:54:25 | 001,174,528 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vphysics.dll
MOD - [2014-07-05 13:54:25 | 000,985,600 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dx9.dll
MOD - [2014-07-05 13:54:25 | 000,707,584 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vscript.dll
MOD - [2014-07-05 13:54:23 | 000,094,720 | ---- | M] () -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\scenefilecache.dll
MOD - [2014-07-05 13:54:22 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\libcef.dll
MOD - [2014-07-05 13:54:19 | 000,060,416 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\msseax.flt
MOD - [2014-07-05 13:54:08 | 000,068,096 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vaudio_miles.dll
MOD - [2014-07-05 13:54:07 | 000,153,600 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssvoice.asi
MOD - [2014-07-05 13:54:06 | 000,013,312 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssds3d.flt
MOD - [2014-07-05 13:54:03 | 000,305,664 | ---- | M] () -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
MOD - [2014-07-05 13:54:02 | 000,095,744 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssmp3.asi
MOD - [2014-07-05 13:53:50 | 001,059,840 | ---- | M] () -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\chromehtml.dll
MOD - [2014-07-05 13:53:50 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\avutil-51.dll
MOD - [2014-07-05 13:53:48 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\avcodec-53.dll
MOD - [2014-07-05 13:53:48 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\avformat-53.dll
MOD - [2014-06-27 00:40:28 | 000,764,416 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014-06-05 15:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
MOD - [2014-06-05 15:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014-06-05 15:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014-06-05 15:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014-06-05 15:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2014-05-02 01:35:22 | 020,628,160 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014-04-29 02:37:22 | 000,519,168 | ---- | M] () -- C:\Program Files (x86)\Steam\libswscale-2.dll
MOD - [2014-01-03 13:03:39 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
MOD - [2014-01-03 13:03:38 | 001,425,920 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
MOD - [2014-01-03 13:03:38 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-52.dll
MOD - [2014-01-03 13:03:17 | 000,336,896 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
MOD - [2014-01-03 13:03:16 | 007,816,192 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014-06-19 02:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2012-08-06 12:24:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010-04-06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2014-07-12 02:53:24 | 000,542,912 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014-07-07 18:47:16 | 002,684,224 | ---- | M] (Client Connect LTD) [Auto | Running] -- C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2014-07-06 14:34:29 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-06-04 09:50:12 | 000,360,592 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe -- (MbaeSvc)
SRV - [2014-05-30 01:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014-05-30 01:28:54 | 021,055,432 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programmer\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2014-05-29 20:33:02 | 000,174,088 | ---- | M] (Sandboxie Holdings, LLC) [Auto | Running] -- C:\Programmer\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2014-05-20 01:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014-05-08 15:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014-04-03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-09-11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013-03-01 03:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2012-05-10 10:38:06 | 000,036,864 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtlService.exe -- (Realtek11nCU)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014-07-14 01:08:50 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014-07-14 00:08:41 | 000,079,064 | ---- | M] (Malwarebytes Corporation) [Kernel | Boot | Unknown] -- C:\Windows\SysNative\drivers\ncka.sys -- (wuogk)
DRV:64bit: - [2014-06-11 10:57:41 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014-05-12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014-05-12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014-03-31 18:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013-03-01 03:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2012-10-25 09:01:20 | 000,022,680 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2012-07-19 11:14:28 | 000,110,744 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2012-04-11 03:40:58 | 000,082,560 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012-04-11 03:40:58 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012-03-30 16:49:08 | 000,056,448 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-10 10:36:44 | 000,986,728 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtwlanu.sys -- (RTL8192cu)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-02-18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-05-05 16:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2014-06-04 10:24:54 | 000,062,392 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys -- (ESProtectionDriver)
DRV - [2014-05-30 01:28:53 | 000,020,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Programmer\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV - [2014-05-29 20:33:16 | 000,185,352 | ---- | M] (Sandboxie Holdings, LLC) [Kernel | On_Demand | Running] -- C:\Programmer\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2012-03-05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programmer\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://dk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 0E 4A CC 2C 98 CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Error reading preferences file
CHR - Extension: Google Dokumenter = C:\Users\Deca Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drev = C:\Users\Deca Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Deca Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-søgning = C:\Users\Deca Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Deca Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.7_0\
CHR - Extension: Alt-O-Magic Identifizer = C:\Users\Deca Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhcnifflbjndominljlejmeheiiolfdp\1.6.4_0\
CHR - Extension: Google Wallet = C:\Users\Deca Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Deca Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.234.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF1F95D5-BC77-4B50-9E63-900457091A4F}: DhcpNameServer = 192.168.234.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCD53EDE-D885-4BD0-B011-9DC6EA0A3C4B}: DhcpNameServer = 193.162.153.164 194.239.134.83
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{381fb281-03c4-11e4-984c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{381fb281-03c4-11e4-984c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
O33 - MountPoints2\{df50266f-041d-11e4-a3d0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{df50266f-041d-11e4-a3d0-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014-07-14 01:18:12 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Wireshark
[2014-07-14 01:15:12 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014-07-14 00:41:59 | 000,000,000 | R--D | C] -- C:\Sandbox
[2014-07-14 00:38:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2014-07-14 00:38:32 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2014-07-14 00:38:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2014-07-14 00:38:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2014-07-14 00:37:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014-07-14 00:37:42 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark
[2014-07-14 00:08:41 | 000,079,064 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\ncka.sys
[2014-07-14 00:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014-07-14 00:07:17 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\Desktop\mbar
[2014-07-14 00:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
[2014-07-14 00:03:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes Anti-Exploit
[2014-07-14 00:03:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Exploit
[2014-07-13 23:58:41 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014-07-13 23:58:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014-07-13 23:58:25 | 000,092,888 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014-07-13 23:58:25 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014-07-13 23:58:25 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014-07-13 23:58:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014-07-13 23:58:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014-07-13 23:57:59 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Programs
[2014-07-12 21:32:35 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\Desktop\optagelser
[2014-07-12 12:42:14 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\ElevatedDiagnostics
[2014-07-08 01:11:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2014-07-08 01:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2014-07-08 01:10:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2014-07-07 15:02:55 | 000,000,000 | ---D | C] -- C:\Riot Games
[2014-07-07 15:02:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
[2014-07-07 14:59:58 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\PMB Files
[2014-07-07 14:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2014-07-07 14:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2014-07-07 14:59:31 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Riot Games
[2014-07-06 22:52:28 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Sony Creative Software Inc
[2014-07-06 18:31:15 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Publish Providers
[2014-07-06 18:28:36 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Sony
[2014-07-06 18:28:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2014-07-06 18:27:40 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Sony
[2014-07-06 18:12:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2014-07-06 18:12:42 | 000,000,000 | ---D | C] -- C:\Fraps
[2014-07-06 18:12:33 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\WinRAR
[2014-07-06 18:12:22 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014-07-06 18:12:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014-07-06 18:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014-07-06 18:11:20 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\SearchProtect
[2014-07-06 18:11:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2014-07-06 18:10:16 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\BitTorrent
[2014-07-06 14:37:52 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\SplitMediaLabs
[2014-07-06 14:33:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014-07-06 14:33:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014-07-06 13:40:25 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2014-07-06 13:40:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2014-07-06 13:40:10 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs
[2014-07-06 13:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitmediaLabs
[2014-07-06 13:39:02 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\SplitmediaLabs
[2014-07-06 00:54:58 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\OBS
[2014-07-06 00:54:56 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
[2014-07-06 00:54:54 | 000,000,000 | ---D | C] -- C:\Program Files\OBS
[2014-07-06 00:54:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OBS
[2014-07-05 20:02:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014-07-05 19:09:41 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Skype
[2014-07-05 19:09:39 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Skype
[2014-07-05 19:09:32 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014-07-05 19:09:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014-07-05 19:09:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014-07-05 19:09:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014-07-05 17:52:01 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014-07-05 17:14:54 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014-07-05 15:53:30 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\Heaven
[2014-07-05 15:53:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unigine
[2014-07-05 13:46:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014-07-05 13:46:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2014-07-05 13:46:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2014-07-05 13:19:55 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\Desktop\drivers
[2014-07-05 13:19:43 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\Desktop\Wow
[2014-07-05 13:11:13 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Curse Advertising
[2014-07-05 13:11:00 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
[2014-07-05 13:10:12 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Apps
[2014-07-05 13:10:11 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Deployment
[2014-07-05 13:06:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2014-07-05 13:05:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2014-07-05 13:04:14 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\NVIDIA
[2014-07-05 13:04:12 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Blizzard Entertainment
[2014-07-05 13:04:06 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Battle.net
[2014-07-05 13:04:06 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Battle.net
[2014-07-05 13:03:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2014-07-05 13:03:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2014-07-05 13:03:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2014-07-05 13:03:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net
[2014-07-05 13:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2014-07-05 12:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2014-07-05 12:54:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014-07-05 12:54:30 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\TS3Client
[2014-07-05 12:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2014-07-05 12:54:26 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2014-07-05 12:41:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2014-07-05 12:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
[2014-07-05 12:40:24 | 000,380,928 | ---- | C] (Realtek) -- C:\Windows\RtlUI2.exe
[2014-07-05 12:40:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2014-07-05 12:33:16 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Diagnostics
[2014-07-05 12:27:01 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\AMD
[2014-07-05 12:26:54 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\ATI
[2014-07-05 12:26:54 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\ATI
[2014-07-05 12:26:54 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014-07-05 12:24:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014-07-05 12:24:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2014-07-05 10:51:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014-07-05 10:48:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2014-07-05 10:48:01 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014-07-05 10:47:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014-07-05 10:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014-07-05 10:47:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014-07-05 10:47:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014-07-05 10:47:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014-07-05 10:47:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014-07-05 10:47:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2014-07-05 10:47:12 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Macromedia
[2014-07-05 10:47:12 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Adobe
[2014-07-05 10:47:12 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Adobe
[2014-07-05 10:47:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014-07-05 10:46:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014-07-05 10:46:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014-07-05 10:38:56 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\NVIDIA Corporation
[2014-07-05 10:35:16 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\NVIDIA
[2014-07-05 10:34:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014-07-05 10:34:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014-07-05 10:32:34 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014-07-05 10:32:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014-07-05 10:29:14 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014-07-05 10:19:38 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2014-07-05 10:19:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2014-07-05 10:19:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2014-07-05 10:19:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014-07-05 10:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2014-07-05 10:18:34 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2014-07-05 10:18:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014-07-05 10:18:22 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2014-07-05 10:18:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2014-07-05 10:18:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2014-07-05 10:18:10 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014-07-05 10:17:27 | 002,080,120 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2014-07-05 10:17:23 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2014-07-05 10:17:23 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2014-07-05 10:17:22 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2014-07-05 10:17:21 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2014-07-05 10:17:10 | 000,110,744 | ---- | C] (Qualcomm Atheros Co., Ltd.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2014-07-05 10:16:44 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2014-07-05 10:16:43 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2014-07-05 10:16:43 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2014-07-05 10:16:43 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2014-07-05 10:16:41 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2014-07-05 10:16:41 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2014-07-05 10:16:34 | 002,028,920 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2014-07-05 10:16:33 | 000,869,752 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2014-07-05 10:16:32 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2014-07-05 10:16:23 | 002,703,456 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2014-07-05 10:16:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2014-07-05 10:16:11 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2014-07-05 10:16:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2014-07-05 10:16:04 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014-07-05 10:15:57 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2014-07-05 10:15:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014-07-05 10:13:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014-07-05 10:12:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014-07-05 10:12:11 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014-07-05 10:12:08 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Google
[2014-07-05 10:12:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014-07-05 00:42:51 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014-07-04 23:54:40 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014-07-04 23:43:58 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014-07-04 23:43:26 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014-07-04 18:09:50 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Microsoft Games
[2014-07-04 17:56:00 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014-07-04 17:56:00 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Searches
[2014-07-04 17:56:00 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014-07-04 17:56:00 | 000,000,000 | -H-D | C] -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014-07-04 17:55:54 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Identities
[2014-07-04 17:55:52 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Contacts
[2014-07-04 17:55:50 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\VirtualStore
[2014-07-04 17:55:44 | 000,000,000 | --SD | C] -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Videos
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Saved Games
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Pictures
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Music
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Links
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Favorites
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Downloads
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Documents
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Desktop
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Documents\Videoer
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\AppData\Local\Temporary Internet Files
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Skabeloner
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\SendTo
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Recent
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Printere
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\AppData\Local\Oversigt
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Documents\Musik
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Menuen Start
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Lokale indstillinger
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Dokumenter
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Cookies
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Documents\Billeder
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Application Data
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\AppData\Local\Application Data
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Andre computere
[2014-07-04 17:55:44 | 000,000,000 | -H-D | C] -- C:\Users\Deca Gamer\AppData
[2014-07-04 17:55:44 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Temp
[2014-07-04 17:55:44 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Microsoft
[2014-07-04 17:55:44 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Media Center Programs
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Videoer
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Skrivebord
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Skabeloner
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\Programmer
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Musik
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menuen Start
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\Program Files\Fælles filer
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritter
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenter
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Billeder
 
