TechSpot

Repair error 0x45d, possible virus

Inactive
By Mike Ramaekers
Aug 7, 2013
  1. Hello,

    I was able to use the computer yesterday and when I turn it off at night it would not restart this morning. I do not want to re install windows.
    I tried system recovery and I get a error 0x45d,
    Have already used the programme that I have found on this site too scan the pc (Farbar Recovery Scan Tool 64-Bit) here are the results:

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-08-2013 06
    Ran by SYSTEM on 07-08-2013 22:04:34
    Running from G:\
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: Dutch Standard
    Internet Explorer Version 10
    Boot Mode: Recovery

    The current controlset is ControlSet001
    ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
    HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
    HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-08] (Realtek Semiconductor)
    HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
    HKLM\...\Run: [Trend Micro Titanium] - C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe [1111568 2011-10-08] (Trend Micro Inc.)
    HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [197152 2011-02-10] (Trend Micro Inc.)
    HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
    HKLM\...\RunOnce: [*Restore] - C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
    HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
    HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
    HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-28] (Egis Technology Inc.)
    HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-28] (Egis Technology Inc.)
    HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-23] (NTI Corporation)
    HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-02-08] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
    HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-26] (Renesas Electronics Corporation)
    HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
    HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-02-18] (CyberLink Corp.)
    HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2011-08-18] (Apple Inc.)
    HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [DATAMNGR] - C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE [1694608 2011-11-09] (Bandoo Media, inc)
    HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
    HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()
    HKLM-x32\...\Run: [SweetIM] - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [114992 2012-01-19] (SweetIM Technologies Ltd.)
    HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
    HKU\Administrator\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} [x]
    HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
    HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
    HKU\Eurosys\...\Run: [Facebook Update] - "C:\Users\Eurosys\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]
    HKU\Eurosys\...\Run: [GoogleChromeAutoLaunch_AF153D5F4E1BCB48E6FC77EB8849CC4B] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [846288 2013-07-12] (Google Inc.)
    HKU\Eurosys\...\Run: [ISUSPM Startup] - "c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe" -startup [x]
    HKU\Eurosys\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4284976 2013-05-11] ()
    HKU\Eurosys\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
    AppInit_DLLs: C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll [1791384 2011-11-09] (Bandoo Media, inc)
    AppInit_DLLs-x32: C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll [1233816 2011-11-09] (Bandoo Media, inc)

    ==================== Services (Whitelisted) =================

    S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
    S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
    S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
    S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-23] (NTI Corporation)
    S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [x]

    ==================== Drivers (Whitelisted) ====================

    S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-07-11] (Disc Soft Ltd)
    S2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-08-08] (Trend Micro Inc.)
    S2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-08-08] (Trend Micro Inc.)
    S2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-08-08] (Trend Micro Inc.)
    S1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-08-08] (Trend Micro Inc.)
    S2 TMAgent;

