Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

rkill keeps finding grpconv [Solved]

Started by saratogasteve , Sep 09 2014 02:06 AM

rootkit malware grpconv insidious

This topic is locked

#1
saratogasteve

Posted 09 September 2014 - 02:06 AM

New Member

Member
8 posts

Have had this same rootkit virus for a month now. I have been a p2p person in recent past. I have programs on multiple drives. I am unsure where the virus is. Internet sites start popping up with strange looking ads, then some websites begin having trouble loading, them some programs have trouble loading. rkill seems to curb the problem briefly, and I am able to use the internet. rkill generally comes back with syswow64\grpconv.exe as a process that it terminates. I have attached the OTL.txt file requested in the FAQ. I am tired of trying to figure this puzzle out and will greatly appreciate any assistance. Thanks in advance.

Attached Files

OTL.Txt 307.12KB 350 downloads

#2
BrianDrab

Posted 11 September 2014 - 06:40 AM

Trusted Helper

Malware Removal
3,591 posts

When you ran the OTL tool, there should have been an Extras.txt in the same directory as the tool. Can you post the contents of this file as well? Please post the contents of this instead of attaching as it's easier to analyze.

Thanks.

#3
saratogasteve

Posted 11 September 2014 - 09:39 PM

New Member

Topic Starter
Member
8 posts

Thanks for any help. OTL Extras.txt below

OTL Extras logfile created on: 9/9/2014 3:50:09 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Senor BadAss\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.95 Gb Total Physical Memory | 13.47 Gb Available Physical Memory | 84.47% Memory free
31.90 Gb Paging File | 28.38 Gb Available in Paging File | 88.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 30.89 Gb Free Space | 25.93% Space Free | Partition Type: NTFS
Drive D: | 1397.16 Gb Total Space | 446.33 Gb Free Space | 31.95% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 534.53 Gb Free Space | 57.38% Space Free | Partition Type: NTFS
Drive F: | 314.46 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 100.00 Mb Total Space | 70.35 Mb Free Space | 70.35% Space Free | Partition Type: NTFS

Computer Name: SENORBADASS-PC | User Name: Senor BadAss | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01685FAB-2C76-4461-A0D3-F4824932748E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{0DC0538D-22CC-4A43-9622-7F05CBF00A6A}" = lport=5357 | protocol=6 | dir=in | name=ws-eventing tcp port 5357 |
"{101F6151-980D-4743-99DD-CE159A71CE98}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{107B811E-B553-4FCA-9536-B478010CDCA7}" = rport=138 | protocol=17 | dir=out | app=system |
"{12697653-336B-4816-A7F5-BC47D2D4049D}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{1DCB3DC0-1B00-4291-A690-4C3A2CA3997A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{204A6AA5-9247-4962-B215-AE31E13E695F}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\wdexpress.exe |
"{214FB029-3894-4467-9D5A-A46CD8323298}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{2A111800-0A03-4184-8870-5E18C501CCDE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2B3179C0-4536-4731-8B87-D74B010D26DD}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{3733C92E-EC05-4014-B40F-9E9C9CEC76FE}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{3AEC513F-B412-40F0-B657-FC725167FBD4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{45E40DFE-8F8F-4DAD-8C05-5E609E15992A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4BA8D8FE-6809-4D27-AC0B-1BC5E50FCB2D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{51F66EA3-9EE3-4325-BA7E-82C8FE757DFA}" = rport=137 | protocol=17 | dir=out | app=system |
"{6100343A-1142-4AB1-8189-7C57F3BBB626}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{740197B5-9B91-43DC-9448-5F2FAA99E4ED}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{749E4E68-5A9D-4310-B9DB-2C57114EA704}" = rport=139 | protocol=6 | dir=out | app=system |
"{7AA98E36-2D9D-431B-970A-20EFEFAC5C39}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{7AB8A74F-8F07-419F-ACFC-4498ED2E68B8}" = lport=138 | protocol=17 | dir=in | app=system |
"{7C177F25-1CDD-45AB-9546-25D8ECEE6D38}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{8193A909-AA2C-4855-AB2B-590095767258}" = lport=139 | protocol=6 | dir=in | app=system |
"{8C1C3703-E06E-47A6-9E46-5E64680CA835}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8C4C9F01-E6ED-4EE4-A861-ED9D6069E637}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{8C6DD438-7D20-471A-B7F7-F772EBC1BF19}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8D495CD9-8999-47E1-9FD4-E3827DC44934}" = lport=445 | protocol=6 | dir=in | app=system |
"{8EE53228-67B7-4914-B14B-3A8E2EDDE914}" = rport=10243 | protocol=6 | dir=out | app=system |
"{91B46EBF-2E80-47F7-8B62-70DE1D608599}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{99982C45-23E8-4D48-B59B-65083A051144}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9BB4CEAC-C225-4770-B649-DF8FE5292B4E}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{A85C8925-6F5D-4A82-9422-45EF52EC4172}" = rport=445 | protocol=6 | dir=out | app=system |
"{A9A668B3-7133-42C4-865A-6F906395F607}" = lport=5432 | protocol=6 | dir=in | name=postgres |
"{B8A744A2-B4A6-46E1-84DE-5301D35FFB30}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C331311B-2823-45E6-8185-B230BF69F466}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C8A59E0E-8E2D-40C3-9065-A5B852D51944}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{DC5FA52D-2EA4-4A63-8CD3-CE3CF4B3D717}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E1D85F95-A94D-4241-9D4E-529F491D7599}" = lport=137 | protocol=17 | dir=in | app=system |
"{E7D9CD4E-5B6C-4799-BAA5-19D8824CA721}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F999BC84-123D-41E5-9EAF-2B8213411581}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05DBD8F8-B68D-46E6-BDE9-5434301337A5}" = dir=in | app=%programfiles%\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe |
"{19D07A21-F8AE-46CF-9A45-75D1A5C743A8}" = dir=in | app=%programfiles% (x86)\soundspectrum\g-force\g-force standalone.exe |
"{24310495-F783-411F-A084-73198978FBE0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{279099E3-6295-4DA4-ACF4-F5A6EEE339B8}" = protocol=1 | dir=in | [email protected],-28543 |
"{334C9626-6FAB-488D-A741-025B4D4FFB34}" = dir=in | app=%programfiles%\adobe\adobe bridge cs6 (64 bit)\bridge.exe |
"{35AEFD00-A027-441C-980E-C5651E99AF70}" = dir=out | app=%programfiles% (x86)\adobe\adobe fireworks cs6\fireworks.exe |
"{35FDFD05-2A77-45CB-913E-D189D786F220}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{37E3F20F-DE20-4516-B208-CC46191BDD72}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{380EF835-4FBC-4AAA-833D-E1A08ACAB5AF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{47E7F2E4-65A0-4C2C-A984-2F95D96A1023}" = dir=out | app=%programfiles%\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe |
"{49AD4FE5-E495-4266-B3EF-40FFB6736291}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4DA3135C-FE3A-4327-9163-37CEA0209ED3}" = protocol=6 | dir=in | app=c:\program files\hexchat\hexchat.exe |
"{504F4A6F-8606-420D-97A4-993F0BE36D10}" = protocol=1 | dir=out | [email protected],-28544 |
"{5260BFDC-33FF-4DD1-A3CA-6DD1226708CD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5379D4F0-EC10-459E-B2FF-C6FD21BCEAAA}" = dir=in | app=c:\program files\hp\hp officejet pro 8610\bin\devicesetup.exe |
"{59369411-19FD-4041-A68A-4F5582BBA508}" = dir=out | app=%programfiles% (x86)\adobe\adobe flash cs6\flash.exe |
"{6139F920-28CF-42C2-88F3-A92660C1E375}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{63722777-5A39-4A7A-9DC0-700C7D803868}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6798055C-5E0B-4115-ACB7-BA97CAFF45AF}" = dir=out | app=%programfiles%\adobe\adobe illustrator cs6 (64 bit)\support files\contents\windows\illustrator.exe |
"{72065031-1BF3-4F91-B949-0DE7443A32EA}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe |
"{72251963-1378-4154-BEBD-15F6C01152C8}" = dir=in | app=c:\program files\hp\hp officejet pro 8610\bin\faxapplications.exe |
"{736C4249-34FC-454F-89E2-3FA80EB2BF68}" = dir=in | app=c:\program files\hp\hp officejet pro 8610\bin\digitalwizards.exe |
"{75F7ED18-0511-4362-A6A1-FD4D619DE3ED}" = protocol=17 | dir=in | app=c:\program files\hexchat\hexchat.exe |
"{7A68885F-C44E-43FC-B56B-A0F81928A5E5}" = dir=out | app=%programfiles% (x86)\soundspectrum\g-force\g-force screen saver.exe |
"{7A781F6C-4F22-42EC-BC25-3287F991A8B8}" = dir=in | app=%programfiles% (x86)\adobe\adobe flash cs6\flash.exe |
"{7AEDFDA1-EF0B-4745-AC16-EE4067AEECA8}" = dir=out | app=%programfiles% (x86)\adobe\adobe illustrator cs6\support files\contents\windows\illustrator.exe |
"{7B0CA09B-E132-4AA1-8B28-59AA97CB5C57}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\x64\maconfservice.exe |
"{7E66523C-E346-42FE-9476-C98D74316BE0}" = dir=in | app=%programfiles% (x86)\adobe\adobe flash builder 4.6\flashbuilder.exe |
"{801DBE9D-8D98-4844-B72B-3BDA734AF2DC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{805CF57C-7C29-4012-A3C1-63DC7EB13214}" = dir=in | app=%programfiles% (x86)\soundspectrum\g-force\g-force screen saver.exe |
"{81B4A1C5-5383-4BFF-A96A-F90FBA828C7C}" = dir=out | app=%programfiles% (x86)\adobe\adobe dreamweaver cs6\dreamweaver.exe |
"{855EECE6-848C-41F4-968B-AF45B5CCBD48}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{867F4559-0F94-4C5F-805D-18B5C77CD238}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{89EAB2DD-ABB2-46C7-BCEC-67FF20149FE1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8C6D6CB0-5ED0-4713-AAC5-702F276B6169}" = dir=in | app=c:\program files\hp\hp officejet pro 8610\bin\sendafax.exe |
"{8EF94C4D-EE3C-4801-8DE5-714239FDEA53}" = protocol=6 | dir=in | app=c:\program files (x86)\bitlord 2\bitlord files\bitlord.exe |
"{947AB381-FC9A-4B8E-B4B2-8AD70CC38FDE}" = dir=in | app=%programfiles% (x86)\adobe\adobe dreamweaver cs6\dreamweaver.exe |
"{9B15F693-7BE6-4C83-ACC0-C481A95321E0}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{9CD09840-B549-4F75-9EEB-6BE3B543DAE8}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\x64\maconfservice.exe |
"{A4D660B9-F04F-4C2E-A7C3-88B9F53B66EC}" = dir=out | app=%programfiles% (x86)\adobe\adobe photoshop cs6\photoshop.exe |
"{ABF01636-2F0B-4E94-A56E-7BA576A8633C}" = protocol=6 | dir=out | app=system |
"{AD29B28E-7AA3-4C13-8BCB-E7373F378ED2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{AF4AE69A-970E-423A-BC81-27A1EA6D36DD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{B27FF543-EAF1-45B6-8986-A51A18550C6C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B898C53B-71DE-4492-A9BD-BC2CE15796A0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B8B4E785-9232-4B9A-8B01-74C63AC2AA26}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{BBEDF4F5-4F6A-45C8-8D0A-C661EA6EDC40}" = dir=in | app=c:\program files\hp\hp officejet pro 8610\bin\hpnetworkcommunicatorcom.exe |
"{BD31A22B-FEA0-4E39-9676-1156E6B8AD73}" = dir=in | app=%programfiles% (x86)\adobe\adobe photoshop cs6\photoshop.exe |
"{C9486EB6-5220-481C-82F7-39C7ADEA2D5C}" = dir=out | app=%programfiles% (x86)\adobe\adobe flash builder 4.6\flashbuilder.exe |
"{CA4FBA7B-F959-46B2-ACC2-2C6D06146C56}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CD061D91-3E07-4C2A-94F0-3149EBD0B6A2}" = dir=out | app=%programfiles% (x86)\soundspectrum\g-force\g-force standalone.exe |
"{D606BCF0-90F3-4E56-8869-4C6C0687392D}" = protocol=58 | dir=in | [email protected],-28545 |
"{DEAB01B9-A1B6-416D-A6AE-C86EF4DA0047}" = dir=out | app=%programfiles%\adobe\adobe bridge cs6 (64 bit)\bridge.exe |
"{EDCD7292-4A83-4825-A5AB-9D9F93710B5C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{EEA677F1-C048-45A7-BEA7-FEA8AC885BCC}" = protocol=58 | dir=out | [email protected],-28546 |
"{F10F74AA-0DF1-4194-B732-0B7ACB5FB7F2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F56F164C-BF20-43BC-A4EE-6E12CA066EC9}" = dir=in | app=%programfiles% (x86)\adobe\acrobat 10.0\acrobat\acrobat.exe |
"{F870DF9B-DED2-4B7F-8AD8-5AEF481C2510}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F936AA1A-019D-4E9D-B31F-4BB48EE6C739}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FA6EDA03-B77F-415D-A82A-B73AD6DA00FF}" = protocol=17 | dir=in | app=c:\program files (x86)\bitlord 2\bitlord files\bitlord.exe |
"{FBAC5762-0D59-46D3-90EC-0B06A6503F01}" = dir=in | app=%programfiles% (x86)\adobe\adobe fireworks cs6\fireworks.exe |
"TCP Query User{6D0D83BF-46DD-4AD9-ADAF-FEFDCBDD8796}C:\program files\hexchat\hexchat.exe" = protocol=6 | dir=in | app=c:\program files\hexchat\hexchat.exe |
"TCP Query User{9F9D8AB6-B90A-43CB-8500-3E2087BA55FA}C:\program files (x86)\soundspectrum\g-force\g-force standalone.exe" = protocol=6 | dir=in | app=c:\program files (x86)\soundspectrum\g-force\g-force standalone.exe |
"TCP Query User{E37493F8-C5FE-44CF-BE19-A6D716132D7A}E:\programmation\qtchat\release\qtchat.exe" = protocol=6 | dir=in | app=e:\programmation\qtchat\release\qtchat.exe |
"TCP Query User{E4714ADC-D31E-483B-BED7-EE134571BD0A}C:\program files (x86)\valve\portal 2\portal2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\valve\portal 2\portal2.exe |
"TCP Query User{EF3EEB48-71AB-4072-A058-D61E81BF2358}E:\games\fifa 14 ultimate edition\fifa 14\game\fifa14.exe" = protocol=6 | dir=in | app=e:\games\fifa 14 ultimate edition\fifa 14\game\fifa14.exe |
"UDP Query User{04870D66-C8F2-469A-BBEE-DB139BBAEF25}C:\program files (x86)\valve\portal 2\portal2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\valve\portal 2\portal2.exe |
"UDP Query User{35CE3A0D-04E0-4137-BD84-AA59DAD8ACD3}C:\program files\hexchat\hexchat.exe" = protocol=17 | dir=in | app=c:\program files\hexchat\hexchat.exe |
"UDP Query User{44823339-CF28-4006-8630-458A16074A94}E:\programmation\qtchat\release\qtchat.exe" = protocol=17 | dir=in | app=e:\programmation\qtchat\release\qtchat.exe |
"UDP Query User{5B8AD8A2-0E17-4B82-A3C1-3CE5CC9E5DC2}E:\games\fifa 14 ultimate edition\fifa 14\game\fifa14.exe" = protocol=17 | dir=in | app=e:\games\fifa 14 ultimate edition\fifa 14\game\fifa14.exe |
"UDP Query User{B29C1204-894B-4FB4-9A0A-3E5707971A78}C:\program files (x86)\soundspectrum\g-force\g-force standalone.exe" = protocol=17 | dir=in | app=c:\program files (x86)\soundspectrum\g-force\g-force standalone.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1A57F90C-DAC0-44A5-8726-46C008DE69C8}" = Product Improvement Study for HP Officejet Pro 8610
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{3082CB96-66E8-456D-8326-118A4F5DC0C6}" = HP Officejet Pro 8610 Basic Device Software
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{522D6D76-B109-4C83-BA3C-D26D08391EBC}" = Nitro Pro 8
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.9
"{B79DA7A6-18A4-4147-9B49-A1AD9CB613FA}" = Nuance PDF Converter Enterprise 7
"{BFAE8D5B-F918-486F-B74E-90762DF11C5C}" = Microsoft Security Client
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"9968-4488-2169-7623" = thinkorswim
"ASRock App Charger_is1" = ASRock App Charger v1.0.5
"ASRock XFast RAM_is1" = ASRock XFast RAM v1.0.3
"Microsoft Security Client" = Microsoft Security Essentials
"Reimage Repair" = Reimage Repair
"WinRAR archiver" = WinRAR 4.11 (64-bit)
"XFast LAN" = XFast LAN v6.61

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{27614800-84A9-484E-9CCB-43ED2F1205F5}" = Chessmaster Grandmaster Edition
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{3AF095EF-23B3-4C6A-BBA1-4C1EB663DAF8}" = TI USB3 Host Driver
"{3F5C2BF3-D8B6-4205-A2AD-BCB0A1E360A4}" = Microsoft Expression Encoder 4
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64C12304-7010-43F3-A25B-BDC38DE41E46}" = Microsoft Expression Encoder 4 Screen Capture Codec
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}" = Intel® Rapid Storage Technology enterprise
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A56C6348-59D0-433B-A48A-75914858664E}" = Snagit 11
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{AFB907F5-C0E6-4753-8284-DE955EF86AC2}" = THX TruStudio
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B79DA7A6-18A4-4147-9B49-A1AD9CB613FA}" = Nuance PDF Converter Enterprise 7
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9569D00-4576-46C8-B6C7-207A4FD39745}" = HP Officejet Pro 8610 Help
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.29
"BitLord" = BitLord 2.3
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"Encoder_4.0.4276.0" = Microsoft Expression Encoder 4
"F-Stream Tuning_is1" = F-Stream Tuning v0.1.73.13
"Google Chrome" = Google Chrome
"HoldemManager2" = Holdem Manager 2
"InstallShield_{27614800-84A9-484E-9CCB-43ED2F1205F5}" = Chessmaster Grandmaster Edition
"InstallShield_{3AF095EF-23B3-4C6A-BBA1-4C1EB663DAF8}" = TI USB 3.0 Host Controller Driver
"MagniDriver" = marvell 91xx driver
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Mozilla Firefox 32.0 (x86 en-US)" = Mozilla Firefox 32.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PostgreSQL 8.4" = PostgreSQL 8.4
"PowerISO" = PowerISO
"Uplay" = Uplay
"VLC media player" = VLC media player
"XFastUSB" = XFastUSB