========== Files - Modified Within 30 Days ==========
 
[2014-07-14 02:06:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-07-14 02:00:01 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-07-14 01:08:50 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014-07-14 00:57:33 | 000,001,540 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2014-07-14 00:38:33 | 000,000,896 | ---- | M] () -- C:\Users\Deca Gamer\Desktop\Sandboxed Web Browser.lnk
[2014-07-14 00:38:33 | 000,000,896 | ---- | M] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2014-07-14 00:08:41 | 000,079,064 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\ncka.sys
[2014-07-14 00:07:46 | 000,092,888 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014-07-13 23:58:28 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-07-13 18:07:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-07-13 16:07:21 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-07-13 10:33:45 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-07-13 10:33:45 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-07-13 08:43:39 | 001,380,164 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-07-13 08:43:39 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-07-13 08:43:39 | 000,509,444 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2014-07-13 08:43:39 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-07-13 08:43:39 | 000,098,754 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2014-07-13 08:37:17 | 3219,283,968 | -HS- | M] () -- C:\hiberfil.sys
[2014-07-10 16:56:43 | 000,269,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014-07-08 03:10:14 | 459,987,213 | ---- | M] () -- C:\Users\Deca Gamer\Documents\honor capped.mp4
[2014-07-08 02:10:48 | 000,062,192 | ---- | M] () -- C:\Users\Deca Gamer\Documents\honor capped.veg
[2014-07-08 02:08:55 | 000,062,192 | ---- | M] () -- C:\Users\Deca Gamer\Documents\honor capped.veg.bak
[2014-07-08 01:21:57 | 000,002,472 | ---- | M] () -- C:\Users\Deca Gamer\Documents\Register Vegas Pro.htm
[2014-07-07 23:03:25 | 000,044,872 | ---- | M] () -- C:\Users\Deca Gamer\Documents\wpvp.veg
[2014-07-07 22:59:32 | 000,043,840 | ---- | M] () -- C:\Users\Deca Gamer\Documents\wpvp.veg.bak
[2014-07-07 01:26:11 | 001,354,514 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014-07-06 18:12:42 | 000,000,562 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk
[2014-07-06 14:36:01 | 000,001,133 | ---- | M] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\XSplit Broadcaster.lnk
[2014-07-06 00:32:03 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014-07-05 19:44:48 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014-07-05 19:44:48 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014-07-05 15:54:03 | 001,065,984 | ---- | M] () -- C:\Users\Deca Gamer\AppData\Local\file__0.localstorage
[2014-07-05 15:53:10 | 000,002,121 | ---- | M] () -- C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
[2014-07-05 13:46:20 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2014-07-05 12:57:38 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2014-07-05 10:46:02 | 000,002,230 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-07-05 10:40:36 | 000,001,445 | ---- | M] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014-07-05 10:36:15 | 000,001,351 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014-07-05 10:12:18 | 000,002,243 | ---- | M] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014-07-05 10:05:09 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2014-07-04 23:46:46 | 000,180,233 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014-07-04 23:46:46 | 000,180,233 | ---- | M] () -- C:\Windows\SysNative\license.rtf
 
========== Files Created - No Company Name ==========
 
[2014-07-14 00:39:33 | 000,000,896 | ---- | C] () -- C:\Users\Deca Gamer\Desktop\Sandboxed Web Browser.lnk
[2014-07-14 00:39:33 | 000,000,896 | ---- | C] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2014-07-14 00:39:30 | 000,001,540 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2014-07-14 00:38:06 | 000,001,553 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
[2014-07-13 23:58:28 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-07-08 02:13:34 | 459,987,213 | ---- | C] () -- C:\Users\Deca Gamer\Documents\honor capped.mp4
[2014-07-08 01:51:31 | 000,062,192 | ---- | C] () -- C:\Users\Deca Gamer\Documents\honor capped.veg.bak
[2014-07-08 01:51:31 | 000,062,192 | ---- | C] () -- C:\Users\Deca Gamer\Documents\honor capped.veg
[2014-07-08 01:20:52 | 000,002,472 | ---- | C] () -- C:\Users\Deca Gamer\Documents\Register Vegas Pro.htm
[2014-07-07 22:58:28 | 000,044,872 | ---- | C] () -- C:\Users\Deca Gamer\Documents\wpvp.veg
[2014-07-07 22:58:28 | 000,043,840 | ---- | C] () -- C:\Users\Deca Gamer\Documents\wpvp.veg.bak
[2014-07-06 18:12:42 | 000,000,562 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk
[2014-07-06 14:36:01 | 000,001,133 | ---- | C] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\XSplit Broadcaster.lnk
[2014-07-06 14:34:30 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-07-06 00:32:03 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014-07-05 19:44:48 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014-07-05 19:44:48 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014-07-05 15:53:15 | 001,065,984 | ---- | C] () -- C:\Users\Deca Gamer\AppData\Local\file__0.localstorage
[2014-07-05 15:53:10 | 000,002,121 | ---- | C] () -- C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
[2014-07-05 13:46:20 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2014-07-05 12:57:38 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2014-07-05 12:40:22 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2014-07-05 11:17:55 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014-07-05 11:14:43 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014-07-05 10:51:32 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014-07-05 10:46:02 | 000,002,230 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-07-05 10:40:36 | 000,001,445 | ---- | C] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014-07-05 10:36:15 | 000,001,351 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014-07-05 10:33:20 | 003,774,821 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2014-07-05 10:32:02 | 000,026,069 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014-07-05 10:19:38 | 000,031,272 | ---- | C] () -- C:\Windows\SysNative\AppleChargerSrv.exe
[2014-07-05 10:19:38 | 000,022,680 | ---- | C] () -- C:\Windows\SysNative\drivers\AppleCharger.sys
[2014-07-05 10:16:41 | 000,369,117 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014-07-05 10:15:27 | 001,354,514 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014-07-05 10:12:18 | 000,002,243 | ---- | C] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014-07-05 10:12:11 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-07-05 10:12:10 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-07-05 10:05:09 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2014-07-04 23:46:31 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014-07-04 23:46:27 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014-07-04 23:43:26 | 3219,283,968 | -HS- | C] () -- C:\hiberfil.sys
[2014-07-04 17:56:02 | 000,001,421 | ---- | C] () -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014-07-04 17:55:44 | 000,000,290 | ---- | C] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014-07-04 17:55:44 | 000,000,272 | ---- | C] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013-03-01 03:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
 
========== ZeroAccess Check ==========
 
[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-03-25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-03-25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014-07-05 13:07:40 | 000,000,000 | ---D | M] -- C:\Users\Deca Gamer\AppData\Roaming\Battle.net
[2014-07-08 01:38:00 | 000,000,000 | ---D | M] -- C:\Users\Deca Gamer\AppData\Roaming\BitTorrent
[2014-07-05 13:12:50 | 000,000,000 | ---D | M] -- C:\Users\Deca Gamer\AppData\Roaming\Curse Advertising
[2014-07-06 00:54:58 | 000,000,000 | ---D | M] -- C:\Users\Deca Gamer\AppData\Roaming\OBS
[2014-07-06 18:31:15 | 000,000,000 | ---D | M] -- C:\Users\Deca Gamer\AppData\Roaming\Publish Providers
[2014-07-07 14:59:49 | 000,000,000 | ---D | M] -- C:\Users\Deca Gamer\AppData\Roaming\Riot Games
[2014-07-08 01:10:03 | 000,000,000 | ---D | M] -- C:\Users\Deca Gamer\AppData\Roaming\Sony
[2014-07-06 22:52:28 | 000,000,000 | ---D | M] -- C:\Users\Deca Gamer\AppData\Roaming\Sony Creative Software Inc
[2014-07-06 14:34:53 | 000,000,000 | ---D | M] -- C:\Users\Deca Gamer\AppData\Roaming\SplitmediaLabs
[2014-07-14 01:21:52 | 000,000,000 | ---D | M] -- C:\Users\Deca Gamer\AppData\Roaming\TS3Client
[2014-07-14 01:18:12 | 000,000,000 | ---D | M] -- C:\Users\Deca Gamer\AppData\Roaming\Wireshark
 
========== Purity Check ==========
 
 
 
< End of report >

Edited by Detected, 14 July 2014 - 04:06 AM.

  • 0

Advertisements


#2
23red

23red

    Trusted Helper

  • Malware Removal
  • 1,797 posts

Hi Detected :)

Welcome! 

  I'm 23red, and it'll be my pleasure to assist you with your problem.  I am currently reviewing your log.  In the meantime, I'd be grateful if you would note the following:

 

•  Please make sure to carefully read every post completely before doing anything.
 
•  If you're not sure, or if something unexpected happens do not continue! Stop and ask!  It is not a problem.
 
•  Please do not run any other scans or other software on your computer unless asked as it may make this repair more difficult.
 
•  Please stick with me until all malware is gone from your system.  Malware removal is not an instant process, just because you no longer see any symptoms it does not necessarily mean your system is completely clear.

 

•  Please copy/paste to Notepad and save my instructions as a text file on your desktop, or print them out, as you may not be able to access this thread at times.

 

Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.

 

•  As I am currently in training, I will be helping you under the supervision of our Expert Teachers.   As such, there will likely be a delay between posts.   I do my best to respond as quick as I can.  I, like everyone else here am also a volunteer and sometimes life keeps me busy  ;)

 

•  Thank you for your understanding and I appreciate your patience.

 

Please allow some time to go through the log you posted.  And would you happen to be able to locate the extras.txt that was produced same time as the log posted?  It should be located at C:\Users\Deca Gamer\Downloads.  Please post it so I may take a look. 

 

While you're in there may you also please cut and then paste OTL onto your Desktop.  It runs best from there :)

 

**Also, please click on the Follow this topic button above and the forum will notify you when a post is made for you here.