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-08-07 22:04 - 2013-08-07 22:04 - 00000000 ____D C:\FRST
    2013-08-01 21:09 - 2013-08-01 21:11 - 00000000 ___RD C:\Backup
    2013-07-31 08:28 - 2013-07-31 08:28 - 00009315 _____ C:\Users\Eurosys\Downloads\Delivery Status Notification (Failure).zip
    2013-07-31 08:28 - 2013-07-31 08:28 - 00008776 _____ C:\Users\Eurosys\Downloads\RE Reservations 27082013-29082013.eml
    2013-07-18 04:44 - 2013-07-18 04:48 - 00000000 ____D C:\Windows\System32\MRT
    2013-07-17 12:27 - 2013-07-17 12:27 - 00000000 ____D C:\Users\Eurosys\Documents\SETTEC
    2013-07-17 12:27 - 2013-07-17 12:27 - 00000000 ____D C:\ProgramData\ASign
    2013-07-17 12:26 - 2013-08-01 20:49 - 00000000 ____D C:\Users\Eurosys\Documents\ARC SYSTEM WORKS
    2013-07-17 12:19 - 2013-07-17 12:19 - 00002205 _____ C:\Users\Public\Desktop\BLAZBLUE -CALAMITY TRIGGER-.lnk
    2013-07-17 12:13 - 2013-07-17 12:13 - 00000000 ____D C:\Program Files (x86)\ARC SYSTEM WORKS
    2013-07-17 04:41 - 2013-07-17 04:41 - 00000000 ____D C:\Users\Eurosys\Documents\Games for Windows - LIVE Demos
    2013-07-16 11:16 - 2013-07-16 11:16 - 00007603 _____ C:\Users\Eurosys\AppData\Local\Resmon.ResmonCfg
    2013-07-16 11:05 - 2013-07-18 06:59 - 00000000 ____D C:\Users\Eurosys\Documents\fifa 13
    2013-07-11 11:04 - 2013-07-11 11:04 - 00000000 ____D C:\Users\Eurosys\Documents\CAPCOM
    2013-07-11 11:01 - 2013-07-11 11:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
    2013-07-11 11:01 - 2013-07-11 11:01 - 00000000 ____D C:\Windows\SysWOW64\xlive
    2013-07-11 11:00 - 2010-06-01 18:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
    2013-07-11 11:00 - 2010-06-01 18:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_7.dll
    2013-07-11 11:00 - 2010-05-26 01:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_43.dll
    2013-07-11 11:00 - 2010-05-26 01:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
    2013-07-11 11:00 - 2010-05-26 01:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\System32\d3dcsx_43.dll
    2013-07-11 11:00 - 2010-05-26 01:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
    2013-07-11 11:00 - 2010-05-26 01:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_43.dll
    2013-07-11 11:00 - 2010-05-26 01:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
    2013-07-11 11:00 - 2010-02-04 00:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_6.dll
    2013-07-11 11:00 - 2010-02-04 00:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
    2013-07-11 11:00 - 2010-02-04 00:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
    2013-07-11 11:00 - 2010-02-04 00:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_6.dll
    2013-07-11 11:00 - 2010-02-04 00:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_4.dll
    2013-07-11 11:00 - 2010-02-04 00:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
    2013-07-11 11:00 - 2010-02-04 00:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_7.dll
    2013-07-11 11:00 - 2010-02-04 00:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
    2013-07-11 11:00 - 2009-09-04 07:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_5.dll
    2013-07-11 11:00 - 2009-09-04 07:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
    2013-07-11 11:00 - 2009-09-04 07:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_5.dll
    2013-07-11 11:00 - 2009-09-04 07:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_3.dll
    2013-07-11 11:00 - 2009-09-04 07:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\System32\d3dcsx_42.dll
    2013-07-11 11:00 - 2009-09-04 07:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
    2013-07-11 11:00 - 2009-09-04 07:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll
    2013-07-11 11:00 - 2009-09-04 07:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_42.dll
    2013-07-11 11:00 - 2009-09-04 07:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
    2013-07-11 11:00 - 2009-09-04 07:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
    2013-07-11 11:00 - 2009-09-04 07:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\System32\d3dx11_42.dll
    2013-07-11 11:00 - 2009-09-04 07:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
    2013-07-11 11:00 - 2009-03-16 04:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_4.dll
    2013-07-11 11:00 - 2009-03-16 04:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
    2013-07-11 11:00 - 2009-03-16 04:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
    2013-07-11 11:00 - 2009-03-16 04:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_4.dll
    2013-07-11 11:00 - 2009-03-16 04:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_6.dll
    2013-07-11 11:00 - 2009-03-16 04:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
    2013-07-11 11:00 - 2009-03-09 05:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll
    2013-07-11 11:00 - 2009-03-09 05:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
    2013-07-11 11:00 - 2009-03-09 05:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_41.dll
    2013-07-11 11:00 - 2009-03-09 05:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_41.dll
    2013-07-11 11:00 - 2008-10-27 00:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_3.dll
    2013-07-11 11:00 - 2008-10-27 00:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
    2013-07-11 11:00 - 2008-10-27 00:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
    2013-07-11 11:00 - 2008-10-27 00:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_3.dll
    2013-07-11 11:00 - 2008-10-27 00:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_2.dll
    2013-07-11 11:00 - 2008-10-27 00:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
    2013-07-11 11:00 - 2008-10-27 00:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_5.dll
    2013-07-11 11:00 - 2008-10-27 00:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
    2013-07-11 11:00 - 2008-10-14 20:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll
    2013-07-11 11:00 - 2008-10-14 20:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
    2013-07-11 11:00 - 2008-10-14 20:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll
    2013-07-11 11:00 - 2008-10-14 20:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
    2013-07-11 11:00 - 2008-10-14 20:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll
    2013-07-11 11:00 - 2008-10-14 20:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
    2013-07-11 11:00 - 2008-07-31 00:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
    2013-07-11 11:00 - 2008-07-31 00:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_2.dll
    2013-07-11 11:00 - 2008-07-31 00:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_1.dll
    2013-07-11 11:00 - 2008-07-31 00:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_2.dll
    2013-07-11 11:00 - 2008-07-10 01:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_39.dll
    2013-07-11 11:00 - 2008-07-10 01:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_39.dll