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CarbonPoker" = CarbonPoker

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/8/2014 8:03:05 PM | Computer Name = SenorBadAss-PC | Source = PostgreSQL | ID = 0
Description = 2014-09-08 20:03:05 EDTERROR: relation "readsettings" does not exist
at character 29 2014-09-08 20:03:05 EDTSTATEMENT: SELECT databaseversion FROM readsettings

Error - 9/8/2014 8:03:05 PM | Computer Name = SenorBadAss-PC | Source = PostgreSQL | ID = 0
Description = 2014-09-08 20:03:05 EDTERROR: relation "notecaddy_metrics" already
exists 2014-09-08 20:03:05 EDTSTATEMENT: CREATE TABLE notecaddy_metrics(data text);INSERT
INTO notecaddy_metrics VALUES('')

Error - 9/8/2014 8:06:51 PM | Computer Name = SenorBadAss-PC | Source = PostgreSQL | ID = 0
Description =

Error - 9/8/2014 8:16:30 PM | Computer Name = SenorBadAss-PC | Source = MsiInstaller | ID = 11309
Description =

Error - 9/8/2014 8:26:12 PM | Computer Name = SenorBadAss-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 11.0.9600.17239 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel.    Process ID: 1870    Start
Time: 01cfcbc49f40e788    Termination Time: 0    Application Path: C:\Program Files\Internet
Explorer\iexplore.exe    Report Id: e4ba94ef-37b7-11e4-918c-bc5ff4369ffe

Error - 9/8/2014 8:30:01 PM | Computer Name = SenorBadAss-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/8/2014 9:00:53 PM | Computer Name = SenorBadAss-PC | Source = Application Error | ID = 1000
Description = Faulting application name: vv7f8b9o.exe, version: 2.1.19357.0, time
stamp: 0x52e7ea83 Faulting module name: vv7f8b9o.exe, version: 2.1.19357.0, time
stamp: 0x52e7ea83 Exception code: 0xc0000005 Fault offset: 0x000011aa Faulting process
id: 0x15f4 Faulting application start time: 0x01cfcbc97ebd29a8 Faulting application
path: C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet
Files\Content.IE5\E5O9CCVP\vv7f8b9o.exe Faulting module path: C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\E5O9CCVP\vv7f8b9o.exe Report Id: becc9b70-37bc-11e4-8282-bc5ff4369ffe

Error - 9/8/2014 9:01:04 PM | Computer Name = SenorBadAss-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/8/2014 9:05:35 PM | Computer Name = SenorBadAss-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/9/2014 12:58:33 AM | Computer Name = SenorBadAss-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 9/8/2014 11:29:36 PM | Computer Name = SenorBadAss-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error:   %%1068

Error - 9/8/2014 11:29:39 PM | Computer Name = SenorBadAss-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error:   %%1068

Error - 9/8/2014 11:42:37 PM | Computer Name = SenorBadAss-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error:   %%1068

Error - 9/9/2014 12:48:07 AM | Computer Name = SenorBadAss-PC | Source = DCOM | ID = 10005
Description =

Error - 9/9/2014 12:48:07 AM | Computer Name = SenorBadAss-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error:   %%1068

Error - 9/9/2014 12:53:07 AM | Computer Name = SenorBadAss-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error:   %%1068

Error - 9/9/2014 12:53:46 AM | Computer Name = SenorBadAss-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error:   %%1068

Error - 9/9/2014 12:55:56 AM | Computer Name = SenorBadAss-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error:   %%1068

Error - 9/9/2014 12:55:56 AM | Computer Name = SenorBadAss-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error:   %%1068

Error - 9/9/2014 1:50:36 AM | Computer Name = SenorBadAss-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = The platform firmware has corrupted memory across the previous system
power transition. Please check for updated firmware for your system.

< End of report >

#4
BrianDrab

Posted 12 September 2014 - 07:17 AM

Trusted Helper

Malware Removal
3,591 posts

The good news is that it doesn't appear that you are infected but we will verify. You don't need to be concerned with Rkill killing that one process. It's a valid windows process and Rkill is just doing its job which is to kill processes so that you may run other tools. It's not an indicator of infection in this case.

Step#1 - Warnings

1. The Dangers of P2P Programs
IMPORTANT: I noticed that you have a P2P (Peer to Peer) file sharing program on your computer. I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more than likely infected with trojans, malware, rootkits, etc.
You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.
Here are some information sources about the dangers of P2P programs:
FBI - Peer to Peer Scams
USA Today Artticle on P2P Programs
File Sharing Infects 500,000 Computers
I very much recommend you uninstall this program from your machine. If not, you will likely be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.
It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.
Please uninstall the following Peer-to-Peer program(s): BitLord 2.3
To uninstall on Windows 7, you can:

Click your Start Orb in the lower left corner of your computer and select Control Panel.
Select Uninstall a program from the Programs Category.
Locate the program(s) in the list and click Uninstall.

Step#2 - Uninstalls

Please uninstall the following programs one at a time. Instructions for doing so are here.
If any of the programs give you an error during the uninstall, notate it and move on to the next one. Just let me know which ones had issues. If you are asked to reboot, answer No until all the programs have been uninstalled and then you can reboot.

ph
bl

Step#3 - OTL Fix
1. Right click on OTL.exe and choose Run as administrator.
2. Copy all the code below and paste it into the Custom Scans/Fixes section at the very bottom of the OTL program. Do NOT include the word Quote.

:Commands
[CreateRestorePoint]

:OTL
O4 - HKLM..\Run: [] File not found

:Commands
[EmptyTemp]

3. Click the Run Fix button. OTL will ask to reboot the machine. Please do so when asked.
4. After the reboot a log file should open. Copy/Paste the contents of the log that opens and post in your next reply. If for some reason the log file does not appear then you can
    open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder,
    and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Step#4 - Adware Scan

1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-Click on AdwCleaner.exe and select Run as administrator to run the tool. Click Yes if asked to allow the program from an unknown publisher.
4. Click I Agree on the Terms of Use screen.
5. Click on Scan.
6. After the scan is complete click on "Clean"
7. Confirm each time with Ok on the messages that follow.
8. Your computer will be rebooted automatically. A text file will open after the restart.
9. Please post the content of that logfile with your next answer.
10. You can find the logfile at C:\AdwCleaner[S0].txt as well.

Step#5 - FRST Scan

1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
    Note: You need to run the 64-bit Version so please ensure you download that one.
2. Right click to run as administrator. When the tool opens click Yes to disclaimer.
3. Note: Please ensure that the Addition.txt check box is checked at the bottom of the form within the Optional Scan section.
4. Press Scan button.
5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
6. Please copy and paste log back here.
7. The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe). Please also paste that along with the FRST.txt into your reply.



Items for your next post
1. OTL Fix Log
2. AdwCleaner log
3. FRST and Addition logs

#5
saratogasteve

Posted 12 September 2014 - 11:37 AM

New Member

Topic Starter
Member
8 posts

OTL Fix Log

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
Error: Unable to interpret < :OTL> in the current context!
Error: Unable to interpret < O4 - HKLM..\Run: [] File not found> in the current context!
Error: Unable to interpret < :Commands> in the current context!

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 2843 bytes

User: postgres.SenorBadAss-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Senor BadAss
->Temp folder emptied: 153337997 bytes
->Temporary Internet Files folder emptied: 772775421 bytes
->FireFox cache emptied: 4485473 bytes
->Google Chrome cache emptied: 225619329 bytes
->Flash cache emptied: 505 bytes

%systemdrive% .tmp files removed: 351560 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19581758 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 16996581041 bytes

Total Files Cleaned = 17,331.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 09122014_131127

Files\Folders moved on Reboot...
C:\Users\Senor BadAss\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZXN67PQK\0[3].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZXN67PQK\Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw[1].woff moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZXN67PQK\notificationdetail[2].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZXN67PQK\rs=AItRSTNPgnrFqP6x0LUHJbKUxQOLhAbZfQ[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZXN67PQK\zrt_lookup[3].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZFEX7IKP\0[2].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZFEX7IKP\8DKCYM1T.htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZFEX7IKP\grlryt2bdKIyfMSOhzd1eA[1].woff moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZFEX7IKP\t2tv6[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VW99LFXV\comments[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VW99LFXV\fastbutton[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VW99LFXV\like[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VW99LFXV\push[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIEP1Y88\ads[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIEP1Y88\ads[2].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIEP1Y88\chat_message_52df20dbc4522c398abba5d0b6377131[1].dat moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIEP1Y88\postmessageRelay[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OD6U2WKD\frame[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OD6U2WKD\placement_cookie[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N03S6JPR\proxy[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JHTVE570\aclk[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JHTVE570\hovercard[2].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IFYONN03\0W5UJY76.htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IFYONN03\icons.e1c5b060b42c5edc74b8f38eda714713[1].eot moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FVQ48Q2N\cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw[1].woff moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FVQ48Q2N\k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM[1].woff moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FVQ48Q2N\PRmiXeptR36kaC0GEAetxjqR_3kx9_hJXbbyU8S6IN0[1].woff moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FVQ48Q2N\tweet_button.1409790579[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FVQ48Q2N\xjAJXh38I15wypJXxuGMBobN6UDyHWBl620a-IRfuBk[1].woff moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EIXU81TL\343002-rkill-keeps-finding-grpconv[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EIXU81TL\storageframe[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EIXU81TL\uninstall-a-program-in-windows[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\A44UQ54V\bst2tv3[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\A44UQ54V\dn[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5DS7YTJY\postmessageRelay[2].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5DS7YTJY\proxy[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5DS7YTJY\push[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5DS7YTJY\recentposts[1].htm moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

AdwCleaner Log

# AdwCleaner v3.310 - Report created 12/09/2014 at 13:24:26
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Senor BadAss - SENORBADASS-PC
# Running from : C:\Users\Senor BadAss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H3Q7K1HX\adwcleaner_3.310.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280

-\\ Mozilla Firefox v32.0 (x86 en-US)

[ File : C:\Users\Senor BadAss\AppData\Roaming\Mozilla\Firefox\Profiles\v4as1h2c.default\prefs.js ]

-\\ Google Chrome v37.0.2062.120

*************************

AdwCleaner[R0].txt - [6696 octets] - [03/09/2014 00:22:59]
AdwCleaner[R1].txt - [995 octets] - [10/09/2014 00:03:54]
AdwCleaner[R2].txt - [1191 octets] - [12/09/2014 13:23:38]
AdwCleaner[S0].txt - [6749 octets] - [03/09/2014 00:24:02]
AdwCleaner[S1].txt - [1055 octets] - [10/09/2014 01:51:45]
AdwCleaner[S2].txt - [1113 octets] - [12/09/2014 13:24:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1173 octets] ##########

#6
saratogasteve

Posted 12 September 2014 - 11:38 AM

New Member

Topic Starter
Member
8 posts

FRST Log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by Senor BadAss (administrator) on SENORBADASS-PC on 12-09-2014 13:27:29
Running from C:\Users\Senor BadAss\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12881512 2011-09-27] (Realtek Semiconductor)
HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe [286720 2011-10-12] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [4934880 2014-09-04] (FNet Co., Ltd.)
HKLM-x32\...\Run: [THX TruStudio NB Settings] => C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Startup: C:\Users\Senor BadAss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8610.lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8610.lnk -> C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD1C7CD52C9CBCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {54D2329F-1F80-4391-A5EF-B17E1483763A} URL = http://www.google.co...&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112