 

Thank you :)


  • 0

#3
Detected

Detected

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

Hello and thanks for the respon. i will do as asked. here is the extras.txt

OTL Extras logfile created on: 14-07-2014 02:07:41 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Deca Gamer\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy
 
4,00 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 25,41% Memory free
7,99 Gb Paging File | 3,92 Gb Available in Paging File | 49,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 327,97 Gb Free Space | 70,43% Space Free | Partition Type: NTFS
 
Computer Name: DECAGAMER-PC | User Name: Deca Gamer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1D3B0E4C-4B80-42B4-96FA-A24D12E5850A}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{2C09BE79-C515-49CA-8386-A0FD1EBA7A66}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{38E92569-06BA-4C0E-901D-A39488C16083}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{5BC7A40D-790F-4C6B-8F02-6019EEC88344}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot | 
"{9624CCCC-5AA2-437B-B0EE-2CF7A50B9E2A}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot | 
"{A13F3C41-CD10-4833-B5C0-C62A1B41ABBA}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 
"{C1791234-906A-4A1F-AF03-5E205412FD6A}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{ED724F53-3EE3-4167-B9F1-E2D8D9A603EB}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{F0432164-B5C6-4987-9743-745C69EFDF0A}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 
"{F217E5E4-9F8B-496F-83FD-B6321DD7C030}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{175AF8F6-1AB2-4C62-B04E-442AAA387F17}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{1D5E182E-0AD3-4CFF-B529-98BA3C903B01}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe | 
"{22666139-3381-4410-96B4-C03F2184AAC8}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{251F5E7D-CC73-43F9-A5AE-C20F060911D0}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe | 
"{2B0B3E03-3FAC-4319-A661-806AE8DAC774}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3109\agent.exe | 
"{2E6D6B72-327A-4733-9DF7-79488CF2743F}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{3B3E81A0-3790-4423-97F0-97B2610CF763}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{3B8420C7-67F7-42B4-BE22-782304A4CBB1}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\usb-n13 wlan card utilities\rtwlan.exe | 
"{68833C54-5B78-4BA4-A7F6-DF9345040637}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{6FFD0EFF-3E56-426D-9655-2509E444DEA1}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe | 
"{95DF5CA7-92EE-4336-86E4-18D1760D5FB6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{9CDCFE3C-F107-408F-BE00-EE29521FA1ED}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\usb-n13 wlan card utilities\rtwlan.exe | 
"{9E50AD1B-32FF-4CF3-AE27-026EE38F6E6E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{A01EB456-38AB-43A7-BF1C-42A4E326C88D}" = protocol=6 | dir=in | app=c:\users\deca gamer\appdata\roaming\bittorrent\bittorrent.exe | 
"{B6BD6B9C-E9A5-42EA-BC04-1EB19D45DDA3}" = protocol=17 | dir=in | app=c:\users\deca gamer\appdata\roaming\bittorrent\bittorrent.exe | 
"{B8F53CE8-9ADB-4828-8487-A8C2F53078D4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3109\agent.exe | 
"{C0A093CE-E8AB-42E6-A2EB-04E8B0FD2E08}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{D673D932-32C9-45DE-A773-285541CACC93}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{F640A36D-FCAD-45C6-86D8-FC2120909DF9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe | 
"{F78D06DC-FCBC-4D5B-A7DE-294BB55CE157}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{120EC191-78F8-CA89-3511-7E90C23F5261}" = AMD Catalyst Install Manager
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F06417060FF}" = Java 7 Update 60 (64-bit)
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7DA57CC0-029B-11E2-A4C0-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{80E64FDE-029B-11E2-A955-F04DA23A5C58}" = MSVCRT Redists
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{AB085680-FE98-11E1-A232-F04DA23A5C58}" = MSVCRT Redists
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision-driver 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Kontrolpanel 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafikdriver 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controllerdriver 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-systemsoftware 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Opdateringer 14.6.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-lyddriver 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 14.6.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"{CF2A565B-1504-BD48-51B5-1D88C621D8C6}" = ccc-utility64
"{E6277150-51D1-1D9F-1B9F-2D28985BE167}" = AMD Fuel
"Malwarebytes Anti-Exploit_is1" = Malwarebytes Anti-Exploit version 1.03.1.1220
"Sandboxie" = Sandboxie 4.12 (64-bit)
"Speccy" = Speccy
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 5.10 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{183F67DB-676D-9629-BB8D-5D91CFC5880C}" = CCC Help Chinese Traditional
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1A21C23B-1049-036F-538C-40827D35D35B}" = CCC Help Czech
"{21EF236B-A428-0641-0A9A-6A9A74BA1996}" = CCC Help Finnish
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{27E6D8B1-70BC-4981-AE4D-B7C73475C416}" = XSplit Gamecaster
"{2E7170BC-A6CB-3C69-A940-A07834EAE1E8}" = CCC Help Italian
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3450767E-DD72-E31C-CCA5-8F45FF5FCE08}" = Catalyst Control Center
"{3A027737-A119-FABD-4C43-8385D57FC450}" = Catalyst Control Center Localization All
"{3A1F3A32-7E9D-4AD2-A2E2-DFC98BAA9DC7}" = XSplit Broadcaster
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B12.1025.1
"{45017FF9-8ABB-DFDE-6BFD-43C8D89277F4}" = CCC Help Norwegian
"{494642A2-96C3-FBF9-A43D-41D78A82AE15}" = CCC Help Hungarian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FD6306A-E967-F286-DBA1-2A3C26833A2C}" = CCC Help French
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5BA86B8D-D29E-071C-5D7B-E579A54698AD}" = CCC Help Spanish
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{71A79918-3497-16D0-3497-E3356F5EE5FB}" = CCC Help Chinese Standard
"{76D0F60C-D265-CFA4-2E06-41E434F9EB41}" = CCC Help Thai
"{77D28FF5-242F-488A-8215-937D6A4D69E0}" = Adobe AIR
"{78FD6E08-6996-7EBF-E3F8-905836E7C220}" = CCC Help Dutch
"{79A3E8B6-37C0-5F75-7E7D-F4D6FB512329}" = CCC Help Japanese
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8B526040-C3BE-5E3F-E6C1-C01BD32BA2C6}" = CCC Help Greek
"{9068D15E-25B4-EC21-9BC4-8DBD52722F8E}" = CCC Help Russian
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9C049499-055C-4a0c-A916-1D12314F45EB}" = ASUS USB-N13 WLAN Card Utilities & Driver
"{A4DE5CD7-96D6-3979-8C39-E864396AFFC0}" = Google Chrome
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC4BBB17-A837-3B36-83D8-7DFC90505F95}" = CCC Help Portuguese
"{AC76BA86-7AD7-1030-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Dansk
"{B94CD252-ACBB-36C7-133D-94BB87D70F91}" = Catalyst Control Center InstallProxy
"{BC8CEB2B-647B-BBF1-3923-6250AFA64081}" = CCC Help Polish
"{D73E5C3C-6975-6957-3799-AB306D8189B0}" = CCC Help Korean
"{E05B61A8-A743-57ED-C0BA-6332CC6452FF}" = CCC Help German
"{E22F5B3F-6D82-7354-F199-0EFFDCC4DD33}" = CCC Help Swedish
"{E94EFAB6-653F-4837-9E8A-F6377CA1EC0D}" = Adobe Flash Player 11 ActiveX
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0319215-C109-C2C9-ECBC-3F08C50E59B3}" = CCC Help Turkish
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FBE18FE1-05A4-C5AD-571A-74BC335FDDC6}" = CCC Help English
"{AA46B5F5-6E96-A623-5AB4-93BE56BEBB28}" = CCC Help Danish
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"Battle.net" = Battle.net
"Fraps" = Fraps (remove only)
"League of Legends 3.0.1" = League of Legends
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Open Broadcaster Software" = Open Broadcaster Software
"Steam" = Steam
"Steam App 730" = Counter-Strike: Global Offensive
"Unigine Heaven Benchmark (Basic Edition)_is1" = Heaven Benchmark version 4.0
"WinPcapInst" = WinPcap 4.1.3
"Wireshark" = Wireshark 1.10.8 (64-bit)
"World of Warcraft" = World of Warcraft
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"BitTorrent" = BitTorrent
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 09-07-2014 16:57:11 | Computer Name = DecaGamer-Pc | Source = Application Error | ID = 1000
Description = Navn på program med fejl: Fuel.Service.exe, version: 1.0.0.0, tidsstempel:
 0x501fefb5  Navn på modul med fejl: Device.dll, version: 4.1.0.0, tidsstempel: 0x4f55e10b
Undtagelseskode:
 0xc0000005  Forskydning med fejl 0x00000000000033c1  Proces-id 0x794  Programmets starttidspunkt
 0x01cf9bb2a835cede  Programsti: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Modulsti:
 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll  Rapport-id: 988d3037-07ab-11e4-a23d-74d4357a879d
 
Error - 10-07-2014 10:57:16 | Computer Name = DecaGamer-Pc | Source = WinMgmt | ID = 10
Description = 
 
Error - 10-07-2014 11:27:56 | Computer Name = DecaGamer-Pc | Source = Application Error | ID = 1000
Description = Navn på program med fejl: Fuel.Service.exe, version: 1.0.0.0, tidsstempel:
 0x501fefb5  Navn på modul med fejl: Device.dll, version: 4.1.0.0, tidsstempel: 0x4f55e10b
Undtagelseskode:
 0xc0000005  Forskydning med fejl 0x00000000000033c1  Proces-id 0x62c  Programmets starttidspunkt
 0x01cf9c4f2f2992ea  Programsti: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Modulsti:
 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll  Rapport-id: c3d878ed-0846-11e4-b2cb-74d4357a879d
 
Error - 11-07-2014 17:34:41 | Computer Name = DecaGamer-Pc | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 11-07-2014 17:34:41 | Computer Name = DecaGamer-Pc | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 11-07-2014 17:34:41 | Computer Name = DecaGamer-Pc | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 11-07-2014 17:35:02 | Computer Name = DecaGamer-Pc | Source = WinMgmt | ID = 10
Description = 
 
Error - 11-07-2014 18:15:33 | Computer Name = DecaGamer-Pc | Source = Application Error | ID = 1000
Description = Navn på program med fejl: Fuel.Service.exe, version: 1.0.0.0, tidsstempel:
 0x501fefb5  Navn på modul med fejl: Device.dll, version: 4.1.0.0, tidsstempel: 0x4f55e10b
Undtagelseskode:
 0xc0000005  Forskydning med fejl 0x00000000000033c1  Proces-id 0x758  Programmets starttidspunkt
 0x01cf9d4fe73f3e19  Programsti: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Modulsti:
 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll  Rapport-id: dfe122d5-0948-11e4-8c03-74d4357a879d
 
Error - 12-07-2014 06:38:17 | Computer Name = DecaGamer-Pc | Source = WinMgmt | ID = 10
Description = 
 
Error - 12-07-2014 18:11:30 | Computer Name = DecaGamer-Pc | Source = Application Error | ID = 1000
Description = Navn på program med fejl: Fuel.Service.exe, version: 1.0.0.0, tidsstempel:
 0x501fefb5  Navn på modul med fejl: Device.dll, version: 4.1.0.0, tidsstempel: 0x4f55e10b
Undtagelseskode:
 0xc0000005  Forskydning med fejl 0x00000000000033c1  Proces-id 0x790  Programmets starttidspunkt
 0x01cf9dbd49a32e80  Programsti: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Modulsti:
 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll  Rapport-id: 79806cd0-0a11-11e4-9450-74d4357a879d
 
Error - 13-07-2014 02:37:46 | Computer Name = DecaGamer-Pc | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 12-07-2014 06:37:14 | Computer Name = DecaGamer-Pc | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35
Description = Ydelsesbaseret strømstyring på processoren 3 i gruppen 0 er deaktiveret
 pga. et firmwareproblem. Kontakt computerproducenten for at få opdateret firmware.
 
Error - 12-07-2014 08:43:19 | Computer Name = DecaGamer-Pc | Source = Service Control Manager | ID = 7034
Description = Tjenesten Search Protect Service afsluttede uventet. Dette er sket
 1 gang(e).
 
Error - 12-07-2014 18:11:33 | Computer Name = DecaGamer-Pc | Source = Service Control Manager | ID = 7034
Description = Tjenesten AMD FUEL Service afsluttede uventet. Dette er sket 1 gang(e).
 
Error - 13-07-2014 02:37:16 | Computer Name = DecaGamer-Pc | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35
Description = Ydelsesbaseret strømstyring på processoren 0 i gruppen 0 er deaktiveret
 pga. et firmwareproblem. Kontakt computerproducenten for at få opdateret firmware.
 
Error - 13-07-2014 02:37:16 | Computer Name = DecaGamer-Pc | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35
Description = Ydelsesbaseret strømstyring på processoren 1 i gruppen 0 er deaktiveret
 pga. et firmwareproblem. Kontakt computerproducenten for at få opdateret firmware.
 
Error - 13-07-2014 02:37:16 | Computer Name = DecaGamer-Pc | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35
Description = Ydelsesbaseret strømstyring på processoren 2 i gruppen 0 er deaktiveret
 pga. et firmwareproblem. Kontakt computerproducenten for at få opdateret firmware.
 