    2013-07-11 11:00 - 2008-07-10 01:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_39.dll
    2013-07-11 11:00 - 2008-05-30 04:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_1.dll
    2013-07-11 11:00 - 2008-05-30 04:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
    2013-07-11 11:00 - 2008-05-30 04:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
    2013-07-11 11:00 - 2008-05-30 04:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_1.dll
    2013-07-11 11:00 - 2008-05-30 04:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_0.dll
    2013-07-11 11:00 - 2008-05-30 04:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
    2013-07-11 11:00 - 2008-05-30 04:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
    2013-07-11 11:00 - 2008-05-30 04:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_4.dll
    2013-07-11 11:00 - 2008-05-30 04:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_38.dll
    2013-07-11 11:00 - 2008-05-30 04:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
    2013-07-11 11:00 - 2008-05-30 04:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_38.dll
    2013-07-11 11:00 - 2008-05-30 04:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
    2013-07-11 11:00 - 2008-05-30 04:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_38.dll
    2013-07-11 11:00 - 2008-05-30 04:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
    2013-07-11 11:00 - 2008-03-05 06:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_0.dll
    2013-07-11 11:00 - 2008-03-05 06:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
    2013-07-11 11:00 - 2008-03-05 06:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
    2013-07-11 11:00 - 2008-03-05 06:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_0.dll
    2013-07-11 11:00 - 2008-03-05 06:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_3.dll
    2013-07-11 11:00 - 2008-03-05 06:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
    2013-07-11 11:00 - 2008-03-05 05:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_37.dll
    2013-07-11 11:00 - 2008-03-05 05:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
    2013-07-11 11:00 - 2008-03-05 05:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_37.dll
    2013-07-11 11:00 - 2008-03-05 05:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
    2013-07-11 11:00 - 2008-02-05 13:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_37.dll
    2013-07-11 11:00 - 2008-02-05 13:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
    2013-07-11 11:00 - 2007-10-21 17:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_10.dll
    2013-07-11 11:00 - 2007-10-21 17:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
    2013-07-11 11:00 - 2007-10-21 17:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_2.dll
    2013-07-11 11:00 - 2007-10-21 17:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
    2013-07-11 11:00 - 2007-10-12 05:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_36.dll
    2013-07-11 11:00 - 2007-10-12 05:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
    2013-07-11 11:00 - 2007-10-12 05:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_36.dll
    2013-07-11 11:00 - 2007-10-12 05:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
    2013-07-11 11:00 - 2007-10-01 23:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_36.dll
    2013-07-11 11:00 - 2007-10-01 23:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
    2013-07-11 11:00 - 2007-07-19 14:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_9.dll
    2013-07-11 11:00 - 2007-07-19 14:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
    2013-07-11 11:00 - 2007-07-19 08:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_35.dll
    2013-07-11 11:00 - 2007-07-19 08:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
    2013-07-11 11:00 - 2007-07-19 08:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_35.dll
    2013-07-11 11:00 - 2007-07-19 08:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
    2013-07-11 11:00 - 2007-07-19 08:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_35.dll
    2013-07-11 11:00 - 2007-07-19 08:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
    2013-07-11 11:00 - 2007-06-20 10:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_8.dll
    2013-07-11 11:00 - 2007-06-20 10:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
    2013-07-11 11:00 - 2007-05-16 06:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_34.dll
    2013-07-11 11:00 - 2007-05-16 06:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
    2013-07-11 11:00 - 2007-05-16 06:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_34.dll
    2013-07-11 11:00 - 2007-05-16 06:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
    2013-07-11 11:00 - 2007-05-16 06:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_34.dll
    2013-07-11 11:00 - 2007-05-16 06:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
    2013-07-11 11:00 - 2007-04-04 08:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_7.dll
    2013-07-11 11:00 - 2007-04-04 08:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
    2013-07-11 11:00 - 2007-04-04 08:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_3.dll
    2013-07-11 11:00 - 2007-04-04 08:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
    2013-07-11 11:00 - 2007-03-15 06:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_33.dll
    2013-07-11 11:00 - 2007-03-15 06:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
    2013-07-11 11:00 - 2007-03-12 06:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_33.dll
    2013-07-11 11:00 - 2007-03-12 06:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
    2013-07-11 11:00 - 2007-03-12 06:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_33.dll
    2013-07-11 11:00 - 2007-03-12 06:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
    2013-07-11 11:00 - 2007-03-05 02:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\System32\x3daudio1_1.dll
    2013-07-11 11:00 - 2007-03-05 02:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
    2013-07-11 11:00 - 2007-01-24 05:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_6.dll
    2013-07-11 11:00 - 2007-01-24 05:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
    2013-07-11 11:00 - 2006-12-08 02:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
    2013-07-11 11:00 - 2006-12-08 02:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_5.dll
    2013-07-11 11:00 - 2006-11-29 03:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10.dll
    2013-07-11 11:00 - 2006-11-29 03:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
    2013-07-11 11:00 - 2006-09-28 06:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_31.dll
    2013-07-11 11:00 - 2006-09-28 06:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
    2013-07-11 11:00 - 2006-09-28 06:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
    2013-07-11 11:00 - 2006-09-28 06:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_4.dll