FireFox:
========
FF ProfilePath: C:\Users\Senor BadAss\AppData\Roaming\Mozilla\Firefox\Profiles\v4as1h2c.default
FF Homepage: user_pref("browser.startup.homepage", "about:home"about:home);
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll (TD Ameritrade)
FF Plugin HKCU: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll (TD Ameritrade)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-09-07]
FF Extension: No Name - C:\Users\Senor BadAss\AppData\Roaming\Mozilla\Firefox\Profiles\v4as1h2c.default\extensions\[email protected] [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Senor BadAss\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S4 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
S4 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe [7168 2011-10-12] (Intel Corporation) [File not signed]
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S4 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S4 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe [135016 2012-02-17] (Nuance Communications, Inc.)
S4 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]
S3 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 AsrHidFilter; C:\Windows\System32\DRIVERS\AsrHidFilter.sys [17928 2011-02-17] (ASRock Inc.)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [22312 2011-10-14] (ASRock Inc.)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2014-09-05] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2014-09-04] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [23832 2011-10-12] (Intel Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-27] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [33512 2014-09-09] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\SENORB~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 13:26 - 2014-09-12 13:26 - 00000000 ____D () C:\Users\Senor BadAss\Desktop\FRST-OlderVersion
2014-09-12 13:25 - 2014-09-12 13:25 - 00001253 _____ () C:\Users\Senor BadAss\Desktop\AdwCleaner_B.txt
2014-09-12 13:22 - 2014-09-12 13:22 - 00015838 _____ () C:\Users\Senor BadAss\Desktop\OTL_B.txt
2014-09-12 13:11 - 2014-09-12 13:11 - 00000000 ____D () C:\_OTL
2014-09-12 02:48 - 2014-08-19 14:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 02:48 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 02:48 - 2014-08-18 19:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 02:48 - 2014-08-18 18:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 02:48 - 2014-08-18 18:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 02:48 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 02:48 - 2014-08-18 18:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 02:48 - 2014-08-18 18:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 02:48 - 2014-08-18 18:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 02:48 - 2014-08-18 18:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 02:48 - 2014-08-18 18:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 02:48 - 2014-08-18 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 02:48 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 02:48 - 2014-08-18 18:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 02:48 - 2014-08-18 18:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 02:48 - 2014-08-18 18:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-12 02:48 - 2014-08-18 18:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 02:48 - 2014-08-18 18:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 02:48 - 2014-08-18 18:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 02:48 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 02:48 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 02:48 - 2014-08-18 17:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 02:48 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 02:48 - 2014-08-18 17:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 02:48 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 02:48 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 02:48 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 02:48 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 02:48 - 2014-08-18 17:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 02:48 - 2014-08-18 17:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 02:48 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 02:48 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 02:48 - 2014-08-18 17:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 02:48 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-12 02:48 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 02:48 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 02:48 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 02:48 - 2014-08-18 17:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 02:48 - 2014-08-18 17:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 02:48 - 2014-08-18 17:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 02:48 - 2014-08-18 17:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-12 02:48 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 02:48 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 02:48 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 02:48 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 02:48 - 2014-08-18 17:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 02:48 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 02:48 - 2014-08-18 17:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 02:48 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 02:48 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 02:48 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-12 02:48 - 2014-08-18 16:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 02:48 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 02:48 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 02:48 - 2014-08-18 16:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 02:48 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 02:43 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-12 02:43 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 01:00 - 2014-09-12 01:00 - 00000218 _____ () C:\Users\Senor BadAss\AppData\Local\recently-used.xbel
2014-09-11 23:33 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 23:33 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 23:33 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 23:32 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 23:32 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-11 23:32 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 23:32 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 23:32 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 23:32 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 23:32 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 23:32 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-09 16:05 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-09 03:53 - 2014-09-09 04:03 - 00314490 _____ () C:\Users\Senor BadAss\Desktop\OTL.Txt
2014-09-09 03:53 - 2014-09-09 03:53 - 00076432 _____ () C:\Users\Senor BadAss\Desktop\Extras.Txt
2014-09-09 03:49 - 2014-09-09 03:49 - 00602112 _____ (OldTimer Tools) C:\Users\Senor BadAss\Desktop\OTL.exe
2014-09-09 03:41 - 2014-09-09 03:41 - 00001481 _____ () C:\Users\Senor BadAss\Desktop\fixlist.txt
2014-09-09 03:40 - 2014-09-09 03:40 - 01016261 _____ (Thisisu) C:\Users\Senor BadAss\Desktop\JRT.exe
2014-09-09 03:19 - 2014-09-12 13:27 - 00013960 _____ () C:\Users\Senor BadAss\Desktop\FRST.txt
2014-09-09 03:19 - 2014-09-09 03:19 - 00040535 _____ () C:\Users\Senor BadAss\Desktop\Addition.txt
2014-09-09 03:18 - 2014-09-12 13:27 - 00000000 ____D () C:\FRST
2014-09-09 03:18 - 2014-09-09 03:18 - 00002485 _____ () C:\Users\Senor BadAss\Desktop\aswMBR.txt
2014-09-09 03:18 - 2014-09-09 03:18 - 00000512 _____ () C:\Users\Senor BadAss\Desktop\MBR.dat
2014-09-09 03:10 - 2014-09-12 13:26 - 02105856 _____ (Farbar) C:\Users\Senor BadAss\Desktop\FRST64.exe
2014-09-09 03:05 - 2014-09-09 03:05 - 05185536 _____ (AVAST Software) C:\Users\Senor BadAss\Desktop\aswMBR.exe
2014-09-08 21:05 - 2014-07-10 12:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Senor BadAss\Desktop\TDSSKiller.exe
2014-09-08 21:02 - 2014-09-08 21:02 - 04161313 _____ () C:\Users\Senor BadAss\Desktop\tdsskiller.zip
2014-09-08 21:02 - 2014-09-08 21:02 - 00000000 ____D () C:\Users\Senor BadAss\Desktop\tdsskiller
2014-09-08 21:01 - 2014-09-08 21:01 - 00370943 _____ () C:\Users\Senor BadAss\Desktop\gmer.zip
2014-09-08 21:01 - 2014-01-28 18:36 - 00380416 _____ () C:\Users\Senor BadAss\Desktop\remg.exe
2014-09-08 20:41 - 2014-09-08 20:41 - 00000000 ____D () C:\SUPERDelete
2014-09-08 20:19 - 2014-09-08 20:19 - 00003474 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2014-09-08 20:16 - 2014-09-08 20:16 - 00004300 _____ () C:\Windows\System32\Tasks\ReimageUpdater
2014-09-08 20:16 - 2014-09-08 20:16 - 00001901 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2014-09-08 20:16 - 2014-09-08 20:16 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-09-08 20:16 - 2014-09-08 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2014-09-08 20:15 - 2014-09-08 20:40 - 00000156 _____ () C:\Windows\Reimage.ini
2014-09-08 20:15 - 2014-09-08 20:20 - 00000000 ____D () C:\rei
2014-09-08 20:06 - 2014-09-08 20:06 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Hold'em_Manager
2014-09-08 20:04 - 2014-09-08 20:05 - 04736760 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_oem.exe
2014-09-08 19:50 - 2014-09-08 20:28 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-08 19:49 - 2014-09-08 19:49 - 00699016 _____ (CNET Download.com) C:\Users\Senor BadAss\Desktop\cbsidlm-cbsi213-GMER-ORG-10720107.exe
2014-09-08 19:31 - 2014-09-08 21:08 - 00001961 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-09-08 19:31 - 2014-09-08 19:32 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-08 19:31 - 2014-09-08 19:31 - 19231376 _____ (SUPERAntiSpyware) C:\Users\Senor BadAss\Desktop\SUPERAntiSpyware.exe
2014-09-08 19:31 - 2014-09-08 19:31 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\SUPERAntiSpyware.com
2014-09-08 19:31 - 2014-09-08 19:31 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-09-08 19:31 - 2014-09-08 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-08 19:10 - 2014-09-08 19:10 - 00000000 ____D () C:\HM2Archive
2014-09-08 19:09 - 2014-09-08 19:09 - 00018471 _____ () C:\Users\Senor BadAss\Desktop\install.log
2014-09-08 19:09 - 2014-09-08 19:09 - 00001088 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2014-09-08 19:09 - 2014-09-08 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Holdem Manager 2
2014-09-08 19:08 - 2014-09-08 19:09 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2014-09-08 18:58 - 2014-09-08 20:58 - 00000000 ____D () C:\Users\postgres.SenorBadAss-PC
2014-09-08 18:58 - 2014-09-08 18:58 - 00000020 ___SH () C:\Users\postgres.SenorBadAss-PC\ntuser.ini
2014-09-08 18:58 - 2014-09-07 22:59 - 00000000 ____D () C:\Users\postgres.SenorBadAss-PC\AppData\Roaming\Macromedia
2014-09-08 18:58 - 2009-07-14 00:54 - 00000000 ___RD () C:\Users\postgres.SenorBadAss-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-08 18:58 - 2009-07-14 00:49 - 00000000 ___RD () C:\Users\postgres.SenorBadAss-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-08 18:57 - 2014-09-08 18:58 - 00000000 ____D () C:\postgreSQL
2014-09-08 18:56 - 2014-09-08 19:09 - 00000000 ____D () C:\Program Files (x86)\PSQLINSTALL
2014-09-08 18:49 - 2014-09-08 18:49 - 04857944 _____ () C:\Users\Senor BadAss\Desktop\RogueKiller.exe
2014-09-08 18:47 - 2014-09-09 23:59 - 00033512 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
2014-09-08 18:47 - 2014-09-08 18:47 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-09-08 18:36 - 2014-09-08 18:36 - 00022633 _____ () C:\ComboFix.txt
2014-09-08 18:32 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-08 18:32 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-08 18:32 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-08 18:32 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-08 18:32 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-08 18:32 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-08 18:32 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-08 18:32 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-08 18:31 - 2014-09-08 18:36 - 00000000 ____D () C:\Qoobox
2014-09-08 18:30 - 2014-09-08 18:35 - 00000000 ____D () C:\Windows\erdnt
2014-09-08 03:57 - 2014-09-08 21:28 - 00005196 _____ () C:\Users\Senor BadAss\Desktop\Rkill.txt
2014-09-08 00:26 - 2014-09-08 00:27 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Ubisoft Game Launcher
2014-09-08 00:26 - 2014-09-08 00:26 - 00001201 _____ () C:\Users\Senor BadAss\Desktop\Uplay.lnk
2014-09-08 00:26 - 2014-09-08 00:26 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-09-08 00:26 - 2014-09-08 00:26 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-09-07 23:21 - 2014-09-07 23:21 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-09-07 23:21 - 2014-09-07 23:21 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-09-07 23:21 - 2014-09-07 23:21 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2014-09-07 23:21 - 2014-09-07 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-09-07 23:09 - 2014-09-07 23:09 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-07 23:09 - 2014-09-07 23:09 - 00000000 ____D () C:\ProgramData\ALM
2014-09-07 23:05 - 2014-09-07 23:05 - 00000000 ____D () C:\Users\Senor BadAss\Adobe Flash Builder 4.6
2014-09-07 23:01 - 2014-09-07 23:01 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
2014-09-07 22:59 - 2014-09-07 22:59 - 00000997 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-09-07 22:59 - 2014-09-07 22:59 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-09-07 22:59 - 2014-09-07 22:59 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-09-07 22:57 - 2014-09-07 23:21 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-07 22:56 - 2014-09-07 23:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-09-07 22:56 - 2014-09-07 22:56 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-09-07 22:55 - 2014-09-07 23:14 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-07 22:55 - 2014-09-07 23:14 - 00000000 ____D () C:\Program Files\Adobe
2014-09-07 17:53 - 2014-09-07 17:53 - 00002200 _____ () C:\Users\Public\Desktop\HP Officejet Pro 8610.lnk
2014-09-07 17:53 - 2014-09-07 17:53 - 00001152 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Officejet Pro 8610.lnk
2014-09-07 17:53 - 2014-09-07 17:53 - 00000000 ____D () C:\Program Files\HP
2014-09-07 17:53 - 2014-09-07 17:53 - 00000000 ____D () C:\Program Files (x86)\HP
2014-09-07 17:53 - 2013-09-11 08:07 - 00762400 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM7112.dll
2014-09-07 05:08 - 2014-09-07 05:08 - 00000000 ____D () C:\ProgramData\Origin
2014-09-07 01:08 - 2014-09-07 01:08 - 00016806 ____H () C:\Users\Senor BadAss\Desktop\~WRL0003.tmp
2014-09-06 23:56 - 2014-09-09 16:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-06 23:56 - 2014-09-06 23:56 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-06 23:56 - 2014-09-06 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-06 23:56 - 2014-09-06 23:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-06 23:56 - 2014-09-06 23:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-06 23:56 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-06 23:56 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-06 23:56 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-06 23:28 - 2014-09-06 23:28 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\DarkSoulsII
2014-09-06 23:28 - 2014-09-06 23:28 - 00000000 ____D () C:\ProgramData\Steam
2014-09-06 20:59 - 2014-09-06 23:25 - 00000000 ____D () C:\Users\Senor BadAss\Desktop\20140906
2014-09-06 20:59 - 2014-09-06 20:59 - 00000000 ____D () C:\Users\Senor BadAss\Desktop\20140903
2014-09-06 20:48 - 2014-09-06 20:48 - 00323118 _____ () C:\Users\Senor BadAss\Desktop\udbrky.xml
2014-09-06 20:14 - 2014-09-06 20:14 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\HEM Data
2014-09-06 20:12 - 2014-09-09 20:13 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\HoldemManager
2014-09-06 20:11 - 2014-09-08 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.4
2014-09-06 20:11 - 2014-09-08 18:32 - 00000000 ____D () C:\Users\postgres
2014-09-06 20:11 - 2014-09-04 13:33 - 00000000 ____D () C:\Users\postgres\AppData\Roaming\Macromedia
2014-09-06 20:10 - 2014-09-08 18:56 - 00000000 ____D () C:\PostgreSQL-prev-2014-02-Sep-11-37-46
2014-09-05 23:11 - 2014-09-05 23:11 - 00000000 ____D () C:\Temp
2014-09-05 23:10 - 2014-09-05 23:17 - 00000000 ____D () C:\Users\Senor BadAss\Documents\3DMark
2014-09-05 23:10 - 2014-09-05 23:10 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Futuremark
2014-09-05 23:08 - 2014-09-06 23:48 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-05 22:57 - 2013-09-27 19:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-05 22:57 - 2013-09-27 19:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-05 22:56 - 2013-06-16 08:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-09-05 22:56 - 2013-06-16 08:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-09-05 22:56 - 2013-01-29 04:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2014-09-05 22:55 - 2013-10-23 06:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2014-09-05 22:55 - 2013-10-23 06:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-09-05 22:54 - 2013-10-23 06:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-09-05 22:54 - 2013-10-23 06:30 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-09-05 20:34 - 2014-09-05 20:34 - 00032320 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS
2014-09-05 20:28 - 2014-09-08 00:40 - 00000000 ____D () C:\Windows\Minidump
2014-09-05 16:56 - 2014-09-05 16:56 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-09-05 03:59 - 2014-09-05 03:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01007.Wdf
2014-09-05 03:57 - 2014-09-06 05:31 - 00000000 ____D () C:\Users\Senor BadAss\Documents\FIFA 14
2014-09-05 03:57 - 2014-09-05 03:57 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-05 03:35 - 2014-09-05 03:35 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-09-05 01:27 - 2014-09-05 01:27 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Desktop Gaming
2014-09-04 19:36 - 2014-09-05 00:30 - 00000000 ____D () C:\Users\Senor BadAss\Desktop\SENORBADASS-PC 9-4-2014 7.33.38 PM
2014-09-04 19:34 - 2014-09-04 19:34 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\IsolatedStorage
2014-09-04 19:33 - 2014-09-04 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-09-04 19:33 - 2014-09-04 19:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Expression
2014-09-04 17:48 - 2014-09-04 17:48 - 00001744 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Story 3 for Windows.lnk
2014-09-04 17:48 - 2014-09-04 17:48 - 00000000 ____D () C:\Program Files (x86)\Photo Story 3 for Windows
2014-09-04 17:44 - 2014-09-06 21:34 - 00001456 _____ () C:\Users\Senor BadAss\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-09-04 17:38 - 2014-09-04 17:39 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\SoundSpectrum
2014-09-04 17:34 - 2014-09-07 00:48 - 00000000 ____D () C:\Program Files (x86)\SoundSpectrum
2014-09-04 17:01 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-09-04 17:01 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-09-04 17:01 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-09-04 17:01 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-09-04 17:01 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-09-04 17:01 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-09-04 17:01 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-09-04 17:01 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-09-04 17:01 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-09-04 17:01 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-09-04 17:01 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-09-04 17:01 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-09-04 17:01 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-09-04 17:01 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-09-04 17:01 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-09-04 17:01 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-09-04 17:01 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-09-04 17:01 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-09-04 17:01 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-09-04 17:01 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-09-04 17:01 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-09-04 17:01 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-09-04 17:01 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-09-04 17:01 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-09-04 17:01 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-09-04 17:01 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-09-04 17:01 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-09-04 17:01 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-09-04 17:01 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-09-04 17:01 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-09-04 17:01 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-09-04 17:01 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-09-04 17:01 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-09-04 17:01 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-09-04 17:01 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-09-04 17:01 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-09-04 17:01 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-09-04 17:01 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-09-04 17:01 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-09-04 17:01 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-09-04 17:01 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-09-04 17:01 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-09-04 17:01 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-09-04 17:01 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-09-04 17:00 - 2014-09-04 17:01 - 00148946 _____ () C:\Windows\DirectX.log
2014-09-04 17:00 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-09-04 17:00 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-09-04 17:00 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-09-04 17:00 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-09-04 17:00 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-09-04 17:00 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-09-04 17:00 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-09-04 17:00 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-09-04 16:44 - 2014-09-08 20:02 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\eclipse
2014-09-04 16:40 - 2014-09-09 20:38 - 00000000 ____D () C:\Program Files (x86)\CarbonPoker
2014-09-04 16:40 - 2014-09-04 16:44 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\CarbonPoker
2014-09-04 16:40 - 2014-09-04 16:40 - 00001906 _____ () C:\Users\Senor BadAss\Desktop\CarbonPoker.lnk
2014-09-04 16:40 - 2014-09-04 16:40 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CarbonPoker
2014-09-04 16:34 - 2014-09-04 16:44 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Mozilla
2014-09-04 16:34 - 2014-09-04 16:34 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-04 16:34 - 2014-09-04 16:34 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-04 16:34 - 2014-09-04 16:34 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Mozilla
2014-09-04 16:34 - 2014-09-04 16:34 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-04 16:34 - 2014-09-04 16:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-04 16:34 - 2014-09-04 16:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-04 16:33 - 2014-09-04 16:32 - 00284224 _____ (Mozilla) C:\Users\Senor BadAss\Downloads\Firefox_Setup_Stub_30.0.exe
2014-09-04 16:29 - 2014-09-04 16:29 - 00002212 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-09-04 16:29 - 2014-09-04 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-09-04 16:28 - 2014-09-12 13:25 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-04 16:28 - 2014-09-12 12:33 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-04 16:28 - 2014-09-10 20:34 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-04 16:28 - 2014-09-04 16:29 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-04 16:28 - 2014-09-04 16:28 - 00003906 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-04 16:28 - 2014-09-04 16:28 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-04 16:28 - 2014-09-04 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-04 16:27 - 2014-09-04 16:29 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Google
2014-09-04 16:27 - 2014-09-04 16:27 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Deployment
2014-09-04 16:27 - 2014-09-04 16:27 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Apps\2.0
2014-09-04 16:17 - 2014-09-05 18:21 - 00000000 ____D () C:\Program Files\thinkorswim
2014-09-04 16:17 - 2014-09-05 17:51 - 00000000 ____D () C:\Users\Senor BadAss\.thinkorswim
2014-09-04 16:17 - 2014-09-04 16:17 - 00001891 _____ () C:\Users\Public\Desktop\thinkorswim.lnk
2014-09-04 16:17 - 2014-09-04 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\thinkorswim
2014-09-04 14:56 - 2014-09-07 19:33 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\BitLord
2014-09-04 14:56 - 2014-09-04 14:56 - 00002023 _____ () C:\Users\Senor BadAss\Desktop\BitLord.lnk
2014-09-04 14:56 - 2014-09-04 14:56 - 00000000 ____D () C:\Users\Senor BadAss\Documents\BitLord
2014-09-04 14:56 - 2014-09-04 14:56 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Python-Eggs
2014-09-04 14:56 - 2014-09-04 14:56 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
2014-09-04 14:55 - 2014-09-04 14:56 - 00000000 ____D () C:\Program Files (x86)\BitLord 2
2014-09-04 14:18 - 2014-09-12 13:07 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\vlc
2014-09-04 14:18 - 2014-09-04 14:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G-Force
2014-09-04 14:17 - 2014-09-04 14:17 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-04 14:17 - 2014-09-04 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-04 14:17 - 2014-09-04 14:17 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-04 14:16 - 2014-09-04 14:16 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\TechSmith
2014-09-04 14:16 - 2014-09-04 14:16 - 00000000 ____D () C:\ProgramData\TechSmith
2014-09-04 14:16 - 2014-09-04 14:16 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2014-09-04 14:16 - 2014-09-04 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-09-04 14:16 - 2014-09-04 14:16 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-09-04 14:12 - 2014-09-04 14:12 - 00002531 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 8.lnk
2014-09-04 14:12 - 2014-09-04 14:12 - 00001962 _____ () C:\Users\Public\Desktop\Nitro Pro 8.lnk
2014-09-04 14:12 - 2014-09-04 14:12 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Nitro
2014-09-04 14:12 - 2014-09-04 14:12 - 00000000 ____D () C:\ProgramData\Nitro
2014-09-04 14:12 - 2014-09-04 14:12 - 00000000 ____D () C:\Program Files\Common Files\Nitro
2014-09-04 14:12 - 2014-09-04 14:12 - 00000000 ____D () C:\Program Files (x86)\Nitro
2014-09-04 14:12 - 2012-12-13 11:47 - 00029704 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon2.dll
2014-09-04 14:12 - 2012-12-13 11:47 - 00017928 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui2.dll
2014-09-04 14:11 - 2014-09-04 14:11 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Downloaded Installations
2014-09-04 14:10 - 2014-09-09 14:24 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Zeon
2014-09-04 14:10 - 2014-09-08 20:59 - 00000000 ____D () C:\Windows\PIXTRAN
2014-09-04 14:10 - 2014-09-04 15:33 - 00000000 ____D () C:\ProgramData\Nuance
2014-09-04 14:10 - 2014-09-04 14:10 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Nuance
2014-09-04 14:10 - 2014-09-04 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PDF Converter Enterprise 7
2014-09-04 14:09 - 2014-09-04 14:09 - 00000000 ____D () C:\ProgramData\Zeon
2014-09-04 14:09 - 2014-09-04 14:09 - 00000000 ____D () C:\Program Files (x86)\Nuance
2014-09-04 14:06 - 2014-09-04 14:07 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\NVIDIA
2014-09-04 13:35 - 2014-09-04 13:35 - 00000000 ____D () C:\Program Files (x86)\My Company Name