Error - 13-07-2014 02:37:16 | Computer Name = DecaGamer-Pc | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35
Description = Ydelsesbaseret strømstyring på processoren 3 i gruppen 0 er deaktiveret
 pga. et firmwareproblem. Kontakt computerproducenten for at få opdateret firmware.
 
Error - 13-07-2014 05:46:02 | Computer Name = DecaGamer-Pc | Source = Service Control Manager | ID = 7009
Description = Der opstod timeout (30000 millisekunder), mens systemet ventede på,
 at der blev oprettet forbindelse til tjenesten Steam Client Service.
 
Error - 13-07-2014 05:46:02 | Computer Name = DecaGamer-Pc | Source = Service Control Manager | ID = 7000
Description = Tjenesten Steam Client Service kunne ikke starte pga. følgende fejl:
   %%1053
 
Error - 13-07-2014 16:48:36 | Computer Name = DecaGamer-Pc | Source = volsnap | ID = 393252
Description = Øjebliksbillederne af diskenheden C: blev afbrudt, fordi øjebliksbilledelageret
 ikke kunne øges på grund af en brugerangivet grænse.
 
 
< End of report >

 

  • 0

#4
23red

23red

    Trusted Helper

  • Malware Removal
  • 1,797 posts
Thank you :thumsup:

I'll look these over and get back with you soon as I can.
  • 0

#5
Detected

Detected

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

No problems, if its needed i can change the danish words to english.


  • 0

#6
23red

23red

    Trusted Helper

  • Malware Removal
  • 1,797 posts

Hi Detected xsmile.png.pagespeed.ic.CwSpBGGvqN.png

 

Well it does not look too bad from this side.  It might be a good idea to change your Steam password and your game passwords if you have not done so already.  It may also be helpful for you to let them know what happened as well, especially if your accounts were tampered with.  They have a forum and do give assistance when it's needed

 

 

Step 1

 

Peer to Peer Warning

 

Looking through your log, I've also noticed you have BitTorrent installed. 
GeeksToGo does not recommend using such programs.  You should read the description of Peer-to-Peer programs below and decide for yourself.

 

Description of Peer-to-Peer (P2P) software:

 

P2P(Peer-to-Peer) may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. The program(s) may be safe, but there's no way to tell if the file being shared is infected. P2P programs, more often than not, install adware and/or spyware and worse still, some worms spread via P2P networks, infecting you as well.
Once upon a time, P2P file sharing was fairly safe. This is no longer true. P2P programs form a direct conduit inside your computer, their security measures are easily circumvented, and malware writers are increasingly exploiting them to spread their wares on to your computer. If your P2P program is not configured correctly, your computer may also be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

 

If you still need convincing, please read these short reports on the dangers of peer-2-peer programs and file sharing.

 

•  FBI Cyber Education Letter

 

•  InfoWorld

 

My suggestion would be for you to uninstall this Optional Removal:

 

BitTorrent

 

The choice is yours.  If you decide to keep it, please refrain from using it until we are finished with cleaning.

 

Step 2

 

OTL Fix

 

•  Please right click on xxotlicon_png_pagespeed_ic_fh_U5UM1EN.jp on your Desktop, choose Run as Administrator, accept UAC prompts.

 

•  Under xOTLcustomscansboxtitle.jpg.pagespeed.ic in the textbox at the bottom, please paste in the following text:

 

 

 

 

 

:Commands
[CREATERESTOREPOINT]
:OTL
O33 - MountPoints2\{381fb281-03c4-11e4-984c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{381fb281-03c4-11e4-984c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
O33 - MountPoints2\{df50266f-041d-11e4-a3d0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{df50266f-041d-11e4-a3d0-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe
[2014-07-06 18:11:20 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\SearchProtect
[2014-07-06 18:11:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
:Files
netsh advfirewall reset /c
netsh advfirewall set allprofiles state on /c
ipconfig /flushdns /c
:Commands
[emptytemp]

 

 

 

 

•  Push the xrunfixbutton.jpg.pagespeed.ic.eBZjKfc2x  button.

 

•  OTL may ask to reboot the machine. Please do so if asked. 

 

•  If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).

 

•  A massage box xotlfixcompletebutton.jpg.pagespeed.ic.V will pop-up.

 

•  Click the OK button and a report will open.

 

•  If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).

 

•  Copy and Paste that report in your next reply, please.

 

Fresh OTL Scan

 

 

• Please right click the  xxotlicon_png_pagespeed_ic_fh_U5UM1EN.jp  on your Desktop,  Run as Administrator, accept UAC prompts.

 

Make sure all other windows are closed and to let it run uninterrupted.

 

• Please check the box next to Scan All Users.

 

• Click the xrunscan_png_pagespeed_ic_5vmMCx0K2t.png button. Do not change any settings unless otherwise told to do so.

The scan wont take long.

 

• When the scan completes, it will open a notepad window.

 

• Please copy (Edit ~> Select All,  Edit ~> Copy) the log it produces in your next reply.

 

When you return please post:

 

1.  OTL fix text
2.  Fresh OTL scan

 

Thank you xsmile.png.pagespeed.ic.CwSpBGGvqN.png

 


  • 0

#7
Detected

Detected

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

Hello and thanks for the answer, glad to hear it doesnt look bad, i havent felt any suspicious stuff going around with my computer so i dont know if it's just me being silly, but would be better to get it all checked than not, i will stop using bit torrent, looks nasty! didnt know that!

 

here's the OTL fix:

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{381fb281-03c4-11e4-984c-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{381fb281-03c4-11e4-984c-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{381fb281-03c4-11e4-984c-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{381fb281-03c4-11e4-984c-806e6f6e6963}\ not found.
File D:\Run.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df50266f-041d-11e4-a3d0-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{df50266f-041d-11e4-a3d0-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df50266f-041d-11e4-a3d0-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{df50266f-041d-11e4-a3d0-806e6f6e6963}\ not found.
File D:\setup.exe not found.
Folder C:\Users\Deca Gamer\AppData\Local\SearchProtect\ not found.
Folder C:\Program Files (x86)\SearchProtect\ not found.
========== FILES ==========
< netsh advfirewall reset /c >
OK
C:\Users\Deca Gamer\Downloads\cmd.bat deleted successfully.
C:\Users\Deca Gamer\Downloads\cmd.txt deleted successfully.
< netsh advfirewall set allprofiles state on /c >
OK
C:\Users\Deca Gamer\Downloads\cmd.bat deleted successfully.
C:\Users\Deca Gamer\Downloads\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Windows IP-konfiguration
DNS Resolver Cache blev t›mt.
C:\Users\Deca Gamer\Downloads\cmd.bat deleted successfully.
C:\Users\Deca Gamer\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Deca Gamer
->Temp folder emptied: 881068654 bytes
->Temporary Internet Files folder emptied: 72969723 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 349479294 bytes
->Flash cache emptied: 58172 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57311 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 305076077 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 55293328 bytes
RecycleBin emptied: 26301244304 bytes
 
Total Files Cleaned = 26.670,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 07162014_201934
 
Files\Folders moved on Reboot...
File move failed. C:\Users\Deca Gamer\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395f8fd8a9b8_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\Deca Gamer\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395f8fd8a9b8_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\Deca Gamer\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395f8fd8a9b8_6229ccd76215aea1_0_1.bin moved successfully.
C:\Users\Deca Gamer\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Deca Gamer\AppData\Local\Temp\speccycpuid.dll moved successfully.
C:\Users\Deca Gamer\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\temp\FXSTIFFDebugLogFile.txt moved successfully.
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...
 
and here's the fresh scan:

OTL logfile created on: 16-07-2014 20:30:10 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Deca Gamer\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy
 
4,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 62,71% Memory free
7,99 Gb Paging File | 6,17 Gb Available in Paging File | 77,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 331,08 Gb Free Space | 71,10% Space Free | Partition Type: NTFS
 