    2013-07-11 11:00 - 2006-07-27 23:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_2.dll
    2013-07-11 11:00 - 2006-07-27 23:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_3.dll
    2013-07-11 11:00 - 2006-07-27 23:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
    2013-07-11 11:00 - 2006-07-27 23:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
    2013-07-11 11:00 - 2006-05-30 21:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
    2013-07-11 11:00 - 2006-05-30 21:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_2.dll
    2013-07-11 11:00 - 2006-03-31 02:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_1.dll
    2013-07-11 11:00 - 2006-03-31 02:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
    2013-07-11 11:00 - 2006-03-31 02:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_1.dll
    2013-07-11 11:00 - 2006-03-31 02:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
    2013-07-11 10:59 - 2006-03-31 02:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_30.dll
    2013-07-11 10:59 - 2006-03-31 02:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
    2013-07-11 10:59 - 2006-02-02 22:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_29.dll
    2013-07-11 10:59 - 2006-02-02 22:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
    2013-07-11 10:59 - 2006-02-02 22:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_0.dll
    2013-07-11 10:59 - 2006-02-02 22:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
    2013-07-11 10:59 - 2006-02-02 22:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\System32\x3daudio1_0.dll
    2013-07-11 10:59 - 2006-02-02 22:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
    2013-07-11 10:59 - 2005-12-05 08:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_28.dll
    2013-07-11 10:59 - 2005-12-05 08:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
    2013-07-11 10:59 - 2005-07-22 09:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll
    2013-07-11 10:59 - 2005-07-22 09:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
    2013-07-11 10:59 - 2005-05-26 05:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_26.dll
    2013-07-11 10:59 - 2005-05-26 05:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
    2013-07-11 10:59 - 2005-03-18 07:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_25.dll
    2013-07-11 10:59 - 2005-03-18 07:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
    2013-07-11 10:59 - 2005-02-05 09:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_24.dll
    2013-07-11 10:59 - 2005-02-05 09:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
    2013-07-11 10:48 - 2013-07-11 10:48 - 00000000 ____D C:\Program Files (x86)\Capcom
    2013-07-11 10:46 - 2013-07-11 10:46 - 00283064 _____ (Disc Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
    2013-07-11 10:46 - 2013-07-11 10:46 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
    2013-07-11 10:45 - 2013-07-11 10:46 - 13867192 _____ (Disc Soft Ltd) C:\Users\Eurosys\Downloads\DTLite4471-0335 (1).exe
    2013-07-11 09:24 - 2013-07-11 09:24 - 13132049 _____ (The qBittorrent project) C:\Users\Eurosys\Downloads\qbittorrent_3.0.10_setup.exe
    2013-07-11 09:23 - 2013-07-11 09:23 - 00000000 ____D C:\Users\Eurosys\AppData\Roaming\WinRAR
    2013-07-11 09:22 - 2013-07-11 09:23 - 00000000 ____D C:\Program Files\WinRAR
    2013-07-11 09:22 - 2013-07-11 09:22 - 01967000 _____ C:\Users\Eurosys\Downloads\winrar-x64-50b6.exe
    2013-07-11 09:18 - 2013-07-11 09:18 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
    2013-07-11 08:40 - 2013-07-11 08:41 - 13867192 _____ (Disc Soft Ltd) C:\Users\Eurosys\Downloads\DTLite4471-0335.exe
    2013-07-11 08:35 - 2013-07-11 08:36 - 00489464 _____ C:\Users\Eurosys\Downloads\DTLite4471-0333-oc-jd.exe
    2013-07-10 03:58 - 2013-06-11 15:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-07-10 03:58 - 2013-06-11 15:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-07-10 03:58 - 2013-06-11 15:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-07-10 03:58 - 2013-06-11 15:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-07-10 03:58 - 2013-06-11 15:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-07-10 03:58 - 2013-06-11 15:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-07-10 03:58 - 2013-06-11 15:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-07-10 03:58 - 2013-06-11 15:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-07-10 03:58 - 2013-06-11 15:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-07-10 03:58 - 2013-06-11 15:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-07-10 03:58 - 2013-06-11 15:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-07-10 03:58 - 2013-06-11 15:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-07-10 03:58 - 2013-06-11 15:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-07-10 03:58 - 2013-06-11 15:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-07-10 03:58 - 2013-06-11 15:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
    2013-07-10 03:58 - 2013-06-11 15:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-07-10 03:58 - 2013-06-11 15:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-07-10 03:58 - 2013-06-11 15:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-07-10 03:58 - 2013-06-11 15:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-07-10 03:58 - 2013-06-11 15:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-07-10 03:58 - 2013-06-11 15:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-07-10 03:58 - 2013-06-11 15:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
    2013-07-10 03:58 - 2013-06-11 15:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
    2013-07-10 03:58 - 2013-06-11 15:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-07-10 03:58 - 2013-06-11 15:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
    2013-07-10 03:58 - 2013-06-11 14:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-07-10 03:58 - 2013-06-11 14:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
    2013-07-10 03:58 - 2013-06-06 19:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-07-10 03:58 - 2013-06-06 18:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-07-10 03:57 - 2013-06-11 15:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-07-10 03:57 - 2013-06-11 15:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-07-10 01:32 - 2013-06-04 19:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2013-07-10 01:32 - 2013-06-03 22:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
    2013-07-10 01:32 - 2013-06-03 20:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2013-07-10 01:32 - 2013-05-05 22:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
    2013-07-10 01:32 - 2013-05-05 20:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2013-07-10 01:32 - 2013-04-09 15:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2013-07-10 01:32 - 2013-04-02 14:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll

    ==================== One Month Modified Files and Folders =======

    2013-08-07 22:04 - 2013-08-07 22:04 - 00000000 ____D C:\FRST
    2013-08-07 22:04 - 2010-11-20 18:50 - 00000000 ____D C:\users\Administrator
    2013-08-07 21:46 - 2009-07-13 19:20 - 00000000 __RHD C:\users\Default
    2013-08-07 11:36 - 2009-07-13 20:51 - 00022788 _____ C:\Windows\setupact.log
    2013-08-01 21:29 - 2011-05-31 20:57 - 00000000 ____D C:\Windows\Panther
    2013-08-01 21:29 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\Offline Web Pages
    2013-08-01 21:29 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\servicing
    2013-08-01 21:29 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
    2013-08-01 21:29 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
    2013-08-01 21:29 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
    2013-08-01 21:28 - 2011-05-31 20:56 - 00000000 ____D C:\Windows\LP
    2013-08-01 21:28 - 2009-07-13 19:20 - 00000000 __RSD C:\Windows\Media
    2013-08-01 21:28 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\L2Schemas
    2013-08-01 21:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\IME
    2013-08-01 21:26 - 2011-05-31 20:56 - 00000000 ____D C:\Windows\DeployWinRE
    2013-08-01 21:26 - 2010-11-20 23:16 - 00000000 ___RD C:\Users\Public\Recorded TV
    2013-08-01 21:26 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\addins
    2013-08-01 21:26 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Cursors
    2013-08-01 21:25 - 2011-05-31 21:04 - 00000000 ____D C:\ProgramData\newsXpresso
    2013-08-01 21:25 - 2011-05-31 20:57 - 00000000 ____D C:\ProgramData\EgisTec IPS
    2013-08-01 21:25 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
    2013-08-01 21:25 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2013-08-01 21:25 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
    2013-08-01 21:25 - 2009-07-13 19:20 - 00000000 __RHD C:\Users\Public\Libraries
    2013-08-01 21:24 - 2011-05-31 21:04 - 00000000 ____D C:\Program Files (x86)\newsXpresso
    2013-08-01 21:24 - 2011-05-31 20:57 - 00000000 ____D C:\Program Files (x86)\EgisTec MyWinLocker
    2013-08-01 21:24 - 2011-05-31 20:57 - 00000000 ____D C:\Program Files (x86)\EgisTec IPS
    2013-08-01 21:24 - 2011-05-31 20:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2013-08-01 21:24 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
    2013-08-01 21:22 - 2011-05-31 20:49 - 00000000 ____D C:\DOLBY PCEE4
    2013-08-01 21:22 - 2010-11-20 23:06 - 00000000 ____D C:\Windows\SysWOW64\winrm
    2013-08-01 21:22 - 2010-11-20 23:06 - 00000000 ____D C:\Windows\SysWOW64\WCN
    2013-08-01 21:22 - 2010-11-20 23:06 - 00000000 ____D C:\Windows\SysWOW64\sysprep
    2013-08-01 21:22 - 2010-11-20 23:06 - 00000000 ____D C:\Windows\SysWOW64\slmgr
    2013-08-01 21:22 - 2010-11-20 23:06 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
    2013-08-01 21:22 - 2010-11-20 23:06 - 00000000 ____D C:\Windows\System32\winrm
    2013-08-01 21:22 - 2010-11-20 23:06 - 00000000 ____D C:\Windows\System32\WCN
    2013-08-01 21:22 - 2010-11-20 23:06 - 00000000 ____D C:\Windows\System32\slmgr
    2013-08-01 21:22 - 2010-11-20 23:06 - 00000000 ____D C:\Windows\System32\Printing_Admin_Scripts
    2013-08-01 21:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
    2013-08-01 21:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
    2013-08-01 21:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
    2013-08-01 21:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
    2013-08-01 21:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
    2013-08-01 21:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\com
    2013-08-01 21:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sysprep
    2013-08-01 21:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Setup
    2013-08-01 21:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\oobe
    2013-08-01 21:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\MUI
    2013-08-01 21:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\migwiz
