Jump to content

fishtaco254

Honorary Members
 View Profile  See their activity

  • Posts

    45

  • Joined

  • Last visited

 Content Type 

Posts posted by fishtaco254

    Have some malware I believe

    in Resolved Malware Removal Logs

    Posted

    Hey when I click on certain links it sends me to sex.com lol. I have the premium version of malwarebytes now but it can't find it. I also have webroot and was wondering if I can use malwarebytes as my standalone virus protection? Thanks

     

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
    Ran by Steven (administrator) on STEVEN on 15-06-2014 08:38:26
    Running from C:\Users\Steven\Downloads
    Platform: Windows 8.1 Pro (X64) OS Language: English(US)
    Internet Explorer Version 11
    Boot Mode: Normal
     
    The only official download link for FRST:
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
     
    ==================== Processes (Whitelisted) =================
     
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Cypress Semiconductor Corporation) C:\Program Files\Cypress\TrackPad\CyTpService.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Cypress Semiconductor, Inc.) C:\Program Files\Cypress\TrackPad\CyHidWin.exe
    (Cypress Semiconductor Corporation) C:\Program Files\Cypress\TrackPad\CyCpIo.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Google Inc.) C:\Users\Steven\AppData\Local\Google\Update\GoogleUpdate.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
    HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [763512 2014-06-14] (Webroot)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-941173593-4215877143-4246481039-1001\...\Run: [Google Update] => C:\Users\Steven\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-04] (Google Inc.)
    HKU\S-1-5-21-941173593-4215877143-4246481039-1001\...\Run: [GoogleChromeAutoLaunch_F24911D7A7038F5FFBF2DBF664E78DA0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
    HKU\S-1-5-21-941173593-4215877143-4246481039-1001\...\MountPoints2: {f3c3af77-ba75-11e3-be73-88532e9ab8a1} - "E:\WD SmartWare.exe" autoplay=true
    HKU\S-1-5-21-941173593-4215877143-4246481039-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Steven\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-04] (Google Inc.)
    HKU\S-1-5-21-941173593-4215877143-4246481039-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_F24911D7A7038F5FFBF2DBF664E78DA0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
    HKU\S-1-5-21-941173593-4215877143-4246481039-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f3c3af77-ba75-11e3-be73-88532e9ab8a1} - "E:\WD SmartWare.exe" autoplay=true
     
    ==================== Internet (Whitelisted) ====================
     
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xABDB26EBBB47CF01
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
    BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
    BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
     
    FireFox:
    ========
    FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Steven\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Steven\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Steven\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Steven\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Steven\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Steven\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
     
    Chrome: 
    =======
    CHR HomePage: hxxp://g.msn.com/USCON/1
    CHR Extension: (Google Docs) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-24]
    CHR Extension: (Google Drive) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-24]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-14]
    CHR Extension: (YouTube) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-24]
    CHR Extension: (Google Search) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-24]
    CHR Extension: (Google Calendar) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-03-24]
    CHR Extension: (Google +1 Button) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp [2014-03-24]
    CHR Extension: (Webroot Filtering Extension) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-06-14]
    CHR Extension: (Man of Steel) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\knfmphhfikndpfbllhdojajhgpmlnlef [2014-03-24]
    CHR Extension: (Google Wallet) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-24]
    CHR Extension: (Hover Zoom) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-03-24]
    CHR Extension: (Gmail) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-24]
    CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.32.crx [2014-06-14]
     
    ==================== Services (Whitelisted) =================
     
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
    R2 CyTpService; C:\Program Files\Cypress\TrackPad\CyTpService.exe [30208 2012-11-16] (Cypress Semiconductor Corporation)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
    S2 WRSVC; C:\Program Files\Webroot\WRSA.exe [763512 2014-06-14] (Webroot)
     
    ==================== Drivers (Whitelisted) ====================
     
    S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
    S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
    R3 cyhid; C:\Windows\System32\drivers\cyhid.sys [148480 2013-01-10] (Cypress Semiconductor, Inc.)
    R3 cykbfltrService; C:\Windows\system32\DRIVERS\cykbfltr.sys [20992 2013-01-10] (Cypress Semiconductor, Inc.)
    R3 cymfltrService; C:\Windows\system32\DRIVERS\cymfltr.sys [98816 2013-01-10] (Cypress Semiconductor, Inc.)
    S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
    S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
    S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
    R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-25] (Microsoft Corporation)
    R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-01-19] ()
    S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-11-14] (Microsoft Corporation)
    S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-14] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
    R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
    S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
    S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
    R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
    S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-25] (Microsoft Corporation)
    S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
    S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
    R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
    R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [114176 2014-06-14] (Webroot)
     
    ==================== NetSvcs (Whitelisted) ===================
     
     
    ==================== One Month Created Files and Folders ========
     
    2014-06-15 08:38 - 2014-06-15 08:38 - 00013697 _____ () C:\Users\Steven\Downloads\FRST.txt
    2014-06-14 19:01 - 2014-06-14 19:01 - 02081792 _____ (Farbar) C:\Users\Steven\Downloads\FRST64.exe
    2014-06-14 18:00 - 2014-06-14 23:15 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2014-06-14 18:00 - 2014-06-14 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-06-14 18:00 - 2014-06-14 18:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-06-14 18:00 - 2014-06-14 18:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-06-14 18:00 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
    2014-06-14 18:00 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
    2014-06-14 18:00 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
    2014-06-14 17:59 - 2014-06-14 17:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Steven\Downloads\mbam-setup-2.0.2.1012.exe
    2014-06-14 17:54 - 2014-06-15 08:37 - 00000000 ____D () C:\Program Files (x86)\Exterminate It!
    2014-06-14 17:54 - 2014-06-14 17:54 - 00000000 ____D () C:\Users\Steven\AppData\Roaming\Curiolab
    2014-06-14 17:53 - 2014-06-14 18:13 - 00000000 ____D () C:\Program Files\Webroot
    2014-06-14 17:53 - 2014-06-14 18:02 - 00000000 ____D () C:\ProgramData\WRData
    2014-06-14 17:53 - 2014-06-14 17:53 - 00763512 _____ (Webroot) C:\Users\Steven\Downloads\wsainstall (2).exe
    2014-06-14 17:53 - 2014-06-14 17:53 - 00153256 _____ (Webroot) C:\WINDOWS\SysWOW64\WRusr.dll
    2014-06-14 17:53 - 2014-06-14 17:53 - 00114176 _____ (Webroot) C:\WINDOWS\system32\Drivers\WRkrn.sys
    2014-06-14 17:53 - 2014-06-14 17:53 - 00103816 _____ (Webroot) C:\WINDOWS\system32\WRusr.dll
    2014-06-14 17:53 - 2014-06-14 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere
    2014-06-14 17:51 - 2014-06-14 17:51 - 00763512 _____ (Webroot) C:\Users\Steven\Downloads\Unconfirmed 8215.crdownload
    2014-06-14 17:51 - 2014-06-14 17:51 - 00763512 _____ (Webroot) C:\Users\Steven\Downloads\Unconfirmed 47133.crdownload
    2014-06-14 17:48 - 2014-06-14 17:54 - 00000000 ____D () C:\Users\Steven\AppData\Roaming\GetRightToGo
    2014-06-14 17:48 - 2014-06-14 17:48 - 00368256 _____ (RegNow.com) C:\Users\Steven\Downloads\Download_ExterminateItSetup-swpl.exe
    2014-06-14 10:16 - 2014-06-14 10:44 - 00000000 ____D () C:\Users\Steven\Downloads\The Wolf of Wall Street (2013) [1080p]
    2014-06-14 10:14 - 2014-06-14 10:15 - 00000000 ____D () C:\Users\Steven\Downloads\I Love You, Man (2009)
    2014-06-12 17:59 - 2014-05-08 18:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
    2014-06-12 17:57 - 2014-05-30 05:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2014-06-12 17:57 - 2014-05-30 04:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2014-06-12 17:57 - 2014-05-30 04:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
    2014-06-12 17:57 - 2014-05-30 04:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2014-06-12 17:57 - 2014-05-30 04:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2014-06-12 17:57 - 2014-05-30 04:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2014-06-12 17:57 - 2014-05-30 04:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
    2014-06-12 17:57 - 2014-05-30 03:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2014-06-12 17:57 - 2014-05-30 03:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2014-06-12 17:57 - 2014-05-30 03:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
    2014-06-12 17:57 - 2014-05-30 03:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2014-06-12 17:57 - 2014-05-30 03:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2014-06-12 17:57 - 2014-05-30 03:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2014-06-12 17:57 - 2014-05-30 03:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2014-06-12 17:57 - 2014-05-30 03:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2014-06-12 17:57 - 2014-05-30 03:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
    2014-06-12 17:57 - 2014-05-30 03:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2014-06-12 17:57 - 2014-05-30 03:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2014-06-12 17:57 - 2014-05-30 02:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2014-06-12 17:57 - 2014-05-30 02:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2014-06-12 17:57 - 2014-05-30 02:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2014-06-12 17:57 - 2014-05-30 02:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2014-06-12 17:57 - 2014-05-30 02:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2014-06-12 17:57 - 2014-05-30 02:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2014-06-12 17:57 - 2014-05-30 02:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2014-06-12 17:57 - 2014-05-30 02:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2014-06-12 17:57 - 2014-05-30 02:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2014-06-12 17:57 - 2014-05-30 02:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2014-06-12 17:57 - 2014-05-30 02:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2014-06-12 17:57 - 2014-05-09 22:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2014-06-12 17:57 - 2014-05-09 22:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
    2014-06-12 17:57 - 2014-05-04 23:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
    2014-06-12 17:57 - 2014-05-03 02:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
    2014-06-12 17:57 - 2014-05-02 23:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-06-12 17:57 - 2014-05-02 23:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-06-12 17:57 - 2014-05-02 22:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
    2014-06-12 17:57 - 2014-05-02 22:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
    2014-06-12 17:57 - 2014-04-30 06:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2014-06-12 17:57 - 2014-04-29 22:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2014-06-12 17:57 - 2014-04-18 09:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
    2014-06-12 17:57 - 2014-04-18 09:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
    2014-06-12 17:57 - 2014-04-18 08:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
    2014-06-12 17:57 - 2014-04-18 04:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
    2014-06-12 17:57 - 2014-04-18 04:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2014-06-12 17:57 - 2014-04-18 03:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2014-06-12 17:57 - 2014-04-18 03:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
    2014-06-12 17:57 - 2014-04-18 03:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
    2014-06-12 17:57 - 2014-04-18 03:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
    2014-06-12 17:57 - 2014-04-18 02:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
    2014-06-12 17:57 - 2014-04-18 02:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
    2014-06-12 17:57 - 2014-04-14 04:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
    2014-06-12 17:57 - 2014-04-14 03:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
    2014-06-12 17:57 - 2014-04-11 01:13 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2014-06-12 17:57 - 2014-04-10 23:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
    2014-06-12 17:57 - 2014-04-10 23:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
    2014-06-12 17:57 - 2014-04-10 22:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
    2014-06-12 17:57 - 2014-04-09 06:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
    2014-06-12 17:57 - 2014-04-09 01:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
    2014-06-12 17:57 - 2014-04-09 00:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
    2014-06-12 17:57 - 2014-04-08 23:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2014-06-12 17:57 - 2014-04-08 22:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
    2014-06-12 17:57 - 2014-04-07 21:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
    2014-06-12 17:57 - 2014-04-06 11:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
    2014-06-12 17:57 - 2014-04-06 11:34 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
    2014-06-12 17:57 - 2014-04-06 11:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
    2014-06-12 17:57 - 2014-04-06 11:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2014-06-12 17:57 - 2014-04-06 11:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
    2014-06-12 17:57 - 2014-04-06 11:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
    2014-06-12 17:57 - 2014-04-06 11:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2014-06-12 17:57 - 2014-04-06 11:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
    2014-06-12 17:57 - 2014-04-06 11:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
    2014-06-12 17:57 - 2014-04-06 11:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2014-06-12 17:57 - 2014-04-06 11:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2014-06-12 17:57 - 2014-04-06 11:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2014-06-12 17:57 - 2014-04-06 11:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2014-06-12 17:57 - 2014-04-06 11:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2014-06-12 17:57 - 2014-04-06 11:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2014-06-12 17:57 - 2014-04-06 11:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
    2014-06-12 17:57 - 2014-04-06 11:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2014-06-12 17:57 - 2014-04-06 11:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2014-06-12 17:57 - 2014-04-06 11:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
    2014-06-12 17:57 - 2014-04-06 10:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
    2014-06-12 17:57 - 2014-04-06 10:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2014-06-12 17:57 - 2014-04-06 10:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
    2014-06-12 17:57 - 2014-04-06 10:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2014-06-12 17:57 - 2014-04-06 10:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
    2014-06-12 17:57 - 2014-04-06 10:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
    2014-06-12 17:57 - 2014-04-06 10:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2014-06-12 17:57 - 2014-04-06 10:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
    2014-06-12 17:57 - 2014-04-06 10:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2014-06-12 17:57 - 2014-04-06 10:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2014-06-12 17:57 - 2014-04-06 10:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2014-06-12 17:57 - 2014-04-06 10:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
    2014-06-12 17:57 - 2014-04-06 09:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2014-06-12 17:57 - 2014-04-06 07:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
    2014-06-12 17:57 - 2014-04-06 07:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
    2014-06-12 17:57 - 2014-04-06 07:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
    2014-06-12 17:57 - 2014-04-06 07:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
    2014-06-12 17:57 - 2014-04-06 07:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
    2014-06-12 17:57 - 2014-04-06 06:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2014-06-12 17:57 - 2014-04-06 06:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2014-06-12 17:57 - 2014-04-06 06:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
    2014-06-12 17:57 - 2014-04-06 06:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2014-06-12 17:57 - 2014-04-06 06:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2014-06-12 17:57 - 2014-04-06 05:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2014-06-12 17:57 - 2014-04-06 05:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2014-06-12 17:57 - 2014-04-06 05:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2014-06-12 17:57 - 2014-04-06 05:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2014-06-12 17:57 - 2014-04-06 05:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
    2014-06-12 17:57 - 2014-04-06 04:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
    2014-06-12 17:57 - 2014-04-03 03:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
    2014-06-12 17:57 - 2014-04-03 03:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
    2014-06-12 17:57 - 2014-04-03 03:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
    2014-06-12 17:57 - 2014-04-03 02:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2014-06-12 17:57 - 2014-04-03 02:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2014-06-12 17:57 - 2014-04-02 23:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
    2014-06-12 17:57 - 2014-04-02 23:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
    2014-06-12 17:57 - 2014-04-02 22:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
    2014-06-12 17:57 - 2014-04-02 21:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
    2014-06-12 17:57 - 2014-04-02 21:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2014-06-12 17:57 - 2014-04-02 21:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
    2014-06-12 17:57 - 2014-04-02 21:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
    2014-06-12 17:57 - 2014-04-02 21:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2014-06-12 17:57 - 2014-04-02 21:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
    2014-06-12 17:57 - 2014-04-02 21:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
    2014-06-12 17:57 - 2014-04-01 01:23 - 00384856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
    2014-06-12 17:57 - 2014-03-31 00:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2014-06-12 17:57 - 2014-03-30 19:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
    2014-06-12 17:57 - 2014-03-30 19:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
    2014-06-12 17:57 - 2014-03-30 18:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
    2014-06-12 17:57 - 2014-03-30 17:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
    2014-06-12 17:57 - 2014-03-30 17:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
    2014-06-12 17:57 - 2014-03-30 17:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
    2014-06-12 17:57 - 2014-03-30 17:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
    2014-06-12 17:57 - 2014-03-30 16:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
    2014-06-12 17:57 - 2014-03-28 10:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
    2014-06-12 17:57 - 2014-03-27 01:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2014-06-12 17:57 - 2014-03-27 00:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
    2014-06-12 17:57 - 2014-03-26 23:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
    2014-06-12 17:57 - 2014-03-26 23:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
    2014-06-12 17:57 - 2014-03-26 23:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
    2014-06-12 17:57 - 2014-03-26 22:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
    2014-06-12 17:57 - 2014-03-26 22:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
    2014-06-12 17:57 - 2014-03-26 22:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
    2014-06-12 17:57 - 2014-03-24 17:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2014-06-12 17:57 - 2014-03-20 23:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
    2014-06-12 17:57 - 2014-03-19 22:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
    2014-06-12 17:57 - 2014-03-19 19:51 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
    2014-06-12 17:57 - 2014-03-19 19:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2014-06-12 17:57 - 2014-03-19 18:38 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
    2014-06-12 17:57 - 2014-03-19 18:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2014-06-12 17:57 - 2014-03-19 03:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
    2014-06-12 17:57 - 2014-03-19 03:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
    2014-06-12 17:57 - 2014-03-19 02:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
    2014-06-12 17:57 - 2014-03-19 02:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
    2014-06-12 17:57 - 2014-03-19 01:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
    2014-06-12 17:57 - 2014-03-19 00:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
    2014-06-12 17:57 - 2014-03-19 00:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
    2014-06-12 17:57 - 2014-03-19 00:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
    2014-06-12 17:57 - 2014-03-19 00:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
    2014-06-12 17:57 - 2014-03-19 00:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2014-06-12 17:57 - 2014-03-19 00:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
    2014-06-12 17:57 - 2014-03-18 23:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
    2014-06-12 17:57 - 2014-03-18 23:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
    2014-06-12 17:57 - 2014-03-18 23:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
    2014-06-12 17:57 - 2014-03-18 03:19 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
    2014-06-12 17:57 - 2014-03-18 00:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2014-06-12 17:57 - 2014-03-17 23:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2014-06-12 17:57 - 2014-03-17 00:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
    2014-06-12 17:57 - 2014-03-16 23:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
    2014-06-12 17:57 - 2014-03-16 22:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
    2014-06-12 17:57 - 2014-03-16 21:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2014-06-12 17:57 - 2014-03-16 21:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
    2014-06-12 17:57 - 2014-03-14 01:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
    2014-06-12 17:57 - 2014-03-14 01:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
    2014-06-12 17:57 - 2014-03-06 07:42 - 00310616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
    2014-06-12 17:56 - 2014-05-19 01:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
    2014-06-12 17:56 - 2014-05-19 01:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
    2014-06-12 17:56 - 2014-05-19 00:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
    2014-06-12 17:56 - 2014-05-01 08:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
    2014-06-12 17:56 - 2014-05-01 08:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
    2014-06-12 17:56 - 2014-05-01 02:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
    2014-06-12 17:56 - 2014-05-01 02:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
    2014-06-12 17:56 - 2014-05-01 01:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
    2014-06-12 17:56 - 2014-05-01 00:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
    2014-06-12 17:56 - 2014-04-29 23:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2014-06-12 17:56 - 2014-04-29 23:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2014-06-12 17:56 - 2014-04-29 22:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
    2014-06-12 17:55 - 2014-06-12 17:55 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
    2014-06-12 17:55 - 2014-06-12 17:55 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
    2014-06-12 17:55 - 2014-06-12 17:55 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
    2014-06-09 21:52 - 2014-06-09 21:52 - 01681920 _____ () C:\Users\Steven\Downloads\FY2011AnnualCheckReg.xls
    2014-06-09 08:47 - 2014-06-09 08:47 - 00000000 ____D () C:\Users\Steven\AppData\Roaming\Mozilla
    2014-06-02 21:06 - 2014-06-03 18:16 - 00000000 ____D () C:\Users\Steven\Downloads\October Sky (1999)
    2014-06-01 19:48 - 2014-06-01 20:08 - 00000000 ____D () C:\Users\Steven\Downloads\The Lego Movie (2014) [1080p]
    2014-05-23 12:37 - 2014-05-23 12:37 - 05335866 _____ () C:\Users\Steven\Downloads\fwdpreviewpics.zip
    2014-05-23 12:28 - 2014-05-23 15:36 - 00000000 ____D () C:\Users\Steven\Downloads\That Awkward Moment (2014) [1080p]
    2014-05-21 19:31 - 2014-05-21 19:31 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
    2014-05-21 19:31 - 2014-05-21 19:31 - 00000000 ____D () C:\Program Files (x86)\ClockworkMod
    2014-05-21 18:54 - 2014-05-21 18:58 - 00000000 ____D () C:\Users\Steven\Desktop\DCIM
    2014-05-21 18:45 - 2014-05-21 18:45 - 00001145 _____ () C:\Users\Steven\Desktop\Nexus Root Toolkit.lnk
    2014-05-21 18:45 - 2014-05-21 18:45 - 00000000 ____D () C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wugs Nexus Root Tookit
    2014-05-21 18:45 - 2014-05-21 18:45 - 00000000 ____D () C:\Users\Steven\.android
    2014-05-21 18:45 - 2014-05-21 18:45 - 00000000 ____D () C:\Program Files (x86)\WugFresh Development
    2014-05-21 18:43 - 2014-05-21 18:43 - 75772595 _____ () C:\Users\Steven\Downloads\NRT_v1.8.2.sfx.exe
    2014-05-21 18:39 - 2014-05-21 18:39 - 00000000 ____D () C:\Users\Steven\Downloads\Fastboot+ADB(20926)
    2014-05-21 18:27 - 2014-05-21 18:29 - 369952336 _____ () C:\Users\Steven\Downloads\nakasi-kot49h-factory-5e9db5e1.tgz
    2014-05-21 18:27 - 2014-05-21 18:28 - 17969216 _____ () C:\Users\Steven\Downloads\Fastboot+ADB(20926).zip
    2014-05-16 14:33 - 2014-05-16 14:37 - 00000000 ____D () C:\Users\Steven\Desktop\New folder
    2014-05-16 14:22 - 2014-05-16 14:22 - 00023051 _____ () C:\Users\Steven\Downloads\E475.tmp
     