Computer Name: DECAGAMER-PC | User Name: Deca Gamer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014-07-14 02:06:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Deca Gamer\Downloads\OTL.exe
PRC - [2014-06-05 15:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014-06-04 09:50:12 | 000,360,592 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
PRC - [2014-06-04 09:48:24 | 000,382,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
PRC - [2014-05-30 01:35:33 | 002,352,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014-05-30 01:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014-05-20 01:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014-05-12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014-05-08 15:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-11-23 10:04:26 | 006,787,072 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtWlan.exe
PRC - [2012-05-10 10:38:06 | 000,036,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtlService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014-06-05 15:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
MOD - [2014-06-05 15:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014-06-05 15:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014-06-05 15:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014-06-05 15:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014-06-19 02:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2012-08-06 12:24:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010-04-06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2014-07-12 02:53:24 | 000,542,912 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014-07-06 14:34:29 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-06-04 09:50:12 | 000,360,592 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe -- (MbaeSvc)
SRV - [2014-05-30 01:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014-05-30 01:28:54 | 021,055,432 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programmer\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2014-05-29 20:33:02 | 000,174,088 | ---- | M] (Sandboxie Holdings, LLC) [Auto | Running] -- C:\Programmer\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2014-05-20 01:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014-05-08 15:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014-04-03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-09-11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013-03-01 03:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2012-05-10 10:38:06 | 000,036,864 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtlService.exe -- (Realtek11nCU)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014-07-16 20:22:49 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014-06-11 10:57:41 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014-05-12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014-05-12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014-03-31 18:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013-03-01 03:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2012-10-25 09:01:20 | 000,022,680 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2012-07-19 11:14:28 | 000,110,744 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2012-04-11 03:40:58 | 000,082,560 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012-04-11 03:40:58 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012-03-30 16:49:08 | 000,056,448 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-10 10:36:44 | 000,986,728 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtwlanu.sys -- (RTL8192cu)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-02-18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-05-05 16:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2014-06-04 10:24:54 | 000,062,392 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys -- (ESProtectionDriver)
DRV - [2014-05-30 01:28:53 | 000,020,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Programmer\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV - [2014-05-29 20:33:16 | 000,185,352 | ---- | M] (Sandboxie Holdings, LLC) [Kernel | On_Demand | Running] -- C:\Programmer\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2012-03-05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programmer\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://dk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 0E 4A CC 2C 98 CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Error reading preferences file
CHR - Extension: Google Dokumenter = C:\Users\Deca Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drev = C:\Users\Deca Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Deca Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-søgning = C:\Users\Deca Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Deca Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.7_0\
CHR - Extension: Alt-O-Magic Identifizer = C:\Users\Deca Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhcnifflbjndominljlejmeheiiolfdp\1.6.4_0\
CHR - Extension: Google Wallet = C:\Users\Deca Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Deca Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.234.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF1F95D5-BC77-4B50-9E63-900457091A4F}: DhcpNameServer = 192.168.234.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCD53EDE-D885-4BD0-B011-9DC6EA0A3C4B}: DhcpNameServer = 193.162.153.164 194.239.134.83
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014-07-16 20:19:34 | 000,000,000 | ---D | C] -- C:\_OTL
[2014-07-14 01:18:12 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Wireshark
[2014-07-14 01:15:12 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014-07-14 00:41:59 | 000,000,000 | R--D | C] -- C:\Sandbox
[2014-07-14 00:38:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2014-07-14 00:38:32 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2014-07-14 00:38:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2014-07-14 00:38:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2014-07-14 00:37:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014-07-14 00:37:42 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark
[2014-07-14 00:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014-07-14 00:07:17 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\Desktop\mbar
[2014-07-14 00:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
[2014-07-14 00:03:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes Anti-Exploit
[2014-07-14 00:03:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Exploit
[2014-07-13 23:58:41 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014-07-13 23:58:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014-07-13 23:58:25 | 000,092,888 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014-07-13 23:58:25 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014-07-13 23:58:25 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014-07-13 23:58:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014-07-13 23:58:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014-07-13 23:57:59 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Programs
[2014-07-12 21:32:35 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\Desktop\optagelser
[2014-07-12 12:42:14 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\ElevatedDiagnostics
[2014-07-09 22:34:09 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014-07-09 22:34:09 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014-07-09 22:34:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014-07-09 22:34:09 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014-07-09 22:34:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014-07-09 22:34:08 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014-07-09 22:34:08 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014-07-09 22:34:08 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014-07-09 22:34:06 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014-07-09 22:34:06 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014-07-09 22:34:06 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014-07-09 22:34:06 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014-07-09 22:34:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014-07-09 22:34:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014-07-09 22:34:05 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014-07-09 22:34:05 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014-07-09 22:34:05 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014-07-09 22:34:04 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014-07-09 22:34:03 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014-07-09 22:34:03 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014-07-09 22:34:03 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014-07-09 22:34:02 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014-07-09 22:34:02 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014-07-09 22:34:02 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014-07-09 22:34:02 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014-07-09 22:34:01 | 005,721,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014-07-09 22:34:01 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014-07-09 22:34:01 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014-07-09 22:34:01 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014-07-09 22:34:01 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014-07-09 22:34:00 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014-07-09 22:34:00 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014-07-09 22:33:59 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014-07-09 22:33:59 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014-07-09 22:33:59 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014-07-09 22:30:53 | 000,519,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014-07-09 22:30:53 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014-07-09 22:30:27 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014-07-09 22:30:27 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014-07-09 22:30:26 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014-07-09 22:30:26 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014-07-09 22:30:24 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014-07-09 22:25:43 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014-07-08 01:11:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2014-07-08 01:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2014-07-08 01:10:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2014-07-07 15:04:05 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2014-07-07 15:04:05 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2014-07-07 15:04:05 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2014-07-07 15:02:55 | 000,000,000 | ---D | C] -- C:\Riot Games
[2014-07-07 15:02:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
[2014-07-07 14:59:58 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\PMB Files
[2014-07-07 14:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2014-07-07 14:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2014-07-07 14:59:31 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Riot Games
[2014-07-06 22:52:28 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Sony Creative Software Inc
[2014-07-06 18:31:15 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Publish Providers
[2014-07-06 18:28:36 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Sony
[2014-07-06 18:28:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2014-07-06 18:27:40 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Sony
[2014-07-06 18:12:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2014-07-06 18:12:42 | 000,000,000 | ---D | C] -- C:\Fraps
[2014-07-06 18:12:33 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\WinRAR
[2014-07-06 18:12:22 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014-07-06 18:12:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014-07-06 18:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014-07-06 18:10:16 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\BitTorrent
[2014-07-06 14:37:52 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\SplitMediaLabs
[2014-07-06 14:34:28 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-07-06 14:34:28 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-07-06 14:33:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014-07-06 14:33:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014-07-06 13:40:25 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2014-07-06 13:40:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2014-07-06 13:40:10 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs
[2014-07-06 13:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitmediaLabs
[2014-07-06 13:39:02 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\SplitmediaLabs
[2014-07-06 12:02:43 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014-07-06 12:02:43 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014-07-06 12:02:43 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014-07-06 12:02:43 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014-07-06 12:02:42 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014-07-06 12:02:41 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014-07-06 12:02:31 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2014-07-06 12:02:31 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2014-07-06 12:02:31 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2014-07-06 12:02:31 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2014-07-06 12:02:31 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2014-07-06 12:02:31 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2014-07-06 12:02:13 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014-07-06 12:02:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2014-07-06 00:54:58 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\OBS
[2014-07-06 00:54:56 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
[2014-07-06 00:54:54 | 000,000,000 | ---D | C] -- C:\Program Files\OBS
[2014-07-06 00:54:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OBS
[2014-07-05 20:02:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014-07-05 20:01:19 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014-07-05 20:01:18 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014-07-05 20:01:18 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014-07-05 20:01:17 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014-07-05 19:44:51 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014-07-05 19:44:48 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014-07-05 19:44:48 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014-07-05 19:44:48 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014-07-05 19:44:48 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014-07-05 19:44:48 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014-07-05 19:44:48 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014-07-05 19:44:48 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014-07-05 19:44:48 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014-07-05 19:44:48 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014-07-05 19:44:48 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014-07-05 19:44:48 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014-07-05 19:44:48 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014-07-05 19:44:48 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014-07-05 19:44:48 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014-07-05 19:44:48 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014-07-05 19:44:48 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014-07-05 19:44:48 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014-07-05 19:44:48 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014-07-05 19:44:48 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014-07-05 19:44:48 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014-07-05 19:44:48 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014-07-05 19:44:48 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014-07-05 19:44:48 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014-07-05 19:44:48 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014-07-05 19:44:48 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014-07-05 19:44:48 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014-07-05 19:44:48 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014-07-05 19:44:48 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014-07-05 19:44:48 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014-07-05 19:44:48 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014-07-05 19:44:48 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014-07-05 19:44:48 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014-07-05 19:44:48 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014-07-05 19:44:48 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014-07-05 19:44:48 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014-07-05 19:44:48 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014-07-05 19:44:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014-07-05 19:44:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014-07-05 19:44:48 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014-07-05 19:44:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014-07-05 19:44:48 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014-07-05 19:44:48 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014-07-05 19:44:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014-07-05 19:44:48 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014-07-05 19:43:47 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014-07-05 19:43:47 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014-07-05 19:43:47 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014-07-05 19:43:47 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014-07-05 19:43:47 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014-07-05 19:43:47 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014-07-05 19:43:47 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014-07-05 19:43:47 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014-07-05 19:43:47 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014-07-05 19:43:47 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014-07-05 19:43:47 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014-07-05 19:43:47 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014-07-05 19:43:47 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014-07-05 19:43:47 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014-07-05 19:43:47 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014-07-05 19:43:47 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014-07-05 19:43:47 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014-07-05 19:43:47 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014-07-05 19:43:47 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014-07-05 19:43:47 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014-07-05 19:43:47 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014-07-05 19:43:47 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014-07-05 19:43:47 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014-07-05 19:43:47 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014-07-05 19:43:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014-07-05 19:43:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014-07-05 19:43:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014-07-05 19:43:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014-07-05 19:43:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014-07-05 19:43:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014-07-05 19:43:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014-07-05 19:43:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014-07-05 19:43:47 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014-07-05 19:43:47 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014-07-05 19:09:41 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Skype
[2014-07-05 19:09:39 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Skype
[2014-07-05 19:09:32 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014-07-05 19:09:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014-07-05 19:09:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014-07-05 19:09:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014-07-05 17:52:01 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014-07-05 17:41:59 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2014-07-05 17:14:54 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014-07-05 15:53:30 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\Heaven
[2014-07-05 15:53:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unigine
[2014-07-05 14:52:05 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2014-07-05 14:52:05 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2014-07-05 14:52:05 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2014-07-05 14:52:05 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2014-07-05 14:52:05 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2014-07-05 14:52:05 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2014-07-05 14:52:04 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2014-07-05 14:52:04 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2014-07-05 14:52:04 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2014-07-05 14:52:04 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2014-07-05 14:52:01 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2014-07-05 14:52:01 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2014-07-05 14:52:01 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2014-07-05 14:52:01 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2014-07-05 14:52:01 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2014-07-05 14:52:01 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2014-07-05 14:52:01 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2014-07-05 14:52:01 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2014-07-05 14:52:00 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2014-07-05 14:52:00 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2014-07-05 14:52:00 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2014-07-05 14:52:00 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2014-07-05 14:51:59 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2014-07-05 14:51:59 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2014-07-05 14:51:59 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2014-07-05 14:51:59 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2014-07-05 14:51:59 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2014-07-05 14:51:59 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2014-07-05 14:51:59 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2014-07-05 14:51:59 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2014-07-05 14:51:58 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2014-07-05 14:51:58 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2014-07-05 14:51:58 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2014-07-05 14:51:58 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2014-07-05 14:51:58 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2014-07-05 14:51:58 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2014-07-05 14:51:58 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2014-07-05 14:51:58 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2014-07-05 14:51:57 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2014-07-05 14:51:57 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2014-07-05 14:51:57 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2014-07-05 14:51:57 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2014-07-05 14:51:56 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2014-07-05 14:51:56 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2014-07-05 14:51:56 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2014-07-05 14:51:56 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2014-07-05 14:51:56 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2014-07-05 14:51:56 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2014-07-05 14:51:56 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2014-07-05 14:51:56 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2014-07-05 14:51:56 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2014-07-05 14:51:56 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2014-07-05 14:51:55 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2014-07-05 14:51:55 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2014-07-05 14:51:55 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2014-07-05 14:51:55 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2014-07-05 14:51:55 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2014-07-05 14:51:55 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2014-07-05 14:51:54 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2014-07-05 14:51:54 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2014-07-05 14:51:54 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2014-07-05 14:51:54 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2014-07-05 14:51:54 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2014-07-05 14:51:54 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2014-07-05 14:51:54 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2014-07-05 14:51:54 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2014-07-05 14:51:53 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2014-07-05 14:51:53 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2014-07-05 14:51:53 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2014-07-05 14:51:53 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2014-07-05 14:51:53 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2014-07-05 14:51:53 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2014-07-05 14:51:53 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2014-07-05 14:51:52 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2014-07-05 14:51:52 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2014-07-05 14:51:52 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2014-07-05 14:51:52 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2014-07-05 14:51:52 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2014-07-05 14:51:52 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2014-07-05 14:51:52 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2014-07-05 14:51:52 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2014-07-05 14:51:52 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2014-07-05 14:51:52 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2014-07-05 14:51:52 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2014-07-05 14:51:52 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2014-07-05 14:51:51 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2014-07-05 14:51:51 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2014-07-05 14:51:51 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2014-07-05 14:51:51 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2014-07-05 14:51:51 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2014-07-05 14:51:51 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2014-07-05 14:51:51 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2014-07-05 14:51:51 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2014-07-05 14:51:51 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2014-07-05 14:51:51 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2014-07-05 14:51:51 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2014-07-05 14:51:51 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2014-07-05 14:51:50 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2014-07-05 14:51:50 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2014-07-05 14:51:50 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2014-07-05 14:51:50 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2014-07-05 14:51:50 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2014-07-05 14:51:50 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2014-07-05 14:51:50 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2014-07-05 14:51:50 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2014-07-05 14:51:49 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2014-07-05 14:51:49 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2014-07-05 14:51:49 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2014-07-05 14:51:49 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2014-07-05 14:51:49 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2014-07-05 14:51:49 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2014-07-05 14:51:49 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2014-07-05 14:51:49 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2014-07-05 14:51:49 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2014-07-05 14:51:49 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2014-07-05 14:51:49 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2014-07-05 14:51:49 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2014-07-05 14:51:49 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2014-07-05 14:51:49 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2014-07-05 14:51:48 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2014-07-05 14:51:48 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2014-07-05 14:51:48 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2014-07-05 14:51:48 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2014-07-05 14:51:48 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2014-07-05 14:51:48 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2014-07-05 14:51:48 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2014-07-05 14:51:48 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2014-07-05 14:51:48 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2014-07-05 14:51:48 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2014-07-05 14:51:29 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2014-07-05 14:51:29 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2014-07-05 14:51:29 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2014-07-05 14:51:29 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2014-07-05 14:51:28 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2014-07-05 14:51:28 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2014-07-05 14:51:28 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2014-07-05 14:51:28 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2014-07-05 14:51:27 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2014-07-05 14:51:27 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2014-07-05 14:51:26 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2014-07-05 14:51:26 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2014-07-05 14:51:26 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2014-07-05 14:51:26 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2014-07-05 14:51:26 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2014-07-05 14:51:26 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2014-07-05 14:51:24 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2014-07-05 14:51:24 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2014-07-05 14:51:24 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2014-07-05 14:51:24 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2014-07-05 14:51:23 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2014-07-05 14:51:23 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2014-07-05 14:51:23 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2014-07-05 14:51:23 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2014-07-05 14:51:23 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2014-07-05 14:51:23 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2014-07-05 14:51:14 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2014-07-05 14:51:14 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2014-07-05 14:51:11 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2014-07-05 14:51:11 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2014-07-05 14:51:11 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2014-07-05 14:51:11 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2014-07-05 14:51:11 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2014-07-05 14:51:11 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2014-07-05 14:51:11 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2014-07-05 14:51:11 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2014-07-05 14:51:10 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2014-07-05 14:51:10 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2014-07-05 14:51:10 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2014-07-05 14:51:10 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2014-07-05 14:51:09 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2014-07-05 14:51:09 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2014-07-05 14:51:08 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2014-07-05 14:51:08 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2014-07-05 13:46:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014-07-05 13:46:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2014-07-05 13:46:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2014-07-05 13:19:55 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\Desktop\drivers
[2014-07-05 13:19:43 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\Desktop\Wow
[2014-07-05 13:11:13 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Curse Advertising
[2014-07-05 13:11:00 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
[2014-07-05 13:10:12 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Apps
[2014-07-05 13:10:11 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Deployment
[2014-07-05 13:06:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2014-07-05 13:05:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2014-07-05 13:04:14 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\NVIDIA
[2014-07-05 13:04:12 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Blizzard Entertainment
[2014-07-05 13:04:06 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Battle.net
[2014-07-05 13:04:06 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Battle.net
[2014-07-05 13:03:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2014-07-05 13:03:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2014-07-05 13:03:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2014-07-05 13:03:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net
[2014-07-05 13:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2014-07-05 12:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2014-07-05 12:54:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014-07-05 12:54:34 | 000,601,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014-07-05 12:54:30 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\TS3Client
[2014-07-05 12:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2014-07-05 12:54:26 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2014-07-05 12:52:02 | 031,387,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014-07-05 12:52:02 | 024,025,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014-07-05 12:52:02 | 018,531,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014-07-05 12:52:02 | 017,480,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014-07-05 12:52:02 | 016,003,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014-07-05 12:52:02 | 011,644,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014-07-05 12:52:02 | 011,599,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014-07-05 12:52:02 | 009,735,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014-07-05 12:52:02 | 009,697,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014-07-05 12:52:02 | 003,141,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014-07-05 12:52:02 | 002,953,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014-07-05 12:52:02 | 002,785,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014-07-05 12:52:02 | 002,412,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014-07-05 12:52:02 | 001,889,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433788.dll
[2014-07-05 12:52:02 | 001,541,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433788.dll