    2013-08-01 21:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Dism
    2013-08-01 21:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\com
    2013-08-01 21:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Speech
    2013-08-01 21:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Help
    2013-08-01 21:21 - 2011-05-31 21:01 - 00000000 ____D C:\ProgramData\BackupManager
    2013-08-01 21:21 - 2011-05-31 20:59 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
    2013-08-01 21:21 - 2011-05-31 20:59 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
    2013-08-01 21:21 - 2011-05-31 20:59 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
    2013-08-01 21:21 - 2011-05-31 20:57 - 00000000 ____D C:\Users\Administrator\AppData\Local\Downloaded Installations
    2013-08-01 21:21 - 2011-05-31 20:49 - 00000000 ___HD C:\OEM
    2013-08-01 21:21 - 2011-05-31 20:49 - 00000000 ____D C:\Program Files (x86)\Windows Live
    2013-08-01 21:21 - 2011-05-31 20:48 - 00000000 ____D C:\Users\Administrator\AppData\Local\Windows Live
    2013-08-01 21:21 - 2011-05-31 20:48 - 00000000 ____D C:\Program Files\Windows Live
    2013-08-01 21:21 - 2011-05-31 20:44 - 00000000 ____D C:\ProgramData\McAfee
    2013-08-01 21:21 - 2011-05-31 20:44 - 00000000 ____D C:\Program Files\mcafee.com
    2013-08-01 21:21 - 2011-05-31 20:44 - 00000000 ____D C:\Program Files\mcafee
    2013-08-01 21:21 - 2011-05-31 20:44 - 00000000 ____D C:\Program Files\Common Files\mcafee
    2013-08-01 21:21 - 2011-05-31 20:44 - 00000000 ____D C:\Program Files (x86)\mcafee.com
    2013-08-01 21:21 - 2011-05-31 20:44 - 00000000 ____D C:\Program Files (x86)\McAfee
    2013-08-01 21:21 - 2011-05-31 20:30 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
    2013-08-01 21:21 - 2011-05-31 20:14 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\InstallShield
    2013-08-01 21:21 - 2010-11-20 23:17 - 00000000 ____D C:\Program Files\Windows Journal
    2013-08-01 21:21 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Sidebar
    2013-08-01 21:21 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
    2013-08-01 21:21 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Defender
    2013-08-01 21:21 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Microsoft Games
    2013-08-01 21:21 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\DVD Maker
    2013-08-01 21:21 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
    2013-08-01 21:21 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\System
    2013-08-01 21:11 - 2013-08-01 21:09 - 00000000 ___RD C:\Backup
    2013-08-01 21:11 - 2012-01-04 14:14 - 00000000 ____D C:\Users\Eurosys\AppData\Local\DDMSettings
    2013-08-01 21:11 - 2011-11-29 10:25 - 00000000 ____D C:\Users\Eurosys\AppData\Local\Ilivid Player
    2013-08-01 21:04 - 2011-09-01 06:06 - 00000000 __SHD C:\Recovery
    2013-08-01 20:49 - 2013-07-17 12:26 - 00000000 ____D C:\Users\Eurosys\Documents\ARC SYSTEM WORKS
    2013-08-01 20:49 - 2011-12-27 05:16 - 00000000 ____D C:\ProgramData\McAfee Security Scan
    2013-08-01 20:49 - 2011-11-07 08:58 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
    2013-08-01 20:49 - 2011-09-13 02:22 - 00000000 ____D C:\ProgramData\Trend Micro
    2013-08-01 20:49 - 2011-09-01 06:37 - 00000000 ____D C:\ProgramData\clear.fi
    2013-08-01 20:49 - 2011-09-01 06:08 - 00000000 ____D C:\Users\Eurosys\AppData\Local\PowerCinema
    2013-08-01 20:49 - 2011-09-01 06:07 - 00000000 ____D C:\users\Eurosys
    2013-08-01 20:48 - 2011-10-18 11:10 - 00000000 __RHD C:\MSOCache
    2013-08-01 05:58 - 2013-05-11 09:55 - 00000000 ____D C:\Users\Eurosys\AppData\Local\PMB Files
    2013-08-01 02:45 - 2011-12-19 12:42 - 00000000 ____D C:\ProgramData\CanonIJPLM
    2013-07-31 08:28 - 2013-07-31 08:28 - 00009315 _____ C:\Users\Eurosys\Downloads\Delivery Status Notification (Failure).zip
    2013-07-31 08:28 - 2013-07-31 08:28 - 00008776 _____ C:\Users\Eurosys\Downloads\RE Reservations 27082013-29082013.eml