2014-09-04 13:35 - 2011-11-03 03:01 - 00056208 ____N (Rovi Corporation) C:\Windows\system32\Drivers\PxHlpa64.sys
2014-09-04 13:35 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys
2014-09-04 13:35 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
2014-09-04 13:26 - 2014-09-07 23:13 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Adobe
2014-09-04 12:55 - 2014-09-04 12:55 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\WinRAR
2014-09-04 12:55 - 2014-09-04 12:55 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-04 12:55 - 2014-09-04 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-04 12:55 - 2014-09-04 12:55 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-04 12:26 - 2014-09-04 12:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2014-09-04 12:26 - 2014-09-04 12:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-04 12:26 - 2014-09-04 12:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-09-04 12:25 - 2014-09-04 12:25 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-09-04 12:25 - 2014-09-04 12:25 - 00000000 ____D () C:\Windows\PCHEALTH
2014-09-04 12:25 - 2014-09-04 12:25 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-04 12:25 - 2014-09-04 12:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-09-04 12:25 - 2014-09-04 12:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2014-09-04 12:25 - 2014-09-04 12:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-09-04 12:24 - 2014-09-04 12:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-04 12:24 - 2014-09-04 12:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-09-04 12:22 - 2014-09-12 02:48 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-04 12:22 - 2014-09-04 12:22 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Microsoft Help
2014-09-04 05:03 - 2012-02-11 02:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-09-04 05:03 - 2012-02-11 02:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-09-04 05:03 - 2011-02-25 02:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-04 05:03 - 2011-02-25 01:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-04 04:14 - 2011-03-11 02:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-09-04 04:14 - 2011-03-11 02:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-09-04 04:14 - 2011-03-11 02:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-09-04 04:14 - 2011-03-11 02:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-09-04 04:14 - 2011-03-11 02:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-09-04 04:14 - 2011-03-11 02:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-09-04 04:14 - 2011-03-11 02:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-09-04 04:14 - 2011-03-11 01:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-09-04 04:14 - 2011-03-11 01:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-09-04 04:14 - 2011-03-11 00:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-09-04 03:57 - 2013-05-10 01:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-09-04 03:57 - 2013-05-10 01:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-09-04 03:57 - 2013-05-10 00:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-09-04 03:57 - 2013-05-10 00:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-09-04 03:48 - 2014-09-04 00:03 - 00000000 ____D () C:\Windows\Panther
2014-09-04 03:45 - 2013-10-23 04:20 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-09-04 03:23 - 2014-09-12 02:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-04 03:23 - 2014-09-12 02:44 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-04 03:07 - 2012-07-25 23:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-09-04 03:07 - 2012-07-25 23:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-09-04 03:07 - 2012-07-25 23:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-09-04 03:07 - 2012-07-25 23:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-09-04 03:07 - 2012-07-25 23:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-09-04 03:07 - 2012-07-25 22:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-09-04 03:07 - 2012-07-25 22:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-09-04 03:07 - 2012-06-02 10:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-09-04 03:01 - 2012-03-01 02:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-09-04 03:01 - 2012-03-01 02:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-09-04 03:01 - 2012-03-01 01:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-09-04 02:58 - 2014-09-04 02:58 - 00000000 __SHD () C:\Users\Senor BadAss\AppData\Local\EmieUserList
2014-09-04 02:58 - 2014-09-04 02:58 - 00000000 __SHD () C:\Users\Senor BadAss\AppData\Local\EmieSiteList
2014-09-04 02:57 - 2014-09-04 02:57 - 00001007 _____ () C:\Users\Public\Desktop\PowerISO.lnk
2014-09-04 02:57 - 2014-09-04 02:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-09-04 02:57 - 2014-09-04 02:57 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2014-09-04 02:57 - 2011-06-15 04:30 - 00093240 _____ (PowerISO Computing, Inc.) C:\Windows\system32\Drivers\scdemu.sys
2014-09-04 02:56 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-04 02:56 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-09-04 02:56 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-04 02:56 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-04 02:56 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-04 02:56 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-04 02:56 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-09-04 02:56 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-09-04 02:55 - 2014-09-12 02:43 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-04 02:55 - 2013-11-26 04:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-09-04 02:55 - 2013-11-23 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-09-04 02:55 - 2013-11-23 13:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-09-04 02:55 - 2013-11-22 18:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-09-04 02:55 - 2013-04-09 19:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-09-04 02:55 - 2013-04-02 18:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-09-04 02:54 - 2014-09-08 21:00 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\CrashDumps
2014-09-04 02:54 - 2014-09-04 02:54 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\NVIDIA Corporation
2014-09-04 02:52 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-09-04 02:52 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-09-04 02:51 - 2014-09-05 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-04 02:51 - 2014-09-05 03:04 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\NVIDIA
2014-09-04 02:51 - 2014-09-04 02:51 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-09-04 02:51 - 2014-09-04 02:51 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-09-04 02:51 - 2014-02-05 05:31 - 01048152 ____R (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-09-04 02:51 - 2014-02-05 05:30 - 01179576 ____R (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-09-04 02:51 - 2011-07-08 22:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-09-04 02:51 - 2011-04-26 22:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-09-04 02:51 - 2011-04-26 22:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-04 02:51 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-09-04 02:51 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-09-04 02:51 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-09-04 02:51 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-09-04 02:51 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-09-04 02:51 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-09-04 02:50 - 2014-09-09 16:07 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-04 02:50 - 2014-09-04 02:50 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-09-04 02:50 - 2014-09-04 02:50 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-09-04 02:50 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-04 02:50 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-09-04 02:50 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-04 02:50 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-09-04 02:50 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-09-04 02:50 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-09-04 02:50 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-09-04 02:50 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-09-04 02:50 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-09-04 02:50 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-09-04 02:50 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-09-04 02:50 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-09-04 02:50 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-09-04 02:50 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-09-04 02:50 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-09-04 02:50 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-09-04 02:50 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-09-04 02:50 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-09-04 02:50 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-09-04 02:50 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-04 02:50 - 2013-12-03 22:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-09-04 02:50 - 2013-12-03 22:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-09-04 02:50 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-09-04 02:50 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-09-04 02:50 - 2013-12-03 22:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-09-04 02:50 - 2013-12-03 22:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-09-04 02:50 - 2013-12-03 22:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-09-04 02:50 - 2013-12-03 22:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-09-04 02:50 - 2013-12-03 22:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-09-04 02:50 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-09-04 02:50 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-09-04 02:50 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-09-04 02:50 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-09-04 02:50 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-09-04 02:50 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-09-04 02:50 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-09-04 02:50 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-09-04 02:50 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-09-04 02:50 - 2013-09-27 19:01 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-09-04 02:50 - 2013-08-01 22:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-09-04 02:50 - 2013-08-01 22:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-09-04 02:50 - 2013-08-01 21:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-09-04 02:50 - 2013-08-01 20:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-09-04 02:49 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-04 02:49 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-09-04 02:49 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-09-04 02:49 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-09-04 02:49 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-09-04 02:49 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-09-04 02:49 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-09-04 02:49 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-04 02:49 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-09-04 02:49 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-09-04 02:49 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-09-04 02:49 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-09-04 02:49 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-09-04 02:49 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-09-04 02:49 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-09-04 02:49 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-09-04 02:49 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-09-04 02:49 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-09-04 02:49 - 2013-07-04 08:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-09-04 02:49 - 2012-12-07 09:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-09-04 02:49 - 2012-12-07 09:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-09-04 02:49 - 2012-12-07 08:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-09-04 02:49 - 2012-12-07 08:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-09-04 02:49 - 2012-12-07 07:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-09-04 02:49 - 2012-12-07 07:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-09-04 02:49 - 2012-12-07 07:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-09-04 02:49 - 2012-12-07 07:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-09-04 02:49 - 2012-12-07 07:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-09-04 02:49 - 2012-12-07 07:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-09-04 02:49 - 2012-12-07 07:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-09-04 02:49 - 2012-12-07 07:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-09-04 02:49 - 2012-12-07 07:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-09-04 02:49 - 2012-12-07 07:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-09-04 02:49 - 2012-12-07 07:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-09-04 02:49 - 2012-12-07 07:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-09-04 02:49 - 2012-12-07 07:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-09-04 02:49 - 2012-12-07 07:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-09-04 02:49 - 2012-12-07 06:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-09-04 02:49 - 2012-12-07 06:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-09-04 02:49 - 2012-12-07 06:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-09-04 02:49 - 2012-12-07 06:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-09-04 02:49 - 2012-12-07 06:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-09-04 02:49 - 2012-12-07 06:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-09-04 02:49 - 2012-12-07 06:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-09-04 02:49 - 2012-12-07 06:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-09-04 02:49 - 2012-12-07 06:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-09-04 02:49 - 2012-12-07 06:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-09-04 02:49 - 2012-12-07 06:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-09-04 02:49 - 2012-12-07 06:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-09-04 02:49 - 2012-12-07 06:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-09-04 02:49 - 2012-12-07 06:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-09-04 02:49 - 2010-12-23 06:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-09-04 02:49 - 2010-12-23 06:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-09-04 02:49 - 2010-12-23 06:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-09-04 02:49 - 2010-12-23 01:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-09-04 02:49 - 2010-12-23 01:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-09-04 02:49 - 2010-12-23 01:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-09-04 02:48 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-04 02:48 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-04 02:48 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-04 02:48 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-04 02:48 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-04 02:48 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-04 02:48 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-09-04 02:48 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-09-04 02:48 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-09-04 02:48 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-04 02:48 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-09-04 02:48 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-09-04 02:48 - 2013-11-26 07:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-04 02:48 - 2013-07-25 22:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-09-04 02:48 - 2013-07-25 21:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-09-04 02:48 - 2013-07-09 01:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-09-04 02:48 - 2013-07-09 00:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-09-04 02:48 - 2012-10-03 13:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-09-04 02:48 - 2012-10-03 13:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-09-04 02:48 - 2012-10-03 13:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-09-04 02:48 - 2012-10-03 13:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-09-04 02:48 - 2012-10-03 13:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-09-04 02:48 - 2012-10-03 13:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-04 02:48 - 2012-10-03 12:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-09-04 02:48 - 2012-10-03 12:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-09-04 02:48 - 2012-10-03 12:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-09-04 02:48 - 2012-10-03 12:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-09-04 02:48 - 2012-08-21 17:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-09-04 02:48 - 2012-01-13 03:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-09-04 02:48 - 2012-01-04 06:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-09-04 02:48 - 2012-01-04 04:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-09-04 02:47 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-04 02:47 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-04 02:47 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-04 02:47 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-04 02:47 - 2014-06-03 06:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-04 02:47 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-04 02:47 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-04 02:47 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-04 02:47 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-04 02:47 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-09-04 02:47 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-09-04 02:47 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-09-04 02:47 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-09-04 02:47 - 2013-11-22 04:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-09-04 02:47 - 2013-10-23 04:20 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-09-04 02:47 - 2013-10-23 04:20 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-09-04 02:47 - 2013-10-23 04:20 - 03426956 _____ () C:\Windows\system32\nvcoproc.bin
2014-09-04 02:47 - 2013-10-23 04:20 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-09-04 02:47 - 2013-10-23 04:20 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-09-04 02:47 - 2013-10-23 04:20 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-09-04 02:47 - 2013-07-04 08:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-04 02:47 - 2013-07-04 08:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-09-04 02:47 - 2013-07-04 07:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-04 02:47 - 2013-07-04 07:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-09-04 02:47 - 2013-07-04 06:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-09-04 02:47 - 2013-05-10 01:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-09-04 02:47 - 2013-05-09 23:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-09-04 02:47 - 2013-02-27 01:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-09-04 02:47 - 2012-04-26 01:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-09-04 02:47 - 2012-04-26 01:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-09-04 02:47 - 2012-04-26 01:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-09-04 02:47 - 2011-11-17 02:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-09-04 02:47 - 2011-11-17 01:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-09-04 02:47 - 2011-10-26 01:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-09-04 02:47 - 2011-10-26 01:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-04 02:47 - 2011-10-26 00:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-09-04 02:47 - 2011-10-26 00:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-04 02:47 - 2011-06-16 01:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-09-04 02:47 - 2011-06-16 00:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-09-04 02:47 - 2011-05-04 01:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-09-04 02:47 - 2011-05-04 01:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-09-04 02:47 - 2011-05-04 01:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-09-04 02:47 - 2011-05-04 01:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-09-04 02:47 - 2011-05-04 01:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-09-04 02:47 - 2011-05-04 01:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-09-04 02:47 - 2011-05-04 01:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-09-04 02:47 - 2011-05-04 01:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-09-04 02:47 - 2011-05-04 01:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-09-04 02:47 - 2011-05-04 00:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-09-04 02:47 - 2011-05-04 00:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-09-04 02:47 - 2011-05-04 00:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-09-04 02:47 - 2011-05-04 00:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-09-04 02:47 - 2011-05-04 00:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-09-04 02:47 - 2011-05-04 00:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-09-04 02:47 - 2011-05-04 00:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-09-04 02:47 - 2011-05-04 00:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-09-04 02:47 - 2011-05-04 00:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-09-04 02:47 - 2011-03-11 02:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-09-04 02:47 - 2011-03-11 02:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-09-04 02:47 - 2011-03-11 01:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-09-04 02:47 - 2011-03-11 01:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-09-04 02:47 - 2011-03-03 02:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-09-04 02:47 - 2011-03-03 02:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-09-04 02:47 - 2011-03-03 02:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-09-04 02:47 - 2011-03-03 01:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-09-04 02:47 - 2011-03-03 01:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-09-04 02:46 - 2014-08-19 22:15 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-09-04 02:46 - 2014-08-19 22:15 - 00061912 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-09-04 02:46 - 2013-10-29 22:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-09-04 02:46 - 2013-10-29 22:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-09-04 02:46 - 2013-05-13 01:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-09-04 02:46 - 2013-05-12 23:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-09-04 02:46 - 2013-05-12 23:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-09-04 02:46 - 2013-05-12 23:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-09-04 02:46 - 2013-02-15 02:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-09-04 02:46 - 2013-02-15 02:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-04 02:46 - 2013-02-15 02:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-09-04 02:46 - 2013-02-15 00:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-04 02:46 - 2013-02-15 00:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-09-04 02:46 - 2013-02-14 23:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-09-04 02:46 - 2012-06-06 02:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-09-04 02:46 - 2012-06-06 01:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-09-04 02:46 - 2011-06-15 06:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-09-04 02:46 - 2011-06-15 06:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-09-04 02:46 - 2011-06-15 06:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-09-04 02:46 - 2011-06-15 06:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-09-04 02:46 - 2011-06-15 04:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-09-04 02:46 - 2011-06-15 04:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-09-04 02:46 - 2011-06-15 04:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-09-04 02:46 - 2011-06-15 04:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-09-04 02:46 - 2011-06-15 04:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-09-04 02:45 - 2014-09-05 22:57 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-04 02:45 - 2014-09-04 02:54 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-09-04 02:45 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-04 02:45 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-04 02:45 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-04 02:45 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-04 02:45 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-04 02:45 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-04 02:45 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-04 02:45 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-09-04 02:45 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-09-04 02:45 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-09-04 02:45 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-09-04 02:45 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-09-04 02:45 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-09-04 02:45 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-09-04 02:45 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-09-04 02:45 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-09-04 02:45 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-09-04 02:45 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-09-04 02:45 - 2014-02-08 14:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-09-04 02:45 - 2014-02-08 14:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2014-09-04 02:45 - 2014-02-03 22:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-09-04 02:45 - 2014-02-03 22:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-09-04 02:45 - 2014-02-03 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-09-04 02:45 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-09-04 02:45 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-09-04 02:45 - 2013-12-31 19:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-04 02:45 - 2013-12-31 19:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-09-04 02:45 - 2013-10-23 06:30 - 00023287 _____ () C:\Windows\system32\nvinfo.pb