[2014-07-05 12:52:02 | 000,895,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014-07-05 12:52:02 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014-07-05 12:52:02 | 000,867,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014-07-05 12:52:02 | 000,861,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014-07-05 12:52:02 | 000,837,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014-07-05 12:52:02 | 000,492,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014-07-05 12:52:02 | 000,416,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014-07-05 12:52:02 | 000,382,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014-07-05 12:52:02 | 000,354,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014-07-05 12:52:02 | 000,335,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014-07-05 12:52:02 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014-07-05 12:52:02 | 000,197,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2014-07-05 12:52:02 | 000,166,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014-07-05 12:52:02 | 000,146,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014-07-05 12:52:02 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2014-07-05 12:52:01 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014-07-05 12:52:01 | 017,561,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014-07-05 12:41:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2014-07-05 12:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
[2014-07-05 12:41:11 | 000,986,728 | R--- | C] (Realtek Semiconductor Corporation                           ) -- C:\Windows\SysNative\drivers\rtwlanu.sys
[2014-07-05 12:40:24 | 000,380,928 | ---- | C] (Realtek) -- C:\Windows\RtlUI2.exe
[2014-07-05 12:40:23 | 000,614,400 | ---- | C] (Realtek Semiconductor Corp. ) -- C:\Windows\SysWow64\Rtlihvs.dll
[2014-07-05 12:40:23 | 000,188,416 | ---- | C] (Realtek Semiconductor Corp. ) -- C:\Windows\SysWow64\RTLExtUI.dll
[2014-07-05 12:40:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2014-07-05 12:33:16 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Diagnostics
[2014-07-05 12:27:01 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\AMD
[2014-07-05 12:26:54 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\ATI
[2014-07-05 12:26:54 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\ATI
[2014-07-05 12:26:54 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014-07-05 12:24:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014-07-05 12:24:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2014-07-05 11:33:26 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2014-07-05 11:18:34 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2014-07-05 11:18:27 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014-07-05 11:18:27 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014-07-05 11:18:25 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2014-07-05 11:18:25 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2014-07-05 11:18:25 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2014-07-05 11:18:25 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2014-07-05 11:18:25 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2014-07-05 11:18:25 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2014-07-05 11:18:25 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2014-07-05 11:18:25 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2014-07-05 11:18:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2014-07-05 11:18:24 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2014-07-05 11:18:23 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2014-07-05 11:18:14 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2014-07-05 11:18:14 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2014-07-05 11:18:12 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2014-07-05 11:18:12 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2014-07-05 11:18:12 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2014-07-05 11:18:07 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014-07-05 11:18:06 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014-07-05 11:18:06 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2014-07-05 11:18:06 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2014-07-05 11:18:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014-07-05 11:18:06 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014-07-05 11:18:00 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014-07-05 11:17:56 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2014-07-05 11:17:56 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014-07-05 11:17:56 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014-07-05 11:17:56 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2014-07-05 11:17:54 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2014-07-05 11:17:54 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2014-07-05 11:17:54 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2014-07-05 11:17:54 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2014-07-05 11:17:54 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2014-07-05 11:17:53 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2014-07-05 11:17:47 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2014-07-05 11:17:47 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2014-07-05 11:17:47 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014-07-05 11:17:47 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014-07-05 11:17:45 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2014-07-05 11:17:43 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2014-07-05 11:17:43 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2014-07-05 11:17:43 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2014-07-05 11:17:43 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2014-07-05 11:17:43 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2014-07-05 11:17:43 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2014-07-05 11:17:43 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2014-07-05 11:17:42 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2014-07-05 11:17:42 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2014-07-05 11:17:42 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2014-07-05 11:17:42 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2014-07-05 11:17:42 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2014-07-05 11:17:42 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2014-07-05 11:17:39 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014-07-05 11:17:29 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014-07-05 11:17:29 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2014-07-05 11:17:29 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2014-07-05 11:17:12 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014-07-05 11:17:12 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2014-07-05 11:17:04 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014-07-05 11:17:04 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014-07-05 11:17:04 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014-07-05 11:17:03 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014-07-05 11:17:03 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014-07-05 11:17:00 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2014-07-05 11:16:59 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2014-07-05 11:16:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014-07-05 11:16:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014-07-05 11:16:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014-07-05 11:16:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014-07-05 11:16:26 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2014-07-05 11:16:26 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2014-07-05 11:16:18 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2014-07-05 11:15:08 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014-07-05 11:15:08 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014-07-05 11:15:08 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2014-07-05 11:15:08 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2014-07-05 11:15:08 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2014-07-05 11:15:05 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2014-07-05 11:15:05 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2014-07-05 11:15:05 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2014-07-05 11:15:05 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2014-07-05 11:15:05 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2014-07-05 11:15:05 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2014-07-05 11:15:05 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2014-07-05 11:15:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2014-07-05 11:15:04 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2014-07-05 11:15:04 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2014-07-05 11:15:04 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2014-07-05 11:15:04 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2014-07-05 11:15:03 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014-07-05 11:15:03 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014-07-05 11:15:03 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014-07-05 11:15:03 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014-07-05 11:15:03 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014-07-05 11:15:03 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014-07-05 11:15:03 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014-07-05 11:15:03 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014-07-05 11:15:03 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014-07-05 11:15:03 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014-07-05 11:15:03 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014-07-05 11:15:03 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014-07-05 11:15:03 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014-07-05 11:15:03 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014-07-05 11:15:03 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014-07-05 11:15:03 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014-07-05 11:15:02 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014-07-05 11:14:56 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014-07-05 11:14:56 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014-07-05 11:14:54 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014-07-05 11:14:54 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014-07-05 11:14:53 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2014-07-05 11:14:49 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2014-07-05 11:14:49 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2014-07-05 11:14:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2014-07-05 11:14:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2014-07-05 11:14:46 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2014-07-05 11:14:46 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2014-07-05 11:14:45 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014-07-05 11:14:45 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2014-07-05 11:14:44 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2014-07-05 11:14:44 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2014-07-05 11:14:44 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2014-07-05 11:14:44 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2014-07-05 11:14:43 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014-07-05 11:14:42 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2014-07-05 11:14:42 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2014-07-05 11:14:41 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2014-07-05 11:14:41 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2014-07-05 11:14:41 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2014-07-05 11:14:41 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2014-07-05 11:14:36 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014-07-05 11:14:36 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2014-07-05 11:14:34 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2014-07-05 11:14:34 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2014-07-05 11:14:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2014-07-05 11:14:16 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014-07-05 11:14:15 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2014-07-05 11:14:15 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2014-07-05 11:14:11 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014-07-05 11:14:10 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014-07-05 11:14:10 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014-07-05 11:14:09 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014-07-05 11:14:09 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014-07-05 11:14:09 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014-07-05 11:14:09 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014-07-05 11:14:08 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014-07-05 11:14:08 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014-07-05 11:14:08 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014-07-05 11:14:08 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014-07-05 11:14:08 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014-07-05 11:14:08 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014-07-05 11:14:08 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014-07-05 11:14:08 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014-07-05 11:14:08 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014-07-05 11:14:08 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014-07-05 11:14:07 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014-07-05 11:14:07 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014-07-05 11:14:07 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014-07-05 11:14:07 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014-07-05 11:14:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014-07-05 11:13:44 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2014-07-05 11:05:24 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2014-07-05 11:00:49 | 001,715,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014-07-05 11:00:49 | 001,291,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014-07-05 11:00:33 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014-07-05 11:00:33 | 000,034,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014-07-05 10:53:37 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2014-07-05 10:53:37 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2014-07-05 10:53:37 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2014-07-05 10:53:37 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2014-07-05 10:53:37 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2014-07-05 10:53:37 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2014-07-05 10:53:37 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2014-07-05 10:53:37 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2014-07-05 10:53:37 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2014-07-05 10:53:37 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2014-07-05 10:53:37 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2014-07-05 10:53:37 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2014-07-05 10:53:37 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2014-07-05 10:53:37 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2014-07-05 10:53:37 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2014-07-05 10:53:37 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2014-07-05 10:53:37 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2014-07-05 10:53:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2014-07-05 10:53:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2014-07-05 10:53:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2014-07-05 10:53:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2014-07-05 10:53:37 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2014-07-05 10:53:37 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2014-07-05 10:53:36 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2014-07-05 10:53:36 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2014-07-05 10:53:36 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2014-07-05 10:53:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2014-07-05 10:53:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2014-07-05 10:53:36 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2014-07-05 10:53:36 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2014-07-05 10:53:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2014-07-05 10:53:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2014-07-05 10:53:09 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2014-07-05 10:53:09 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2014-07-05 10:53:09 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2014-07-05 10:53:09 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2014-07-05 10:51:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014-07-05 10:50:37 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014-07-05 10:50:37 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2014-07-05 10:50:37 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2014-07-05 10:50:36 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2014-07-05 10:50:15 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014-07-05 10:49:34 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014-07-05 10:49:34 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014-07-05 10:49:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014-07-05 10:49:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014-07-05 10:48:54 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2014-07-05 10:48:54 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2014-07-05 10:48:47 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2014-07-05 10:48:47 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2014-07-05 10:48:47 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2014-07-05 10:48:47 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014-07-05 10:48:47 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2014-07-05 10:48:47 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2014-07-05 10:48:47 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2014-07-05 10:48:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2014-07-05 10:48:27 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2014-07-05 10:48:08 | 000,313,256 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014-07-05 10:48:06 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014-07-05 10:48:06 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014-07-05 10:48:06 | 000,111,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014-07-05 10:48:01 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014-07-05 10:47:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014-07-05 10:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014-07-05 10:47:24 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-07-05 10:47:22 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014-07-05 10:47:22 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014-07-05 10:47:22 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-07-05 10:47:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014-07-05 10:47:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014-07-05 10:47:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014-07-05 10:47:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014-07-05 10:47:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2014-07-05 10:47:12 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Macromedia
[2014-07-05 10:47:12 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Adobe
[2014-07-05 10:47:12 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Adobe
[2014-07-05 10:47:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014-07-05 10:46:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014-07-05 10:46:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014-07-05 10:42:59 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014-07-05 10:42:59 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2014-07-05 10:42:57 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014-07-05 10:42:55 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2014-07-05 10:42:07 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2014-07-05 10:42:07 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2014-07-05 10:42:02 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2014-07-05 10:42:02 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2014-07-05 10:41:48 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014-07-05 10:41:48 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014-07-05 10:41:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2014-07-05 10:41:47 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2014-07-05 10:41:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2014-07-05 10:41:46 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014-07-05 10:41:46 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014-07-05 10:41:46 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2014-07-05 10:41:46 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014-07-05 10:41:46 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2014-07-05 10:41:46 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014-07-05 10:41:46 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014-07-05 10:41:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014-07-05 10:41:46 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014-07-05 10:41:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014-07-05 10:41:46 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2014-07-05 10:41:46 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2014-07-05 10:41:46 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2014-07-05 10:41:46 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2014-07-05 10:41:46 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014-07-05 10:41:46 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2014-07-05 10:41:46 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2014-07-05 10:41:46 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2014-07-05 10:41:46 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2014-07-05 10:41:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2014-07-05 10:41:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2014-07-05 10:41:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2014-07-05 10:41:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2014-07-05 10:41:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2014-07-05 10:41:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2014-07-05 10:41:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2014-07-05 10:41:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2014-07-05 10:41:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2014-07-05 10:41:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2014-07-05 10:41:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014-07-05 10:41:34 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2014-07-05 10:41:34 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2014-07-05 10:41:31 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014-07-05 10:41:30 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2014-07-05 10:41:27 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2014-07-05 10:38:56 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\NVIDIA Corporation
[2014-07-05 10:36:01 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2014-07-05 10:36:01 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2014-07-05 10:36:00 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014-07-05 10:36:00 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014-07-05 10:35:59 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2014-07-05 10:35:59 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2014-07-05 10:35:45 | 001,279,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014-07-05 10:35:45 | 001,122,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014-07-05 10:35:16 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\NVIDIA
[2014-07-05 10:34:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014-07-05 10:34:44 | 000,037,320 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014-07-05 10:34:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014-07-05 10:33:28 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2014-07-05 10:33:20 | 006,769,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014-07-05 10:33:20 | 003,514,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014-07-05 10:33:20 | 002,560,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2014-07-05 10:33:20 | 000,387,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014-07-05 10:33:20 | 000,062,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014-07-05 10:32:34 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014-07-05 10:32:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014-07-05 10:32:02 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433217.dll
[2014-07-05 10:32:01 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433217.dll
[2014-07-05 10:31:30 | 014,434,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014-07-05 10:31:29 | 002,730,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014-07-05 10:31:26 | 003,109,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014-07-05 10:31:16 | 000,952,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2014-07-05 10:30:22 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2014-07-05 10:30:22 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2014-07-05 10:30:22 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2014-07-05 10:30:22 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2014-07-05 10:30:17 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2014-07-05 10:30:17 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2014-07-05 10:30:17 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2014-07-05 10:30:17 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2014-07-05 10:30:17 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2014-07-05 10:30:17 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2014-07-05 10:30:16 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2014-07-05 10:30:15 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014-07-05 10:30:15 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2014-07-05 10:30:14 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2014-07-05 10:30:14 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2014-07-05 10:30:13 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014-07-05 10:30:13 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014-07-05 10:29:56 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2014-07-05 10:29:56 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2014-07-05 10:29:53 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014-07-05 10:29:53 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014-07-05 10:29:53 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014-07-05 10:29:53 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014-07-05 10:29:52 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2014-07-05 10:29:51 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014-07-05 10:29:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014-07-05 10:29:14 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014-07-05 10:23:33 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2014-07-05 10:23:33 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2014-07-05 10:19:38 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2014-07-05 10:19:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2014-07-05 10:19:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2014-07-05 10:19:10 | 000,056,448 | R--- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\usbfilter.sys
[2014-07-05 10:19:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014-07-05 10:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2014-07-05 10:18:34 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2014-07-05 10:18:31 | 000,046,136 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdiox64.sys
[2014-07-05 10:18:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014-07-05 10:18:27 | 000,082,560 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_sata.sys
[2014-07-05 10:18:27 | 000,042,624 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_xata.sys
[2014-07-05 10:18:24 | 000,016,440 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\drivers\AtiPcie.sys
[2014-07-05 10:18:22 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2014-07-05 10:18:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2014-07-05 10:18:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2014-07-05 10:18:10 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014-07-05 10:18:06 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014-07-05 10:18:06 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014-07-05 10:18:05 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014-07-05 10:17:54 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014-07-05 10:17:54 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014-07-05 10:17:54 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014-07-05 10:17:48 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014-07-05 10:17:48 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014-07-05 10:17:27 | 002,080,120 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2014-07-05 10:17:23 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2014-07-05 10:17:23 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2014-07-05 10:17:22 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2014-07-05 10:17:21 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2014-07-05 10:17:13 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2014-07-05 10:17:10 | 000,110,744 | ---- | C] (Qualcomm Atheros Co., Ltd.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2014-07-05 10:17:05 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2014-07-05 10:17:04 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2014-07-05 10:17:02 | 000,881,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2014-07-05 10:16:58 | 003,671,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2014-07-05 10:16:55 | 002,743,440 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2014-07-05 10:16:52 | 001,269,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2014-07-05 10:16:50 | 001,561,744 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2014-07-05 10:16:44 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2014-07-05 10:16:43 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2014-07-05 10:16:43 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2014-07-05 10:16:43 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2014-07-05 10:16:41 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2014-07-05 10:16:41 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2014-07-05 10:16:41 | 000,116,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2014-07-05 10:16:34 | 002,028,920 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2014-07-05 10:16:33 | 000,869,752 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2014-07-05 10:16:32 | 000,897,152 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll
[2014-07-05 10:16:32 | 000,753,280 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll
[2014-07-05 10:16:32 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2014-07-05 10:16:32 | 000,083,072 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll
[2014-07-05 10:16:32 | 000,065,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBppld64.dll
[2014-07-05 10:16:32 | 000,060,504 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBPPCn64.dll
[2014-07-05 10:16:23 | 002,703,456 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2014-07-05 10:16:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2014-07-05 10:16:11 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2014-07-05 10:16:05 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2014-07-05 10:16:05 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2014-07-05 10:16:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2014-07-05 10:16:04 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014-07-05 10:15:57 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2014-07-05 10:15:49 | 001,706,640 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2014-07-05 10:15:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014-07-05 10:13:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014-07-05 10:12:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014-07-05 10:12:11 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014-07-05 10:12:08 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Google
[2014-07-05 10:12:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014-07-05 00:42:51 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014-07-04 23:54:40 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014-07-04 23:43:58 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014-07-04 23:43:26 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014-07-04 18:09:50 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Microsoft Games
[2014-07-04 17:56:00 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014-07-04 17:56:00 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Searches
[2014-07-04 17:56:00 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014-07-04 17:56:00 | 000,000,000 | -H-D | C] -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014-07-04 17:55:54 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Identities
[2014-07-04 17:55:52 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Contacts
[2014-07-04 17:55:50 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\VirtualStore
[2014-07-04 17:55:44 | 000,000,000 | --SD | C] -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Videos
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Saved Games
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Pictures
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Music
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Links
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Favorites
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Downloads
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Documents
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\Desktop
[2014-07-04 17:55:44 | 000,000,000 | R--D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Documents\Videoer
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\AppData\Local\Temporary Internet Files
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Skabeloner
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\SendTo
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Recent
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Printere
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\AppData\Local\Oversigt
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Documents\Musik
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Menuen Start
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Lokale indstillinger
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Dokumenter
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Cookies
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Documents\Billeder
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Application Data
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\AppData\Local\Application Data
[2014-07-04 17:55:44 | 000,000,000 | -HSD | C] -- C:\Users\Deca Gamer\Andre computere
[2014-07-04 17:55:44 | 000,000,000 | -H-D | C] -- C:\Users\Deca Gamer\AppData
[2014-07-04 17:55:44 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Temp
[2014-07-04 17:55:44 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Local\Microsoft
[2014-07-04 17:55:44 | 000,000,000 | ---D | C] -- C:\Users\Deca Gamer\AppData\Roaming\Media Center Programs
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Videoer
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Skrivebord
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Skabeloner
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\Programmer
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Musik
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menuen Start
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\Program Files\Fælles filer
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritter
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenter
[2014-07-04 17:55:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Billeder
 