    2013-07-29 01:17 - 2011-12-29 12:55 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-07-29 01:14 - 2009-07-13 20:45 - 00016976 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-07-29 01:14 - 2009-07-13 20:45 - 00016976 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-07-29 01:13 - 2012-04-17 03:52 - 00000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-07-29 01:06 - 2011-12-29 12:55 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-07-29 01:06 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2013-07-28 14:10 - 2011-10-20 11:00 - 00001092 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1774522944-509669802-3474748747-1000UA.job
    2013-07-28 13:23 - 2012-02-15 14:23 - 00000000 ____D C:\Program Files (x86)\DealPly
    2013-07-27 03:06 - 2011-07-05 14:56 - 00713654 _____ C:\Windows\System32\perfh013.dat
    2013-07-27 03:06 - 2011-07-05 14:56 - 00137736 _____ C:\Windows\System32\perfc013.dat
    2013-07-27 03:06 - 2009-07-13 21:13 - 01581974 _____ C:\Windows\System32\PerfStringBackup.INI
    2013-07-26 05:23 - 2011-10-20 11:00 - 00001070 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1774522944-509669802-3474748747-1000Core.job
    2013-07-22 02:39 - 2013-05-28 11:56 - 00000000 ____D C:\Users\Eurosys\Documents\Hippe Hoppers
    2013-07-18 06:59 - 2013-07-16 11:05 - 00000000 ____D C:\Users\Eurosys\Documents\fifa 13
    2013-07-18 04:48 - 2013-07-18 04:44 - 00000000 ____D C:\Windows\System32\MRT
    2013-07-17 12:27 - 2013-07-17 12:27 - 00000000 ____D C:\Users\Eurosys\Documents\SETTEC
    2013-07-17 12:27 - 2013-07-17 12:27 - 00000000 ____D C:\ProgramData\ASign
    2013-07-17 12:19 - 2013-07-17 12:19 - 00002205 _____ C:\Users\Public\Desktop\BLAZBLUE -CALAMITY TRIGGER-.lnk
    2013-07-17 12:13 - 2013-07-17 12:13 - 00000000 ____D C:\Program Files (x86)\ARC SYSTEM WORKS
    2013-07-17 08:47 - 2012-11-19 16:26 - 00000000 ____D C:\Users\Eurosys\Documents\Memind
    2013-07-17 04:41 - 2013-07-17 04:41 - 00000000 ____D C:\Users\Eurosys\Documents\Games for Windows - LIVE Demos
    2013-07-16 11:16 - 2013-07-16 11:16 - 00007603 _____ C:\Users\Eurosys\AppData\Local\Resmon.ResmonCfg
    2013-07-13 00:12 - 2011-12-29 12:55 - 00004054 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2013-07-13 00:12 - 2011-12-29 12:55 - 00003802 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2013-07-11 11:04 - 2013-07-11 11:04 - 00000000 ____D C:\Users\Eurosys\Documents\CAPCOM
    2013-07-11 11:02 - 2013-07-11 11:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
    2013-07-11 11:01 - 2013-07-11 11:01 - 00000000 ____D C:\Windows\SysWOW64\xlive
    2013-07-11 10:48 - 2013-07-11 10:48 - 00000000 ____D C:\Program Files (x86)\Capcom
    2013-07-11 10:46 - 2013-07-11 10:46 - 00283064 _____ (Disc Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
    2013-07-11 10:46 - 2013-07-11 10:46 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
    2013-07-11 10:46 - 2013-07-11 10:45 - 13867192 _____ (Disc Soft Ltd) C:\Users\Eurosys\Downloads\DTLite4471-0335 (1).exe
    2013-07-11 09:24 - 2013-07-11 09:24 - 13132049 _____ (The qBittorrent project) C:\Users\Eurosys\Downloads\qbittorrent_3.0.10_setup.exe
    2013-07-11 09:23 - 2013-07-11 09:23 - 00000000 ____D C:\Users\Eurosys\AppData\Roaming\WinRAR
    2013-07-11 09:23 - 2013-07-11 09:22 - 00000000 ____D C:\Program Files\WinRAR
    2013-07-11 09:22 - 2013-07-11 09:22 - 01967000 _____ C:\Users\Eurosys\Downloads\winrar-x64-50b6.exe
    2013-07-11 09:18 - 2013-07-11 09:18 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
    2013-07-11 08:41 - 2013-07-11 08:40 - 13867192 _____ (Disc Soft Ltd) C:\Users\Eurosys\Downloads\DTLite4471-0335.exe
    2013-07-11 08:36 - 2013-07-11 08:35 - 00489464 _____ C:\Users\Eurosys\Downloads\DTLite4471-0333-oc-jd.exe
    2013-07-10 05:54 - 2009-07-13 20:45 - 00441264 _____ C:\Windows\System32\FNTCACHE.DAT
    2013-07-10 05:51 - 2012-05-16 23:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2013-07-10 04:05 - 2011-10-18 11:10 - 00000000 ____D C:\ProgramData\Microsoft Help

    ==================== Known DLLs (Whitelisted) ================


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ==================== Restore Points =========================


    ==================== Memory info ===========================

    Percentage of memory in use: 16%
    Total physical RAM: 4077.86 MB
    Available physical RAM: 3388.21 MB
    Total Pagefile: 4076.06 MB
    Available Pagefile: 3389.78 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.85 MB

    ==================== Drives ================================

    Drive c: (Acer) (Fixed) (Total:449.66 GB) (Free:315.39 GB) NTFS (Disk=0 Partition=3) ==>[Drive with boot components (obtained from BCD)]
    Drive d: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
    Drive e: (PQSERVICE) (Fixed) (Total:16 GB) (Free:1.89 GB) NTFS (Disk=0 Partition=1)
    Drive f: (GRMCPRFRER_NL_DVD) (CDROM) (Total:2.23 GB) (Free:0 GB) UDF
    Drive g: () (Removable) (Total:7.21 GB) (Free:7.21 GB) FAT32 (Disk=1 Partition=1)
    Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 3CE334F0)
    Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
    Partition 2: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Active) - (Size=450 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (Size: 7 GB) (Disk ID: 7D4353E6)
    Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)


    LastRegBack: 2013-07-23 04:35


    ==================== End Of Log ============================

    I hope some one can help me and already thanks
    (sorry for the bad english)
  2. Broni

    Broni Malware Annihilator Posts: 46,479   +252

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ===================================

    Restart or start? No boot to normal or safe mode?

    Do you mean system restore?
  3. Mike Ramaekers

    Mike Ramaekers Newcomer, in training Topic Starter

    I was trying to start the laptop and it don't wanne start in safe mode or in normale mode
    and yea I mean system restore

    and thanks for you're fast answer
  4. Broni

    Broni Malware Annihilator Posts: 46,479   +252

    I don't actually see anything malicious there but let's see if we can fix your issue.

    Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    On Vista or Windows 7: Now please enter System Recovery Options.
    On Windows XP: Now please boot into the UBCD.
    Run FRST/FRST64 and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
    See if you can boot now.

    Attached Files:

  5. Mike Ramaekers

    Mike Ramaekers Newcomer, in training Topic Starter

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-08-2013 06
    Ran by SYSTEM at 2013-08-07 22:53:08 Run:1
    Running from G:\
    Boot Mode: Recovery
    ==============================================

    DEFAULT hive was successfully copied to System32\config\HiveBackup
    DEFAULT hive was successfully restored from registry back up.
    SAM hive was successfully copied to System32\config\HiveBackup
    SAM hive was successfully restored from registry back up.
    SECURITY hive was successfully copied to System32\config\HiveBackup
    SECURITY hive was successfully restored from registry back up.
    SOFTWARE hive was successfully copied to System32\config\HiveBackup
    SOFTWARE hive was successfully restored from registry back up.
    SYSTEM hive was successfully copied to System32\config\HiveBackup
    SYSTEM hive was successfully restored from registry back up.

    ==== End of Fixlog ====
  6. Mike Ramaekers

    Mike Ramaekers Newcomer, in training Topic Starter

    Still the same problem if I boot the laptop now its still a black screen with the arrow of the mouse
  7. Broni

    Broni Malware Annihilator Posts: 46,479   +252

    Unfortunately there is not much more I can do here.

    I suggest you start new topic in Windows forum.

    Good luck :)
  8. Mike Ramaekers

    Mike Ramaekers Newcomer, in training Topic Starter

    Okay thanks anyways
  9. Broni

    Broni Malware Annihilator Posts: 46,479   +252



Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.