    ==================== One Month Modified Files and Folders =======
     
    2014-06-15 08:38 - 2014-06-15 08:38 - 00013697 _____ () C:\Users\Steven\Downloads\FRST.txt
    2014-06-15 08:38 - 2014-03-24 21:49 - 00000000 ____D () C:\Users\Steven\AppData\Local\Temp
    2014-06-15 08:38 - 2013-02-19 22:31 - 00000000 ____D () C:\FRST
    2014-06-15 08:37 - 2014-06-14 17:54 - 00000000 ____D () C:\Program Files (x86)\Exterminate It!
    2014-06-15 08:37 - 2014-04-03 13:20 - 00022016 ___SH () C:\Users\Steven\Desktop\Thumbs.db
    2014-06-15 08:37 - 2014-04-03 13:19 - 00000000 ____D () C:\Users\Steven\AppData\Roaming\uTorrent
    2014-06-15 08:36 - 2014-03-24 21:52 - 01591605 _____ () C:\WINDOWS\WindowsUpdate.log
    2014-06-15 08:36 - 2013-08-22 09:46 - 00309152 _____ () C:\WINDOWS\setupact.log
    2014-06-15 08:35 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
    2014-06-14 23:15 - 2014-06-14 18:00 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2014-06-14 19:06 - 2014-03-24 18:51 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2014-06-14 19:01 - 2014-06-14 19:01 - 02081792 _____ (Farbar) C:\Users\Steven\Downloads\FRST64.exe
    2014-06-14 18:44 - 2014-03-24 20:55 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-941173593-4215877143-4246481039-1001
    2014-06-14 18:18 - 2013-11-14 02:29 - 00818732 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2014-06-14 18:15 - 2014-03-24 18:52 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-06-14 18:14 - 2014-04-02 09:49 - 00000000 __RDO () C:\Users\Steven\SkyDrive
    2014-06-14 18:14 - 2014-03-24 18:51 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2014-06-14 18:13 - 2014-06-14 17:53 - 00000000 ____D () C:\Program Files\Webroot
    2014-06-14 18:13 - 2013-11-14 02:20 - 00002742 _____ () C:\WINDOWS\PFRO.log
    2014-06-14 18:13 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Resources
    2014-06-14 18:13 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2014-06-14 18:13 - 2013-08-22 08:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
    2014-06-14 18:02 - 2014-06-14 17:53 - 00000000 ____D () C:\ProgramData\WRData
    2014-06-14 18:00 - 2014-06-14 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-06-14 18:00 - 2014-06-14 18:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-06-14 18:00 - 2014-06-14 18:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-06-14 17:59 - 2014-06-14 17:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Steven\Downloads\mbam-setup-2.0.2.1012.exe
    2014-06-14 17:54 - 2014-06-14 17:54 - 00000000 ____D () C:\Users\Steven\AppData\Roaming\Curiolab
    2014-06-14 17:54 - 2014-06-14 17:48 - 00000000 ____D () C:\Users\Steven\AppData\Roaming\GetRightToGo
    2014-06-14 17:53 - 2014-06-14 17:53 - 00763512 _____ (Webroot) C:\Users\Steven\Downloads\wsainstall (2).exe
    2014-06-14 17:53 - 2014-06-14 17:53 - 00153256 _____ (Webroot) C:\WINDOWS\SysWOW64\WRusr.dll
    2014-06-14 17:53 - 2014-06-14 17:53 - 00114176 _____ (Webroot) C:\WINDOWS\system32\Drivers\WRkrn.sys
    2014-06-14 17:53 - 2014-06-14 17:53 - 00103816 _____ (Webroot) C:\WINDOWS\system32\WRusr.dll
    2014-06-14 17:53 - 2014-06-14 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere
    2014-06-14 17:51 - 2014-06-14 17:51 - 00763512 _____ (Webroot) C:\Users\Steven\Downloads\Unconfirmed 8215.crdownload
    2014-06-14 17:51 - 2014-06-14 17:51 - 00763512 _____ (Webroot) C:\Users\Steven\Downloads\Unconfirmed 47133.crdownload
    2014-06-14 17:48 - 2014-06-14 17:48 - 00368256 _____ (RegNow.com) C:\Users\Steven\Downloads\Download_ExterminateItSetup-swpl.exe
    2014-06-14 15:18 - 2014-03-24 18:47 - 00000000 ___RD () C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2014-06-14 15:18 - 2014-03-24 18:47 - 00000000 ___RD () C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    2014-06-14 15:10 - 2013-08-22 09:44 - 00474072 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
    2014-06-14 15:09 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
    2014-06-14 15:09 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
    2014-06-14 15:09 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore
    2014-06-14 15:09 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
    2014-06-14 15:07 - 2014-03-24 22:14 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2014-06-14 15:07 - 2014-03-24 22:14 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2014-06-14 10:44 - 2014-06-14 10:16 - 00000000 ____D () C:\Users\Steven\Downloads\The Wolf of Wall Street (2013) [1080p]
    2014-06-14 10:15 - 2014-06-14 10:14 - 00000000 ____D () C:\Users\Steven\Downloads\I Love You, Man (2009)
    2014-06-14 09:37 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
    2014-06-12 18:32 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
    2014-06-12 17:55 - 2014-06-12 17:55 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
    2014-06-12 17:55 - 2014-06-12 17:55 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
    2014-06-12 17:55 - 2014-06-12 17:55 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
    2014-06-12 17:55 - 2014-06-12 17:55 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
    2014-06-12 17:55 - 2014-06-12 17:55 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
    2014-06-10 17:57 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
    2014-06-09 21:52 - 2014-06-09 21:52 - 01681920 _____ () C:\Users\Steven\Downloads\FY2011AnnualCheckReg.xls
    2014-06-09 08:47 - 2014-06-09 08:47 - 00000000 ____D () C:\Users\Steven\AppData\Roaming\Mozilla
    2014-06-03 18:16 - 2014-06-02 21:06 - 00000000 ____D () C:\Users\Steven\Downloads\October Sky (1999)
    2014-06-01 20:08 - 2014-06-01 19:48 - 00000000 ____D () C:\Users\Steven\Downloads\The Lego Movie (2014) [1080p]
    2014-05-31 00:13 - 2013-08-22 10:38 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2014-05-31 00:13 - 2013-08-22 10:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2014-05-30 05:21 - 2014-06-12 17:57 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2014-05-30 04:45 - 2014-06-12 17:57 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2014-05-30 04:28 - 2014-06-12 17:57 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
    2014-05-30 04:20 - 2014-06-12 17:57 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2014-05-30 04:18 - 2014-06-12 17:57 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2014-05-30 04:08 - 2014-06-12 17:57 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2014-05-30 04:06 - 2014-06-12 17:57 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
    2014-05-30 03:46 - 2014-06-12 17:57 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2014-05-30 03:44 - 2014-06-12 17:57 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2014-05-30 03:43 - 2014-06-12 17:57 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
    2014-05-30 03:38 - 2014-06-12 17:57 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2014-05-30 03:35 - 2014-06-12 17:57 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2014-05-30 03:29 - 2014-06-12 17:57 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2014-05-30 03:27 - 2014-06-12 17:57 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2014-05-30 03:23 - 2014-06-12 17:57 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2014-05-30 03:16 - 2014-06-12 17:57 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
    2014-05-30 03:04 - 2014-06-12 17:57 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2014-05-30 03:02 - 2014-06-12 17:57 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2014-05-30 02:56 - 2014-06-12 17:57 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2014-05-30 02:56 - 2014-06-12 17:57 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2014-05-30 02:54 - 2014-06-12 17:57 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2014-05-30 02:49 - 2014-06-12 17:57 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2014-05-30 02:43 - 2014-06-12 17:57 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2014-05-30 02:40 - 2014-06-12 17:57 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2014-05-30 02:30 - 2014-06-12 17:57 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2014-05-30 02:21 - 2014-06-12 17:57 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2014-05-30 02:15 - 2014-06-12 17:57 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2014-05-30 02:13 - 2014-06-12 17:57 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2014-05-30 02:13 - 2014-06-12 17:57 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2014-05-25 12:42 - 2014-03-27 20:40 - 00000000 ____D () C:\Program Files\Microsoft Office 15
    2014-05-23 15:36 - 2014-05-23 12:28 - 00000000 ____D () C:\Users\Steven\Downloads\That Awkward Moment (2014) [1080p]
    2014-05-23 12:37 - 2014-05-23 12:37 - 05335866 _____ () C:\Users\Steven\Downloads\fwdpreviewpics.zip
    2014-05-23 06:55 - 2014-04-26 11:17 - 00168960 ___SH () C:\Users\Steven\Downloads\Thumbs.db
    2014-05-21 20:15 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
    2014-05-21 19:31 - 2014-05-21 19:31 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
    2014-05-21 19:31 - 2014-05-21 19:31 - 00000000 ____D () C:\Program Files (x86)\ClockworkMod
    2014-05-21 18:58 - 2014-05-21 18:54 - 00000000 ____D () C:\Users\Steven\Desktop\DCIM
    2014-05-21 18:45 - 2014-05-21 18:45 - 00001145 _____ () C:\Users\Steven\Desktop\Nexus Root Toolkit.lnk
    2014-05-21 18:45 - 2014-05-21 18:45 - 00000000 ____D () C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wugs Nexus Root Tookit
    2014-05-21 18:45 - 2014-05-21 18:45 - 00000000 ____D () C:\Users\Steven\.android
    2014-05-21 18:45 - 2014-05-21 18:45 - 00000000 ____D () C:\Program Files (x86)\WugFresh Development
    2014-05-21 18:45 - 2014-03-24 21:49 - 00000000 ____D () C:\Users\Steven
    2014-05-21 18:43 - 2014-05-21 18:43 - 75772595 _____ () C:\Users\Steven\Downloads\NRT_v1.8.2.sfx.exe
    2014-05-21 18:39 - 2014-05-21 18:39 - 00000000 ____D () C:\Users\Steven\Downloads\Fastboot+ADB(20926)
    2014-05-21 18:29 - 2014-05-21 18:27 - 369952336 _____ () C:\Users\Steven\Downloads\nakasi-kot49h-factory-5e9db5e1.tgz
    2014-05-21 18:28 - 2014-05-21 18:27 - 17969216 _____ () C:\Users\Steven\Downloads\Fastboot+ADB(20926).zip
    2014-05-19 01:31 - 2014-06-12 17:56 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
    2014-05-19 01:21 - 2014-06-12 17:56 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
    2014-05-19 00:23 - 2014-06-12 17:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
    2014-05-16 14:37 - 2014-05-16 14:33 - 00000000 ____D () C:\Users\Steven\Desktop\New folder
    2014-05-16 14:22 - 2014-05-16 14:22 - 00023051 _____ () C:\Users\Steven\Downloads\E475.tmp
     
    Some content of TEMP:
    ====================
    C:\Users\Steven\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
     
     
    ==================== Bamital & volsnap Check =================
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2014-06-09 17:19
     
    ==================== End Of Log ============================
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2014 02
    Ran by Steven at 2014-06-15 08:38:57
    Running from C:\Users\Steven\Downloads
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    AV: Webroot SecureAnywhere (Disabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Webroot SecureAnywhere (Disabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
     
    ==================== Installed Programs ======================
     
    Cypress TrackPad (HKLM\...\{7F2F6CC5-434B-4311-9DE2-60C7CAF50B73}_is1) (Version: 2.5.3.43 - Cypress Semiconductor, Inc.)
    foobar2000 v1.3.1 (HKLM-x32\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
    Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
    Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
    Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
    Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
    Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4615.1002 - Microsoft Corporation)
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
    Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
    Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
    Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.4.84 - Webroot)
     
    ==================== Restore Points  =========================
     
    22-05-2014 00:31:35 Installed Universal Adb Driver
    31-05-2014 18:08:27 Scheduled Checkpoint
    09-06-2014 22:25:41 Scheduled Checkpoint
    12-06-2014 23:31:52 Windows Update
     
    ==================== Hosts content: ==========================
     
    2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    Task: {03A2D06E-099F-44C0-9653-8E29C1F1B6DB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-05-25] (Microsoft Corporation)
    Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
    Task: {0830D068-9519-4103-9B1C-C513EA53BF46} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
    Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
    Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
    Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
    Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
    Task: {3A31E0D1-69E3-4341-977A-8E5DF673B01E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-24] (Google Inc.)
    Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
    Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
    Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
    Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
    Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
    Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
    Task: {78F7D748-2BF3-471C-A6FF-27B6DD3A448B} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
    Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
    Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
    Task: {9A73D8F8-0D05-4ED3-AA0E-5C9BD11BD265} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-14] (Microsoft Corporation)
    Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
    Task: {A8C8F262-23C2-4DFA-9DA5-E2FB06DAE7E7} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
    Task: {A95F45DA-D91F-4997-AC6B-40B14352B7FF} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
    Task: {C0381883-3E26-4E6D-880F-6498A63BE0C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-24] (Google Inc.)
    Task: {CB04D71C-52CC-4B82-8577-3DCF8C3E0F09} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
    Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
    Task: {D337106C-41D5-4EDC-AD21-1C725D2A6AC5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-04-15] (Microsoft Corporation)
    Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
    Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
    Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
    Task: {EB95B37A-583D-4721-B555-84A9D5A6C1C7} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
    Task: {EC22FE14-36B8-458D-82EF-CB224B39E575} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-05-25] (Microsoft Corporation)
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-941173593-4215877143-4246481039-1001Core1cf6a4abf752632.job => C:\Users\Steven\AppData\Local\Google\Update\GoogleUpdate.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2014-03-27 20:40 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2014-03-27 20:40 - 2014-04-15 03:39 - 00630952 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
    2014-05-25 12:41 - 2014-05-25 12:41 - 08889512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2014-01-30 01:02 - 2014-01-30 01:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2014-05-25 12:41 - 2014-05-25 12:41 - 08889512 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
    2014-06-14 11:07 - 2014-06-05 08:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
    2014-06-14 11:07 - 2014-06-05 08:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
    2014-06-14 11:07 - 2014-06-05 08:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
    2014-06-14 11:07 - 2014-06-05 08:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
    2014-06-14 11:07 - 2014-06-05 08:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
    2014-06-14 11:07 - 2014-06-05 08:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    AlternateDataStreams: C:\Users\Steven\SkyDrive:ms-properties
     
    ==================== Safe Mode (whitelisted) ===================
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
     
    ==================== EXE Association (whitelisted) =============
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (06/15/2014 08:36:45 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
    Description: There was an error with the Windows Location Provider database
     
    Error: (06/13/2014 10:30:23 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (06/13/2014 10:19:38 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (06/10/2014 06:10:27 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (06/09/2014 09:50:34 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (06/09/2014 07:37:33 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (06/06/2014 07:21:05 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (06/03/2014 06:18:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program uTorrent.exe version 3.4.1.31139 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
     
    Process ID: 2ac
     
    Start Time: 01cf7ecf191e746d
     
    Termination Time: 6527
     
    Application Path: C:\Users\Steven\AppData\Roaming\uTorrent\uTorrent.exe
     
    Report Id: 4cbf2564-eb75-11e3-be7d-88532e9ab8a1
     
    Faulting package full name: 
     
    Faulting package-relative application ID:
     
    Error: (06/02/2014 08:49:54 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (06/01/2014 11:24:46 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
     
    System errors:
    =============
    Error: (06/14/2014 10:16:16 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume D:.
     
    A corruption was found in a file system index structure.  The file reference number is 0x3000000007686.  The name of the file is "\New-ish Movies\Elf (2003)".  The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".
     
    Error: (06/14/2014 10:15:29 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume D:.
     
    The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
     
    Error: (06/14/2014 09:37:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Windows Malicious Software Removal Tool for Windows 8, 8.1 and Windows Server 2012, 2012 R2 x64 Edition - June 2014 (KB890830).
     
    Error: (06/09/2014 09:33:32 PM) (Source: disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk2\DR13.
     
    Error: (06/09/2014 08:58:25 PM) (Source: disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR12.
     
    Error: (05/24/2014 03:43:14 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume E:.
     
    A corruption was found in a file system index structure.  The file reference number is 0x17000000005bc2.  The name of the file is "\TV Shows\Homeland.S02.Season.2.HDTV.x264-EVOLVE.ASAP\NFO.Samples".  The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".
     
    Error: (05/23/2014 06:53:30 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume D:.
     
    A corruption was found in a file system index structure.  The file reference number is 0x3000000007686.  The name of the file is "\New-ish Movies\Elf (2003)".  The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".
     
    Error: (05/23/2014 06:52:13 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume D:.
     
    The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
     
    Error: (05/21/2014 07:18:01 PM) (Source: DCOM) (EventID: 10010) (User: STEVEN)
    Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
     
    Error: (05/21/2014 07:18:01 PM) (Source: DCOM) (EventID: 10010) (User: STEVEN)
    Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
     
     
    Microsoft Office Sessions:
    =========================
    Error: (06/15/2014 08:36:45 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
    Description: -2147024883
     
    Error: (06/13/2014 10:30:23 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (06/13/2014 10:19:38 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (06/10/2014 06:10:27 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (06/09/2014 09:50:34 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (06/09/2014 07:37:33 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (06/06/2014 07:21:05 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (06/03/2014 06:18:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: uTorrent.exe3.4.1.311392ac01cf7ecf191e746d6527C:\Users\Steven\AppData\Roaming\uTorrent\uTorrent.exe4cbf2564-eb75-11e3-be7d-88532e9ab8a1
     
    Error: (06/02/2014 08:49:54 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (06/01/2014 11:24:46 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
     
    ==================== Memory info =========================== 
     
    Percentage of memory in use: 64%
    Total physical RAM: 3406.59 MB
    Available physical RAM: 1222.73 MB
    Total Pagefile: 4238.59 MB
    Available Pagefile: 1725.27 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.84 MB
     
    ==================== Drives ================================
     
    Drive c: (OS) (Fixed) (Total:212.18 GB) (Free:161.36 GB) NTFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 238 GB) (Disk ID: 25B19847)
    Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
    Partition 2: (Active) - (Size=18 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=212 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=8 GB) - (Type=84)
     
    ==================== End Of Log ============================
     

    pup.bundleoffers :( need help

    in Resolved Malware Removal Logs

    Posted

    OTL logfile created on: 3/4/2013 8:28:32 PM - Run 3

    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Swag\Downloads

    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

    Internet Explorer (Version = 9.0.8112.16421)

    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.33 Gb Total Physical Memory | 1.69 Gb Available Physical Memory | 50.70% Memory free

    6.65 Gb Paging File | 3.98 Gb Available in Paging File | 59.85% Paging File free

    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

    Drive C: | 212.18 Gb Total Space | 49.82 Gb Free Space | 23.48% Space Free | Partition Type: NTFS

    Computer Name: SWAG-PC | User Name: Swag | Logged in as Administrator.

    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/03/04 20:28:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Swag\Downloads\OTL (1).exe

    PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

    PRC - [2012/10/28 13:52:22 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:\Users\Swag\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

    PRC - [2012/10/09 09:22:48 | 000,173,568 | ---- | M] (Dell Products, LP.) -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

    PRC - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    PRC - [2011/10/18 11:50:10 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

    PRC - [2011/10/18 11:50:04 | 001,354,064 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

    PRC - [2011/10/18 11:49:52 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

    PRC - [2011/10/18 11:49:48 | 000,846,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe

    PRC - [2011/09/28 16:18:02 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

    PRC - [2011/09/22 10:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

    PRC - [2011/09/22 10:11:26 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

    PRC - [2011/09/22 10:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

    PRC - [2011/09/21 10:30:12 | 004,109,312 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

    PRC - [2011/08/19 11:34:32 | 002,013,168 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe

    PRC - [2011/08/19 11:34:32 | 000,096,240 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

    PRC - [2011/08/19 11:34:28 | 002,451,440 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe

    PRC - [2011/08/08 18:26:12 | 000,475,200 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe

    PRC - [2011/08/08 18:26:00 | 000,891,456 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DMR.exe

    PRC - [2011/07/06 19:24:24 | 000,184,320 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\irstrtsv.exe

    PRC - [2011/05/04 12:40:18 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    PRC - [2011/05/04 12:40:14 | 000,326,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    PRC - [2011/04/13 10:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

    PRC - [2010/11/20 21:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

    PRC - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

    PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe

    ========== Modules (No Company Name) ==========

    MOD - [2013/02/16 01:51:45 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9266d6e1f8057b5b62b460cbf33cda21\System.WorkflowServices.ni.dll

    MOD - [2013/02/15 09:27:34 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8bb2120d5a48b10e27fe82ad5d3fb982\System.Web.ni.dll

    MOD - [2013/02/15 09:27:26 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll

    MOD - [2013/01/09 20:00:00 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll

    MOD - [2013/01/09 19:59:56 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll

    MOD - [2013/01/09 19:59:10 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll

    MOD - [2013/01/09 19:06:45 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll

    MOD - [2013/01/09 19:06:31 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll

    MOD - [2013/01/09 19:06:29 | 001,084,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll

    MOD - [2013/01/09 19:06:27 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll

    MOD - [2013/01/09 19:01:55 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll

    MOD - [2013/01/09 19:01:33 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a013e3b347de5b1b608daebdff0d46c0\PresentationFramework.ni.dll

    MOD - [2013/01/09 19:01:13 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll

    MOD - [2013/01/09 19:01:11 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll

    MOD - [2013/01/09 19:01:02 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll

    MOD - [2013/01/09 19:00:57 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll

    MOD - [2013/01/09 19:00:53 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll

    MOD - [2013/01/09 19:00:52 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll

    MOD - [2013/01/09 19:00:47 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll

    MOD - [2011/09/22 10:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

    MOD - [2011/08/19 11:34:44 | 000,089,584 | ---- | M] () -- C:\Windows\SysWOW64\FAIEExtension.dll

    MOD - [2011/08/19 11:34:32 | 000,059,888 | ---- | M] () -- C:\Windows\SysWOW64\FAib.dll

    MOD - [2011/08/19 11:34:22 | 000,251,888 | ---- | M] () -- C:\Windows\SysWOW64\FACrashRpt.dll

    MOD - [2011/08/08 18:26:12 | 000,475,200 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe

    MOD - [2011/08/08 18:26:00 | 000,891,456 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DMR.exe

    MOD - [2011/07/17 10:35:36 | 000,058,944 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DataService.dll

    MOD - [2011/07/06 16:53:52 | 000,068,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\DMRUI.dll

    MOD - [2011/06/24 23:20:26 | 000,565,968 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll

    MOD - [2010/03/22 15:52:42 | 006,776,832 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll

    MOD - [2010/03/16 20:28:28 | 000,326,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll

    MOD - [2010/03/16 20:28:16 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll

    MOD - [2010/03/16 20:28:04 | 001,926,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll

    MOD - [2010/03/11 19:52:34 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll

    MOD - [2010/03/11 19:52:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll

    MOD - [2010/03/05 15:07:58 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll

    MOD - [2010/03/05 15:07:58 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll

    MOD - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe

    MOD - [2007/09/02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll

    MOD - [2007/04/19 08:28:58 | 000,436,992 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\fpxlib.dll

    MOD - [2007/04/13 09:39:14 | 000,252,672 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\kgl.dll

    ========== Services (SafeList) ==========

    SRV:64bit: - [2012/12/26 09:52:34 | 000,182,312 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)

    SRV:64bit: - [2012/12/26 09:49:32 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)

    SRV:64bit: - [2012/12/26 09:47:40 | 000,241,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)

    SRV:64bit: - [2012/11/16 21:10:22 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)

    SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)

    SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)

    SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)

    SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)

    SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)

    SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)

    SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)

    SRV:64bit: - [2012/05/09 16:09:46 | 000,200,808 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)

    SRV:64bit: - [2011/11/10 12:15:06 | 000,121,856 | ---- | M] () [Auto | Running] -- c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)

    SRV:64bit: - [2011/09/15 18:41:28 | 001,518,352 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)

    SRV:64bit: - [2011/09/15 18:28:06 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)

    SRV:64bit: - [2011/09/15 18:24:52 | 000,844,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)

    SRV:64bit: - [2011/09/15 09:54:46 | 001,166,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)

    SRV:64bit: - [2011/06/03 12:51:38 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)

    SRV:64bit: - [2011/03/08 17:00:50 | 000,224,704 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)

    SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

    SRV:64bit: - [2009/11/17 18:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)

    SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

    SRV - [2013/02/26 21:25:57 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

    SRV - [2013/01/08 15:19:46 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

    SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

    SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

    SRV - [2012/10/09 09:22:48 | 000,173,568 | ---- | M] (Dell Products, LP.) [Auto | Running] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)

    SRV - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

    SRV - [2011/10/18 11:50:10 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)

    SRV - [2011/10/18 11:50:04 | 001,354,064 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)

    SRV - [2011/10/18 11:49:52 | 000,936,272 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)

    SRV - [2011/09/28 16:18:02 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)

    SRV - [2011/09/22 10:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)

    SRV - [2011/08/19 11:34:28 | 002,451,440 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)

    SRV - [2011/07/06 19:24:24 | 000,184,320 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysWOW64\irstrtsv.exe -- (irstrtsv)

    SRV - [2011/05/04 12:40:18 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)

    SRV - [2011/05/04 12:40:14 | 000,326,424 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)

    SRV - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)

    SRV - [2010/08/25 20:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)

    SRV - [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

    SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2013/02/06 07:42:08 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)

    DRV:64bit: - [2012/12/26 09:55:26 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)

    DRV:64bit: - [2012/12/26 09:52:44 | 000,339,776 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)

    DRV:64bit: - [2012/12/26 09:51:24 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)

    DRV:64bit: - [2012/12/26 09:50:48 | 000,771,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)

    DRV:64bit: - [2012/12/26 09:49:42 | 000,515,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)

    DRV:64bit: - [2012/12/26 09:49:00 | 000,309,400 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)

    DRV:64bit: - [2012/12/26 09:48:30 | 000,178,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)

    DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

    DRV:64bit: - [2012/11/02 15:38:36 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)

    DRV:64bit: - [2012/11/02 15:38:36 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)

    DRV:64bit: - [2012/09/28 21:52:10 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)

    DRV:64bit: - [2012/09/19 09:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)

    DRV:64bit: - [2012/04/20 15:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)

    DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

    DRV:64bit: - [2012/02/24 05:18:11 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

    DRV:64bit: - [2012/02/24 05:18:11 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

    DRV:64bit: - [2011/12/08 16:40:38 | 000,079,872 | ---- | M] (Cypress Semiconductor, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cymfltr.sys -- (cymfltrService)

    DRV:64bit: - [2011/12/08 16:40:36 | 000,117,248 | ---- | M] (Cypress Semiconductor, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cyhid.sys -- (cyhid)

    DRV:64bit: - [2011/11/10 12:07:08 | 000,044,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)

    DRV:64bit: - [2011/11/10 12:07:06 | 000,025,024 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)

    DRV:64bit: - [2011/10/18 22:35:58 | 000,013,824 | ---- | M] (Cypress Semiconductor, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cykbfltr.sys -- (cykbfltrService)

    DRV:64bit: - [2011/10/11 13:08:00 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)

    DRV:64bit: - [2011/10/10 16:43:16 | 000,288,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)

    DRV:64bit: - [2011/10/04 14:04:30 | 000,215,296 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)

    DRV:64bit: - [2011/10/04 14:04:30 | 000,070,912 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)

    DRV:64bit: - [2011/09/18 05:26:52 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)

    DRV:64bit: - [2011/09/15 09:48:24 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)

    DRV:64bit: - [2011/09/15 09:48:24 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)

    DRV:64bit: - [2011/09/08 16:20:56 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)

    DRV:64bit: - [2011/09/08 16:20:56 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)

    DRV:64bit: - [2011/08/29 16:32:18 | 000,053,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)

    DRV:64bit: - [2011/07/19 17:39:56 | 012,287,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

    DRV:64bit: - [2011/06/16 08:50:08 | 000,026,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\irstrtdv.sys -- (irstrtdv)

    DRV:64bit: - [2011/05/20 12:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

    DRV:64bit: - [2011/05/13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)

    DRV:64bit: - [2011/01/20 11:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)

    DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

    DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

    DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

    DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)

    DRV:64bit: - [2010/10/15 04:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)

    DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

    DRV:64bit: - [2010/02/26 18:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

    DRV:64bit: - [2009/10/02 16:29:24 | 000,056,320 | ---- | M] (ASIX Electronics Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ax88178.sys -- (AX88178)

    DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

    DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

    DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

    DRV:64bit: - [2009/07/13 18:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)

    DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

    DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

    DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

    DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

    DRV:64bit: - [2008/09/24 20:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\facap.sys -- (FACAP)

    DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)

    DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

    DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

    ========== Standard Registry (SafeList) ==========

    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}

    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    IE - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}

    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie

    IE - HKCU\..\SearchScopes,DefaultScope = {25946E0D-9F7A-4887-ADEA-F4953ECCBC44}

    IE - HKCU\..\SearchScopes\{25946E0D-9F7A-4887-ADEA-F4953ECCBC44}: "URL" = http://www.bing.com/search?FORM=UP21DF&PC=UP21&dt=011313&q={searchTerms}&src=IE-SearchBox

    IE - HKCU\..\SearchScopes\{2834E9C8-4F62-47D8-9F94-518C8E661BEE}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

    IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcSearchScopes

    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

    FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

    FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()

    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Swag\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Swag\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Swag\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Swag\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Swag\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Swag\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fassoxpcom@sensiblevision.com: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2012/02/24 03:48:46 | 000,000,000 | ---D | M]

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013/01/25 17:13:17 | 000,000,000 | ---D | M]

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013/01/18 17:38:43 | 000,000,000 | ---D | M]

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)

    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},

    CHR - homepage: http://g.msn.com/USCON/1

    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

    CHR - plugin: Native Client (Enabled) = C:\Users\Swag\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll

    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Swag\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll

    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Swag\AppData\Local\Google\Chrome\Application\25.0.1364.97\gcswf32.dll

    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

    CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll

    CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll

    CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

    CHR - plugin: Google Update (Enabled) = C:\Users\Swag\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll

    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

    CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll

    CHR - plugin: Default Plug-in (Enabled) = default_plugin

    CHR - Extension: YouTube = C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

    CHR - Extension: Adblock Plus = C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\

    CHR - Extension: Google Search = C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

    CHR - Extension: Google Calendar = C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\

    CHR - Extension: Google +1 Button = C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp\1.1.2.424_0\

    CHR - Extension: Man of Steel = C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Extensions\knfmphhfikndpfbllhdojajhgpmlnlef\1_0\

    CHR - Extension: Hover Zoom = C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\4.11.5_0\

    CHR - Extension: Gmail = C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

    O1 HOSTS File: ([2013/02/20 17:50:25 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

    O1 - Hosts: 127.0.0.1 localhost

    O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120630100026.dll (McAfee, Inc.)

    O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

    O2:64bit: - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )

    O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

    O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120630100026.dll (McAfee, Inc.)

    O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

    O2 - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )

    O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

    O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

    O4:64bit: - HKLM..\Run: [bTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)

    O4:64bit: - HKLM..\Run: [CyCpIo] C:\Program Files\Cypress\TrackPad\CyCpIo.exe (Cypress Semiconductor Corporation)

    O4:64bit: - HKLM..\Run: [CyHidWin] C:\Program Files\Cypress\TrackPad\CyHidWin.exe (Cypress Semiconductor, Inc.)

    O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()

    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

    O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

    O4:64bit: - HKLM..\Run: [intelliPoint] c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)

    O4:64bit: - HKLM..\Run: [intelliType Pro] c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)

    O4:64bit: - HKLM..\Run: [intelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)

    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

    O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

    O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

    O4:64bit: - HKLM..\Run: [stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()

    O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()

    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

    O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)

    O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

    O4 - HKLM..\Run: [FAStartup] File not found

    O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )

    O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

    O4 - HKCU..\Run: [Facebook Update] C:\Users\Swag\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

    O4 - HKCU..\Run: [googletalk] C:\Users\Swag\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)

    O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()

    O4 - HKCU..\Run: [spotify Web Helper] C:\Users\Swag\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)

    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

    O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found

    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)

    O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

    O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

    O13 - gopher Prefix: missing

    O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)

    O16:64bit: - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9EAB716A-8BA9-43B9-BC10-7BAC604D05D6}: DhcpNameServer = 18.0.0.1 18.0.0.3

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BBCA90FC-C7F9-403B-91C0-DD33AB07FD41}: DhcpNameServer = 192.168.0.1

    O18:64bit: - Protocol\Handler\cozi - No CLSID value found

    O18:64bit: - Protocol\Handler\livecall - No CLSID value found

    O18:64bit: - Protocol\Handler\msnim - No CLSID value found

    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

    O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

    O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)

    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

    O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)

    O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)

    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

    O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll (Sensible Vision )

    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

    O32 - HKLM CDRom: AutoRun - 1

    O34 - HKLM BootExecute: (autocheck autochk *)

    O35:64bit: - HKLM\..comfile [open] -- "%1" %*

    O35:64bit: - HKLM\..exefile [open] -- "%1" %*

    O35 - HKLM\..comfile [open] -- "%1" %*

    O35 - HKLM\..exefile [open] -- "%1" %*

    O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

    O37 - HKLM\...com [@ = ComFile] -- "%1" %*

    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

    Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

    Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

    CREATERESTOREPOINT

    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/03/04 20:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

    [2013/03/04 19:08:54 | 000,000,000 | ---D | C] -- C:\Users\Swag\Seven Psychopaths (2012) [1080p]

    [2013/03/03 06:19:29 | 000,000,000 | ---D | C] -- C:\Users\Swag\mp3 - lafv

    [2013/03/03 06:11:11 | 000,000,000 | ---D | C] -- C:\Users\Swag\Kesha - Warrior [Deluxe Version] (2012)

    [2013/02/27 21:22:29 | 000,000,000 | ---D | C] -- C:\Users\Swag\AppData\Roaming\Mozilla

    [2013/02/23 14:36:49 | 000,000,000 | ---D | C] -- C:\Users\Swag\Macklemore & Ryan Lewis - The Heist [Deluxe Edition] [2012] (iTunes+Extra videos+Digital Booklet) [F10]

    [2013/02/23 14:31:34 | 000,000,000 | ---D | C] -- C:\Users\Swag\Movies

    [2013/02/20 17:54:30 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

    [2013/02/20 17:51:50 | 000,000,000 | ---D | C] -- C:\Windows\temp

    [2013/02/20 17:21:02 | 000,000,000 | ---D | C] -- C:\Users\Swag\Macklemore & Ryan Lewis - The VS. Redux (2010) MP3 192kbps mdubz

    [2013/02/20 17:21:00 | 000,000,000 | ---D | C] -- C:\Users\Swag\Macklemore & Ryan Lewis - The VS. Redux (2010) [FLAC]

    [2013/02/19 21:31:48 | 000,000,000 | ---D | C] -- C:\FRST

    [2013/02/17 18:02:02 | 000,000,000 | ---D | C] -- C:\Users\Swag\Project X (2012) [1080p]

    [2013/02/17 17:57:14 | 000,000,000 | ---D | C] -- C:\Users\Swag\Halo.4.Forward.Unto.Dawn.2012.BDRip.XviD-GECKOS

    [2013/02/15 07:56:37 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

    [2013/02/15 07:56:37 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

    [2013/02/15 07:56:36 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

    [2013/02/15 07:56:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

    [2013/02/15 07:56:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

    [2013/02/15 07:56:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

    [2013/02/15 07:56:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

    [2013/02/15 07:56:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

    [2013/02/15 07:56:36 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

    [2013/02/15 07:56:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

    [2013/02/15 07:56:35 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

    [2013/02/15 07:56:35 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

    [2013/02/15 07:56:34 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

    [2013/02/15 07:56:34 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

    [2013/02/15 07:56:34 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

    [2013/02/12 18:56:58 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

    [2013/02/12 18:56:57 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

    [2013/02/12 18:56:57 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

    [2013/02/12 18:56:45 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll

    [2013/02/12 18:56:45 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe

    [2013/02/12 18:56:45 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll

    [2013/02/12 18:56:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe

    [2013/02/12 18:56:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll

    [2013/02/12 18:56:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

    [2013/02/12 18:56:40 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS

    [2013/02/06 07:42:08 | 000,102,936 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys

    ========== Files - Modified Within 30 Days ==========

    [2013/03/04 20:27:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

    [2013/03/04 20:23:20 | 000,002,162 | ---- | M] () -- C:\Users\Swag\AppData\Roaming\AbsoluteReminder.xml

    [2013/03/04 19:32:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1776734167-4077454340-648305318-1001UA.job

    [2013/03/04 18:49:06 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1776734167-4077454340-648305318-1001UA.job

    [2013/03/04 18:49:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

    [2013/03/04 17:50:23 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

    [2013/03/04 17:50:23 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

    [2013/03/04 17:48:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1776734167-4077454340-648305318-1001Core.job

    [2013/03/04 17:44:16 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1776734167-4077454340-648305318-1001Core.job

    [2013/03/02 20:20:46 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

    [2013/03/02 20:20:46 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

    [2013/03/02 20:20:46 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

    [2013/02/26 21:25:55 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

    [2013/02/26 21:25:55 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

    [2013/02/20 17:50:25 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

    [2013/02/15 09:26:43 | 000,276,128 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

    [2013/02/09 19:16:54 | 000,002,055 | ---- | M] () -- C:\Users\Swag\Desktop\foobar2000 - Shortcut.lnk

    [2013/02/06 07:42:08 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys

    ========== Files Created - No Company Name ==========

    [2013/02/09 19:16:54 | 000,002,055 | ---- | C] () -- C:\Users\Swag\Desktop\foobar2000 - Shortcut.lnk

    [2013/01/10 15:56:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

    [2013/01/10 15:56:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

    [2013/01/10 15:56:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

    [2013/01/10 15:56:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

    [2013/01/10 15:56:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

    [2012/11/19 11:12:22 | 168,616,500 | ---- | C] () -- C:\Users\Swag\cm-10-20121118-EXPERIMENTAL-d2spr-bass-bluetooth-test.zip

    [2012/11/18 10:12:11 | 006,898,796 | ---- | C] () -- C:\Users\Swag\Timomatic - Set It Off.mp3

    [2012/06/30 07:49:06 | 000,002,162 | ---- | C] () -- C:\Users\Swag\AppData\Roaming\AbsoluteReminder.xml

    [2012/03/31 11:46:46 | 000,137,732 | ---- | C] () -- C:\Windows\hpoins44.dat

    [2012/03/31 11:46:46 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat

    [2012/02/24 04:58:37 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin

    [2012/02/24 04:58:37 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

    [2012/02/24 04:58:36 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll

    [2012/02/24 04:58:35 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

    [2012/02/24 04:58:34 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll

    [2011/08/19 11:34:44 | 000,089,584 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll

    [2011/08/19 11:34:32 | 000,059,888 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll

    [2011/08/19 11:34:22 | 000,251,888 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll

    ========== ZeroAccess Check ==========

    [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    "" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== Custom Scans ==========

    < %SYSTEMDRIVE%\*.* >

    [2013/01/10 18:57:05 | 000,000,781 | ---- | M] () -- C:\AdwCleaner[R1].txt

    [2013/02/20 17:51:49 | 000,032,811 | ---- | M] () -- C:\ComboFix.txt

    [2012/02/24 05:20:43 | 000,005,732 | RH-- | M] () -- C:\dell.sdr

    [2013/03/02 20:15:58 | 3572,072,448 | -HS- | M] () -- C:\pagefile.sys

    [2012/02/24 03:38:18 | 000,002,360 | ---- | M] () -- C:\RHDSetup.log

    < %systemroot%\*. /mp /s >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

    < End of report >

    pup.bundleoffers :( need help

    in Resolved Malware Removal Logs

    Posted

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-02-2013 (ATTENTION: FRST version is 13 days old)

    Ran by SYSTEM at 19-02-2013 21:32:02

    Running from E:\

    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

    The current controlset is ControlSet001

    ==================== Registry (Whitelisted) ===================

    HKLM\...\Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray [1935120 2011-09-15] (Intel® Corporation)

    HKLM\...\Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp [10357008 2011-10-18] (Intel Corporation)

    HKLM\...\Run: [stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet [2034752 2011-08-08] ()

    HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [497648 2010-07-29] (Adobe Systems Incorporated)

    HKLM\...\Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [482661 2011-11-03] ()

    HKLM\...\Run: [CyCpIo] C:\Program Files\Cypress\TrackPad\CyCpIo.exe [2375168 2011-11-08] (Cypress Semiconductor Corporation)

    HKLM\...\Run: [CyHidWin] C:\Program Files\Cypress\TrackPad\CyHidWin.exe [2354176 2011-10-18] (Cypress Semiconductor, Inc.)

    HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6548112 2012-06-12] (Realtek Semiconductor)

    HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4 [1212560 2012-06-13] (Realtek Semiconductor)

    HKLM\...\Run: [intelliType Pro] "c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe" [1464944 2012-11-02] (Microsoft Corporation)

    HKLM\...\Run: [intelliPoint] "c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe" [2076272 2012-11-02] (Microsoft Corporation)

    HKLM\...\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe [4391072 2012-12-10] (Dell Inc.)

    HKLM-x32\...\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [96240 2011-08-19] (Sensible Vision )

    HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [503942 2011-04-13] (Creative Technology Ltd)

    HKLM-x32\...\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)

    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35768 2012-07-27] (Adobe Systems Incorporated)

    HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)

    HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1534504 2013-01-14] (McAfee, Inc.)

    HKLM-x32\...\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup [2829241 2011-11-03] ()

    HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)

    HKLM-x32\...\Run: [FAStartup] [x]

    HKU\Swag\...\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe" [495616 2007-09-02] ()

    HKU\Swag\...\Run: [Facebook Update] "C:\Users\Swag\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-11] (Facebook Inc.)

    HKU\Swag\...\Run: [spotify Web Helper] "C:\Users\Swag\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1199576 2012-10-28] (Spotify Ltd)

    HKU\Swag\...\Run: [googletalk] C:\Users\Swag\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart [3739648 2007-01-01] (Google)

    HKU\Swag\...\Run: [Google Update] "C:\Users\Swag\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2012-03-06] (Google Inc.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

    Lsa: [Notification Packages] scecli FAPassSync

    Startup: C:\Users\All Users\Start Menu\Programs\Startup\Rainmeter.lnk

    ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

    ==================== Services (Whitelisted) ===================

    2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-06] (Intel Corporation)

    2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [121856 2011-11-10] ()

    2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [398184 2012-12-14] (Malwarebytes Corporation)

    2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [682344 2012-12-14] (Malwarebytes Corporation)

    3 McAWFwk; C:\PROGRA~1\mcafee\msc\mcawfwk.exe [224704 2011-03-08] (McAfee, Inc.)

    2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)

    2 mcmscsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)

    2 McNaiAnn; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)

    2 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)

    3 McODS; "C:\Program Files\mcafee\VirusScan\mcods.exe" [383608 2012-11-16] (McAfee, Inc.)

    4 McOobeSv; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)

    2 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)

    2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [241016 2012-12-26] (McAfee, Inc.)

    2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [218320 2012-12-26] (McAfee, Inc.)

    2 mfevtp; "C:\Windows\system32\mfevtps.exe" [182312 2012-12-26] (McAfee, Inc.)

    2 MSK80Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)

    3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-15] ()

    2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [200808 2012-05-09] (Realtek Semiconductor)

    ==================== Drivers (Whitelisted) =====================

    3 AX88178; C:\Windows\System32\Drivers\AX88178.sys [56320 2009-10-02] (ASIX Electronics Corp.)

    3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [69672 2012-12-26] (McAfee, Inc.)

    3 cyhid; C:\Windows\System32\Drivers\cyhid.sys [117248 2011-12-08] (Cypress Semiconductor, Inc.)

    3 cykbfltrService; C:\Windows\System32\DRIVERS\cykbfltr.sys [13824 2011-10-18] (Cypress Semiconductor, Inc.)

    3 cymfltrService; C:\Windows\System32\DRIVERS\cymfltr.sys [79872 2011-12-08] (Cypress Semiconductor, Inc.)

    3 FLxHCIh; C:\Windows\System32\Drivers\FLxHCIh.sys [70912 2011-10-04] (Fresco Logic)

    3 HipShieldK; C:\Windows\System32\Drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)

    3 ikbevent; C:\Windows\System32\Drivers\ikbevent.sys [25024 2011-11-10] ()

    3 irstrtdv; C:\Windows\System32\Drivers\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)

    3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2011-11-10] ()

    3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation)

    3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [178840 2012-12-26] (McAfee, Inc.)

    3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [309400 2012-12-26] (McAfee, Inc.)

    3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [515528 2012-12-26] (McAfee, Inc.)

    0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [771096 2012-12-26] (McAfee, Inc.)

    3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [106112 2012-12-26] (McAfee, Inc.)

    0 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [339776 2012-12-26] (McAfee, Inc.)

    3 catchme; \??\C:\ComboFix\catchme.sys [x]

    3 mfeavfk01; [x]

    3 TDKLIB; \??\C:\Users\Swag\AppData\Local\Temp\ExtactTemp\TdkLib64.sys [x]

    ==================== NetSvcs (Whitelisted) ====================

    ==================== One Month Created Files and Folders ========

    2013-02-19 21:31 - 2013-02-19 21:31 - 00000000 ____D C:\FRST

    2013-02-19 21:23 - 2013-02-19 21:23 - 01464401 ____A (Farbar) C:\Users\Swag\Downloads\FRST64 (1).exe

    2013-02-17 18:02 - 2013-02-17 18:42 - 00000000 ____D C:\Users\Swag\Project X (2012) [1080p]

    2013-02-17 17:57 - 2013-02-17 18:04 - 00000000 ____D C:\Users\Swag\Halo.4.Forward.Unto.Dawn.2012.BDRip.XviD-GECKOS

    2013-02-15 07:56 - 2013-01-08 19:48 - 17812992 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

    2013-02-15 07:56 - 2013-01-08 19:22 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

    2013-02-15 07:56 - 2013-01-08 19:19 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

    2013-02-15 07:56 - 2013-01-08 19:12 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

    2013-02-15 07:56 - 2013-01-08 19:12 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

    2013-02-15 07:56 - 2013-01-08 19:11 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

    2013-02-15 07:56 - 2013-01-08 19:10 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

    2013-02-15 07:56 - 2013-01-08 19:09 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

    2013-02-15 07:56 - 2013-01-08 19:07 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

    2013-02-15 07:56 - 2013-01-08 19:07 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

    2013-02-15 07:56 - 2013-01-08 19:07 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

    2013-02-15 07:56 - 2013-01-08 19:06 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

    2013-02-15 07:56 - 2013-01-08 19:05 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

    2013-02-15 07:56 - 2013-01-08 19:04 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

    2013-02-15 07:56 - 2013-01-08 19:04 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

    2013-02-15 07:56 - 2013-01-08 19:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

    2013-02-15 07:56 - 2013-01-08 16:23 - 12321280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

    2013-02-15 07:56 - 2013-01-08 16:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

    2013-02-15 07:56 - 2013-01-08 16:09 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

    2013-02-15 07:56 - 2013-01-08 16:03 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

    2013-02-15 07:56 - 2013-01-08 16:03 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

    2013-02-15 07:56 - 2013-01-08 16:03 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

    2013-02-15 07:56 - 2013-01-08 16:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

    2013-02-15 07:56 - 2013-01-08 16:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

    2013-02-15 07:56 - 2013-01-08 15:59 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

    2013-02-15 07:56 - 2013-01-08 15:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

    2013-02-15 07:56 - 2013-01-08 15:58 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

    2013-02-15 07:56 - 2013-01-08 15:57 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

    2013-02-15 07:56 - 2013-01-08 15:56 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

    2013-02-15 07:56 - 2013-01-08 15:56 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

    2013-02-15 07:56 - 2013-01-08 15:56 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

    2013-02-15 07:56 - 2013-01-08 15:53 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

    2013-02-12 18:56 - 2013-01-04 23:53 - 05553512 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

    2013-02-12 18:56 - 2013-01-04 23:00 - 03967848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

    2013-02-12 18:56 - 2013-01-04 23:00 - 03913064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

    2013-02-12 18:56 - 2013-01-03 23:46 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll

    2013-02-12 18:56 - 2013-01-03 22:51 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

    2013-02-12 18:56 - 2013-01-03 21:26 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

    2013-02-12 18:56 - 2013-01-03 20:47 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

    2013-02-12 18:56 - 2013-01-03 20:47 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

    2013-02-12 18:56 - 2013-01-03 20:47 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

    2013-02-12 18:56 - 2013-01-03 20:47 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

    2013-02-12 18:56 - 2013-01-03 00:00 - 01913192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

    2013-02-12 18:56 - 2013-01-03 00:00 - 00288088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS

    2013-02-09 19:16 - 2013-02-09 19:16 - 00002055 ____A C:\Users\Swag\Desktop\foobar2000 - Shortcut.lnk

    2013-02-06 20:36 - 2013-02-06 20:36 - 01464149 ____A (Farbar) C:\Users\Swag\Downloads\FRST64.exe

    2013-02-05 21:35 - 2013-02-05 21:35 - 00000000 ____D C:\Users\Swag\Application Data\Mozilla

    2013-02-05 21:35 - 2013-02-05 21:35 - 00000000 ____D C:\Users\Swag\AppData\Roaming\Mozilla

    2013-02-04 21:11 - 2013-02-04 21:11 - 05487016 ____A (Microsoft Corporation) C:\Users\Swag\Downloads\Windows8-UpgradeAssistant (2).exe

    2013-01-27 11:37 - 2013-01-27 11:49 - 171822579 ____A C:\Users\Swag\Downloads\cm-10.1-20130127-NIGHTLY-d2spr.zip

    2013-01-27 08:21 - 2013-01-27 08:21 - 05442160 ____A (Microsoft Corporation) C:\Users\Swag\Downloads\Windows8-UpgradeAssistant (1).exe

    2013-01-26 22:11 - 2013-01-26 22:12 - 00000000 ____D C:\Users\Swag\Last.Man.Standing.S01

    2013-01-26 12:18 - 2013-01-26 12:19 - 07964160 ____A C:\Users\Swag\Downloads\APP_Quickset_W78_A07_HP6F0-Setup_ZPE.exe

    2013-01-26 09:39 - 2013-01-26 09:39 - 05442160 ____A (Microsoft Corporation) C:\Users\Swag\Downloads\Windows8-UpgradeAssistant.exe

    2013-01-21 12:33 - 2013-01-21 12:33 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_point64_01011.Wdf

    2013-01-21 12:33 - 2013-01-21 12:33 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_NuidFltr_01009.Wdf

    2013-01-21 12:33 - 2013-01-21 12:33 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center

    2013-01-21 12:27 - 2013-01-21 12:27 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_dc3d_01011.Wdf

    2013-01-20 12:53 - 2013-01-20 13:35 - 00000000 ____D C:\Users\Swag\We.Are.Legion.2012.DVDRip.x264-NOGRP

    2013-01-20 10:24 - 2013-01-20 10:32 - 00000000 ____D C:\Users\Swag\Act of Valor (2012) [1080p]

    ==================== One Month Modified Files and Folders =======

    2013-02-19 21:31 - 2013-02-19 21:31 - 00000000 ____D C:\FRST

    2013-02-19 21:25 - 2012-02-24 03:50 - 00000000 ____D C:\Users\Default\Local Settings\SoftThinks

    2013-02-19 21:25 - 2012-02-24 03:50 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\SoftThinks

    2013-02-19 21:25 - 2012-02-24 03:50 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks

    2013-02-19 21:25 - 2012-02-24 03:50 - 00000000 ____D C:\Users\Default User\Local Settings\SoftThinks

    2013-02-19 21:25 - 2012-02-24 03:50 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\SoftThinks

    2013-02-19 21:25 - 2012-02-24 03:50 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks

    2013-02-19 21:25 - 2012-02-24 03:43 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup

    2013-02-19 21:24 - 2012-03-11 20:33 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1776734167-4077454340-648305318-1001Core.job

    2013-02-19 21:24 - 2012-03-06 16:02 - 00000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1776734167-4077454340-648305318-1001Core.job

    2013-02-19 21:24 - 2012-02-24 03:24 - 01084029 ____A C:\Windows\WindowsUpdate.log

    2013-02-19 21:24 - 2009-07-13 23:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

    2013-02-19 21:24 - 2009-07-13 22:51 - 00084124 ____A C:\Windows\setupact.log

    2013-02-19 21:23 - 2013-02-19 21:23 - 01464401 ____A (Farbar) C:\Users\Swag\Downloads\FRST64 (1).exe

    2013-02-19 21:22 - 2009-07-13 23:13 - 00778834 ____A C:\Windows\System32\PerfStringBackup.INI

    2013-02-19 21:20 - 2012-09-05 05:51 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

    2013-02-19 21:20 - 2012-03-11 20:33 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1776734167-4077454340-648305318-1001UA.job

    2013-02-19 21:20 - 2012-03-06 16:02 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1776734167-4077454340-648305318-1001UA.job

    2013-02-18 07:54 - 2009-07-13 22:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

    2013-02-18 07:54 - 2009-07-13 22:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

    2013-02-17 22:35 - 2012-03-06 21:12 - 00000000 ____D C:\Users\Swag\Local Settings\CrashDumps

    2013-02-17 22:35 - 2012-03-06 21:12 - 00000000 ____D C:\Users\Swag\Local Settings\Application Data\CrashDumps

    2013-02-17 22:35 - 2012-03-06 21:12 - 00000000 ____D C:\Users\Swag\AppData\Local\CrashDumps

    2013-02-17 22:33 - 2012-03-06 16:46 - 00000000 ____D C:\Users\Swag\Application Data\Spotify

    2013-02-17 22:33 - 2012-03-06 16:46 - 00000000 ____D C:\Users\Swag\AppData\Roaming\Spotify

    2013-02-17 22:32 - 2012-05-26 10:06 - 00000000 ____D C:\Users\Swag\Application Data\uTorrent

    2013-02-17 22:32 - 2012-05-26 10:06 - 00000000 ____D C:\Users\Swag\AppData\Roaming\uTorrent

    2013-02-17 22:28 - 2012-03-06 16:47 - 00000000 ____D C:\Users\Swag\Local Settings\Spotify

    2013-02-17 22:28 - 2012-03-06 16:47 - 00000000 ____D C:\Users\Swag\Local Settings\Application Data\Spotify

    2013-02-17 22:28 - 2012-03-06 16:47 - 00000000 ____D C:\Users\Swag\AppData\Local\Spotify

    2013-02-17 18:42 - 2013-02-17 18:02 - 00000000 ____D C:\Users\Swag\Project X (2012) [1080p]

    2013-02-17 18:04 - 2013-02-17 17:57 - 00000000 ____D C:\Users\Swag\Halo.4.Forward.Unto.Dawn.2012.BDRip.XviD-GECKOS

    2013-02-17 18:02 - 2012-03-06 15:50 - 00000000 ____D C:\users\Swag

    2013-02-15 09:26 - 2009-07-13 22:45 - 00276128 ____A C:\Windows\System32\FNTCACHE.DAT

    2013-02-15 07:59 - 2012-03-11 20:29 - 70004024 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

    2013-02-15 07:52 - 2012-02-24 03:58 - 00000000 ____D C:\Program Files\Common Files\mcafee

    2013-02-15 07:52 - 2010-11-20 21:47 - 00032232 ____A C:\Windows\PFRO.log

    2013-02-13 21:59 - 2012-11-29 14:12 - 00000000 ____D C:\Users\Swag\Application Data\foobar2000

    2013-02-13 21:59 - 2012-11-29 14:12 - 00000000 ____D C:\Users\Swag\AppData\Roaming\foobar2000

    2013-02-12 18:25 - 2012-03-09 19:19 - 00000000 ____D C:\Users\Swag\Application Data\Skype

    2013-02-12 18:25 - 2012-03-09 19:19 - 00000000 ____D C:\Users\Swag\AppData\Roaming\Skype

    2013-02-12 16:37 - 2012-04-16 08:12 - 00000000 ____D C:\Program Files\Dell Support Center

    2013-02-12 16:36 - 2012-03-06 16:00 - 00000000 ____D C:\Users\All Users\PCDr

    2013-02-12 16:36 - 2012-03-06 16:00 - 00000000 ____D C:\Users\All Users\Application Data\PCDr

    2013-02-10 20:28 - 2012-09-05 05:51 - 00697712 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

    2013-02-10 20:28 - 2012-02-24 03:25 - 00074096 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

    2013-02-09 19:16 - 2013-02-09 19:16 - 00002055 ____A C:\Users\Swag\Desktop\foobar2000 - Shortcut.lnk

    2013-02-09 19:00 - 2012-08-08 19:31 - 00000000 ____D C:\Users\Swag\Application Data\vlc

    2013-02-09 19:00 - 2012-08-08 19:31 - 00000000 ____D C:\Users\Swag\AppData\Roaming\vlc

    2013-02-09 19:00 - 2012-06-30 07:49 - 00002070 ____A C:\Users\Swag\Application Data\AbsoluteReminder.xml

    2013-02-09 19:00 - 2012-06-30 07:49 - 00002070 ____A C:\Users\Swag\AppData\Roaming\AbsoluteReminder.xml

    2013-02-06 20:36 - 2013-02-06 20:36 - 01464149 ____A (Farbar) C:\Users\Swag\Downloads\FRST64.exe

    2013-02-05 21:35 - 2013-02-05 21:35 - 00000000 ____D C:\Users\Swag\Application Data\Mozilla

    2013-02-05 21:35 - 2013-02-05 21:35 - 00000000 ____D C:\Users\Swag\AppData\Roaming\Mozilla

    2013-02-04 21:11 - 2013-02-04 21:11 - 05487016 ____A (Microsoft Corporation) C:\Users\Swag\Downloads\Windows8-UpgradeAssistant (2).exe

    2013-02-03 17:57 - 2012-02-24 03:58 - 00000000 ____D C:\Users\All Users\Application Data\Adobe

    2013-02-03 17:56 - 2012-02-24 03:58 - 00000000 ____D C:\Users\All Users\Adobe

    2013-01-27 11:49 - 2013-01-27 11:37 - 171822579 ____A C:\Users\Swag\Downloads\cm-10.1-20130127-NIGHTLY-d2spr.zip

    2013-01-27 08:21 - 2013-01-27 08:21 - 05442160 ____A (Microsoft Corporation) C:\Users\Swag\Downloads\Windows8-UpgradeAssistant (1).exe

    2013-01-27 01:29 - 2013-01-05 10:42 - 00000000 ____D C:\Users\Swag\The Big Bang Theory Season 3 Complete 720p

    2013-01-26 22:12 - 2013-01-26 22:11 - 00000000 ____D C:\Users\Swag\Last.Man.Standing.S01

    2013-01-26 12:19 - 2013-01-26 12:18 - 07964160 ____A C:\Users\Swag\Downloads\APP_Quickset_W78_A07_HP6F0-Setup_ZPE.exe

    2013-01-26 09:39 - 2013-01-26 09:39 - 05442160 ____A (Microsoft Corporation) C:\Users\Swag\Downloads\Windows8-UpgradeAssistant.exe

    2013-01-23 20:47 - 2013-01-11 05:32 - 00152654 ____A C:\Users\Swag\Downloads\OTL.Txt

    2013-01-21 12:34 - 2012-03-06 15:51 - 00060064 ____A C:\Users\Swag\Local Settings\GDIPFONTCACHEV1.DAT

    2013-01-21 12:34 - 2012-03-06 15:51 - 00060064 ____A C:\Users\Swag\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

    2013-01-21 12:34 - 2012-03-06 15:51 - 00060064 ____A C:\Users\Swag\AppData\Local\GDIPFONTCACHEV1.DAT

    2013-01-21 12:33 - 2013-01-21 12:33 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_point64_01011.Wdf

    2013-01-21 12:33 - 2013-01-21 12:33 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_NuidFltr_01009.Wdf

    2013-01-21 12:33 - 2013-01-21 12:33 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center

    2013-01-21 12:27 - 2013-01-21 12:27 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_dc3d_01011.Wdf

    2013-01-20 13:35 - 2013-01-20 12:53 - 00000000 ____D C:\Users\Swag\We.Are.Legion.2012.DVDRip.x264-NOGRP

    2013-01-20 10:32 - 2013-01-20 10:24 - 00000000 ____D C:\Users\Swag\Act of Valor (2012) [1080p]

    ==================== Known DLLs (Whitelisted) =================

    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit

    C:\Windows\System32\wininit.exe => MD5 is legit

    C:\Windows\SysWOW64\wininit.exe => MD5 is legit

    C:\Windows\explorer.exe => MD5 is legit

    C:\Windows\SysWOW64\explorer.exe => MD5 is legit

    C:\Windows\System32\svchost.exe => MD5 is legit

    C:\Windows\SysWOW64\svchost.exe => MD5 is legit

    C:\Windows\System32\services.exe => MD5 is legit

    C:\Windows\System32\User32.dll => MD5 is legit

    C:\Windows\SysWOW64\User32.dll => MD5 is legit

    C:\Windows\System32\userinit.exe => MD5 is legit

    C:\Windows\SysWOW64\userinit.exe => MD5 is legit

    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK

    HKLM\...\exefile\DefaultIcon: %1 => OK

    HKLM\...\exefile\open\command: "%1" %* => OK

    ==================== Restore Points =========================

    Restore point made on: 2013-01-21 09:54:34

    Restore point made on: 2013-01-21 12:33:37

    Restore point made on: 2013-01-29 00:00:13

    Restore point made on: 2013-02-12 17:31:07

    Restore point made on: 2013-02-15 07:56:25

    ==================== Memory info ===========================

    Percentage of memory in use: 16%

    Total physical RAM: 3406.59 MB

    Available physical RAM: 2832.63 MB

    Total Pagefile: 3404.79 MB

    Available Pagefile: 2835.09 MB

    Total Virtual: 8192 MB

    Available Virtual: 8191.89 MB

    ==================== Partitions =============================

    1 Drive c: (OS) (Fixed) (Total:212.18 GB) (Free:55.75 GB) NTFS

    2 Drive d: (RECOVERY) (Fixed) (Total:18.25 GB) (Free:8.02 GB) NTFS ==>[system with boot components (obtained from reading drive)]

    3 Drive e: () (Removable) (Total:7.45 GB) (Free:7.45 GB) FAT32

    4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

    Disk ### Status Size Free Dyn Gpt

    -------- ------------- ------- ------- --- ---

    Disk 0 Online 238 GB 0 B

    Disk 1 Online 7633 MB 0 B

    Partitions of Disk 0:

    ===============

    Disk ID: 25B19847

    Partition ### Type Size Offset

    ------------- ---------------- ------- -------

    Partition 1 OEM 39 MB 31 KB

    Partition 2 Primary 18 GB 40 MB

    Partition 3 Primary 212 GB 18 GB

    Partition 4 OEM 8 GB 230 GB

    ==================================================================================

    Disk: 0

    Partition 1

    Type : DE

    Hidden: Yes

    Active: No

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 3 FAT Partition 39 MB Healthy Hidden

    =========================================================

    Disk: 0

    Partition 2

    Type : 07

    Hidden: No

    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 0 D RECOVERY NTFS Partition 18 GB Healthy

    =========================================================

    Disk: 0

    Partition 3

    Type : 07

    Hidden: No

    Active: No

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 1 C OS NTFS Partition 212 GB Healthy

    =========================================================

    Disk: 0

    Partition 4

    Type : 84

    Hidden: Yes

    Active: No

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 3 RAW Partition 8 GB Healthy Hidden

    =========================================================

    Partitions of Disk 1:

    ===============

    Disk ID: 00000000

    Partition ### Type Size Offset

    ------------- ---------------- ------- -------

    Partition 1 Primary 7633 MB 16 KB

    ==================================================================================

    Disk: 1

    Partition 1

    Type : 0B

    Hidden: No

    Active: No

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 2 E FAT32 Removable 7633 MB Healthy

    =========================================================

    Last Boot: 2013-02-16 04:22

    ==================== End Of Log =============================

    pup.bundleoffers :( need help

    in Resolved Malware Removal Logs

    Posted

    Still have the ad sliding out occasionally

    OTL logfile created on: 1/23/2013 8:40:08 PM - Run 2

    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Swag\Downloads

    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

    Internet Explorer (Version = 9.0.8112.16421)

    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.33 Gb Total Physical Memory | 1.07 Gb Available Physical Memory | 32.19% Memory free

    6.65 Gb Paging File | 3.14 Gb Available in Paging File | 47.19% Paging File free

    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

    Drive C: | 212.18 Gb Total Space | 72.80 Gb Free Space | 34.31% Space Free | Partition Type: NTFS

    Computer Name: SWAG-PC | User Name: Swag | Logged in as Administrator.

    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/01/11 05:24:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Swag\Downloads\OTL.exe

    PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

    PRC - [2012/12/11 18:37:26 | 000,079,384 | ---- | M] (Google) -- C:\Users\Swag\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

    PRC - [2012/10/28 13:52:22 | 007,880,664 | ---- | M] (Spotify Ltd) -- C:\Users\Swag\AppData\Roaming\Spotify\spotify.exe

    PRC - [2012/10/28 13:52:22 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:\Users\Swag\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

    PRC - [2012/10/09 09:22:48 | 000,173,568 | ---- | M] (Dell Products, LP.) -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

    PRC - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    PRC - [2011/10/18 11:50:10 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

    PRC - [2011/10/18 11:50:04 | 001,354,064 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

    PRC - [2011/10/18 11:49:52 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

    PRC - [2011/10/18 11:49:48 | 000,846,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe

    PRC - [2011/09/28 16:18:02 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

    PRC - [2011/09/22 10:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

    PRC - [2011/09/22 10:11:26 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

    PRC - [2011/09/22 10:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

    PRC - [2011/09/21 10:30:12 | 004,109,312 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

    PRC - [2011/08/19 11:34:32 | 002,013,168 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe

    PRC - [2011/08/19 11:34:32 | 000,096,240 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

    PRC - [2011/08/19 11:34:28 | 002,451,440 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe

    PRC - [2011/08/08 18:26:12 | 000,475,200 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe

    PRC - [2011/08/08 18:26:00 | 000,891,456 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DMR.exe

    PRC - [2011/07/06 19:24:24 | 000,184,320 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\irstrtsv.exe

    PRC - [2011/05/04 12:40:18 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    PRC - [2011/05/04 12:40:14 | 000,326,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    PRC - [2011/04/13 10:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

    PRC - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

    PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe

    ========== Modules (No Company Name) ==========

    MOD - [2013/01/09 20:00:14 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\07ea9ea39e1fddc8e4fe8850c849309e\System.WorkflowServices.ni.dll

    MOD - [2013/01/09 20:00:00 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll

    MOD - [2013/01/09 19:59:56 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll

    MOD - [2013/01/09 19:59:10 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll

    MOD - [2013/01/09 19:06:45 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll

    MOD - [2013/01/09 19:06:31 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll

    MOD - [2013/01/09 19:06:29 | 001,084,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll

    MOD - [2013/01/09 19:06:27 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll

    MOD - [2013/01/09 19:01:55 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll

    MOD - [2013/01/09 19:01:47 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll

    MOD - [2013/01/09 19:01:33 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a013e3b347de5b1b608daebdff0d46c0\PresentationFramework.ni.dll

    MOD - [2013/01/09 19:01:19 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll

    MOD - [2013/01/09 19:01:13 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll

    MOD - [2013/01/09 19:01:11 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll

    MOD - [2013/01/09 19:01:02 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll

    MOD - [2013/01/09 19:00:57 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll

    MOD - [2013/01/09 19:00:53 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll

    MOD - [2013/01/09 19:00:52 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll

    MOD - [2013/01/09 19:00:47 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll

    MOD - [2013/01/07 18:06:22 | 000,460,392 | ---- | M] () -- C:\Users\Swag\AppData\Local\Google\Chrome\Application\24.0.1312.52\ppgooglenaclpluginchrome.dll

    MOD - [2013/01/07 18:06:21 | 012,459,624 | ---- | M] () -- C:\Users\Swag\AppData\Local\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll

    MOD - [2013/01/07 18:06:19 | 004,012,648 | ---- | M] () -- C:\Users\Swag\AppData\Local\Google\Chrome\Application\24.0.1312.52\pdf.dll

    MOD - [2013/01/07 18:05:29 | 000,598,120 | ---- | M] () -- C:\Users\Swag\AppData\Local\Google\Chrome\Application\24.0.1312.52\libglesv2.dll

    MOD - [2013/01/07 18:05:28 | 000,124,520 | ---- | M] () -- C:\Users\Swag\AppData\Local\Google\Chrome\Application\24.0.1312.52\libegl.dll

    MOD - [2013/01/07 18:05:25 | 001,553,000 | ---- | M] () -- C:\Users\Swag\AppData\Local\Google\Chrome\Application\24.0.1312.52\ffmpegsumo.dll

    MOD - [2012/10/28 13:52:22 | 020,220,376 | ---- | M] () -- C:\Users\Swag\AppData\Roaming\Spotify\Data\libcef.dll

    MOD - [2011/09/22 10:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

    MOD - [2011/08/19 11:34:44 | 000,089,584 | ---- | M] () -- C:\Windows\SysWOW64\FAIEExtension.dll

    MOD - [2011/08/19 11:34:32 | 000,059,888 | ---- | M] () -- C:\Windows\SysWOW64\FAib.dll

    MOD - [2011/08/19 11:34:22 | 000,251,888 | ---- | M] () -- C:\Windows\SysWOW64\FACrashRpt.dll

    MOD - [2011/08/08 18:26:12 | 000,475,200 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe

    MOD - [2011/08/08 18:26:00 | 000,891,456 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DMR.exe

    MOD - [2011/07/17 10:35:36 | 000,058,944 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DataService.dll

    MOD - [2011/07/06 16:53:52 | 000,068,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\DMRUI.dll

    MOD - [2011/06/24 23:20:26 | 000,565,968 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll

    MOD - [2010/03/22 15:52:42 | 006,776,832 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll

    MOD - [2010/03/16 20:28:28 | 000,326,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll

    MOD - [2010/03/16 20:28:16 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll

    MOD - [2010/03/16 20:28:04 | 001,926,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll

    MOD - [2010/03/11 19:52:34 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll

    MOD - [2010/03/11 19:52:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll

    MOD - [2010/03/05 15:07:58 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll

    MOD - [2010/03/05 15:07:58 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll

    MOD - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe

    MOD - [2007/09/02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll

    MOD - [2007/04/19 08:28:58 | 000,436,992 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\fpxlib.dll

    MOD - [2007/04/13 09:39:14 | 000,252,672 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\kgl.dll

    ========== Services (SafeList) ==========

    SRV:64bit: - [2012/11/16 21:10:22 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)

    SRV:64bit: - [2012/11/09 06:37:30 | 000,177,680 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)

    SRV:64bit: - [2012/11/09 06:34:50 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)

    SRV:64bit: - [2012/11/09 06:33:08 | 000,241,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)

    SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)

    SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)

    SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)

    SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)

    SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)

    SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)

    SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)

    SRV:64bit: - [2012/05/09 16:09:46 | 000,200,808 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)

    SRV:64bit: - [2011/11/10 12:15:06 | 000,121,856 | ---- | M] () [Auto | Running] -- c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)

    SRV:64bit: - [2011/09/15 18:41:28 | 001,518,352 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)

    SRV:64bit: - [2011/09/15 18:28:06 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)

    SRV:64bit: - [2011/09/15 18:24:52 | 000,844,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)

    SRV:64bit: - [2011/09/15 09:54:46 | 001,166,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)

    SRV:64bit: - [2011/06/03 12:51:38 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)

    SRV:64bit: - [2011/03/08 17:00:50 | 000,224,704 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)

    SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

    SRV:64bit: - [2009/11/17 18:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)

    SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

    SRV - [2013/01/08 18:27:58 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

    SRV - [2013/01/08 15:19:46 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

    SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

    SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

    SRV - [2012/10/09 09:22:48 | 000,173,568 | ---- | M] (Dell Products, LP.) [Auto | Running] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)

    SRV - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

    SRV - [2011/10/18 11:50:10 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)

    SRV - [2011/10/18 11:50:04 | 001,354,064 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)

    SRV - [2011/10/18 11:49:52 | 000,936,272 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)

    SRV - [2011/09/28 16:18:02 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)

    SRV - [2011/09/22 10:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)

    SRV - [2011/08/19 11:34:28 | 002,451,440 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)

    SRV - [2011/07/06 19:24:24 | 000,184,320 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysWOW64\irstrtsv.exe -- (irstrtsv)

    SRV - [2011/05/04 12:40:18 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)

    SRV - [2011/05/04 12:40:14 | 000,326,424 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)

    SRV - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)

    SRV - [2010/08/25 20:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)

    SRV - [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

    SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

    DRV:64bit: - [2012/11/09 06:40:24 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)

    DRV:64bit: - [2012/11/09 06:37:42 | 000,339,776 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)

    DRV:64bit: - [2012/11/09 06:36:30 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)

    DRV:64bit: - [2012/11/09 06:35:50 | 000,771,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)

    DRV:64bit: - [2012/11/09 06:34:58 | 000,515,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)

    DRV:64bit: - [2012/11/09 06:34:18 | 000,309,400 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)

    DRV:64bit: - [2012/11/09 06:33:58 | 000,178,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)

    DRV:64bit: - [2012/11/02 15:38:36 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)

    DRV:64bit: - [2012/11/02 15:38:36 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)

    DRV:64bit: - [2012/09/28 21:52:10 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)

    DRV:64bit: - [2012/09/19 09:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)

    DRV:64bit: - [2012/09/19 09:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)

    DRV:64bit: - [2012/04/20 15:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)

    DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

    DRV:64bit: - [2012/02/24 05:18:11 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

    DRV:64bit: - [2012/02/24 05:18:11 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

    DRV:64bit: - [2011/12/08 16:40:38 | 000,079,872 | ---- | M] (Cypress Semiconductor, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cymfltr.sys -- (cymfltrService)

    DRV:64bit: - [2011/12/08 16:40:36 | 000,117,248 | ---- | M] (Cypress Semiconductor, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cyhid.sys -- (cyhid)

    DRV:64bit: - [2011/11/10 12:07:08 | 000,044,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)

    DRV:64bit: - [2011/11/10 12:07:06 | 000,025,024 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)

    DRV:64bit: - [2011/10/18 22:35:58 | 000,013,824 | ---- | M] (Cypress Semiconductor, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cykbfltr.sys -- (cykbfltrService)

    DRV:64bit: - [2011/10/11 13:08:00 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)

    DRV:64bit: - [2011/10/10 16:43:16 | 000,288,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)

    DRV:64bit: - [2011/10/04 14:04:30 | 000,215,296 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)

    DRV:64bit: - [2011/10/04 14:04:30 | 000,070,912 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)

    DRV:64bit: - [2011/09/18 05:26:52 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)

    DRV:64bit: - [2011/09/15 09:48:24 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)

    DRV:64bit: - [2011/09/15 09:48:24 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)

    DRV:64bit: - [2011/09/08 16:20:56 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)

    DRV:64bit: - [2011/09/08 16:20:56 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)

    DRV:64bit: - [2011/08/29 16:32:18 | 000,053,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)

    DRV:64bit: - [2011/07/19 17:39:56 | 012,287,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

    DRV:64bit: - [2011/06/16 08:50:08 | 000,026,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\irstrtdv.sys -- (irstrtdv)

    DRV:64bit: - [2011/05/20 12:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

    DRV:64bit: - [2011/05/13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)

    DRV:64bit: - [2011/01/20 11:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)

    DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

    DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

    DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

    DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)

    DRV:64bit: - [2010/10/15 04:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)

    DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

    DRV:64bit: - [2010/02/26 18:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

    DRV:64bit: - [2009/10/02 16:29:24 | 000,056,320 | ---- | M] (ASIX Electronics Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ax88178.sys -- (AX88178)

    DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

    DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

    DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

    DRV:64bit: - [2009/07/13 18:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)

    DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

    DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

    DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

    DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

    DRV:64bit: - [2008/09/24 20:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\facap.sys -- (FACAP)

    DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)

    DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

    DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

    ========== Standard Registry (SafeList) ==========

    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}

    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    IE - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}

    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

    IE - HKCU\..\SearchScopes,DefaultScope = {25946E0D-9F7A-4887-ADEA-F4953ECCBC44}

    IE - HKCU\..\SearchScopes\{25946E0D-9F7A-4887-ADEA-F4953ECCBC44}: "URL" = http://www.bing.com/search?FORM=UP21DF&PC=UP21&dt=011313&q={searchTerms}&src=IE-SearchBox

    IE - HKCU\..\SearchScopes\{2834E9C8-4F62-47D8-9F94-518C8E661BEE}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

    IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcSearchScopes

    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

    FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

    FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()

    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Swag\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Swag\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Swag\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Swag\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Swag\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fassoxpcom@sensiblevision.com: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2012/02/24 03:48:46 | 000,000,000 | ---D | M]

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/12/11 17:20:54 | 000,000,000 | ---D | M]

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013/01/18 17:38:43 | 000,000,000 | ---D | M]

    ========== Chrome ==========

    CHR - homepage: http://g.msn.com/USCON/1

    CHR - default_search_provider: Google (Enabled)

    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},

    CHR - homepage: http://g.msn.com/USCON/1

    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

    CHR - plugin: Native Client (Enabled) = C:\Users\Swag\AppData\Local\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll

    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Swag\AppData\Local\Google\Chrome\Application\24.0.1312.52\pdf.dll

    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Swag\AppData\Local\Google\Chrome\Application\24.0.1312.52\gcswf32.dll

    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

    CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll

    CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll

    CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

    CHR - plugin: Google Update (Enabled) = C:\Users\Swag\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll

    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

    CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll

    CHR - plugin: Default Plug-in (Enabled) = default_plugin

    CHR - Extension: YouTube = C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

    CHR - Extension: Adblock Plus = C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\

    CHR - Extension: Google Search = C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

    CHR - Extension: Google Calendar = C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\

    CHR - Extension: Google +1 Button = C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp\1.1.2.424_0\

    CHR - Extension: Man of Steel = C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Extensions\knfmphhfikndpfbllhdojajhgpmlnlef\1_0\

    CHR - Extension: Hover Zoom = C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\4.9_0\

    CHR - Extension: Gmail = C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

    O1 HOSTS File: ([2013/01/10 16:01:51 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

    O1 - Hosts: 127.0.0.1 localhost

    O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120630100026.dll (McAfee, Inc.)

    O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

    O2:64bit: - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )

    O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

    O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120630100026.dll (McAfee, Inc.)

    O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

    O2 - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )

    O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

    O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

    O4:64bit: - HKLM..\Run: [bTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)

    O4:64bit: - HKLM..\Run: [CyCpIo] C:\Program Files\Cypress\TrackPad\CyCpIo.exe (Cypress Semiconductor Corporation)

    O4:64bit: - HKLM..\Run: [CyHidWin] C:\Program Files\Cypress\TrackPad\CyHidWin.exe (Cypress Semiconductor, Inc.)

    O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()

    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

    O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

    O4:64bit: - HKLM..\Run: [intelliPoint] c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)

    O4:64bit: - HKLM..\Run: [intelliType Pro] c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)

    O4:64bit: - HKLM..\Run: [intelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)

    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

    O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

    O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

    O4:64bit: - HKLM..\Run: [stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()

    O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()

    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

    O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)

    O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

    O4 - HKLM..\Run: [FAStartup] File not found

    O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )

    O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

    O4 - HKCU..\Run: [Facebook Update] C:\Users\Swag\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

    O4 - HKCU..\Run: [googletalk] C:\Users\Swag\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)

    O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()

    O4 - HKCU..\Run: [spotify Web Helper] C:\Users\Swag\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

    O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found

    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)

    O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

    O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

    O13 - gopher Prefix: missing

    O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)

    O16:64bit: - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9EAB716A-8BA9-43B9-BC10-7BAC604D05D6}: DhcpNameServer = 18.0.0.1 18.0.0.3

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BBCA90FC-C7F9-403B-91C0-DD33AB07FD41}: DhcpNameServer = 192.168.0.1

    O18:64bit: - Protocol\Handler\cozi - No CLSID value found

    O18:64bit: - Protocol\Handler\livecall - No CLSID value found

    O18:64bit: - Protocol\Handler\msnim - No CLSID value found

    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

    O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

    O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)

    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

    O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)

    O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)

    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

    O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll (Sensible Vision )

    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

    O32 - HKLM CDRom: AutoRun - 1

    O34 - HKLM BootExecute: (autocheck autochk *)

    O35:64bit: - HKLM\..comfile [open] -- "%1" %*

    O35:64bit: - HKLM\..exefile [open] -- "%1" %*

    O35 - HKLM\..comfile [open] -- "%1" %*

    O35 - HKLM\..exefile [open] -- "%1" %*

    O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

    O37 - HKLM\...com [@ = ComFile] -- "%1" %*

    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/01/23 20:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

    [2013/01/21 12:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center

    [2013/01/21 12:33:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center

    [2013/01/20 12:53:43 | 000,000,000 | ---D | C] -- C:\Users\Swag\We.Are.Legion.2012.DVDRip.x264-NOGRP

    [2013/01/20 10:24:33 | 000,000,000 | ---D | C] -- C:\Users\Swag\Act of Valor (2012) [1080p]

    [2013/01/19 19:47:03 | 000,000,000 | ---D | C] -- C:\Users\Swag\That's My Boy (2012) 720p BRRip x264 AAC-Anarchy

    [2013/01/18 17:35:40 | 000,000,000 | ---D | C] -- C:\Users\Swag\Desktop\mbar

    [2013/01/16 18:30:43 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT

    [2013/01/16 18:30:27 | 000,000,000 | ---D | C] -- C:\JRT

    [2013/01/14 18:45:31 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro

    [2013/01/13 20:04:26 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll

    [2013/01/13 06:00:45 | 002,674,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll

    [2013/01/13 06:00:45 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll

    [2013/01/13 06:00:45 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl

    [2013/01/13 06:00:45 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll

    [2013/01/13 06:00:45 | 000,376,936 | ---- | C] (Realtek Semiconductor) -- C:\Windows\SysNative\RtkGuiCompLib.dll

    [2013/01/13 06:00:45 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll

    [2013/01/13 06:00:45 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll

    [2013/01/13 06:00:45 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll

    [2013/01/13 06:00:45 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll

    [2013/01/13 06:00:45 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll

    [2013/01/13 06:00:45 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll

    [2013/01/13 06:00:44 | 008,363,864 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll

    [2013/01/13 06:00:44 | 005,096,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCORES64.dat

    [2013/01/13 06:00:44 | 003,615,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll

    [2013/01/13 06:00:44 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll

    [2013/01/13 06:00:44 | 001,345,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll

    [2013/01/13 06:00:44 | 001,262,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll

    [2013/01/13 06:00:44 | 001,015,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll

    [2013/01/13 06:00:44 | 000,897,152 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll

    [2013/01/13 06:00:44 | 000,869,520 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll

    [2013/01/13 06:00:44 | 000,753,280 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll

    [2013/01/13 06:00:44 | 000,626,304 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBTHX64.dll

    [2013/01/13 06:00:44 | 000,576,856 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll

    [2013/01/13 06:00:44 | 000,561,792 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBTHX32.dll

    [2013/01/13 06:00:44 | 000,396,632 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll

    [2013/01/13 06:00:44 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll

    [2013/01/13 06:00:44 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll

    [2013/01/13 06:00:44 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll

    [2013/01/13 06:00:44 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll

    [2013/01/13 06:00:44 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll

    [2013/01/13 06:00:44 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll

    [2013/01/13 06:00:44 | 000,105,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll

    [2013/01/13 06:00:44 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll

    [2013/01/13 06:00:44 | 000,083,072 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll

    [2013/01/13 06:00:44 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll

    [2013/01/13 06:00:44 | 000,065,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBppld64.dll

    [2013/01/13 06:00:44 | 000,060,504 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBPPCn64.dll

    [2013/01/13 06:00:43 | 002,533,952 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll

    [2013/01/13 06:00:43 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll

    [2013/01/13 06:00:43 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll

    [2013/01/13 06:00:43 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll

    [2013/01/13 06:00:43 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll

    [2013/01/13 06:00:43 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll

    [2013/01/13 06:00:43 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll

    [2013/01/13 06:00:43 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll

    [2013/01/13 06:00:43 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll

    [2013/01/13 06:00:43 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll

    [2013/01/13 06:00:43 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll

    [2013/01/13 06:00:43 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll

    [2013/01/13 06:00:43 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll

    [2013/01/13 06:00:43 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll

    [2013/01/13 06:00:43 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll

    [2013/01/12 21:18:56 | 000,000,000 | ---D | C] -- C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell

    [2013/01/12 18:59:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

    [2013/01/12 18:59:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

    [2013/01/11 17:38:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

    [2013/01/11 16:54:11 | 000,000,000 | ---D | C] -- C:\Users\Swag\Desktop\RK_Quarantine

    [2013/01/11 16:50:10 | 000,000,000 | ---D | C] -- C:\_OTL

    [2013/01/10 18:55:40 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

    [2013/01/10 16:03:36 | 000,000,000 | ---D | C] -- C:\Windows\temp

    [2013/01/10 15:56:49 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

    [2013/01/10 15:56:49 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

    [2013/01/10 15:56:49 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

    [2013/01/10 15:56:40 | 000,000,000 | ---D | C] -- C:\Qoobox

    [2013/01/10 15:56:32 | 000,000,000 | ---D | C] -- C:\Windows\erdnt

    [2013/01/09 21:29:19 | 000,000,000 | ---D | C] -- C:\Users\Swag\AppData\Roaming\Malwarebytes

    [2013/01/09 21:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

    [2013/01/09 21:29:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

    [2013/01/09 21:29:03 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

    [2013/01/09 21:29:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

    [2013/01/09 21:28:53 | 000,000,000 | ---D | C] -- C:\Users\Swag\AppData\Local\Programs

    [2013/01/09 21:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HLP Free PC Cleaner

    [2013/01/09 21:21:05 | 001,077,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomctl.ocx

    [2013/01/09 21:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HLPSOFT

    [2013/01/09 20:54:54 | 000,000,000 | ---D | C] -- C:\Users\Swag\AppData\Local\Microsoft Games

    [2013/01/09 18:33:42 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll

    [2013/01/09 18:33:42 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll

    [2013/01/09 18:33:27 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll

    [2013/01/09 18:33:26 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll

    [2013/01/09 18:33:20 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs

    [2013/01/09 18:33:20 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs

    [2013/01/09 18:33:20 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs

    [2013/01/09 18:33:20 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs

    [2013/01/09 18:33:19 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs

    [2013/01/09 18:33:19 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs

    [2013/01/09 18:33:19 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs

    [2013/01/09 18:33:19 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs

    [2013/01/09 18:33:19 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs

    [2013/01/09 18:33:19 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs

    [2013/01/09 18:33:19 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs

    [2013/01/09 18:33:19 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs

    [2013/01/09 18:33:19 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs

    [2013/01/09 18:33:19 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs

    [2013/01/09 18:33:19 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs

    [2013/01/09 18:33:19 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs

    [2013/01/09 18:33:19 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs

    [2013/01/09 18:33:19 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs

    [2013/01/09 18:33:18 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll

    [2013/01/09 18:33:18 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll

    [2013/01/09 18:33:18 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll

    [2013/01/09 18:33:18 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll

    [2013/01/09 18:33:18 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs

    [2013/01/09 18:33:18 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs

    [2013/01/09 18:33:16 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs

    [2013/01/09 18:33:16 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs

    [2013/01/09 18:33:16 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs

    [2013/01/09 18:33:16 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs

    [2013/01/09 18:33:16 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs

    [2013/01/09 18:33:16 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs

    [2013/01/09 18:33:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs

    [2013/01/09 18:33:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs

    [2013/01/09 18:32:35 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll

    [2013/01/09 18:32:34 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll

    [2013/01/09 18:32:34 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll

    [2013/01/09 18:32:34 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe

    [2013/01/09 18:32:34 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll

    [2013/01/09 18:32:34 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll

    [2013/01/09 18:32:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll

    [2013/01/09 18:32:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll

    [2013/01/09 18:32:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll

    [2013/01/09 18:32:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll

    [2013/01/09 18:32:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll

    [2013/01/09 18:32:33 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

    [2013/01/09 18:32:33 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll

    [2013/01/09 18:32:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll

    [2013/01/09 18:32:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

    [2013/01/09 18:32:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll

    [2013/01/09 18:32:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

    [2013/01/09 18:32:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll

    [2013/01/09 18:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll

    [2013/01/09 18:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll

    [2013/01/09 18:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

    [2013/01/09 18:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll

    [2013/01/09 18:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

    [2013/01/09 18:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

    [2013/01/09 18:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll

    [2013/01/09 18:32:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

    [2013/01/09 18:32:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll

    [2013/01/09 18:32:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

    [2013/01/09 18:32:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

    [2013/01/09 18:32:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll

    [2013/01/09 18:32:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll

    [2013/01/09 18:32:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

    [2013/01/09 18:32:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll

    [2013/01/09 18:32:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

    [2013/01/09 18:32:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll

    [2013/01/09 18:32:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll

    [2013/01/09 18:32:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

    [2013/01/09 18:32:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll

    [2013/01/09 18:32:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

    [2013/01/09 18:32:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

    [2013/01/09 18:32:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll

    [2013/01/09 18:32:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll

    [2013/01/09 18:32:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

    [2013/01/09 18:32:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

    [2013/01/09 18:32:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll

    [2013/01/09 18:32:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

    [2013/01/09 18:32:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll

    [2013/01/09 18:32:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll

    [2013/01/09 18:32:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

    [2013/01/09 18:32:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll

    [2013/01/09 18:32:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

    [2013/01/09 18:32:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll

    [2013/01/09 18:32:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll

    [2013/01/09 18:32:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

    [2013/01/09 18:32:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll

    [2013/01/09 18:32:30 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe

    [2013/01/09 18:32:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe

    [2013/01/09 18:32:30 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

    [2013/01/09 18:32:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

    [2013/01/09 18:32:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

    [2013/01/09 18:32:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

    [2013/01/09 18:32:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

    [2013/01/09 18:32:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll

    [2013/01/09 18:32:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll

    [2013/01/09 18:32:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll

    [2013/01/09 18:32:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll

    [2013/01/09 18:32:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll

    [2013/01/09 18:32:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll

    [2013/01/09 18:32:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

    [2013/01/09 18:32:09 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe

    [2013/01/06 09:42:08 | 000,000,000 | ---D | C] -- C:\Users\Swag\The.Big.Bang.Theory.S02.720p.HDTV.x264.AC3

    [2013/01/05 10:42:27 | 000,000,000 | ---D | C] -- C:\Users\Swag\The Big Bang Theory Season 3 Complete 720p

    [2013/01/05 10:42:11 | 000,000,000 | ---D | C] -- C:\Users\Swag\The Big Bang Theory - The Complete Season 5 [HDTV] + EXTRA

    [2012/12/31 20:26:36 | 000,000,000 | ---D | C] -- C:\Users\Swag\Ted (2012) [1080p]

    [2012/12/30 20:12:47 | 000,000,000 | ---D | C] -- C:\Users\Swag\Never Back Down (2008) [1080p]

    [2012/12/25 22:56:33 | 000,000,000 | ---D | C] -- C:\Users\Swag\Taylor Swift - Red (Deluxe Edition ) (Album - 2012) - [HP]

    ========== Files - Modified Within 30 Days ==========

    [2013/01/23 20:40:19 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1776734167-4077454340-648305318-1001Core.job

    [2013/01/23 20:30:21 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1776734167-4077454340-648305318-1001UA.job

    [2013/01/23 20:30:14 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1776734167-4077454340-648305318-1001UA.job

    [2013/01/23 20:30:12 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

    [2013/01/23 20:30:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

    [2013/01/22 21:38:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1776734167-4077454340-648305318-1001Core.job

    [2013/01/21 17:47:02 | 000,001,978 | ---- | M] () -- C:\Users\Swag\AppData\Roaming\AbsoluteReminder.xml

    [2013/01/21 12:42:05 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

    [2013/01/21 12:42:05 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

    [2013/01/21 12:41:05 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

    [2013/01/21 12:41:05 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

    [2013/01/21 12:41:05 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

    [2013/01/21 12:34:54 | 000,276,128 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

    [2013/01/21 12:33:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf

    [2013/01/21 12:33:50 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01009.Wdf

    [2013/01/21 12:27:45 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf

    [2013/01/14 18:50:22 | 000,001,096 | ---- | M] () -- C:\Users\Swag\Desktop\HitmanPro_20130114_1849.zip

    [2013/01/14 18:49:11 | 000,011,710 | ---- | M] () -- C:\Users\Swag\Desktop\HitmanPro_20130114_1849.xml

    [2013/01/13 20:05:51 | 000,190,454 | ---- | M] () -- C:\Windows\SysNative\drivers\RTWAVES40.dat

    [2013/01/10 16:01:51 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

    [2013/01/09 21:29:09 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

    [2013/01/09 18:52:49 | 000,773,050 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

    [2013/01/08 18:27:56 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

    [2013/01/08 18:27:56 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

    ========== Files Created - No Company Name ==========

    [2013/01/21 12:33:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf

    [2013/01/21 12:33:50 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01009.Wdf

    [2013/01/21 12:27:45 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf

    [2013/01/14 18:50:22 | 000,001,096 | ---- | C] () -- C:\Users\Swag\Desktop\HitmanPro_20130114_1849.zip

    [2013/01/14 18:49:11 | 000,011,710 | ---- | C] () -- C:\Users\Swag\Desktop\HitmanPro_20130114_1849.xml

    [2013/01/13 06:00:44 | 000,293,889 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT

    [2013/01/10 15:56:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

    [2013/01/10 15:56:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

    [2013/01/10 15:56:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

    [2013/01/10 15:56:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

    [2013/01/10 15:56:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

    [2013/01/09 21:29:09 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

    [2012/11/19 11:12:22 | 168,616,500 | ---- | C] () -- C:\Users\Swag\cm-10-20121118-EXPERIMENTAL-d2spr-bass-bluetooth-test.zip

    [2012/11/18 10:12:11 | 006,898,796 | ---- | C] () -- C:\Users\Swag\Timomatic - Set It Off.mp3

    [2012/06/30 07:49:06 | 000,001,978 | ---- | C] () -- C:\Users\Swag\AppData\Roaming\AbsoluteReminder.xml

    [2012/03/31 11:46:46 | 000,137,732 | ---- | C] () -- C:\Windows\hpoins44.dat

    [2012/03/31 11:46:46 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat

    [2012/02/24 04:58:37 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin

    [2012/02/24 04:58:37 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

    [2012/02/24 04:58:36 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll

    [2012/02/24 04:58:35 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

    [2012/02/24 04:58:34 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll

    [2011/08/19 11:34:44 | 000,089,584 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll

    [2011/08/19 11:34:32 | 000,059,888 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll

    [2011/08/19 11:34:22 | 000,251,888 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll

    [2011/02/10 10:10:51 | 000,773,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

    ========== ZeroAccess Check ==========

    [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    "" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    < End of report >

    pup.bundleoffers :( need help

    in Resolved Malware Removal Logs

    Posted

    Malwarebytes Anti-Rootkit BETA 1.01.0.1016

    www.malwarebytes.org

    Database version: v2013.01.09.01

    Windows 7 Service Pack 1 x64 NTFS

    Internet Explorer 9.0.8112.16421

    Swag :: SWAG-PC [administrator]

    1/18/2013 5:40:54 PM

    mbar-log-2013-01-18 (17-40-54).txt

    Scan type: Quick scan

    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

    Scan options disabled:

    Objects scanned: 28042

    Time elapsed: 3 minute(s), 57 second(s)

    Memory Processes Detected: 0

    (No malicious items detected)

    Memory Modules Detected: 0

    (No malicious items detected)

    Registry Keys Detected: 0

    (No malicious items detected)

    Registry Values Detected: 0

    (No malicious items detected)

    Registry Data Items Detected: 0

    (No malicious items detected)

    Folders Detected: 0

    (No malicious items detected)

    Files Detected: 0

    (No malicious items detected)

    (end)

    ---------------------------------------

    Malwarebytes Anti-Rootkit BETA 1.01.0.1016

    © Malwarebytes Corporation 2011-2012

    OS version: 6.1.7601 Windows 7 Service Pack 1 x64

    Account is Administrative

    Internet Explorer version: 9.0.8112.16421

    File system is: NTFS

    Disk drives: C:\ DRIVE_FIXED

    CPU speed: 1.696000 GHzA

    Memory total: 3572072448, free: 1447620608

    ------------ Kernel report ------------CA

    01/18/2013 17:36:42

    ------------ Loaded modules -----------

    \SystemRoot\system32\ntoskrnl.exe

    \SystemRoot\system32\hal.dll

    \SystemRoot\system32\kdcom.dll

    \SystemRoot\system32\mcupdate_GenuineIntel.dll

    \SystemRoot\system32\PSHED.dll

    \SystemRoot\system32\CLFS.SYS

    \SystemRoot\system32\CI.dll

    \SystemRoot\system32\drivers\Wdf01000.sys

    \SystemRoot\system32\drivers\WDFLDR.SYS

    \SystemRoot\system32\drivers\ACPI.sys

    \SystemRoot\system32\drivers\WMILIB.SYS

    \SystemRoot\system32\drivers\msisadrv.sys

    \SystemRoot\system32\drivers\pci.sys

    \SystemRoot\system32\drivers\vdrvroot.sys

    \SystemRoot\System32\drivers\partmgr.sys

    \SystemRoot\system32\DRIVERS\compbatt.sys

    \SystemRoot\system32\DRIVERS\BATTC.SYS

    \SystemRoot\system32\drivers\volmgr.sys

    \SystemRoot\System32\drivers\volmgrx.sys

    \SystemRoot\System32\drivers\mountmgr.sys

    \SystemRoot\system32\drivers\iaStor.sys

    \SystemRoot\system32\drivers\amdxata.sys

    \SystemRoot\system32\drivers\fltmgr.sys

    \SystemRoot\system32\drivers\fileinfo.sys

    \SystemRoot\system32\drivers\mfehidk.sys

    \SystemRoot\System32\Drivers\PxHlpa64.sys

    \SystemRoot\System32\Drivers\Ntfs.sys

    \SystemRoot\System32\Drivers\msrpc.sys

    \SystemRoot\System32\Drivers\ksecdd.sys

    \SystemRoot\System32\Drivers\cng.sys

    \SystemRoot\System32\drivers\pcw.sys

    \SystemRoot\System32\Drivers\Fs_Rec.sys

    \SystemRoot\system32\drivers\ndis.sys

    \SystemRoot\system32\drivers\NETIO.SYS

    \SystemRoot\System32\Drivers\ksecpkg.sys

    \SystemRoot\System32\drivers\tcpip.sys

    \SystemRoot\System32\drivers\fwpkclnt.sys

    \SystemRoot\system32\drivers\mfewfpk.sys

    \SystemRoot\system32\drivers\volsnap.sys

    \SystemRoot\System32\Drivers\spldr.sys

    \SystemRoot\System32\drivers\rdyboost.sys

    \SystemRoot\System32\Drivers\mup.sys

    \SystemRoot\System32\drivers\hwpolicy.sys

    \SystemRoot\System32\DRIVERS\fvevol.sys

    \SystemRoot\system32\drivers\disk.sys

    \SystemRoot\system32\drivers\CLASSPNP.SYS

    \SystemRoot\System32\Drivers\Null.SYS

    \SystemRoot\System32\Drivers\Beep.SYS

    \SystemRoot\System32\drivers\vga.sys

    \SystemRoot\System32\drivers\VIDEOPRT.SYS

    \SystemRoot\System32\drivers\watchdog.sys

    \SystemRoot\System32\DRIVERS\RDPCDD.sys

    \SystemRoot\system32\drivers\rdpencdd.sys

    \SystemRoot\system32\drivers\rdprefmp.sys

    \SystemRoot\System32\Drivers\Msfs.SYS

    \SystemRoot\System32\Drivers\Npfs.SYS

    \SystemRoot\system32\DRIVERS\tdx.sys

    \SystemRoot\system32\DRIVERS\TDI.SYS

    \SystemRoot\System32\DRIVERS\netbt.sys

    \SystemRoot\system32\drivers\afd.sys

    \SystemRoot\system32\drivers\ws2ifsl.sys

    \SystemRoot\system32\DRIVERS\wfplwf.sys

    \SystemRoot\system32\DRIVERS\pacer.sys

    \SystemRoot\system32\DRIVERS\vwififlt.sys

    \SystemRoot\system32\DRIVERS\netbios.sys

    \SystemRoot\system32\DRIVERS\wanarp.sys

    \SystemRoot\system32\DRIVERS\termdd.sys

    \SystemRoot\system32\DRIVERS\rdbss.sys

    \SystemRoot\system32\drivers\nsiproxy.sys

    \SystemRoot\system32\DRIVERS\mssmbios.sys

    \SystemRoot\System32\drivers\discache.sys

    \SystemRoot\System32\Drivers\dfsc.sys

    \SystemRoot\system32\DRIVERS\blbdrive.sys

    \SystemRoot\system32\DRIVERS\tunnel.sys

    \SystemRoot\system32\DRIVERS\wmiacpi.sys

    \SystemRoot\system32\DRIVERS\igdkmd64.sys

    \SystemRoot\System32\drivers\dxgkrnl.sys

    \SystemRoot\System32\drivers\dxgmms1.sys

    \SystemRoot\system32\DRIVERS\HECIx64.sys

    \SystemRoot\system32\DRIVERS\usbehci.sys

    \SystemRoot\system32\DRIVERS\USBPORT.SYS

    \SystemRoot\system32\DRIVERS\HDAudBus.sys

    \SystemRoot\system32\DRIVERS\NETwNs64.sys

    \SystemRoot\system32\DRIVERS\vwifibus.sys

    \SystemRoot\system32\DRIVERS\USBD.SYS

    \SystemRoot\system32\DRIVERS\i8042prt.sys

    \SystemRoot\system32\DRIVERS\cykbfltr.sys

    \SystemRoot\system32\DRIVERS\ikbevent.sys

    \SystemRoot\system32\DRIVERS\kbdclass.sys

    \SystemRoot\system32\DRIVERS\cymfltr.sys

    \SystemRoot\system32\DRIVERS\mouclass.sys

    \SystemRoot\system32\DRIVERS\CmBatt.sys

    \SystemRoot\system32\DRIVERS\intelppm.sys

    \SystemRoot\system32\DRIVERS\irstrtdv.sys

    \SystemRoot\system32\DRIVERS\ISCTD64.sys

    \SystemRoot\system32\DRIVERS\AMPPAL.sys

    \SystemRoot\system32\DRIVERS\CompositeBus.sys

    \SystemRoot\system32\DRIVERS\cyhid.sys

    \SystemRoot\system32\DRIVERS\HIDCLASS.SYS

    \SystemRoot\system32\DRIVERS\HIDPARSE.SYS

    \SystemRoot\system32\DRIVERS\AgileVpn.sys

    \SystemRoot\system32\DRIVERS\rasl2tp.sys

    \SystemRoot\system32\DRIVERS\ndistapi.sys

    \SystemRoot\system32\DRIVERS\ndiswan.sys

    \SystemRoot\system32\DRIVERS\raspppoe.sys

    \SystemRoot\system32\DRIVERS\raspptp.sys

    \SystemRoot\system32\DRIVERS\rassstp.sys

    \SystemRoot\system32\DRIVERS\swenum.sys

    \SystemRoot\system32\DRIVERS\ks.sys

    \SystemRoot\system32\DRIVERS\iwdbus.sys

    \SystemRoot\system32\DRIVERS\umbus.sys

    \SystemRoot\system32\DRIVERS\usbhub.sys

    \SystemRoot\system32\DRIVERS\mouhid.sys

    \SystemRoot\system32\DRIVERS\kbdhid.sys

    \SystemRoot\System32\Drivers\NDProxy.SYS

    \SystemRoot\system32\drivers\RTKVHD64.sys

    \SystemRoot\system32\drivers\portcls.sys

    \SystemRoot\system32\drivers\drmk.sys

    \SystemRoot\system32\drivers\ksthunk.sys

    \SystemRoot\system32\drivers\HdAudio.sys

    \SystemRoot\system32\drivers\mfeavfk.sys

    \SystemRoot\system32\drivers\mfefirek.sys

    \SystemRoot\System32\Drivers\crashdmp.sys

    \SystemRoot\System32\win32k.sys

    \SystemRoot\System32\drivers\Dxapi.sys

    \SystemRoot\System32\Drivers\dump_iaStor.sys

    \SystemRoot\System32\Drivers\dump_dumpfve.sys

    \SystemRoot\system32\DRIVERS\iBtFltCoex.sys

    \SystemRoot\system32\DRIVERS\btmhsf.sys

    \SystemRoot\System32\Drivers\BTHUSB.sys

    \SystemRoot\System32\Drivers\bthport.sys

    \SystemRoot\system32\DRIVERS\usbccgp.sys

    \SystemRoot\System32\Drivers\usbvideo.sys

    \SystemRoot\system32\DRIVERS\CtClsFlt.sys

    \SystemRoot\system32\DRIVERS\rfcomm.sys

    \SystemRoot\system32\drivers\BthEnum.sys

    \SystemRoot\system32\DRIVERS\bthpan.sys

    \SystemRoot\system32\DRIVERS\btmaux.sys

    \SystemRoot\System32\TSDDD.dll

    \SystemRoot\System32\cdd.dll

    \SystemRoot\system32\drivers\luafv.sys

    \??\C:\Windows\system32\drivers\mbam.sys

    \SystemRoot\system32\DRIVERS\lltdio.sys

    \SystemRoot\system32\DRIVERS\nwifi.sys

    \SystemRoot\system32\DRIVERS\ndisuio.sys

    \SystemRoot\system32\DRIVERS\rspndr.sys

    \SystemRoot\system32\drivers\HTTP.sys

    \SystemRoot\system32\DRIVERS\bowser.sys

    \SystemRoot\System32\drivers\mpsdrv.sys

    \SystemRoot\system32\DRIVERS\mrxsmb.sys

    \SystemRoot\system32\DRIVERS\mrxsmb10.sys

    \SystemRoot\system32\DRIVERS\mrxsmb20.sys

    \SystemRoot\system32\drivers\peauth.sys

    \SystemRoot\System32\Drivers\secdrv.SYS

    \SystemRoot\System32\DRIVERS\srvnet.sys

    \SystemRoot\System32\drivers\tcpipreg.sys

    \SystemRoot\system32\DRIVERS\vwifimp.sys

    \SystemRoot\System32\DRIVERS\srv2.sys

    \SystemRoot\System32\DRIVERS\srv.sys

    \SystemRoot\system32\drivers\WudfPf.sys

    \SystemRoot\system32\DRIVERS\acpials.sys

    \SystemRoot\system32\DRIVERS\WUDFRd.sys

    \SystemRoot\system32\drivers\cfwids.sys

    \SystemRoot\system32\DRIVERS\monitor.sys

    \SystemRoot\system32\drivers\mfeapfk.sys

    \SystemRoot\system32\DRIVERS\FLxHCIc.sys

    \SystemRoot\system32\DRIVERS\FLxHCIh.sys

    \??\C:\Windows\system32\drivers\mbamchameleon.sys

    \??\C:\Windows\system32\drivers\mbamswissarmy.sys

    \Windows\System32\ntdll.dll

    \Windows\System32\smss.exe

    \Windows\System32\apisetschema.dll

    \Windows\System32\autochk.exe

    \Windows\System32\Wldap32.dll

    \Windows\System32\setupapi.dll

    \Windows\System32\user32.dll

    \Windows\System32\urlmon.dll

    \Windows\System32\kernel32.dll

    \Windows\System32\rpcrt4.dll

    \Windows\System32\advapi32.dll

    \Windows\System32\msctf.dll

    \Windows\System32\ole32.dll

    \Windows\System32\oleaut32.dll

    \Windows\System32\psapi.dll

    \Windows\System32\wininet.dll

    \Windows\System32\normaliz.dll

    \Windows\System32\shlwapi.dll

    \Windows\System32\ws2_32.dll

    \Windows\System32\usp10.dll

    \Windows\System32\msvcrt.dll

    \Windows\System32\comdlg32.dll

    \Windows\System32\lpk.dll

    \Windows\System32\clbcatq.dll

    \Windows\System32\nsi.dll

    \Windows\System32\shell32.dll

    \Windows\System32\imm32.dll

    \Windows\System32\imagehlp.dll

    \Windows\System32\difxapi.dll

    \Windows\System32\sechost.dll

    \Windows\System32\iertutil.dll

    \Windows\System32\gdi32.dll

    \Windows\System32\cfgmgr32.dll

    \Windows\System32\comctl32.dll

    \Windows\System32\devobj.dll

    \Windows\System32\KernelBase.dll

    \Windows\System32\crypt32.dll

    \Windows\System32\wintrust.dll

    \Windows\System32\msasn1.dll

    \Windows\SysWOW64\normaliz.dll

    ----------- End -----------

    <<<1>>>

    Upper Device Name: \Device\Harddisk0\DR0

    Upper Device Object: 0xfffffa800615a060

    Upper Device Driver Name: \Driver\Disk\

    Lower Device Name: \Device\Ide\IAAStorageDevice-0\

    Lower Device Object: 0xfffffa8004f1c050

    Lower Device Driver Name: \Driver\iaStor\

    Driver name found: iaStor

    Initialization returned 0x0

    Load Function returned 0x0

    Initializing...

    Done!

    <<<2>>>

    Device number: 0, partition: 3

    Physical Sector Size: 512

    Drive: 0, DevicePointer: 0xfffffa800615a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

    --------- Disk Stack ------

    DevicePointer: 0xfffffa80061579a0, DeviceName: Unknown, DriverName: \Driver\partmgr\

    DevicePointer: 0xfffffa800615a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

    DevicePointer: 0xfffffa8004f1c050, DeviceName: \Device\Ide\IAAStorageDevice-0\, DriverName: \Driver\iaStor\

    ------------ End ----------

    Upper DeviceData: 0xfffff8a00b579680, 0xfffffa800615a060, 0xfffffa8006bfd090

    Lower DeviceData: 0xfffff8a00b4ac990, 0xfffffa8004f1c050, 0xfffffa8006bf8460

    <<<3>>>

    Volume: C:

    File system type: NTFS

    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

    Scanning directory: C:\Windows\system32\drivers...

    Done!

    Drive 0

    Scanning MBR on drive 0...

    Inspecting partition table:

    MBR Signature: 55AA

    Disk Signature: 25B19847

    Partition information:

    Partition 0 type is Other (0xde)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 63 Numsec = 80262

    Partition 1 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 81920 Numsec = 38268928

    Partition file system is NTFS

    Partition is bootable

    Partition 2 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 38350848 Numsec = 444975104

    Partition 3 type is Other (0x84)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 483325952 Numsec = 16789504

    Disk Size: 256060514304 bytes

    Sector size: 512 bytes

    Scanning physical sectors of unpartitioned space on drive 0 (1-62-500098192-500118192)...

    Done!

    Performing system, memory and registry scan...

    Done!

    Scan finished

    =======================================

    pup.bundleoffers :( need help

    in Resolved Malware Removal Logs

    Posted

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Junkware Removal Tool (JRT) by Thisisu

    Version: 4.4.3 (01.15.2013:1)

    OS: Windows 7 Home Premium x64

    Ran by Swag on Wed 01/16/2013 at 18:30:44.72

    Blog: http://thisisudax.blogspot.com

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    ~~~ Services

    ~~~ Registry Values

    ~~~ Registry Keys

    ~~~ Files

    ~~~ Folders

    ~~~ Event Viewer Logs were cleared

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Scan was completed on Wed 01/16/2013 at 18:39:07.07

    End of JRT log

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    pup.bundleoffers :( need help

    in Resolved Malware Removal Logs

    Posted

    <?xml version="1.0"?>

    -<Log filesProcessed="27885" timeSpentInSecs="57" date="2013-01-14T18:46:22" version="3.7.0.185" scan="Normal" windows="6.1.1.7601.X64/4" computer="SWAG-PC">-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:adbrite.com"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:dmtracker.com"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:ford.112.2o7.net"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:hisnakiamotors.122.2o7.net"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:msnbc.112.2o7.net"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Local\Google\Chrome\User Data\Default\Cookies:stat.onestat.com"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\0EERYOG8.txt"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\0FSPZHSQ.txt"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\1OCWP2C3.txt"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\1ZX0WCBE.txt"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\21O62C0B.txt"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\33U26NUW.txt"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\3SCZVJK3.txt"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\8IBLPN8L.txt"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\CQY3ICVR.txt"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\P8D71OD6.txt"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\PK3WT54U.txt"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\R08U4WPV.txt"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\T751549D.txt"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\TLHZLTYT.txt"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\VJI9NP5D.txt"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\XH9VZR03.txt"/></Item>-<Item status="None" score="0.0" type="Cookie"><File path="C:\Users\Swag\AppData\Roaming\Microsoft\Windows\Cookies\XQHSJUWY.txt"/></Item>-<Item status="None" score="22.0" type="Suspicious"><File path="C:\Users\Swag\Downloads\SecurityCheck (2).exe" hash="CDC06415F0B62AC2249E56DB8DEA61258BFBE930F3738F0D6D17EE32F2CB6A8C"/></Item></Log>

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.