========== Files - Modified Within 30 Days ==========
 
[2014-07-16 20:29:43 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-07-16 20:29:43 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-07-16 20:22:49 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014-07-16 20:22:32 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-07-16 20:22:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-07-16 20:22:09 | 3219,283,968 | -HS- | M] () -- C:\hiberfil.sys
[2014-07-16 20:06:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-07-16 20:00:40 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-07-15 14:34:38 | 000,001,540 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2014-07-14 00:38:33 | 000,000,896 | ---- | M] () -- C:\Users\Deca Gamer\Desktop\Sandboxed Web Browser.lnk
[2014-07-14 00:38:33 | 000,000,896 | ---- | M] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2014-07-14 00:07:46 | 000,092,888 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014-07-13 23:58:28 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-07-13 08:43:39 | 001,380,164 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-07-13 08:43:39 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-07-13 08:43:39 | 000,509,444 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2014-07-13 08:43:39 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-07-13 08:43:39 | 000,098,754 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2014-07-10 16:56:43 | 000,269,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014-07-08 03:10:14 | 459,987,213 | ---- | M] () -- C:\Users\Deca Gamer\Documents\honor capped.mp4
[2014-07-08 02:10:48 | 000,062,192 | ---- | M] () -- C:\Users\Deca Gamer\Documents\honor capped.veg
[2014-07-08 02:08:55 | 000,062,192 | ---- | M] () -- C:\Users\Deca Gamer\Documents\honor capped.veg.bak
[2014-07-08 01:21:57 | 000,002,472 | ---- | M] () -- C:\Users\Deca Gamer\Documents\Register Vegas Pro.htm
[2014-07-07 23:03:25 | 000,044,872 | ---- | M] () -- C:\Users\Deca Gamer\Documents\wpvp.veg
[2014-07-07 22:59:32 | 000,043,840 | ---- | M] () -- C:\Users\Deca Gamer\Documents\wpvp.veg.bak
[2014-07-07 01:26:11 | 001,354,514 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014-07-06 18:12:42 | 000,000,562 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk
[2014-07-06 14:36:01 | 000,001,133 | ---- | M] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\XSplit Broadcaster.lnk
[2014-07-06 14:34:28 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-07-06 14:34:28 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-07-06 00:32:03 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014-07-05 19:44:51 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014-07-05 19:44:48 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014-07-05 19:44:48 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014-07-05 19:44:48 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014-07-05 19:44:48 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014-07-05 19:44:48 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014-07-05 19:44:48 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014-07-05 19:44:48 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014-07-05 19:44:48 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014-07-05 19:44:48 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014-07-05 19:44:48 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014-07-05 19:44:48 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014-07-05 19:44:48 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014-07-05 19:44:48 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014-07-05 19:44:48 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014-07-05 19:44:48 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014-07-05 19:44:48 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014-07-05 19:44:48 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014-07-05 19:44:48 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014-07-05 19:44:48 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014-07-05 19:44:48 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014-07-05 19:44:48 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014-07-05 19:44:48 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014-07-05 19:44:48 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014-07-05 19:44:48 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014-07-05 19:44:48 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014-07-05 19:44:48 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014-07-05 19:44:48 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014-07-05 19:44:48 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014-07-05 19:44:48 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014-07-05 19:44:48 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014-07-05 19:44:48 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014-07-05 19:44:48 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014-07-05 19:44:48 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014-07-05 19:44:48 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014-07-05 19:44:48 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014-07-05 19:44:48 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014-07-05 19:44:48 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014-07-05 19:44:48 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014-07-05 19:44:48 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014-07-05 19:44:48 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014-07-05 19:44:48 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014-07-05 19:44:48 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014-07-05 19:44:48 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014-07-05 19:44:48 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014-07-05 19:44:48 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014-07-05 19:44:48 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014-07-05 19:43:47 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014-07-05 19:43:47 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014-07-05 19:43:47 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014-07-05 19:43:47 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014-07-05 19:43:47 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014-07-05 19:43:47 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014-07-05 19:43:47 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014-07-05 19:43:47 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014-07-05 19:43:47 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014-07-05 19:43:47 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014-07-05 19:43:47 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014-07-05 19:43:47 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014-07-05 19:43:47 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014-07-05 19:43:47 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014-07-05 19:43:47 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014-07-05 19:43:47 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014-07-05 19:43:47 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014-07-05 19:43:47 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014-07-05 19:43:47 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014-07-05 19:43:47 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014-07-05 19:43:47 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014-07-05 19:43:47 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014-07-05 19:43:47 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014-07-05 19:43:47 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014-07-05 19:43:47 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014-07-05 19:43:47 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014-07-05 19:43:47 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014-07-05 19:43:47 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014-07-05 19:43:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014-07-05 19:43:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014-07-05 19:43:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014-07-05 19:43:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014-07-05 19:43:47 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014-07-05 19:43:47 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014-07-05 15:54:03 | 001,065,984 | ---- | M] () -- C:\Users\Deca Gamer\AppData\Local\file__0.localstorage
[2014-07-05 15:53:10 | 000,002,121 | ---- | M] () -- C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
[2014-07-05 13:46:20 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2014-07-05 12:57:38 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2014-07-05 10:48:02 | 000,313,256 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014-07-05 10:48:02 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014-07-05 10:48:02 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014-07-05 10:48:02 | 000,111,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014-07-05 10:47:18 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-07-05 10:47:18 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014-07-05 10:47:18 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014-07-05 10:47:18 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-07-05 10:46:02 | 000,002,230 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-07-05 10:40:36 | 000,001,445 | ---- | M] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014-07-05 10:36:15 | 000,001,351 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014-07-05 10:12:18 | 000,002,243 | ---- | M] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014-07-05 10:05:09 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2014-07-04 23:46:46 | 000,180,233 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014-07-04 23:46:46 | 000,180,233 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014-06-30 04:09:33 | 000,519,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014-06-30 04:04:49 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014-06-19 03:06:24 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014-06-19 02:42:57 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014-06-19 02:42:49 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014-06-19 02:41:52 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014-06-19 02:41:16 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014-06-19 02:31:24 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014-06-19 02:26:41 | 000,598,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014-06-19 02:24:30 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014-06-19 02:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014-06-19 02:23:53 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014-06-19 02:14:28 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014-06-19 02:09:47 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014-06-19 01:59:04 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014-06-19 01:53:27 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014-06-19 01:51:38 | 005,721,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014-06-19 01:50:47 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014-06-19 01:48:44 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014-06-19 01:39:30 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014-06-19 01:37:23 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014-06-19 01:36:35 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014-06-19 01:35:55 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014-06-19 01:33:07 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014-06-19 01:28:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014-06-19 01:27:45 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014-06-19 01:27:07 | 002,040,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014-06-19 01:25:38 | 000,442,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014-06-19 01:23:27 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014-06-19 01:22:40 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014-06-19 01:06:10 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014-06-19 01:01:50 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014-06-19 00:59:37 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014-06-19 00:46:23 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014-06-19 00:45:59 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014-06-19 00:15:24 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014-06-19 00:07:42 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014-06-18 04:18:30 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014-06-18 03:51:32 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
 