2014-09-04 02:45 - 2013-10-18 22:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-09-04 02:45 - 2013-10-18 21:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-09-04 02:45 - 2013-10-05 16:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-09-04 02:45 - 2013-10-05 15:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-09-04 02:45 - 2013-10-03 22:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-09-04 02:45 - 2013-10-03 22:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-09-04 02:45 - 2013-10-03 21:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-09-04 02:45 - 2013-10-03 21:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-09-04 02:45 - 2013-08-01 22:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 21:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-04 02:45 - 2013-08-01 20:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 20:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 20:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-09-04 02:45 - 2013-08-01 20:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-09-04 02:45 - 2013-07-25 05:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-04 02:45 - 2013-07-25 04:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-09-04 02:45 - 2013-07-09 01:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-09-04 02:45 - 2013-07-09 01:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-09-04 02:45 - 2013-07-09 00:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-09-04 02:45 - 2013-07-09 00:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-09-04 02:45 - 2013-07-04 08:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-09-04 02:45 - 2013-07-04 07:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-09-04 02:45 - 2013-06-06 01:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-09-04 02:45 - 2013-06-06 01:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-09-04 02:45 - 2013-06-06 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-09-04 02:45 - 2013-06-06 01:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-09-04 02:45 - 2013-06-06 00:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-09-04 02:45 - 2013-06-06 00:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-09-04 02:45 - 2013-06-06 00:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-09-04 02:45 - 2013-06-05 23:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-09-04 02:45 - 2013-06-05 23:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-09-04 02:45 - 2013-06-05 23:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-09-04 02:45 - 2013-03-19 01:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-09-04 02:45 - 2013-02-12 00:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-09-04 02:45 - 2012-10-09 14:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-09-04 02:45 - 2012-10-09 14:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-09-04 02:45 - 2012-10-09 13:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-09-04 02:45 - 2012-10-09 13:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-09-04 02:45 - 2012-08-22 14:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-04 02:45 - 2012-07-04 16:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-09-04 02:45 - 2011-12-30 02:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-09-04 02:45 - 2011-12-30 01:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-09-04 02:44 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-04 02:44 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-04 02:44 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-04 02:44 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-04 02:44 - 2013-10-11 22:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-09-04 02:44 - 2013-10-11 22:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-09-04 02:44 - 2013-10-11 22:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-09-04 02:44 - 2013-10-11 22:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-09-04 02:44 - 2013-10-11 21:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-09-04 02:44 - 2013-10-11 21:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-09-04 02:44 - 2013-10-11 21:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-09-04 02:44 - 2013-10-11 21:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-09-04 02:44 - 2013-08-27 21:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-09-04 02:44 - 2013-07-20 06:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-09-04 02:44 - 2013-07-20 06:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-09-04 02:44 - 2013-06-15 00:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-09-04 02:44 - 2013-04-10 02:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-09-04 02:44 - 2013-01-24 02:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-09-04 02:44 - 2012-11-02 01:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-09-04 02:44 - 2012-11-02 01:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-09-04 02:44 - 2012-09-25 18:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-09-04 02:44 - 2012-09-25 18:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-09-04 02:44 - 2012-07-04 18:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-09-04 02:44 - 2012-07-04 18:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-09-04 02:44 - 2012-07-04 18:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-09-04 02:44 - 2012-07-04 17:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-09-04 02:44 - 2012-07-04 17:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-09-04 02:44 - 2012-05-05 04:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-09-04 02:44 - 2012-05-05 03:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-09-04 02:44 - 2012-05-01 01:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-04 02:44 - 2012-04-27 23:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-09-04 02:44 - 2012-03-17 03:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-09-04 02:44 - 2011-12-16 04:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-09-04 02:44 - 2011-12-16 03:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-09-04 02:44 - 2011-10-15 02:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-09-04 02:44 - 2011-10-15 01:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-09-04 02:44 - 2011-08-27 01:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-09-04 02:44 - 2011-08-27 01:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-09-04 02:44 - 2011-08-27 00:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-09-04 02:44 - 2011-08-27 00:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-09-04 02:44 - 2011-08-17 01:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-09-04 02:44 - 2011-08-17 01:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-09-04 02:44 - 2011-08-17 00:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-09-04 02:44 - 2011-08-17 00:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-09-04 02:44 - 2011-05-24 07:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-09-04 02:44 - 2011-05-24 06:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-09-04 02:44 - 2011-05-24 06:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-09-04 02:44 - 2011-05-24 06:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-09-04 02:44 - 2011-05-24 06:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-09-04 02:44 - 2011-05-03 01:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-09-04 02:44 - 2011-05-03 00:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-09-04 02:44 - 2011-04-28 23:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-04 02:44 - 2011-04-28 23:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-04 02:44 - 2011-04-28 23:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-04 02:44 - 2011-04-09 02:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-09-04 02:44 - 2011-04-09 01:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-09-04 02:44 - 2011-02-23 00:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-09-04 02:44 - 2011-02-18 06:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-09-04 02:44 - 2011-02-18 01:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-09-04 02:44 - 2011-02-12 07:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-09-04 02:44 - 2011-02-05 13:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-04 02:44 - 2011-02-05 13:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-09-04 02:44 - 2011-02-05 13:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-09-04 02:44 - 2011-02-05 13:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-09-04 02:44 - 2011-02-05 13:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-04 02:44 - 2011-02-05 13:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-04 02:44 - 2011-02-05 13:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-04 02:44 - 2011-02-03 07:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-09-04 02:43 - 2013-10-11 22:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-09-04 02:43 - 2013-10-11 22:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-09-04 02:43 - 2013-10-11 22:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-09-04 02:43 - 2013-10-11 22:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-09-04 02:43 - 2013-10-11 22:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-09-04 02:38 - 2013-06-25 18:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-09-04 02:38 - 2012-11-28 18:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-09-04 02:38 - 2012-11-28 18:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-09-04 02:38 - 2012-11-28 18:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-09-04 02:36 - 2014-01-23 22:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-04 02:36 - 2013-04-26 01:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-04 02:36 - 2013-04-26 00:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-09-04 02:35 - 2012-05-14 01:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-04 02:16 - 2011-11-19 10:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-09-04 02:16 - 2011-11-19 10:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-09-04 02:14 - 2014-09-04 02:14 - 00000000 ____D () C:\5820f1268210e4a149
2014-09-04 01:59 - 2014-09-05 22:56 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-04 01:58 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-09-04 01:56 - 2014-09-04 01:56 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-09-04 01:56 - 2014-09-04 01:56 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-04 01:56 - 2014-09-04 01:56 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-04 01:56 - 2014-09-04 01:56 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-09-04 01:56 - 2014-09-04 01:56 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-04 01:56 - 2014-09-04 01:56 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-09-04 01:56 - 2014-09-04 01:56 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-04 01:55 - 2014-09-04 01:55 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-09-04 01:54 - 2014-09-04 01:54 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-09-04 01:53 - 2014-09-04 01:58 - 00012048 _____ () C:\Windows\IE11_main.log
2014-09-04 01:53 - 2014-09-04 01:53 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-09-04 01:53 - 2014-09-04 01:53 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-09-04 01:51 - 2014-09-12 02:47 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-04 01:51 - 2014-09-12 02:47 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-09-04 01:51 - 2014-09-12 02:47 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-04 01:51 - 2014-09-12 02:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-04 01:46 - 2014-09-04 01:46 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-09-04 01:45 - 2014-09-11 02:10 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\HpUpdate
2014-09-04 01:45 - 2014-09-07 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-09-04 01:45 - 2014-09-04 01:45 - 00003652 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet Pro 8610
2014-09-04 01:45 - 2014-09-04 01:45 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2014-09-04 01:44 - 2014-09-04 01:44 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-09-04 01:43 - 2014-09-04 01:47 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\HP
2014-09-04 01:38 - 2014-09-07 17:53 - 00000000 ____D () C:\ProgramData\HP
2014-09-04 01:38 - 2014-09-04 02:29 - 00000000 ____D () C:\ProgramData\Norton
2014-09-04 01:38 - 2014-09-04 01:38 - 00000617 _____ () C:\Windows\KB942288-v3.log
2014-09-04 01:38 - 2014-09-04 01:38 - 00000000 ___HD () C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
2014-09-04 01:36 - 2014-09-07 23:11 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Adobe
2014-09-04 01:36 - 2014-09-04 01:36 - 00001009 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
2014-09-04 01:36 - 2014-09-04 01:36 - 00000997 _____ () C:\Users\Public\Desktop\Acrobat.com.lnk
2014-09-04 01:36 - 2014-09-04 01:36 - 00000159 ___RH () C:\Windows\ctfile.rfc
2014-09-04 01:36 - 2014-09-04 01:36 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Macromedia
2014-09-04 01:36 - 2014-09-04 01:36 - 00000000 ____D () C:\ProgramData\Temp
2014-09-04 01:36 - 2014-09-04 01:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2014-09-04 01:36 - 2014-09-04 01:36 - 00000000 ____D () C:\Program Files (x86)\Creative
2014-09-04 01:36 - 2012-02-17 02:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-09-04 01:36 - 2012-02-17 01:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-09-04 01:36 - 2012-02-17 00:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-09-04 01:36 - 2011-05-19 15:39 - 00007195 ____N () C:\Windows\system32\THXCfgUninstall64.ini
2014-09-04 01:36 - 2011-05-19 15:39 - 00006925 ____N () C:\Windows\system32\THXCfg64.ini
2014-09-04 01:36 - 2011-05-19 15:39 - 00001424 ____N () C:\Windows\THXCfg_SP_APOIM.ini
2014-09-04 01:36 - 2011-05-19 15:39 - 00001323 ____N () C:\Windows\THXCfg_HP_APOIM.ini
2014-09-04 01:36 - 2011-05-19 15:39 - 00001323 ____N () C:\Windows\THXCfg_APOIM.ini
2014-09-04 01:36 - 2011-05-19 09:58 - 00246784 _____ () C:\Windows\system32\APOMgr64.DLL
2014-09-04 01:36 - 2011-05-19 09:56 - 00190464 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-09-04 01:36 - 2011-05-13 12:30 - 00026624 ____N (Creative Technology Ltd.) C:\Windows\system32\THXCfg64.dll
2014-09-04 01:36 - 2010-07-21 16:51 - 00011264 ____N (Creative Technology Ltd.) C:\Windows\SysWOW64\ResDefA.exe
2014-09-04 01:36 - 2009-12-29 16:53 - 00089088 _____ () C:\Windows\system32\CmdRtr64.DLL
2014-09-04 01:36 - 2009-12-29 16:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-09-04 01:36 - 2009-10-01 16:42 - 00141312 ____N (Creative Technology Ltd.) C:\Windows\system32\THXCfg64.exe
2014-09-04 01:36 - 2000-05-11 01:00 - 00090112 ____N (Creative Technology Ltd.) C:\Windows\Updreg.EXE
2014-09-04 01:35 - 2014-09-07 23:21 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-04 01:35 - 2014-09-06 23:48 - 00000000 ____D () C:\ProgramData\FNET
2014-09-04 01:35 - 2014-09-04 01:35 - 00015936 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETURPX.SYS
2014-09-04 01:35 - 2014-09-04 01:35 - 00001885 _____ () C:\Users\Public\Desktop\XFast USB.LNK
2014-09-04 01:35 - 2014-09-04 01:35 - 00001228 _____ () C:\Users\Public\Desktop\F-Stream Tuning.lnk
2014-09-04 01:35 - 2014-09-04 01:35 - 00001116 _____ () C:\Users\Public\Desktop\ASRock InstantBoot.lnk
2014-09-04 01:35 - 2014-09-04 01:35 - 00000003 _____ () C:\Users\Senor BadAss\AppData\Local\user_data.ini
2014-09-04 01:35 - 2014-09-04 01:35 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\cFos
2014-09-04 01:35 - 2014-09-04 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast USB
2014-09-04 01:35 - 2014-09-04 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast LAN
2014-09-04 01:35 - 2014-09-04 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fatal1ty Utility
2014-09-04 01:35 - 2014-09-04 01:35 - 00000000 ____D () C:\ProgramData\cFos
2014-09-04 01:35 - 2014-09-04 01:35 - 00000000 ____D () C:\Program Files\ASRock
2014-09-04 01:35 - 2014-09-04 01:35 - 00000000 ____D () C:\Program Files (x86)\XFastUSB
2014-09-04 01:35 - 2014-09-04 01:35 - 00000000 ____D () C:\Program Files (x86)\ASRock Utility
2014-09-04 01:35 - 2011-10-14 23:39 - 00022312 _____ (ASRock Inc.) C:\Windows\system32\Drivers\AsrRamDisk.sys
2014-09-04 01:35 - 2011-07-04 15:19 - 01632128 _____ (cFos Software GmbH) C:\Windows\system32\Drivers\cfosspeed6.sys
2014-09-04 01:34 - 2014-09-04 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2014-09-04 01:34 - 2014-09-04 01:35 - 00000000 ____D () C:\Program Files\ASRock Utility
2014-09-04 01:34 - 2014-09-04 01:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-09-04 01:34 - 2014-09-04 01:34 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
2014-09-04 01:34 - 2014-09-04 01:34 - 00000000 ____D () C:\Program Files (x86)\Marvell
2014-09-04 01:34 - 2014-09-04 01:34 - 00000000 ____D () C:\Program Files (x86)\Fatal1ty Utility
2014-09-04 01:34 - 2011-05-10 16:28 - 00017192 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\AsrAppCharger.sys
2014-09-04 01:34 - 2011-02-17 17:50 - 00017928 _____ (ASRock Inc.) C:\Windows\system32\Drivers\AsrHidFilter.sys
2014-09-04 01:33 - 2014-09-12 02:48 - 00775728 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-04 01:31 - 2014-09-07 23:44 - 00110456 _____ () C:\Users\Senor BadAss\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-04 01:31 - 2014-09-04 01:31 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Intel Corporation
2014-09-04 01:31 - 2014-09-04 01:31 - 00000000 ____D () C:\Program Files (x86)\Texas Instruments Inc
2014-09-04 01:30 - 2014-09-04 01:30 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-09-04 01:30 - 2014-09-04 01:30 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\InstallShield
2014-09-04 01:30 - 2011-10-03 20:08 - 00008192 _____ () C:\Windows\system32\Drivers\IntelMEFWVer.dll
2014-09-04 01:30 - 2011-09-22 09:49 - 00056600 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2014-09-04 01:29 - 2014-09-04 01:29 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-09-04 01:29 - 2014-09-04 01:29 - 00000000 ____D () C:\Program Files\Realtek
2014-09-04 01:29 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-04 01:29 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-04 01:29 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-04 01:29 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-04 01:29 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-04 01:29 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-04 01:29 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-04 01:29 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-04 01:29 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-04 01:29 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-04 01:29 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-04 01:29 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-04 01:29 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-04 01:29 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-04 01:29 - 2011-07-27 12:55 - 02604376 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2014-09-04 01:29 - 2010-10-15 07:20 - 02261764 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-09-04 01:29 - 2009-11-23 21:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-09-04 01:29 - 2009-11-23 21:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-09-04 01:29 - 2009-11-23 21:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-09-04 01:29 - 2009-11-17 19:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2014-09-04 01:28 - 2011-09-27 09:20 - 02526824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-09-04 01:28 - 2011-09-27 08:29 - 03081320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-09-04 01:28 - 2011-09-27 02:04 - 03210856 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-09-04 01:28 - 2011-09-26 02:20 - 00098920 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2014-09-04 01:28 - 2011-08-19 02:54 - 01881704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-09-04 01:28 - 2011-07-22 07:35 - 01247848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-09-04 01:28 - 2011-06-30 04:14 - 01560168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-09-04 01:28 - 2010-11-07 19:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-09-04 01:28 - 2010-11-07 19:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-09-04 01:28 - 2010-11-07 19:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-09-04 01:28 - 2010-11-07 19:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-09-04 01:28 - 2010-11-07 19:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-09-04 01:28 - 2010-11-07 19:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-09-04 01:28 - 2010-11-03 06:31 - 00332392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-09-04 01:28 - 2010-11-03 06:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-09-04 01:28 - 2009-11-23 21:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-09-04 01:27 - 2014-09-04 01:27 - 00000000 ____D () C:\Program Files\Broadcom
2014-09-04 01:27 - 2011-09-07 05:38 - 00626264 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2014-09-04 01:27 - 2011-09-07 05:38 - 00561240 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2014-09-04 01:27 - 2011-08-19 09:10 - 00886360 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2014-09-04 01:27 - 2011-08-19 09:10 - 00746072 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2014-09-04 01:27 - 2011-07-27 12:55 - 02132824 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-09-04 01:27 - 2011-05-05 03:24 - 02085440 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-09-04 01:27 - 2010-09-26 21:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-09-04 01:27 - 2010-07-02 07:40 - 00080984 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2014-09-04 01:26 - 2014-09-04 17:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-04 01:26 - 2014-09-04 01:29 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-09-04 01:26 - 2014-09-04 01:26 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-09-04 01:26 - 2011-08-31 07:12 - 01698408 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-09-04 01:26 - 2010-07-22 04:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-09-04 01:26 - 2009-11-17 06:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-09-04 01:25 - 2014-09-04 01:30 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-09-04 01:25 - 2011-07-29 13:54 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-09-04 00:04 - 2014-09-04 02:31 - 00001413 _____ () C:\Users\Senor BadAss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-04 00:03 - 2014-09-12 13:24 - 01328713 _____ () C:\Windows\WindowsUpdate.log
2014-09-04 00:03 - 2014-09-07 23:05 - 00000000 ____D () C:\Users\Senor BadAss
2014-09-04 00:03 - 2014-09-04 00:03 - 00000020 ___SH () C:\Users\Senor BadAss\ntuser.ini
2014-09-04 00:03 - 2014-09-04 00:03 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\VirtualStore
2014-09-04 00:03 - 2009-07-14 00:54 - 00000000 ___RD () C:\Users\Senor BadAss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-04 00:03 - 2009-07-14 00:49 - 00000000 ___RD () C:\Users\Senor BadAss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-03 00:21 - 2014-09-12 13:24 - 00000000 ____D () C:\AdwCleaner
2014-08-19 22:14 - 2014-08-19 22:14 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-08-19 22:14 - 2014-08-19 22:14 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-08-19 22:14 - 2014-08-19 22:14 - 00391640 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-08-19 22:14 - 2014-08-19 22:14 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 13:27 - 2014-09-09 03:19 - 00013960 _____ () C:\Users\Senor BadAss\Desktop\FRST.txt
2014-09-12 13:27 - 2014-09-09 03:18 - 00000000 ____D () C:\FRST
2014-09-12 13:26 - 2014-09-12 13:26 - 00000000 ____D () C:\Users\Senor BadAss\Desktop\FRST-OlderVersion
2014-09-12 13:26 - 2014-09-09 03:10 - 02105856 _____ (Farbar) C:\Users\Senor BadAss\Desktop\FRST64.exe
2014-09-12 13:25 - 2014-09-12 13:25 - 00001253 _____ () C:\Users\Senor BadAss\Desktop\AdwCleaner_B.txt
2014-09-12 13:25 - 2014-09-04 16:28 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-12 13:25 - 2010-11-20 23:47 - 01165040 _____ () C:\Windows\PFRO.log
2014-09-12 13:25 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-12 13:25 - 2009-07-14 00:51 - 00036790 _____ () C:\Windows\setupact.log
2014-09-12 13:24 - 2014-09-04 00:03 - 01328713 _____ () C:\Windows\WindowsUpdate.log
2014-09-12 13:24 - 2014-09-03 00:21 - 00000000 ____D () C:\AdwCleaner
2014-09-12 13:23 - 2009-07-14 00:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-12 13:23 - 2009-07-14 00:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-12 13:22 - 2014-09-12 13:22 - 00015838 _____ () C:\Users\Senor BadAss\Desktop\OTL_B.txt
2014-09-12 13:20 - 2009-07-14 01:13 - 00783606 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-12 13:11 - 2014-09-12 13:11 - 00000000 ____D () C:\_OTL
2014-09-12 13:07 - 2014-09-04 14:18 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\vlc
2014-09-12 12:33 - 2014-09-04 16:28 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-12 11:08 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-09-12 02:48 - 2014-09-04 12:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 02:48 - 2014-09-04 01:33 - 00775728 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-12 02:47 - 2014-09-04 03:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-12 02:47 - 2014-09-04 01:51 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-12 02:47 - 2014-09-04 01:51 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-09-12 02:47 - 2014-09-04 01:51 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-12 02:47 - 2014-09-04 01:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-12 02:44 - 2014-09-04 03:23 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-12 02:43 - 2014-09-04 02:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-12 01:01 - 2014-05-06 01:56 - 00000361 _____ () C:\rkill.log
2014-09-12 01:00 - 2014-09-12 01:00 - 00000218 _____ () C:\Users\Senor BadAss\AppData\Local\recently-used.xbel
2014-09-11 02:10 - 2014-09-04 01:45 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\HpUpdate
2014-09-10 20:34 - 2014-09-04 16:28 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-09 23:59 - 2014-09-08 18:47 - 00033512 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
2014-09-09 20:38 - 2014-09-04 16:40 - 00000000 ____D () C:\Program Files (x86)\CarbonPoker
2014-09-09 20:13 - 2014-09-06 20:12 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\HoldemManager
2014-09-09 16:42 - 2014-09-06 23:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-09 16:07 - 2014-09-04 02:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-09 14:24 - 2014-09-04 14:10 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Zeon
2014-09-09 04:03 - 2014-09-09 03:53 - 00314490 _____ () C:\Users\Senor BadAss\Desktop\OTL.Txt
2014-09-09 03:53 - 2014-09-09 03:53 - 00076432 _____ () C:\Users\Senor BadAss\Desktop\Extras.Txt
2014-09-09 03:49 - 2014-09-09 03:49 - 00602112 _____ (OldTimer Tools) C:\Users\Senor BadAss\Desktop\OTL.exe
2014-09-09 03:41 - 2014-09-09 03:41 - 00001481 _____ () C:\Users\Senor BadAss\Desktop\fixlist.txt
2014-09-09 03:40 - 2014-09-09 03:40 - 01016261 _____ (Thisisu) C:\Users\Senor BadAss\Desktop\JRT.exe
2014-09-09 03:19 - 2014-09-09 03:19 - 00040535 _____ () C:\Users\Senor BadAss\Desktop\Addition.txt
2014-09-09 03:18 - 2014-09-09 03:18 - 00002485 _____ () C:\Users\Senor BadAss\Desktop\aswMBR.txt
2014-09-09 03:18 - 2014-09-09 03:18 - 00000512 _____ () C:\Users\Senor BadAss\Desktop\MBR.dat
2014-09-09 03:05 - 2014-09-09 03:05 - 05185536 _____ (AVAST Software) C:\Users\Senor BadAss\Desktop\aswMBR.exe
2014-09-08 21:28 - 2014-09-08 03:57 - 00005196 _____ () C:\Users\Senor BadAss\Desktop\Rkill.txt
2014-09-08 21:08 - 2014-09-08 19:31 - 00001961 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-09-08 21:02 - 2014-09-08 21:02 - 04161313 _____ () C:\Users\Senor BadAss\Desktop\tdsskiller.zip
2014-09-08 21:02 - 2014-09-08 21:02 - 00000000 ____D () C:\Users\Senor BadAss\Desktop\tdsskiller
2014-09-08 21:01 - 2014-09-08 21:01 - 00370943 _____ () C:\Users\Senor BadAss\Desktop\gmer.zip
2014-09-08 21:00 - 2014-09-04 02:54 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\CrashDumps
2014-09-08 20:59 - 2014-09-04 14:10 - 00000000 ____D () C:\Windows\PIXTRAN
2014-09-08 20:58 - 2014-09-08 18:58 - 00000000 ____D () C:\Users\postgres.SenorBadAss-PC
2014-09-08 20:41 - 2014-09-08 20:41 - 00000000 ____D () C:\SUPERDelete
2014-09-08 20:40 - 2014-09-08 20:15 - 00000156 _____ () C:\Windows\Reimage.ini
2014-09-08 20:28 - 2014-09-08 19:50 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-08 20:20 - 2014-09-08 20:15 - 00000000 ____D () C:\rei
2014-09-08 20:19 - 2014-09-08 20:19 - 00003474 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2014-09-08 20:16 - 2014-09-08 20:16 - 00004300 _____ () C:\Windows\System32\Tasks\ReimageUpdater
2014-09-08 20:16 - 2014-09-08 20:16 - 00001901 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2014-09-08 20:16 - 2014-09-08 20:16 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-09-08 20:16 - 2014-09-08 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2014-09-08 20:06 - 2014-09-08 20:06 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Hold'em_Manager
2014-09-08 20:05 - 2014-09-08 20:04 - 04736760 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_oem.exe
2014-09-08 20:02 - 2014-09-04 16:44 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\eclipse
2014-09-08 19:49 - 2014-09-08 19:49 - 00699016 _____ (CNET Download.com) C:\Users\Senor BadAss\Desktop\cbsidlm-cbsi213-GMER-ORG-10720107.exe
2014-09-08 19:32 - 2014-09-08 19:31 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-08 19:31 - 2014-09-08 19:31 - 19231376 _____ (SUPERAntiSpyware) C:\Users\Senor BadAss\Desktop\SUPERAntiSpyware.exe
2014-09-08 19:31 - 2014-09-08 19:31 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\SUPERAntiSpyware.com
2014-09-08 19:31 - 2014-09-08 19:31 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-09-08 19:31 - 2014-09-08 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-08 19:10 - 2014-09-08 19:10 - 00000000 ____D () C:\HM2Archive
2014-09-08 19:09 - 2014-09-08 19:09 - 00018471 _____ () C:\Users\Senor BadAss\Desktop\install.log
2014-09-08 19:09 - 2014-09-08 19:09 - 00001088 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2014-09-08 19:09 - 2014-09-08 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Holdem Manager 2
2014-09-08 19:09 - 2014-09-08 19:08 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2014-09-08 19:09 - 2014-09-08 18:56 - 00000000 ____D () C:\Program Files (x86)\PSQLINSTALL
2014-09-08 19:05 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-09-08 18:58 - 2014-09-08 18:58 - 00000020 ___SH () C:\Users\postgres.SenorBadAss-PC\ntuser.ini
2014-09-08 18:58 - 2014-09-08 18:57 - 00000000 ____D () C:\postgreSQL
2014-09-08 18:58 - 2014-09-06 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.4
2014-09-08 18:56 - 2014-09-06 20:10 - 00000000 ____D () C:\PostgreSQL-prev-2014-02-Sep-11-37-46
2014-09-08 18:49 - 2014-09-08 18:49 - 04857944 _____ () C:\Users\Senor BadAss\Desktop\RogueKiller.exe
2014-09-08 18:47 - 2014-09-08 18:47 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-09-08 18:36 - 2014-09-08 18:36 - 00022633 _____ () C:\ComboFix.txt
2014-09-08 18:36 - 2014-09-08 18:31 - 00000000 ____D () C:\Qoobox
2014-09-08 18:36 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-09-08 18:35 - 2014-09-08 18:30 - 00000000 ____D () C:\Windows\erdnt
2014-09-08 18:35 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-08 18:32 - 2014-09-06 20:11 - 00000000 ____D () C:\Users\postgres
2014-09-08 01:57 - 2009-07-14 00:45 - 05032640 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-08 00:40 - 2014-09-05 20:28 - 00000000 ____D () C:\Windows\Minidump
2014-09-08 00:27 - 2014-09-08 00:26 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Ubisoft Game Launcher
2014-09-08 00:26 - 2014-09-08 00:26 - 00001201 _____ () C:\Users\Senor BadAss\Desktop\Uplay.lnk
2014-09-08 00:26 - 2014-09-08 00:26 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-09-08 00:26 - 2014-09-08 00:26 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-09-07 23:44 - 2014-09-04 01:31 - 00110456 _____ () C:\Users\Senor BadAss\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-07 23:21 - 2014-09-07 23:21 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-09-07 23:21 - 2014-09-07 23:21 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-09-07 23:21 - 2014-09-07 23:21 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2014-09-07 23:21 - 2014-09-07 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-09-07 23:21 - 2014-09-07 22:57 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-07 23:21 - 2014-09-04 01:35 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-07 23:16 - 2014-09-07 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-09-07 23:14 - 2014-09-07 22:55 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-07 23:14 - 2014-09-07 22:55 - 00000000 ____D () C:\Program Files\Adobe
2014-09-07 23:13 - 2014-09-04 13:26 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Adobe
2014-09-07 23:11 - 2014-09-04 01:36 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Adobe
2014-09-07 23:09 - 2014-09-07 23:09 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-07 23:09 - 2014-09-07 23:09 - 00000000 ____D () C:\ProgramData\ALM
2014-09-07 23:05 - 2014-09-07 23:05 - 00000000 ____D () C:\Users\Senor BadAss\Adobe Flash Builder 4.6
2014-09-07 23:05 - 2014-09-04 00:03 - 00000000 ____D () C:\Users\Senor BadAss
2014-09-07 23:01 - 2014-09-07 23:01 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
2014-09-07 22:59 - 2014-09-08 18:58 - 00000000 ____D () C:\Users\postgres.SenorBadAss-PC\AppData\Roaming\Macromedia
2014-09-07 22:59 - 2014-09-07 22:59 - 00000997 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-09-07 22:59 - 2014-09-07 22:59 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-09-07 22:59 - 2014-09-07 22:59 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-09-07 22:56 - 2014-09-07 22:56 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-09-07 19:33 - 2014-09-04 14:56 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\BitLord
2014-09-07 17:53 - 2014-09-07 17:53 - 00002200 _____ () C:\Users\Public\Desktop\HP Officejet Pro 8610.lnk
2014-09-07 17:53 - 2014-09-07 17:53 - 00001152 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Officejet Pro 8610.lnk
2014-09-07 17:53 - 2014-09-07 17:53 - 00000000 ____D () C:\Program Files\HP
2014-09-07 17:53 - 2014-09-07 17:53 - 00000000 ____D () C:\Program Files (x86)\HP
2014-09-07 17:53 - 2014-09-04 01:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-09-07 17:53 - 2014-09-04 01:38 - 00000000 ____D () C:\ProgramData\HP
2014-09-07 13:03 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PLA
2014-09-07 05:08 - 2014-09-07 05:08 - 00000000 ____D () C:\ProgramData\Origin
2014-09-07 01:08 - 2014-09-07 01:08 - 00016806 ____H () C:\Users\Senor BadAss\Desktop\~WRL0003.tmp
2014-09-07 00:48 - 2014-09-04 17:34 - 00000000 ____D () C:\Program Files (x86)\SoundSpectrum
2014-09-06 23:56 - 2014-09-06 23:56 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-06 23:56 - 2014-09-06 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-06 23:56 - 2014-09-06 23:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-06 23:56 - 2014-09-06 23:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-06 23:48 - 2014-09-05 23:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-06 23:48 - 2014-09-04 01:35 - 00000000 ____D () C:\ProgramData\FNET
2014-09-06 23:48 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-09-06 23:48 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-09-06 23:28 - 2014-09-06 23:28 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\DarkSoulsII
2014-09-06 23:28 - 2014-09-06 23:28 - 00000000 ____D () C:\ProgramData\Steam
2014-09-06 23:25 - 2014-09-06 20:59 - 00000000 ____D () C:\Users\Senor BadAss\Desktop\20140906
2014-09-06 21:34 - 2014-09-04 17:44 - 00001456 _____ () C:\Users\Senor BadAss\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-09-06 20:59 - 2014-09-06 20:59 - 00000000 ____D () C:\Users\Senor BadAss\Desktop\20140903
2014-09-06 20:48 - 2014-09-06 20:48 - 00323118 _____ () C:\Users\Senor BadAss\Desktop\udbrky.xml
2014-09-06 20:14 - 2014-09-06 20:14 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\HEM Data
2014-09-06 05:31 - 2014-09-05 03:57 - 00000000 ____D () C:\Users\Senor BadAss\Documents\FIFA 14
2014-09-05 23:17 - 2014-09-05 23:10 - 00000000 ____D () C:\Users\Senor BadAss\Documents\3DMark
2014-09-05 23:11 - 2014-09-05 23:11 - 00000000 ____D () C:\Temp
2014-09-05 23:10 - 2014-09-05 23:10 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Futuremark
2014-09-05 22:59 - 2014-09-04 02:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-05 22:57 - 2014-09-04 02:45 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-05 22:56 - 2014-09-04 01:59 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-05 20:34 - 2014-09-05 20:34 - 00032320 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS
2014-09-05 18:21 - 2014-09-04 16:17 - 00000000 ____D () C:\Program Files\thinkorswim
2014-09-05 17:51 - 2014-09-04 16:17 - 00000000 ____D () C:\Users\Senor BadAss\.thinkorswim
2014-09-05 16:56 - 2014-09-05 16:56 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-09-05 03:59 - 2014-09-05 03:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01007.Wdf
2014-09-05 03:57 - 2014-09-05 03:57 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-05 03:35 - 2014-09-05 03:35 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-09-05 03:04 - 2014-09-04 02:51 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\NVIDIA
2014-09-05 01:27 - 2014-09-05 01:27 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Desktop Gaming
2014-09-05 00:30 - 2014-09-04 19:36 - 00000000 ____D () C:\Users\Senor BadAss\Desktop\SENORBADASS-PC 9-4-2014 7.33.38 PM
2014-09-04 22:10 - 2014-09-11 23:32 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 22:05 - 2014-09-11 23:32 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 19:34 - 2014-09-04 19:34 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\IsolatedStorage
2014-09-04 19:33 - 2014-09-04 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-09-04 19:33 - 2014-09-04 19:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Expression
2014-09-04 17:48 - 2014-09-04 17:48 - 00001744 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Story 3 for Windows.lnk
2014-09-04 17:48 - 2014-09-04 17:48 - 00000000 ____D () C:\Program Files (x86)\Photo Story 3 for Windows
2014-09-04 17:39 - 2014-09-04 17:38 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\SoundSpectrum
2014-09-04 17:01 - 2014-09-04 17:00 - 00148946 _____ () C:\Windows\DirectX.log
2014-09-04 17:01 - 2014-09-04 01:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-04 17:01 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-04 16:44 - 2014-09-04 16:40 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\CarbonPoker
2014-09-04 16:44 - 2014-09-04 16:34 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Mozilla
2014-09-04 16:40 - 2014-09-04 16:40 - 00001906 _____ () C:\Users\Senor BadAss\Desktop\CarbonPoker.lnk
2014-09-04 16:40 - 2014-09-04 16:40 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CarbonPoker
2014-09-04 16:34 - 2014-09-04 16:34 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-04 16:34 - 2014-09-04 16:34 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-04 16:34 - 2014-09-04 16:34 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Mozilla
2014-09-04 16:34 - 2014-09-04 16:34 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-04 16:34 - 2014-09-04 16:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-04 16:34 - 2014-09-04 16:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-04 16:32 - 2014-09-04 16:33 - 00284224 _____ (Mozilla) C:\Users\Senor BadAss\Downloads\Firefox_Setup_Stub_30.0.exe
2014-09-04 16:29 - 2014-09-04 16:29 - 00002212 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-09-04 16:29 - 2014-09-04 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-09-04 16:29 - 2014-09-04 16:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-04 16:29 - 2014-09-04 16:27 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Google
2014-09-04 16:28 - 2014-09-04 16:28 - 00003906 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-04 16:28 - 2014-09-04 16:28 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-04 16:28 - 2014-09-04 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-04 16:27 - 2014-09-04 16:27 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Deployment
2014-09-04 16:27 - 2014-09-04 16:27 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Apps\2.0
2014-09-04 16:17 - 2014-09-04 16:17 - 00001891 _____ () C:\Users\Public\Desktop\thinkorswim.lnk
2014-09-04 16:17 - 2014-09-04 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\thinkorswim
2014-09-04 15:33 - 2014-09-04 14:10 - 00000000 ____D () C:\ProgramData\Nuance
2014-09-04 14:56 - 2014-09-04 14:56 - 00002023 _____ () C:\Users\Senor BadAss\Desktop\BitLord.lnk
2014-09-04 14:56 - 2014-09-04 14:56 - 00000000 ____D () C:\Users\Senor BadAss\Documents\BitLord
2014-09-04 14:56 - 2014-09-04 14:56 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Python-Eggs
2014-09-04 14:56 - 2014-09-04 14:56 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
2014-09-04 14:56 - 2014-09-04 14:55 - 00000000 ____D () C:\Program Files (x86)\BitLord 2
2014-09-04 14:18 - 2014-09-04 14:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G-Force
2014-09-04 14:17 - 2014-09-04 14:17 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-04 14:17 - 2014-09-04 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-04 14:17 - 2014-09-04 14:17 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-04 14:16 - 2014-09-04 14:16 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\TechSmith
2014-09-04 14:16 - 2014-09-04 14:16 - 00000000 ____D () C:\ProgramData\TechSmith
2014-09-04 14:16 - 2014-09-04 14:16 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2014-09-04 14:16 - 2014-09-04 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-09-04 14:16 - 2014-09-04 14:16 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-09-04 14:12 - 2014-09-04 14:12 - 00002531 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 8.lnk
2014-09-04 14:12 - 2014-09-04 14:12 - 00001962 _____ () C:\Users\Public\Desktop\Nitro Pro 8.lnk
2014-09-04 14:12 - 2014-09-04 14:12 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Nitro
2014-09-04 14:12 - 2014-09-04 14:12 - 00000000 ____D () C:\ProgramData\Nitro
2014-09-04 14:12 - 2014-09-04 14:12 - 00000000 ____D () C:\Program Files\Common Files\Nitro
2014-09-04 14:12 - 2014-09-04 14:12 - 00000000 ____D () C:\Program Files (x86)\Nitro
2014-09-04 14:11 - 2014-09-04 14:11 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Downloaded Installations
2014-09-04 14:10 - 2014-09-04 14:10 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Nuance
2014-09-04 14:10 - 2014-09-04 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PDF Converter Enterprise 7
2014-09-04 14:09 - 2014-09-04 14:09 - 00000000 ____D () C:\ProgramData\Zeon
2014-09-04 14:09 - 2014-09-04 14:09 - 00000000 ____D () C:\Program Files (x86)\Nuance
2014-09-04 14:07 - 2014-09-04 14:06 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\NVIDIA
2014-09-04 13:35 - 2014-09-04 13:35 - 00000000 ____D () C:\Program Files (x86)\My Company Name
2014-09-04 13:33 - 2014-09-06 20:11 - 00000000 ____D () C:\Users\postgres\AppData\Roaming\Macromedia
2014-09-04 12:55 - 2014-09-04 12:55 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\WinRAR
2014-09-04 12:55 - 2014-09-04 12:55 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-04 12:55 - 2014-09-04 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-04 12:55 - 2014-09-04 12:55 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-04 12:26 - 2014-09-04 12:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2014-09-04 12:26 - 2014-09-04 12:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-04 12:26 - 2014-09-04 12:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-09-04 12:26 - 2011-04-12 04:28 - 00000000 ____D () C:\Windows\ShellNew
2014-09-04 12:26 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-09-04 12:25 - 2014-09-04 12:25 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-09-04 12:25 - 2014-09-04 12:25 - 00000000 ____D () C:\Windows\PCHEALTH
2014-09-04 12:25 - 2014-09-04 12:25 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-04 12:25 - 2014-09-04 12:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-09-04 12:25 - 2014-09-04 12:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2014-09-04 12:25 - 2014-09-04 12:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-09-04 12:25 - 2014-09-04 12:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-04 12:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-04 12:25 - 2009-07-13 22:34 - 00000478 _____ () C:\Windows\win.ini
2014-09-04 12:24 - 2014-09-04 12:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-09-04 12:22 - 2014-09-04 12:22 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\Microsoft Help
2014-09-04 04:00 - 2011-04-12 04:28 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-04 04:00 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-04 04:00 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-09-04 04:00 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-04 04:00 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-04 04:00 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-04 04:00 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-04 03:48 - 2009-07-14 01:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-09-04 03:48 - 2009-07-14 01:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-09-04 03:21 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-04 02:58 - 2014-09-04 02:58 - 00000000 __SHD () C:\Users\Senor BadAss\AppData\Local\EmieUserList
2014-09-04 02:58 - 2014-09-04 02:58 - 00000000 __SHD () C:\Users\Senor BadAss\AppData\Local\EmieSiteList
2014-09-04 02:57 - 2014-09-04 02:57 - 00001007 _____ () C:\Users\Public\Desktop\PowerISO.lnk
2014-09-04 02:57 - 2014-09-04 02:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-09-04 02:57 - 2014-09-04 02:57 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2014-09-04 02:54 - 2014-09-04 02:54 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\NVIDIA Corporation
2014-09-04 02:54 - 2014-09-04 02:45 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-09-04 02:51 - 2014-09-04 02:51 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-09-04 02:51 - 2014-09-04 02:51 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-09-04 02:51 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-04 02:50 - 2014-09-04 02:50 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-09-04 02:50 - 2014-09-04 02:50 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-09-04 02:50 - 2009-07-14 00:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-09-04 02:50 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-09-04 02:47 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2014-09-04 02:31 - 2014-09-04 00:04 - 00001413 _____ () C:\Users\Senor BadAss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-04 02:29 - 2014-09-04 01:38 - 00000000 ____D () C:\ProgramData\Norton
2014-09-04 02:29 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-09-04 02:29 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-09-04 02:29 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-09-04 02:29 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-09-04 02:14 - 2014-09-04 02:14 - 00000000 ____D () C:\5820f1268210e4a149
2014-09-04 01:58 - 2014-09-04 01:53 - 00012048 _____ () C:\Windows\IE11_main.log
2014-09-04 01:56 - 2014-09-04 01:56 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-09-04 01:56 - 2014-09-04 01:56 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-04 01:56 - 2014-09-04 01:56 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-04 01:56 - 2014-09-04 01:56 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-09-04 01:56 - 2014-09-04 01:56 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-04 01:56 - 2014-09-04 01:56 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-09-04 01:56 - 2014-09-04 01:56 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-09-04 01:56 - 2014-09-04 01:56 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-04 01:56 - 2014-09-04 01:56 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-04 01:55 - 2014-09-04 01:55 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-09-04 01:54 - 2014-09-04 01:54 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-09-04 01:54 - 2014-09-04 01:54 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-09-04 01:53 - 2014-09-04 01:53 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-09-04 01:53 - 2014-09-04 01:53 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-09-04 01:47 - 2014-09-04 01:43 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\HP
2014-09-04 01:46 - 2014-09-04 01:46 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-09-04 01:45 - 2014-09-04 01:45 - 00003652 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet Pro 8610
2014-09-04 01:45 - 2014-09-04 01:45 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2014-09-04 01:44 - 2014-09-04 01:44 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-09-04 01:38 - 2014-09-04 01:38 - 00000617 _____ () C:\Windows\KB942288-v3.log
2014-09-04 01:38 - 2014-09-04 01:38 - 00000000 ___HD () C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
2014-09-04 01:36 - 2014-09-04 01:36 - 00001009 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
2014-09-04 01:36 - 2014-09-04 01:36 - 00000997 _____ () C:\Users\Public\Desktop\Acrobat.com.lnk
2014-09-04 01:36 - 2014-09-04 01:36 - 00000159 ___RH () C:\Windows\ctfile.rfc
2014-09-04 01:36 - 2014-09-04 01:36 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Macromedia
2014-09-04 01:36 - 2014-09-04 01:36 - 00000000 ____D () C:\ProgramData\Temp
2014-09-04 01:36 - 2014-09-04 01:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2014-09-04 01:36 - 2014-09-04 01:36 - 00000000 ____D () C:\Program Files (x86)\Creative
2014-09-04 01:35 - 2014-09-04 01:35 - 00015936 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETURPX.SYS
2014-09-04 01:35 - 2014-09-04 01:35 - 00001885 _____ () C:\Users\Public\Desktop\XFast USB.LNK
2014-09-04 01:35 - 2014-09-04 01:35 - 00001228 _____ () C:\Users\Public\Desktop\F-Stream Tuning.lnk
2014-09-04 01:35 - 2014-09-04 01:35 - 00001116 _____ () C:\Users\Public\Desktop\ASRock InstantBoot.lnk
2014-09-04 01:35 - 2014-09-04 01:35 - 00000003 _____ () C:\Users\Senor BadAss\AppData\Local\user_data.ini
2014-09-04 01:35 - 2014-09-04 01:35 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\cFos
2014-09-04 01:35 - 2014-09-04 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast USB
2014-09-04 01:35 - 2014-09-04 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast LAN
2014-09-04 01:35 - 2014-09-04 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fatal1ty Utility
2014-09-04 01:35 - 2014-09-04 01:35 - 00000000 ____D () C:\ProgramData\cFos
2014-09-04 01:35 - 2014-09-04 01:35 - 00000000 ____D () C:\Program Files\ASRock
2014-09-04 01:35 - 2014-09-04 01:35 - 00000000 ____D () C:\Program Files (x86)\XFastUSB
2014-09-04 01:35 - 2014-09-04 01:35 - 00000000 ____D () C:\Program Files (x86)\ASRock Utility
2014-09-04 01:35 - 2014-09-04 01:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2014-09-04 01:35 - 2014-09-04 01:34 - 00000000 ____D () C:\Program Files\ASRock Utility
2014-09-04 01:34 - 2014-09-04 01:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-09-04 01:34 - 2014-09-04 01:34 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
2014-09-04 01:34 - 2014-09-04 01:34 - 00000000 ____D () C:\Program Files (x86)\Marvell
2014-09-04 01:34 - 2014-09-04 01:34 - 00000000 ____D () C:\Program Files (x86)\Fatal1ty Utility
2014-09-04 01:31 - 2014-09-04 01:31 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\Intel Corporation
2014-09-04 01:31 - 2014-09-04 01:31 - 00000000 ____D () C:\Program Files (x86)\Texas Instruments Inc
2014-09-04 01:30 - 2014-09-04 01:30 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-09-04 01:30 - 2014-09-04 01:30 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Roaming\InstallShield
2014-09-04 01:30 - 2014-09-04 01:25 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-09-04 01:29 - 2014-09-04 01:29 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-09-04 01:29 - 2014-09-04 01:29 - 00000000 ____D () C:\Program Files\Realtek
2014-09-04 01:29 - 2014-09-04 01:26 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-09-04 01:29 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\restore
2014-09-04 01:27 - 2014-09-04 01:27 - 00000000 ____D () C:\Program Files\Broadcom
2014-09-04 01:26 - 2014-09-04 01:26 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-09-04 01:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-04 00:03 - 2014-09-04 03:48 - 00000000 ____D () C:\Windows\Panther
2014-09-04 00:03 - 2014-09-04 00:03 - 00000020 ___SH () C:\Users\Senor BadAss\ntuser.ini
2014-09-04 00:03 - 2014-09-04 00:03 - 00000000 ____D () C:\Users\Senor BadAss\AppData\Local\VirtualStore
2014-09-04 00:03 - 2014-05-02 20:56 - 00000000 ____D () C:\Recovery
2014-09-04 00:03 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-08-22 22:07 - 2014-09-04 02:45 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 21:45 - 2014-09-04 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 20:59 - 2014-09-04 02:45 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 22:15 - 2014-09-04 02:46 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-08-19 22:15 - 2014-09-04 02:46 - 00061912 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-08-19 22:14 - 2014-08-19 22:14 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-08-19 22:14 - 2014-08-19 22:14 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-08-19 22:14 - 2014-08-19 22:14 - 00391640 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-08-19 22:14 - 2014-08-19 22:14 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-08-19 14:05 - 2014-09-12 02:48 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 13:39 - 2014-09-12 02:48 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-18 19:01 - 2014-09-12 02:48 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-18 18:29 - 2014-09-12 02:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-18 18:29 - 2014-09-12 02:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-18 18:26 - 2014-09-12 02:48 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-18 18:20 - 2014-09-12 02:48 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-18 18:19 - 2014-09-12 02:48 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-18 18:15 - 2014-09-12 02:48 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-18 18:15 - 2014-09-12 02:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-18 18:14 - 2014-09-12 02:48 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-18 18:14 - 2014-09-12 02:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-18 18:08 - 2014-09-12 02:48 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-18 18:08 - 2014-09-12 02:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-18 18:08 - 2014-09-12 02:48 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-18 18:05 - 2014-09-12 02:48 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-18 18:03 - 2014-09-12 02:48 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-18 18:03 - 2014-09-12 02:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-18 18:03 - 2014-09-12 02:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 17:57 - 2014-09-12 02:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 17:56 - 2014-09-12 02:48 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 17:51 - 2014-09-12 02:48 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 17:46 - 2014-09-12 02:48 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 17:45 - 2014-09-12 02:48 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 17:45 - 2014-09-12 02:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 17:44 - 2014-09-12 02:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 17:44 - 2014-09-12 02:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 17:42 - 2014-09-12 02:48 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 17:40 - 2014-09-12 02:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 17:39 - 2014-09-12 02:48 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 17:39 - 2014-09-12 02:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 17:39 - 2014-09-12 02:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 17:38 - 2014-09-12 02:48 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 17:37 - 2014-09-12 02:48 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 17:36 - 2014-09-12 02:48 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 17:35 - 2014-09-12 02:48 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 17:27 - 2014-09-12 02:48 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 17:25 - 2014-09-12 02:48 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 17:25 - 2014-09-12 02:48 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 17:23 - 2014-09-12 02:48 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 17:23 - 2014-09-12 02:48 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 17:22 - 2014-09-12 02:48 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 17:19 - 2014-09-12 02:48 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 17:17 - 2014-09-12 02:48 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 17:17 - 2014-09-12 02:48 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 17:16 - 2014-09-12 02:48 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 17:15 - 2014-09-12 02:48 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 17:15 - 2014-09-12 02:48 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 17:09 - 2014-09-12 02:48 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 17:08 - 2014-09-12 02:48 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 17:07 - 2014-09-12 02:48 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 16:55 - 2014-09-12 02:48 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 16:46 - 2014-09-12 02:48 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 16:38 - 2014-09-12 02:48 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 16:38 - 2014-09-12 02:48 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 16:36 - 2014-09-12 02:48 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

Some content of TEMP:
====================
C:\Users\Senor BadAss\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-06 01:27

==================== End Of Log ============================

#7
saratogasteve

Posted 12 September 2014 - 11:39 AM

New Member

Topic Starter
Member
8 posts

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-09-2014
Ran by Senor BadAss at 2014-09-12 13:27:55
Running from C:\Users\Senor BadAss\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
ASRock InstantBoot v1.29 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - )
ASRock XFast RAM v1.0.3 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
BitLord 2.3 (HKLM-x32\...\BitLord) (Version: 2.3.2-255 - House of Life)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation)
CarbonPoker (HKCU\...\CarbonPoker) (Version: 6.0 - )
Chessmaster Grandmaster Edition (HKLM-x32\...\InstallShield_{27614800-84A9-484E-9CCB-43ED2F1205F5}) (Version: 1.00.0000 - Ubisoft)
Chessmaster Grandmaster Edition (x32 Version: 1.00.0000 - Ubisoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version: - Microsoft)
F-Stream Tuning v0.1.73.13 (HKLM-x32\...\F-Stream Tuning_is1) (Version: - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version: - )
HP Officejet Pro 8610 Basic Device Software (HKLM\...\{3082CB96-66E8-456D-8326-118A4F5DC0C6}) (Version: 32.0.90.45518 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Help (HKLM-x32\...\{F9569D00-4576-46C8-B6C7-207A4FD39745}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.21.1134 - Intel Corporation)
Intel® Rapid Storage Technology enterprise (HKLM-x32\...\{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}) (Version: 3.0.0.2003 - Intel Corporation)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1014 - Marvell)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.4276.0) (Version: 4.0.4276.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 (x32 Version: 4.0.4276.0 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{64C12304-7010-43F3-A25B-BDC38DE41E46}) (Version: 4.0.4276.0 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 32.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 en-US)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla)
Nitro Pro 8 (HKLM\...\{522D6D76-B109-4C83-BA3C-D26D08391EBC}) (Version: 8.0.10.7 - Nitro)
Nuance PDF Converter Enterprise 7 (HKLM\...\{B79DA7A6-18A4-4147-9B49-A1AD9CB613FA}) (Version: 7.30.6153 - Nuance Communications, Inc.)
Nuance PDF Converter Enterprise 7 (HKLM-x32\...\{B79DA7A6-18A4-4147-9B49-A1AD9CB613FA}) (Version: 7.30.6153 - Nuance Communications, Inc.)
NVIDIA 3D Vision Controller Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Control Panel 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1150 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
Product Improvement Study for HP Officejet Pro 8610 (HKLM\...\{1A57F90C-DAC0-44A5-8726-46C008DE69C8}) (Version: 32.0.90.45518 - Hewlett-Packard Co.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6468 - Realtek Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.6.6.6 - Reimage)
Scansoft PDF Professional (x32 Version: - ) Hidden
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Snagit 11 (HKLM-x32\...\{A56C6348-59D0-433B-A48A-75914858664E}) (Version: 11.2.1 - TechSmith Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1130 - SUPERAntiSpyware.com)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
THX TruStudio (HKLM-x32\...\{AFB907F5-C0E6-4753-8284-DE955EF86AC2}) (Version: 1.00.01 - Creative Technology Limited)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{3AF095EF-23B3-4C6A-BBA1-4C1EB663DAF8}) (Version: 1.12.9.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.9.0 - Texas Instruments Inc.) Hidden
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.28 - ASRock Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

08-09-2014 23:50:44 avast! antivirus system restore point
09-09-2014 00:03:08 avast! antivirus system restore point
11-09-2014 22:36:29 Windows Update
12-09-2014 06:43:41 Windows Update
12-09-2014 17:11:37 OTL Restore Point - 9/12/2014 1:11:37 PM

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2014-09-08 18:35 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {016EF325-810C-47ED-AE95-3B7356A3ACA5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-04] (Google Inc.)
Task: {0446F44B-30B2-4ACB-81BE-B0C8BB82B732} - \19bc94ba-63fa-4e71-96bc-47dc9bfb0931-7 No Task File <==== ATTENTION
Task: {0C07994D-A48E-495D-8446-A84287953643} - \19bc94ba-63fa-4e71-96bc-47dc9bfb0931-6 No Task File <==== ATTENTION
Task: {122F6AF4-8AED-421B-8BD5-98695DC1899E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-04] (Google Inc.)
Task: {1A9C149B-01F8-4634-9B07-21B2E3D38D39} - \19bc94ba-63fa-4e71-96bc-47dc9bfb0931-11 No Task File <==== ATTENTION
Task: {682A166A-ECA1-4DAB-87A6-49090DD71404} - \19bc94ba-63fa-4e71-96bc-47dc9bfb0931-4 No Task File <==== ATTENTION
Task: {6A3F2653-93D1-4C7F-AA80-0902A91987E5} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe
Task: {6FF8E115-4F1D-449D-806D-D6B1DDE22EF5} - \19bc94ba-63fa-4e71-96bc-47dc9bfb0931-2 No Task File <==== ATTENTION
Task: {737C0E8C-9EEA-4817-B41F-4C3F2ACE8696} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
Task: {A4F7C6A4-5E91-4117-A1B0-903BB58730A4} - \19bc94ba-63fa-4e71-96bc-47dc9bfb0931-5_user No Task File <==== ATTENTION
Task: {D206C2BB-C6AA-44EB-A0A3-07C9D0719293} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe
Task: {E67B12A0-9195-44C4-AACE-FADFDFE18D0E} - \19bc94ba-63fa-4e71-96bc-47dc9bfb0931-1 No Task File <==== ATTENTION
Task: {F7C127E2-5FE8-4748-AFA5-677A5C4634AC} - \19bc94ba-63fa-4e71-96bc-47dc9bfb0931-5 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-04 12:55 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2014-09-04 01:36 - 2011-05-19 09:58 - 00246784 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: cFosSpeedS => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NitroDriverReadSpool8 => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: PDFProFiltSrv => 2
MSCONFIG\Services: postgresql-8.4 => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: PDF7 Registry Controller => C:\Program Files (x86)\Nuance\PDF Professional 7\RegistryController.exe
MSCONFIG\startupreg: PDFProHook => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (09/12/2014 01:27:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/12/2014 01:18:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/12/2014 10:27:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2014 11:31:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/10/2014 09:04:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/10/2014 01:55:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/09/2014 05:07:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/09/2014 04:09:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/09/2014 01:37:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/09/2014 00:58:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (09/12/2014 01:25:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Reimage Real Time Protector service failed to start due to the following error:
%%2

Error: (09/12/2014 01:16:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Reimage Real Time Protector service failed to start due to the following error:
%%2

Error: (09/12/2014 11:44:00 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (09/12/2014 10:26:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Reimage Real Time Protector service failed to start due to the following error:
%%2

Error: (09/11/2014 02:41:10 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (09/11/2014 11:30:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Reimage Real Time Protector service failed to start due to the following error:
%%2

Error: (09/10/2014 11:41:23 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (09/10/2014 09:03:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Reimage Real Time Protector service failed to start due to the following error:
%%2

Error: (09/10/2014 01:54:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Reimage Real Time Protector service failed to start due to the following error:
%%2

Error: (09/09/2014 11:59:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\SysWow64\drivers\TrueSight.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Microsoft Office Sessions:
=========================
Error: (09/12/2014 01:27:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
Date: 2014-09-08 18:35:04.891
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-09-08 18:35:04.875
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i7-3930K CPU @ 3.20GHz
Percentage of memory in use: 12%
Total physical RAM: 16335.11 MB
Available physical RAM: 14247.21 MB
Total Pagefile: 32668.4 MB
Available Pagefile: 30428.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:30.13 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:1397.16 GB) (Free:438.81 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:542.48 GB) NTFS
Drive f: (HP OJ8610) (CDROM) (Total:0.31 GB) (Free:0 GB) CDFS
Drive i: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: F3E237D2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 32B7D57D)
Partition 1: (Active) - (Size=1397.2 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3E5CF1C3)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#8
BrianDrab

Posted 12 September 2014 - 02:50 PM

Trusted Helper

Malware Removal
3,591 posts

Excellent. A couple more things and we should be done. Please follow the instructions below.

Step#1 - FRST Fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. fixlist.txt 1021bytes 227 downloads

Note. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).

2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

Step#2 - Run Malwarebytes and Post Log

Download Malwarebytes to your desktop from here. (Or just open the version you have installed)
Double-click on the file that is downloaded to your desktop.
Select the appropriate language and click OK.
Click Next.
Select "I accept the agreement" and click Next.
Click Next
Change the install path if desired. Normally you will keep this as is. Click Next.
Click Next again.
Click Next again.
Click Install.
Uncheck "Enable free trial of Malwarebytes Anti-Malware Premium" since we are going to uninstall when we are done.
Click Finish
If an update is found you will be prompted to download and install. Go ahead.
Click the Scan button at the top of the form and then click Scan Now.
Once the scan completes click the View detailed log link.
Then click the Copy to clipboard button and paste into your next post.

Step#3 - ESET Online Scanner and Post Results
Before running this scan, please temporarily disable your antivirus software to avoid conflicts. You can re-enable once it's done. I believe on the taskbar, you right-click the Norton icon and then click Disable AntiVirus Auto-Protect or something similar. Instructions for doing this on many AVs are here.

Please go here and click on
Note: This site is optimized for Internet Explorer. Please use it for this scan. If you wish to use Firefox or Chrome you will be asked to download the ESET Smart Installer first (esetsmartinstaller_enu.exe). Go ahead and download and run this file.
Please accept the ESET Online Scanner EULA and click Start.
If prompted, allow the Add-On/Active X to install. If you have problems with this step please see this link.
Make sure Enable detection of potentially unwanted applications is selected.
Click the Advanced Settings link.
Make sure Remove found threats is NOT checked.
Make sure Scan archives IS checked.
Make sure Scan for potentially unsafe applications IS checked.
Make sure Enable Anti-Stealth technology IS checked
Click on Start
The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
When completed the Online Scan will begin automatically.
Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
When completed make sure you first copy the contents of the logfile located at C:\Program Files (x86)\ESET\Eset Online Scanner\log.txt
Note: Copy/Paste the contents of the log.txt file BEFORE going on to the next step or the log file will be removed.
Also be sure to check Uninstall Application on Close before clicking finish.
Paste that log as a part of your next post.

Items for your next post

1. FRST Fix Log

2. Malwarebytes log
3. Contents of the ESET log file

#9
saratogasteve

Posted 12 September 2014 - 08:06 PM

New Member

Topic Starter
Member
8 posts

FRST fix log

===============

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-09-2014
Ran by Senor BadAss at 2014-09-12 17:15:04 Run:1
Running from C:\Users\Senor BadAss\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [] => [X]
Task: {0446F44B-30B2-4ACB-81BE-B0C8BB82B732} - \19bc94ba-63fa-4e71-96bc-47dc9bfb0931-7 No Task File <==== ATTENTION
Task: {0C07994D-A48E-495D-8446-A84287953643} - \19bc94ba-63fa-4e71-96bc-47dc9bfb0931-6 No Task File <==== ATTENTION
Task: {1A9C149B-01F8-4634-9B07-21B2E3D38D39} - \19bc94ba-63fa-4e71-96bc-47dc9bfb0931-11 No Task File <==== ATTENTION
Task: {682A166A-ECA1-4DAB-87A6-49090DD71404} - \19bc94ba-63fa-4e71-96bc-47dc9bfb0931-4 No Task File <==== ATTENTION
Task: {6FF8E115-4F1D-449D-806D-D6B1DDE22EF5} - \19bc94ba-63fa-4e71-96bc-47dc9bfb0931-2 No Task File <==== ATTENTION
Task: {A4F7C6A4-5E91-4117-A1B0-903BB58730A4} - \19bc94ba-63fa-4e71-96bc-47dc9bfb0931-5_user No Task File <==== ATTENTION
Task: {E67B12A0-9195-44C4-AACE-FADFDFE18D0E} - \19bc94ba-63fa-4e71-96bc-47dc9bfb0931-1 No Task File <==== ATTENTION
Task: {F7C127E2-5FE8-4748-AFA5-677A5C4634AC} - \19bc94ba-63fa-4e71-96bc-47dc9bfb0931-5 No Task File <==== ATTENTION
cmd: type C:\Users\Senor BadAss\Desktop\aswMBR.txt
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0446F44B-30B2-4ACB-81BE-B0C8BB82B732}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0446F44B-30B2-4ACB-81BE-B0C8BB82B732}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\19bc94ba-63fa-4e71-96bc-47dc9bfb0931-7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C07994D-A48E-495D-8446-A84287953643}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C07994D-A48E-495D-8446-A84287953643}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\19bc94ba-63fa-4e71-96bc-47dc9bfb0931-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1A9C149B-01F8-4634-9B07-21B2E3D38D39}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A9C149B-01F8-4634-9B07-21B2E3D38D39}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\19bc94ba-63fa-4e71-96bc-47dc9bfb0931-11" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{682A166A-ECA1-4DAB-87A6-49090DD71404}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{682A166A-ECA1-4DAB-87A6-49090DD71404}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\19bc94ba-63fa-4e71-96bc-47dc9bfb0931-4" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6FF8E115-4F1D-449D-806D-D6B1DDE22EF5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FF8E115-4F1D-449D-806D-D6B1DDE22EF5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\19bc94ba-63fa-4e71-96bc-47dc9bfb0931-2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A4F7C6A4-5E91-4117-A1B0-903BB58730A4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4F7C6A4-5E91-4117-A1B0-903BB58730A4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\19bc94ba-63fa-4e71-96bc-47dc9bfb0931-5_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E67B12A0-9195-44C4-AACE-FADFDFE18D0E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E67B12A0-9195-44C4-AACE-FADFDFE18D0E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\19bc94ba-63fa-4e71-96bc-47dc9bfb0931-1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F7C127E2-5FE8-4748-AFA5-677A5C4634AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7C127E2-5FE8-4748-AFA5-677A5C4634AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\19bc94ba-63fa-4e71-96bc-47dc9bfb0931-5" => Key deleted successfully.

========= type C:\Users\Senor BadAss\Desktop\aswMBR.txt =========

The system cannot find the file specified.
Error occurred while processing: C:\Users\Senor.
The system cannot find the path specified.

========= End of CMD: =========

==== End of Fixlog ====

================================

Malwarebytes Log

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/12/2014
Scan Time: 5:18:23 PM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.12.07
Rootkit Database: v2014.09.12.01
License: Trial
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Senor BadAss

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 385893
Time Elapsed: 3 min, 27 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Warn

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

=================================

ESET log file

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK

#10
BrianDrab

Posted 13 September 2014 - 06:30 AM

Trusted Helper

Malware Removal
3,591 posts

Thanks. I had an error in the fixlist previously. If you could do the following that would be appreciated.

Step#1 - FRST Fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. fixlist.txt 52bytes 164 downloads

Thank you.

#11
saratogasteve

Posted 13 September 2014 - 09:55 AM

New Member

Topic Starter
Member
8 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-09-2014
Ran by Senor BadAss at 2014-09-13 11:52:30 Run:2
Running from C:\Users\Senor BadAss\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
cmd: type "C:\Users\Senor BadAss\Desktop\aswMBR.txt"
*****************

========= type "C:\Users\Senor BadAss\Desktop\aswMBR.txt" =========

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-09-09 03:13:37
-----------------------------
03:13:37.354    OS Version: Windows x64 6.1.7601 Service Pack 1
03:13:37.354    Number of processors: 12 586 0x2D07
03:13:37.354    ComputerName: SENORBADASS-PC UserName: Senor BadAss
03:13:37.681    Initialize success
03:13:37.728    VM: initialized successfully
03:13:37.744    VM: Intel CPU supported
03:13:42.587    VM: disk I/O iaStorA.sys
03:14:51.296    AVAST engine defs: 14090802
03:15:56.667    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006d
03:15:56.683    Disk 0 Vendor: ATA_____ 3B1Q Size: 122104MB BusType: 11
03:15:56.683    Disk 1 \Device\Harddisk1\DR1 -> \Device\0000006e
03:15:56.683    Disk 1 Vendor: ATA_____ A180 Size: 1430799MB BusType: 11
03:15:56.698    Disk 2 \Device\Harddisk2\DR2 -> \Device\0000006f
03:15:56.698    Disk 2 Vendor: ATA_____ 0A80 Size: 953869MB BusType: 11
03:15:56.714    Disk 0 MBR read successfully
03:15:56.714    Disk 0 MBR scan
03:15:56.729    Disk 0 Windows 7 default MBR code
03:15:56.729    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
03:15:56.729    Disk 0 default boot code
03:15:56.729    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       122002 MB offset 206848
03:15:56.745    Disk 0 scanning C:\Windows\system32\drivers
03:15:58.804    Service scanning
03:16:05.887    Modules scanning
03:16:05.887    Disk 0 trace - called modules:
03:16:05.902    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys ACPI.sys storport.sys hal.dll iaStorA.sys
03:16:05.902    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8015caf790]
03:16:05.902    3 CLASSPNP.SYS[fffff880043c843f] -> nt!IofCallDriver -> [0xfffffa8015beec50]
03:16:05.902    5 iaStorF.sys[fffff880047e92fa] -> nt!IofCallDriver -> [0xfffffa800d5e1710]
03:16:05.918    7 ACPI.sys[fffff88000f8e7a1] -> nt!IofCallDriver -> \Device\0000006d[0xfffffa800d5ce9c0]
03:16:06.261    AVAST engine scan C:\Windows
03:16:06.729    AVAST engine scan C:\Windows\system32
03:16:56.025    AVAST engine scan C:\Windows\system32\drivers
03:16:58.646    AVAST engine scan C:\Users\Senor BadAss
03:17:18.723    AVAST engine scan C:\ProgramData
03:17:26.476    Scan finished successfully
03:18:30.961    Disk 0 MBR has been saved successfully to "C:\Users\Senor BadAss\Desktop\MBR.dat"
03:18:30.961    The log file has been saved successfully to "C:\Users\Senor BadAss\Desktop\aswMBR.txt"

========= End of CMD: =========

==== End of Fixlog ====

#12
BrianDrab

Posted 13 September 2014 - 10:35 AM

Trusted Helper

Malware Removal
3,591 posts

OK! Well done, your computer is clean! If you don't have any other questions/concerns, please do Step#1 below and review my recommendations. Thank you.

1. Clean Up!
We need to remove all the tools that we used so that should you ever be re-infected, you will download updated versions which may have updated detection logic.
1. Download Delfix from here.
2. Ensure everything is checked.

3. Click Run.

Note: The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

2. Windows Updates
Another essential task is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats. Microsoft releases security updates that help your computer from becoming vulnerable. It is best if you have these set to download automatically. Follow the instructions below to ensure your settings are optimal.
1. Click the Start Orb in the lower left corner of the screen.
2. Type Windows Update in the search box that appears
3. Click on the Windows Update program that appears in the search results.
Windows%20Update.JPG
4. Click on Change Settings.

5. Select "Install updates automatically (recommended)" from the Important updates drop-down.

6. Choose a day and a time when you know the computer will be on and connected to the internet. The default is 3:00AM every day.
7. Ensure that all of the other check boxes are checked.
8. Click OK.

3. Keeping Programs Updated
You need to ensure that any programs installed on your machine are kept current. The bad guys exploit vulnerabilities that are found in older versions of software. A very good piece of software that keeps your programs up-to-date is Secunia Personal Software Inspector (PSI). You can download and install it from here. You can read more information about this free software as well as a video walkthrough from here.

Another alternative and popular software program for keeping your programs current is FileHippo Update Checker. Some people prefer this one.

1. Please download FileHippo update checker from here and save to your desktop.
2. Double-click the FHSetup.exe file that was downloaded and accept all the defaults to install the program.
3. The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases. Once updates are found you will see information
from your task bar as follows. If you click on this informational message you will be take to a website showing the programs that you have that are outdated and links will be provided to the updates.

Items for your next post.
1. Contents of the Delfix log.

#13
saratogasteve

Posted 13 September 2014 - 12:18 PM

New Member

Topic Starter
Member
8 posts

Thank you so much for your attention on my issue. Your knowledge, professionalism and focus were greatly appreciated.

steve

Delfix log

# DelFix v10.8 - Logfile created 13/09/2014 at 14:15:33
# Updated 29/07/2014 by Xplode
# Username : Senor BadAss - SENORBADASS-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\_OTL
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Senor BadAss\Desktop\FRST-OlderVersion
Deleted : C:\ComboFix.txt
Deleted : C:\rkill.log
Deleted : C:\TDSSKiller.3.0.0.40_08.09.2014_18.44.22_log.txt
Deleted : C:\TDSSKiller.3.0.0.40_08.09.2014_21.05.36_log.txt
Deleted : C:\TDSSKiller.3.0.0.40_08.09.2014_21.05.41_log.txt
Deleted : C:\TDSSKiller.3.0.0.40_09.09.2014_03.11.54_log.txt
Deleted : C:\TDSSKiller.3.0.0.40_09.09.2014_03.12.26_log.txt
Deleted : C:\Users\Senor BadAss\Desktop\Addition.txt
Deleted : C:\Users\Senor BadAss\Desktop\AdwCleaner_B.txt
Deleted : C:\Users\Senor BadAss\Desktop\aswMBR.exe
Deleted : C:\Users\Senor BadAss\Desktop\aswMBR.txt
Deleted : C:\Users\Senor BadAss\Desktop\Extras.Txt
Deleted : C:\Users\Senor BadAss\Desktop\Fixlog.txt
Deleted : C:\Users\Senor BadAss\Desktop\FRST.txt
Deleted : C:\Users\Senor BadAss\Desktop\FRST64.exe
Deleted : C:\Users\Senor BadAss\Desktop\JRT.exe
Deleted : C:\Users\Senor BadAss\Desktop\MBR.dat
Deleted : C:\Users\Senor BadAss\Desktop\OTL.Txt
Deleted : C:\Users\Senor BadAss\Desktop\OTL_B.txt
Deleted : C:\Users\Senor BadAss\Desktop\OTL.exe
Deleted : C:\Users\Senor BadAss\Desktop\Rkill.txt
Deleted : C:\Users\Senor BadAss\Desktop\RogueKiller.exe
Deleted : C:\Users\Senor BadAss\Desktop\TDSSKiller.exe
Deleted : C:\Users\Senor BadAss\Desktop\tdsskiller.zip
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #48 [avast! antivirus system restore point | 09/08/2014 23:50:44]
Deleted : RP #50 [avast! antivirus system restore point | 09/09/2014 00:03:08]
Deleted : RP #51 [Windows Update | 09/11/2014 22:36:29]
Deleted : RP #52 [Windows Update | 09/12/2014 06:43:41]
Deleted : RP #53 [OTL Restore Point - 9/12/2014 1:11:37 PM | 09/12/2014 17:11:37]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

#14
Essexboy

Posted 13 September 2014 - 02:30 PM

GeekU Moderator

Retired Staff
69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

Back to Virus, Spyware, Malware Removal · Next Unread Topic →

Also tagged with one or more of these keywords: rootkit, malware, grpconv, insidious

Security → Virus, Spyware, Malware Removal → Possible Malware infection - help request [Solved] Started by Maffu , 07 May 2023 malware, advapi and 1 more... 1 2 3 4	Hot 51 replies 12,694 views	DR M 26 Jun 2023
Security → Virus, Spyware, Malware Removal → Help getting started checking laptop for malware [Solved] Started by triedeverything , 12 Apr 2023 help, malware, spyware 1 2	Hot 19 replies 5,758 views	DR M 16 Apr 2023
Security → Virus, Spyware, Malware Removal → Checkmate Ransomware detection / removal? Started by JcTcom , 18 Aug 2022 Checkmate, Ransomware, Virus and 5 more...	0 replies 1,862 views	JcTcom 18 Aug 2022
Security → Virus, Spyware, Malware Removal → Getting a warning over & over but not getting it clean [Solved] Started by Phlegmbot , 28 Mar 2022 malware, spyware, redirect 1 2	Hot 21 replies 6,758 views	DR M 10 Apr 2022
Security → Virus, Spyware, Malware Removal → PC keeps hanging and restarting on its own [Closed] Started by lolx21341 , 29 Jan 2022 Hanging, Restarting, Virus and 2 more...	3 replies 3,597 views	DR M 03 Feb 2022