========== Files Created - No Company Name ==========
 
[2014-07-14 00:39:33 | 000,000,896 | ---- | C] () -- C:\Users\Deca Gamer\Desktop\Sandboxed Web Browser.lnk
[2014-07-14 00:39:33 | 000,000,896 | ---- | C] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2014-07-14 00:39:30 | 000,001,540 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2014-07-14 00:38:06 | 000,001,553 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
[2014-07-13 23:58:28 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-07-08 02:13:34 | 459,987,213 | ---- | C] () -- C:\Users\Deca Gamer\Documents\honor capped.mp4
[2014-07-08 01:51:31 | 000,062,192 | ---- | C] () -- C:\Users\Deca Gamer\Documents\honor capped.veg.bak
[2014-07-08 01:51:31 | 000,062,192 | ---- | C] () -- C:\Users\Deca Gamer\Documents\honor capped.veg
[2014-07-08 01:20:52 | 000,002,472 | ---- | C] () -- C:\Users\Deca Gamer\Documents\Register Vegas Pro.htm
[2014-07-07 22:58:28 | 000,044,872 | ---- | C] () -- C:\Users\Deca Gamer\Documents\wpvp.veg
[2014-07-07 22:58:28 | 000,043,840 | ---- | C] () -- C:\Users\Deca Gamer\Documents\wpvp.veg.bak
[2014-07-06 18:12:42 | 000,000,562 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk
[2014-07-06 14:36:01 | 000,001,133 | ---- | C] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\XSplit Broadcaster.lnk
[2014-07-06 14:34:30 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-07-06 00:32:03 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014-07-05 19:44:48 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014-07-05 19:44:48 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014-07-05 15:53:15 | 001,065,984 | ---- | C] () -- C:\Users\Deca Gamer\AppData\Local\file__0.localstorage
[2014-07-05 15:53:10 | 000,002,121 | ---- | C] () -- C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
[2014-07-05 13:46:20 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2014-07-05 12:57:38 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2014-07-05 12:40:22 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2014-07-05 11:17:55 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014-07-05 11:14:43 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014-07-05 10:51:32 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014-07-05 10:46:02 | 000,002,230 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-07-05 10:40:36 | 000,001,445 | ---- | C] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014-07-05 10:36:15 | 000,001,351 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014-07-05 10:33:20 | 003,774,821 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2014-07-05 10:32:02 | 000,026,069 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014-07-05 10:19:38 | 000,031,272 | ---- | C] () -- C:\Windows\SysNative\AppleChargerSrv.exe
[2014-07-05 10:19:38 | 000,022,680 | ---- | C] () -- C:\Windows\SysNative\drivers\AppleCharger.sys
[2014-07-05 10:16:41 | 000,369,117 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014-07-05 10:15:27 | 001,354,514 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014-07-05 10:12:18 | 000,002,243 | ---- | C] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014-07-05 10:12:11 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-07-05 10:12:10 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-07-05 10:05:09 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2014-07-04 23:46:31 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014-07-04 23:46:27 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014-07-04 23:43:26 | 3219,283,968 | -HS- | C] () -- C:\hiberfil.sys
[2014-07-04 17:56:02 | 000,001,421 | ---- | C] () -- C:\Users\Deca Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014-07-04 17:55:44 | 000,000,290 | ---- | C] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014-07-04 17:55:44 | 000,000,272 | ---- | C] () -- C:\Users\Deca Gamer\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013-03-01 03:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
 
========== ZeroAccess Check ==========
 
[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-03-25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-03-25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
< End of report >
 

  • 0

#8
23red

23red

    Trusted Helper

  • Malware Removal
  • 1,797 posts

Hello Detected xsmile.png.pagespeed.ic.CwSpBGGvqN.png

 

Excellent work xthumbsup.gif.pagespeed.ic.7aXFW0A4z_.pn Ok, now let's check for what we cannot see, just in case:

 

 

Step 1

 

ADWCleaner

 

1.  Download AdwCleaner from this link to your Desktop. 

 

2.  Right click xadwcleanericon.jpg.pagespeed.ic.9YULSdu on your Desktop, choose Run as Administrator.

 

3.  Accept UAC prompt.

 

4.  Accept AdwCleaner's Terms of Use.  And the AdwCleaner window opens:

 

xnewAdwCleanerwindow.jpg.pagespeed.ic.t_

 

5.  Click on the xnewAdwCleanerScanbutton.jpg.pagespeed.i <~ Scan button and wait for the scan to finish.

 

6.  After the Scan has finished the window may or may not show what it found and above the progress bar you will see Pending..... Please uncheck elements you don't want to remove. Please

check to be sure no good items accidentally got picked up.

 

7.  Once that is complete, click the xacwcleanerCleanbutton.jpg.pagespeed.ic. <~ Clean button

 

8.  Once it has finished Cleaning, click the xnewadwcleanerreportbutton.jpg.pagespeed <~ Report button to get the log.

 

9.  Copy and Paste it into your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[R0].txt.

 

 

 

Step 2

 

Junkware Removal Tool

 

•   Please download Junkware Removal Tool  <~ from this link to your Desktop.

 

•  Shut down your protection software now to avoid potential conflicts.

 

•  Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

 

•  The tool will open and start scanning your system.

 

•  Please be patient as this can take a while to complete depending on your system's specifications.

 

•  On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

 

•  Post the contents of JRT.txt into your next post.

 

 

 

Step 3

 

SecurityCheck by Screen317:

 

Please also download Security Check by screen317. <~ from this link.

•Save it to your Desktop.

 

•Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.

 

•A Notepad document should open automatically called checkup.txt; please also post the contents of that document.

 

NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED!  Try rebooting the system and then run SecurityCheck again.

 

When you return please post:

 

1.  AdwCleaner[R0].txt.
2.  JRT.txt
3.  checkup.txt

 

 

Thank you xsmile.png.pagespeed.ic.CwSpBGGvqN.png


  • 0

#9
Detected

Detected

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

Hello and thanks for your help. I was talking to my mother about this yesterday, and she was 100% sure that no1 could help me online, instead she chose to take my computer to the local it security shop thingy, and had them look at it, they cleaned everything and didnt find anything. they promised that my computer was 100% clean of virus.

I want to thank you for spending all your time helping me, i really appreciate it, keep it up :-)


  • 0

#10
23red

23red

    Trusted Helper

  • Malware Removal
  • 1,797 posts

Hi Detected :)
You are very welcome ~ anytime :)  Yes, there really are places that help folks for free just because it's the right thing to do ~ and it is fun to help :D  This is definately one of those places ;)  And it's nice to be appreciated, thank you :D
 Mom's rule!  If she is more comfortable paying for help, that is perfectly fine.   It did look pretty clear already. I was double checking.  As long as you are happy :)
A few things before you go:

 

1.
There does appear to be no Antivirus installed.  It's crucial for your computer to have an Antivirus.  Please go here and choose one and install it on your computer.  Avast and Microsoft Security Essentials are each easy and light.  And free :yes:  Just one is needed more is not.  They'll clash and you'll have no protection ultimately.

 

 

2.
  I'd like to remove the tools before you go please.  If you need assistance later, you can get fresh tools as they are updated often.  This will also clean up your System Restore so you have  clean restore points not accidentally 'restore' junk ;)  In addition will also create a registry backup in case it is needed.
 

Download and run Delfix

delfix.JPG
 

 

 

*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*

 

A few tips and some information that maybe helpful for you:

 

3.
Windows Updates

 

• It is critical to have both a firewall and an anti virus to protect your system and to keep them updated, and to keep your operating system up to date make sure Windows Updates are kept current:

A major essential is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help your computer from becoming vunerable. It is best if you have these set to download automatically.
If they are not already or if you need to check:

 

1. Open Windows Update by clicking the Start Orb. In the search box, type Update, and then, in the list of results, click Windows Update.

 

2. In the left pane, click Change settings.

 

3. Under Important updates, choose the option that you want. Recommended setting: Install updates automatically

 

4. Under Recommended updates, select the Give me recommended updates the same way I receive important updates check box, and then click OK. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.

 

*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*

 

4.
Program Updates

 

• Keep Installed Programs Up to Date

It's important to keep all other programs on your computer updated because they can also have security vulnerabilities exploited by the malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications to fix vulnerabilities, this can be done manually by using the Update feature included in most programs or you can use the following program to help you with this:

 

FileHippo Update Checker

 

 

*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*

 

5.

Go here for information about CryptoLocker Ransomeware. Learning about what is out there may help prevent infection. The main thing with this infection here ~ is Backup. If you're using an external, keep it unplugged to the computer when you're not backing up files or using it. This will prevent the infection from getting to your backed up files if you ever do come across it.

 

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

 

 

 

*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*

 

When installing\updating ANY program, make sure you always select Custom installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

 

*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*

 

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Miekiemoes.

 

 


  • 0

#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP