Jump to content

BitCoin Miner infection


Recommended Posts

Got this again, not sure how... Haven't downloaded anything that hasn't been legit. :s

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16720  BrowserJavaVersion: 10.40.2
Run by Adam at 11:24:10 on 2013-11-02
Microsoft Windows 7 Enterprise   6.1.7601.1.1252.44.1033.18.12279.7837 [GMT 0:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Synergy\synergyd.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
C:\Windows\vVX3000.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Logitech\SetPointG\SetPointII.exe
K:\Games\Steam\Steam.exe
C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Adam\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\ProgramData\Microsoft\Windows\Time\WindowsTime.exe
C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\n52te\n52teHid.exe
C:\Windows\V0700Mon.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Trillian\trillian.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Xfire\Xfire.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Xfire\xfire64.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe
c:\program files (x86)\trillian\plugins\skypekit.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\mIRC\mirc.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Users\Adam\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Xfire\xfire64.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\ProgramData\Microsoft\Windows\Time\TimeServer.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = local
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
uRun: [Google Update] "C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Facebook Update] "C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [steam] "K:\Games\Steam\steam.exe" -silent
uRun: [F.lux] "C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [spotify Web Helper] "C:\Users\Adam\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [Jomantha] C:\Program Files (x86)\n52te\n52teHid.exe
mRun: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkey
mRun: [V0700Mon.exe] C:\Windows\V0700Mon.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Adam\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Adam\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\Users\Adam\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\NPPPAH~1.LNK - C:\Users\Adam\Dropbox\Scripts\nppp.ahk
StartupFolder: C:\Users\Adam\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\Users\Adam\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe
StartupFolder: C:\Users\Adam\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Xfire.lnk - C:\Program Files (x86)\Xfire\Xfire.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3FD2BAB8-6274-41CA-97EB-014984E410F1} : DHCPNameServer = 82.132.254.2 82.132.254.3
TCP: Interfaces\{4D073B1C-DFD3-4CC9-BE23-9251F3425F7A} : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{5FA91867-B82F-41E7-B910-CAF54A55D45C} : NameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{620FA099-9488-4E0B-AB4D-906A037D85C7} : DHCPNameServer = 82.132.254.3 82.132.254.2
TCP: Interfaces\{9C42958C-9B41-4EF7-A464-B8774AF5C615} : DHCPNameServer = 208.67.220.220 129.250.35.250
TCP: Interfaces\{B7283D90-0732-49C8-8741-0332DA88DE84} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [VX3000] C:\Windows\vVX3000.exe
x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
x64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-Run: [PC Monitor Operations] "C:\Program Files (x86)\PC Monitor\pcmontask.exe"
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Cm108Sound] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Hosts: 192.168.1.41 ubuntuweb
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\jodf3zlh.default\
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Adam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Adam\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Users\Adam\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Adam\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Adam\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Adam\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2009-12-25 297512]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-5-25 283200]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]
R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2011-9-2 21992]
R2 Dokan;Dokan;C:\Windows\System32\drivers\dokan.sys [2011-1-10 120408]
R2 DokanMounter;DokanMounter;C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [2011-1-10 14848]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-1-19 13592]
R2 KinectManagement;Kinect Management;C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe [2012-9-18 98816]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-6-8 376144]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-1-11 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2011-6-20 72216]
R2 MsDepSvc;Web Deployment Agent Service;C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2012-9-6 80472]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-7-31 15122208]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R2 Synergy;Synergy;C:\Program Files\Synergy\synergyd.exe [2013-5-3 423424]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-2-18 3467768]
R2 Time;Time;C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe [2013-10-19 10752]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2011-6-20 22408]
R3 LGPBTDD;LGPBTDD.sys Display Driver;C:\Windows\System32\drivers\LGPBTDD.sys [2011-6-20 30728]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2011-6-20 16008]
R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-1-11 44928]
R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2012-10-11 28160]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-1-22 77824]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-1-22 180224]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-10-29 39200]
R3 USBPNPA;USB PnP Sound Device Interface;C:\Windows\System32\drivers\CM10864.sys [2013-3-6 1308160]
R3 V0700Vid;Creative Live! Cam Chat HD Driver;C:\Windows\System32\drivers\V0700Vid.sys [2010-10-17 393728]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-9-28 395264]
S2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe /launchService --> C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe  [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-6-20 46136]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;C:\Windows\System32\drivers\athurx.sys [2011-6-20 1849856]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 JmtFltr;n52te;C:\Windows\System32\drivers\JmtFltr.sys [2011-6-20 46464]
S3 KinectCamera;Kinect for Windows Camera Driver;C:\Windows\System32\drivers\kinectcamera.sys [2012-9-20 192512]
S3 M4-Service;M4-Service;C:\Users\Adam\AppData\Local\Mikogo4\Viewer\Service\M4-Service.exe [2012-6-15 1008032]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-6-18 139616]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-8-12 366600]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-19 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-7-25 126976]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-1-19 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-19 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-1-19 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 VBoxUSB;VirtualBox USB;C:\Windows\System32\drivers\VBoxUSB.sys [2012-12-19 106408]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-6-20 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0105;RsFx0105 Driver;C:\Windows\System32\drivers\RsFx0105.sys [2011-9-22 311144]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\sublime_text.exe="C:\Program Files\Sublime Text 2\sublime_text.exe" "%1" [userChoice]
FileExt: .js: Applications\notepad++.exe="C:\Program Files (x86)\Notepad++\notepad++.exe" "%1" [userChoice]
.
=============== Created Last 30 ================
.
2013-11-02 11:20:42 10280728 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BEFCA506-87FD-4555-8623-97F567000140}\mpengine.dll
2013-11-01 09:16:05 10280728 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-10-29 13:16:35 955168 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2013-10-29 13:16:35 1063200 ----a-w- C:\Windows\System32\nvspcap64.dll
2013-10-29 13:16:20 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-10-29 13:16:20 28960 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-10-27 17:38:18 -------- d-----w- C:\Users\Adam\AppData\Local\gtk-2.0
2013-10-27 17:28:36 -------- d-----w- C:\Users\Adam\AppData\Local\gegl-0.2
2013-10-27 17:28:36 -------- d-----w- C:\Users\Adam\.gimp-2.8
2013-10-27 17:27:52 -------- d-----w- C:\Program Files\GIMP 2
2013-10-27 01:43:10 44 ---h--w- C:\Program Files (x86)\e0e3d898.tmp
2013-10-27 01:43:09 -------- d-----w- C:\Users\Adam\AppData\Roaming\PingPlotter
2013-10-27 01:43:09 -------- d-----w- C:\Program Files (x86)\PingPlotter Standard
2013-10-27 01:42:59 -------- d-----w- C:\Users\Adam\AppData\Roaming\Downloaded Installations
2013-10-27 01:26:11 -------- d-----w- C:\Users\Adam\AppData\Roaming\Wargaming.net
2013-10-26 11:53:49 -------- d-----w- C:\Users\Adam\AppData\Roaming\Nifflas
2013-10-24 17:36:10 -------- d-----w- C:\Program Files\iPod
2013-10-24 17:36:09 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-24 17:36:09 -------- d-----w- C:\Program Files\iTunes
2013-10-24 17:36:09 -------- d-----w- C:\Program Files (x86)\iTunes
2013-10-23 17:01:46 -------- d-----w- C:\Users\Adam\AppData\Roaming\.StarMade
2013-10-23 03:02:36 589600 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-10-20 22:40:41 163504 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2013-10-19 21:18:52 -------- d-----w- C:\Users\Adam\AppData\Local\Harebrained Schemes
2013-10-19 21:18:52 -------- d-----w- C:\Users\Adam\AppData\Local\EMU
2013-10-19 21:17:04 569680 ----a-w- C:\ProgramData\Microsoft\Windows\Time\msvcp90.dll
2013-10-19 21:17:04 49664 ----a-w- C:\ProgramData\Microsoft\Windows\Time\w9xpopen.exe
2013-10-19 21:17:04 43008 ----a-w- C:\ProgramData\Microsoft\Windows\Time\WindowsTime.exe
2013-10-19 21:17:04 24064 ----a-w- C:\ProgramData\Microsoft\Windows\Time\TimeServer.exe
2013-10-19 21:17:04 2303488 ----a-w- C:\ProgramData\Microsoft\Windows\Time\python27.dll
2013-10-19 21:17:04 219648 ----a-w- C:\ProgramData\Microsoft\Windows\Time\boost_python-vc90-mt-1_48.dll
2013-10-19 21:17:04 10752 ----a-w- C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe
2013-10-19 14:16:41 -------- d-----w- C:\steamcmd
2013-10-18 21:54:18 -------- d-----w- C:\Users\Adam\AppData\Roaming\BBCiPlayerDownloads
2013-10-18 21:54:03 -------- d-----w- C:\Users\Adam\AppData\Local\BBC
2013-10-18 08:28:16 965008 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-10-18 08:28:16 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B51EA2C3-2026-43B0-B5B4-6F600DC9543A}\gapaengine.dll
2013-10-17 09:19:46 -------- d-----w- C:\Users\Adam\AppData\Local\FluxSoftware
2013-10-13 13:01:38 -------- d-----w- C:\Users\Adam\AppData\Roaming\3909
2013-10-09 07:37:31 633856 ----a-w- C:\Windows\System32\comctl32.dll
2013-10-05 18:37:25 271256 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2013-10-05 18:34:00 -------- d-----w- C:\ProgramData\Oracle
2013-10-05 18:33:52 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-05 17:01:18 -------- d-----w- C:\AdwCleaner
2013-10-05 15:33:54 234010 ----a-w- C:\Windows\SysWow64\poclbm130302GeForce GTX 660gv1w256l4.bin
2013-10-05 10:47:58 -------- d-----w- C:\Users\Adam\AppData\Roaming\miner
2013-10-03 21:29:37 -------- d-----w- C:\terrariaserv
.
==================== Find3M  ====================
.
2013-10-27 08:22:53 92488 ----a-w- C:\Windows\System32\LMIinit.dll
2013-10-27 08:22:53 35656 ----a-w- C:\Windows\System32\LMIport.dll
2013-10-27 08:22:53 107368 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2013-10-26 20:50:58 282296 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-10-26 20:50:58 282296 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-10-26 20:47:04 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-10-23 08:20:08 6669600 ----a-w- C:\Windows\System32\nvcpl.dll
2013-10-23 08:20:07 3489568 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-10-23 08:20:05 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-10-23 08:20:05 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-10-23 08:20:05 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2013-10-23 08:20:03 3426956 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-10-09 10:31:13 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 10:31:13 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-10-05 18:33:48 868264 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-10-05 18:33:48 790440 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-09-27 23:01:38 29984 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
.
============= FINISH: 11:24:20.35 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Enterprise 
Boot Device: \Device\HarddiskVolume2
Install Date: 20/06/2011 17:42:53
System Uptime: 02/11/2013 11:10:03 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | P6X58D-E
Processor: Intel® Core i7 CPU         980  @ 3.33GHz | LGA1366 | 3334/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 1.281 GiB free.
D: is FIXED (NTFS) - 186 GiB total, 29.683 GiB free.
F: is FIXED (NTFS) - 373 GiB total, 123.059 GiB free.
G: is CDROM (CDFS)
H: is FIXED (NTFS) - 92 GiB total, 32.407 GiB free.
I: is CDROM ()
K: is FIXED (NTFS) - 932 GiB total, 222.794 GiB free.
P: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Description: Virtual Hid Device
Device ID: ROOT\HIDCLASS\0000
Manufacturer: Belkin
Name: Virtual Hid Device
PNP Device ID: ROOT\HIDCLASS\0000
Service: vhidmini
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown Device
Device ID: USB\VID_0000&PID_0000\5&31CFFC1F&0&2
Manufacturer: (Standard USB Host Controller)
Name: Unknown Device
PNP Device ID: USB\VID_0000&PID_0000\5&31CFFC1F&0&2
Service: 
.
==== System Restore Points ===================
.
RP643: 02/11/2013 11:20:35 - Windows Update
.
==== Installed Programs ======================
.
 Tools for .Net 3.5
11-99 Enhancement Mod v1.3
7-Zip 9.20 (x64 edition)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.05)
AirMech
Alarm
Alice: Madness Returns
Aliens: Colonial Marines
Amnesia: The Dark Descent
And Yet It Moves
Anno 1404
Anno 1404 Bonus
Apple Application Support
Apple Mobile Device Support
Apple Software Update
applicationupdater
ARMA 2
ARMA 2 Dedicated Server
ArmA 2 Free Uninstall
ARMA 2: Free
ARMA 2: Operation Arrowhead
Arma 2: Operation Arrowhead - Dedicated Server
Arma 3 Alpha
Articulate Storyline
ASUSUpdate
µTorrent
Audacity 2.0.2
AutoHotkey 1.1.00.00
AviSynth 2.5
Awesomenauts
Bastion
BattlEye (A2Free) Uninstall
BattlEye for OA Uninstall
BBC iPlayer Desktop
BBC iPlayer Downloads
BioShock Infinite
BIT.TRIP RUNNER
Blend for Visual Studio 2012
Blend for Visual Studio 2012 ENU resources
Blender
Bluetooth OBEX File Transfer
Bonjour
Borderlands 2
Brackets Sprint 30
Braid
calibre 64bit
Capsized
Capsule
Castle Crashers
Castle of Illusion
CCleaner
Chinese Traditional Fonts Support For Adobe Reader X
Cogs
ControlMK 0.232
Costume Quest
Counter-Strike: Global Offensive
Counter-Strike: Source
CPUID CPU-Z 1.60.1
Crayon Physics Deluxe
Creative Live! Cam Chat HD (VF0700) (1.00.05.00)
CreeperConnect
Crystal Reports for Visual Studio
Curse Client
D3DX10
DAEMON Tools Lite
Darksiders II
Day of Defeat
Dear Esther
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Defraggler
Democracy 3 version 0.0.0.9
Deus Ex - Human Revolution version 1.0
Deus Ex: Human Revolution
DisplayFusion 3.2.0
Dokan Library 0.6.0
Dota 2
Dotfuscator and Analytics Community Edition
Dropbox
Dungeon Keeper 2
Dungeon Siege III
Dungeons of Dredmor
Dwelvers version 0.5c
Dxtory version 2.0.116
Dystopia
E.Y.E Divine Cybermancy
English Country Tune
Entity Framework Designer for Visual Studio 2012 - enu
eReg
Europa Universalis IV
Evernote v. 5.0.3
f.lux
Facebook Video Calling 1.2.0.287
Faerie Solitaire
Fiddler2
FileZilla Client 3.5.0
Fill and Cross Royal Riddles
FishORama
focus booster
Forged Alliance Forever
Fortix 2
Foxit Reader
Fractal: Make Blooms Not War
From Dust
Frozen Synapse
FTL: Faster Than Light
gamelauncher-ps2-live
GameSpy Arcade
Garry's Mod
GeForce Experience NvStream Client Components
get_iplayer 4.6
GIMP 2.8.6
GitHub
GOG.com Downloader version 3.0.51
GoldWave v5.67
Google Chrome
Google Drive
Google Talk Plugin
Google Update Helper
Gratuitous Space Battles
Guild Wars
HandBrake 0.9.6
Hitman: Blood Money
Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2736182)
Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2813041)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2529927)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2548139)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2549864)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2581019)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2591016)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2635973)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2736182)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2813041)
Hotfix for Microsoft Windows Phone Developer Tools - ENU (KB2581019)
Hotfix for Microsoft Windows Phone Developer Tools - ENU (KB2591016)
Hotfix for Microsoft Windows Phone Developer Tools - ENU (KB2635973)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)
Hotline Miami
iCloud
IIS 8.0 Express
IIS Express Application Compatibility Database for x64
IIS Express Application Compatibility Database for x86
Inkscape 0.48.2
Installer
Intel® Rapid Storage Technology
Intrusion 2
IrfanView (remove only)
iTunes
Jamestown
Java 7 Update 40
Java Auto Updater
Java SE Development Kit 7 Update 10 (64-bit)
JavaScript Tooling
JetBrains PhpStorm 5.0.1
Jing
JSON Editor AIR
Junction Link Magic 2.0
Kinect for Windows Developer Toolkit v1.6.0
Kinect for Windows Drivers v1.6
Kinect for Windows Runtime v1.6
Kinect for Windows SDK v1.6
Kinect for Windows Speech Recognition Language Pack (en-US)
King's Bounty: Armored Princess
Knytt Underground 1.0
Legend of Grimrock
LightSwitchPublishToolKitCore
LIMBO
Little Inferno
LocalESPC
LocalESPCui for en-us
Logitech Gaming Software
Logitech Gaming Software 8.35
Logitech SetPoint 6.32
Logitech Unifying Software 2.10
LogMeIn
Lone Survivor
Malwarebytes Anti-Malware version 1.75.0.1300
ManyCam 3.1.59
marvell 91xx driver
MechWarrior Online
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5
Microsoft .NET Framework 4.5 Multi-Targeting Pack
Microsoft .NET Framework 4.5 SDK
Microsoft Application Error Reporting
Microsoft ASP.NET and Web Frameworks 2012.2
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
Microsoft ASP.NET MVC 3
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update
Microsoft ASP.NET MVC 4
Microsoft ASP.NET MVC 4 - Visual Studio 2010 Tools
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - ENU
Microsoft ASP.NET MVC 4 Runtime
Microsoft ASP.NET Visual Studio 2010 Finalizer
Microsoft ASP.NET Visual Studio 2010 Uninstall Finalizer
Microsoft ASP.NET Visual Studio 2012 Finalizer
Microsoft ASP.NET Visual Studio 2012 Uninstall Finalizer
Microsoft ASP.NET Web Pages
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools
Microsoft ASP.NET Web Pages 2
Microsoft ASP.NET Web Pages 2 - Visual Studio 2010 Tools
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - ENU
Microsoft ASP.NET Web Pages 2 Runtime
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Corporation
Microsoft Expression Blend 3 SDK
Microsoft Expression Blend 4
Microsoft Expression Blend 4 Add-in for Adobe FXG Import
Microsoft Expression Blend SDK for .NET 4
Microsoft Expression Blend SDK for Silverlight 4
Microsoft Expression Blend SDK for Windows Phone 7
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Help Viewer 1.1
Microsoft Help Viewer 2.0
Microsoft LightSwitch for Visual Studio 2012 Core
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU
Microsoft Lync 2010
Microsoft NuGet - Visual Studio 2012
Microsoft NuGet for Visual Studio 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Visio 2010
Microsoft Office Visio MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Portable Library Multi-Targeting Pack
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu
Microsoft Report Viewer Add-On for Visual Studio 2012
Microsoft Report Viewer Redistributable 2008 (KB971119)
Microsoft Rise Of Nations
Microsoft Security Client
Microsoft Security Essentials
Microsoft Server Speech Platform Runtime (x64)
Microsoft Server Speech Platform Runtime (x86)
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft Silverlight 5 SDK
Microsoft Silverlight Tools for Visual Studio 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 R2 Data-Tier Application Framework
Microsoft SQL Server 2008 R2 Data-Tier Application Project
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Management Objects (x64)
Microsoft SQL Server 2008 R2 Native Client
Microsoft SQL Server 2008 R2 Transact-SQL Language Service
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files 
Microsoft SQL Server 2012 Command Line Utilities 
Microsoft SQL Server 2012 Data-Tier App Framework 
Microsoft SQL Server 2012 Express LocalDB 
Microsoft SQL Server 2012 Management Objects 
Microsoft SQL Server 2012 Management Objects  (x64)
Microsoft SQL Server 2012 Native Client 
Microsoft SQL Server 2012 Setup (English)
Microsoft SQL Server 2012 T-SQL Language Service 
Microsoft SQL Server 2012 Transact-SQL Compiler Service 
Microsoft SQL Server 2012 Transact-SQL ScriptDom 
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server Compact 4.0 SP1 x64 ENU
Microsoft SQL Server Data Tools - enu (10.3.21208.0)
Microsoft SQL Server Data Tools - enu (11.1.20905.0)
Microsoft SQL Server Data Tools 2010
Microsoft SQL Server Data Tools Build Utilities - enu (10.3.21208.0)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20905.0)
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server System CLR Types
Microsoft SQL Server System CLR Types (x64)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime v1.0 SP1 (x64)
Microsoft Sync Framework SDK v1.0 SP1
Microsoft Sync Framework Services v1.0 SP1 (x64)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
Microsoft System Center 2012 - Service Manager
Microsoft System CLR Types for SQL Server 2012
Microsoft System CLR Types for SQL Server 2012 (x64)
Microsoft Team Foundation Server 2010 Object Model - ENU
Microsoft Visio Premium 2010
Microsoft Visual C++  Compilers 2010 Standard - enu - x64
Microsoft Visual C++  Compilers 2010 Standard - enu - x86
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219
Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727
Microsoft Visual C++ 2012 32bit Compilers - ENU Resources
Microsoft Visual C++ 2012 Compilers
Microsoft Visual C++ 2012 Compilers - ENU Resources
Microsoft Visual C++ 2012 Core Libraries
Microsoft Visual C++ 2012 Extended Libraries
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86-x64 Compilers
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft Visual F# 2.0 Runtime
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Express for Windows Phone  - ENU
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
Microsoft Visual Studio 2010 Office Developer Tools (x64)
Microsoft Visual Studio 2010 Professional - ENU
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 SharePoint Developer Tools
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio 2012 Devenv
Microsoft Visual Studio 2012 Devenv Resources
Microsoft Visual Studio 2012 Performance Collection Tools
Microsoft Visual Studio 2012 Performance Collection Tools - ENU
Microsoft Visual Studio 2012 Preparation
Microsoft Visual Studio 2012 SharePoint Developer Tools
Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack
Microsoft Visual Studio 2012 Shell (Minimum)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
Microsoft Visual Studio 2012 Shell (Minimum) Resources
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU
Microsoft Visual Studio Macro Tools
Microsoft Visual Studio Professional 2012
Microsoft Visual Studio Professional 2012 - ENU
Microsoft Visual Studio Team Foundation Server 2012 Object Model
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
Microsoft Web Deploy 2.0
Microsoft Web Deploy 3.0
Microsoft Web Deploy dbSqlPackage Provider - enu
Microsoft Web Developer Tools 2012.2 - Visual Studio 2012
Microsoft Web Platform Installer 4.5
Microsoft Windows Phone 7 Developer Resources
Microsoft Windows Phone Developer Tools - ENU
Microsoft Xbox 360 Accessories 1.2
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0 Refresh
Microsoft XNA Game Studio 4.0
Microsoft XNA Game Studio 4.0 (ARP entry)
Microsoft XNA Game Studio 4.0 (Redists)
Microsoft XNA Game Studio 4.0 (Shared Components)
Microsoft XNA Game Studio 4.0 (Visual Studio)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
Microsoft XNA Game Studio 4.0 Documentation
Microsoft XNA Game Studio 4.0 Windows Phone Extensions
Microsoft XNA Game Studio Platform Tools
MiKTeX 2.9
Mimo
mIRC
Monaco
Movie Maker
Mozilla Firefox 24.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
Mumble 1.2.4
n52te Editor
NEC Electronics USB 3.0 Host Controller Driver
Newzbin2 Client 1.0.0.345
NNScript
Notepad++
NVIDIA 3D Vision Controller Driver 331.65
NVIDIA 3D Vision Driver 331.65
NVIDIA Control Panel 331.65
NVIDIA GeForce Experience 1.7
NVIDIA Graphics Driver 331.65
NVIDIA HD Audio Driver 1.3.26.4
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 9.3.16
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 9.3.16
NVIDIA Update Components
NVIDIA Virtual Audio 1.2.9
Oddworld: Abe's Exoddus
Oddworld: Abe's Oddysee
Oddworld: Munch's Oddysee
Oddworld: Stranger's Wrath
Oil Rush
Open Broadcaster Software
OpenAL
OpenTK 1.0
Oracle VM VirtualBox 4.2.16
Orcs Must Die!
Orcs Must Die! 2
ownCloud
Paint.NET v3.5.10
PAYDAY: The Heist
Photo Common
Photo Gallery
Pidgin
PingPlotter Standard 3.40.2s
PlanetSide 2
Plex
Plex Media Server
PreEmptive Analytics Visual Studio Components
Prerequisites for SSDT 
PrimoPDF -- brought to you by Nitro PDF Software
Proteus
Psychonauts
PunkBuster Services
Quantum Conundrum
QuickPar 0.9
QuickTime
Realtek High Definition Audio Driver
Recettear: An Item Shop's Tale
Revo Uninstaller 1.95
Rise of Nations Thrones and Patriots
Rochard
Rock of Ages
Rogue Legacy Demo version 1.0.3
Rules Tools
S.T.A.L.K.E.R.: Call of Pripyat
S.T.A.L.K.E.R.: Shadow of Chernobyl
Safari
Saints Row IV
Saints Row: The Third
Scrolls
Secure Download Manager
Security Update for Microsoft .NET Framework 4.5 (KB2737083)
Security Update for Microsoft .NET Framework 4.5 (KB2742613)
Security Update for Microsoft .NET Framework 4.5 (KB2789648)
Security Update for Microsoft .NET Framework 4.5 (KB2804582)
Security Update for Microsoft .NET Framework 4.5 (KB2833957)
Security Update for Microsoft .NET Framework 4.5 (KB2840642)
Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)
Security Update for Microsoft .NET Framework 4.5 (KB2861208)
Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 64-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2794707) 64-Bit Edition
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2645410)
Security Update for Microsoft Visual Studio Macro Tools (KB2669970)
Sequence
Serious Sam Double D
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit)
Shadowrun Returns
SharpPlus SQLite Developer 3.84
Shatter
Shattered Horizon
SHIELD Streaming
Shoot Many Robots
Sid Meier's Civilization V
SketchUp 8
Skype Click to Call
Skype™ 6.1
Sleeping Dogs™
Space Pirates and Zombies
SpaceChem
Spec Ops: The Line
Spotify
Sql Server Customer Experience Improvement Program
SQLiteManager
SRWare Iron version SRWare Iron 29.0.1600.1
Star Wars: The Old Republic
Steam
Sublime Text 2.0.2
Super Meat Boy
Super Meat Boy Editor
Superbrothers: Sword & Sworcery EP
Supreme Commander
Supreme Commander: Forged Alliance
SWAT 4
SWAT 4 - The Stetchkov Syndicate
Synergy
System Shock 2
TeamSpeak 3 Client
TeamViewer 8
TeraCopy 2.12
Terraria
The Elder Scrolls V: Skyrim
The Stanley Parable Demo
The Walking Dead
Thomas Was Alone
TightVNC
TightVNC 2.0.4
Tiny and Big: Grandpa's Leftovers
Tom Clancy's Ghost Recon Future Soldier
Torchlight
Total War: SHOGUN 2
Trillian
Trine 2
Ubisoft Game Launcher
Unity Web Player
Unreal Development Kit: 2013-02
Update for Microsoft .NET Framework 4.5 (KB2750147)
Update for Microsoft .NET Framework 4.5 (KB2805221)
Update for Microsoft .NET Framework 4.5 (KB2805226)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Visual Studio 2012 (KB2781514)
Update for Microsoft Word 2010 (KB2827323) 64-Bit Edition
USB PnP Sound Device
Ventrilo Client for Windows x64
Vessel
Visual Studio 2010 Prerequisites - English
Visual Studio 2010 SP1 Tools for SQL Server Compact 4.0 ENU
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
Visual Studio 2012 Prerequisites
Visual Studio 2012 Prerequisites - ENU Language Pack
Visual Studio 2012 Update 1 (KB2707250)
Visual Studio Extensions for Windows Library for JavaScript
Visual Studio Extensions for Windows Library for JavaScript 1.0.9200.20602
VLC media player 2.0.8
VSO ConvertXToDVD
VVVVVV
War For The Overworld
Warframe
WCF Data Services 5.0 (for OData v3) Primary Components
WCF Data Services Tools for Microsoft Visual Studio 2012
WCF RIA Services V1.0 SP2
Web Deployment Tool
WinDirStat 1.1.2
Windows App Certification Kit Native Components
Windows App Certification Kit x64
Windows Azure Authoring Tools - October 2012 Release
Windows Azure Emulator - October 2012 Release
Windows Azure Libraries for .NET – October 2012
Windows Azure Tools for LightSwitch for Visual Studio 2012 - October 2012
Windows Azure Tools for Microsoft Visual Studio 2012 - October 2012
Windows Azure Tools for Microsoft Visual Studio 2012 Core
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Phone 7 Add-in for Visual Studio 2010 - ENU
Windows Phone Emulator x64 - ENU
Windows Runtime Intellisense Content - en-us
Windows Software Development Kit
Windows Software Development Kit DirectX x64 Remote
Windows Software Development Kit DirectX x86 Remote
Windows Software Development Kit for Windows Store Apps
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
Windows XP Targeting with C++
WinSCP 5.1.4
Wizorb
WordTrap Dungeon
WPF Toolkit February 2010 (Version 3.5.50211.1)
XCOM: Enemy Unknown
Xfire (remove only)
XSplit
Zotero Standalone 3.0.3 (x86 en-US)
.
==== Event Viewer Messages From Past Week ========
.
31/10/2013 22:46:04, Error: mv91xx [9]  - The device, \Device\Scsi\mv91xx1, did not respond within the timeout period.
02/11/2013 11:10:49, Error: Service Control Manager [7023]  - The Peer Name Resolution Protocol service terminated with the following error:  %%-2140993535
02/11/2013 11:10:49, Error: Service Control Manager [7001]  - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:  %%-2140993535
02/11/2013 11:10:49, Error: Microsoft-Windows-PNRPSvc [102]  - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
02/11/2013 11:10:15, Error: Service Control Manager [7000]  - The MSCamSvc service failed to start due to the following error:  The system cannot find the file specified.
02/11/2013 11:10:14, Error: Service Control Manager [7000]  - The AMD FUEL Service service failed to start due to the following error:  The system cannot find the file specified.
01/11/2013 17:17:47, Error: Service Control Manager [7034]  - The Time service terminated unexpectedly.  It has done this 1 time(s).
01/11/2013 17:17:35, Error: Service Control Manager [7034]  - The SQL Server VSS Writer service terminated unexpectedly.  It has done this 1 time(s).
01/11/2013 16:44:11, Error: volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

Welcome to the forum.

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look like this, not "sponsored ad links":

bleep-crop.jpg

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
MrC
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013

Ran by Adam (administrator) on ADAM-PC on 02-11-2013 12:01:48

Running from F:\Downloaded\Browsers

Windows 7 Enterprise Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 10

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(AMD) C:\Windows\system32\atiesrxx.exe

(AMD) C:\Windows\system32\atieclxx.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe

(Microsoft Corporation) C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe

(Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

() C:\Program Files\Synergy\synergyd.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

(Microsoft) C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\Windows\vVX3000.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe

(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe

(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe

(Valve Corporation) K:\Games\Steam\Steam.exe

(Flux Software LLC) C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Spotify Ltd) C:\Users\Adam\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

(Microsoft) C:\ProgramData\Microsoft\Windows\Time\WindowsTime.exe

(Dropbox, Inc.) C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Razer USA Ltd.) C:\Program Files (x86)\n52te\n52teHid.exe

(Creative Technology Ltd.) C:\Windows\V0700Mon.exe

(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Cerulean Studios) C:\Program Files (x86)\Trillian\trillian.exe

(Xfire Inc.) C:\Program Files (x86)\Xfire\Xfire.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

() C:\Program Files (x86)\Xfire\xfire64.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe

() c:\program files (x86)\trillian\plugins\skypekit.exe

(mIRC Co. Ltd.) C:\Program Files (x86)\mIRC\mirc.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(Google) C:\Users\Adam\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

() C:\Program Files (x86)\Xfire\xfire64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Microsoft Corporation) C:\Windows\system32\taskmgr.exe

() C:\Program Files\Sublime Text 2\sublime_text.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(Farbar) F:\Downloaded\Browsers\FRST64 (1).exe

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)

HKLM\...\Run: [LogMeIn GUI] - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2011-01-11] (LogMeIn, Inc.)

HKLM\...\Run: [bCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)

HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe [825184 2009-09-30] (Microsoft Corporation)

HKLM\...\Run: [PC Monitor Operations] - C:\Program Files (x86)\PC Monitor\pcmontask.exe [122688 2012-04-04] (MMSOFT Design Ltd.)

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [6900024 2012-07-24] (Logitech Inc.)

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)

HKLM\...\Run: [Cm108Sound] - C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)

HKLM\...\Run: [shadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

HKCU\...\Run: [DisplayFusion] - C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [1275624 2011-06-21] (Binary Fortress Software)

HKCU\...\Run: [Google Update] - C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-27] (Google Inc.)

HKCU\...\Run: [Facebook Update] - C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)

HKCU\...\Run: [steam] - K:\Games\Steam\Steam.exe [1820584 2013-10-30] (Valve Corporation)

HKCU\...\Run: [F.lux] - C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-15] (Flux Software LLC)

HKCU\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)

HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google)

HKCU\...\Run: [spotify Web Helper] - C:\Users\Adam\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-11] (Spotify Ltd)

HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)

MountPoints2: {3430f4ae-0d25-11e1-bb4c-bcaec54d89f7} - G:\INSTALL.EXE

MountPoints2: {62e742c7-9111-11e1-9cb0-bcaec54d89f7} - G:\Setup.exe

MountPoints2: {b56ab58b-c440-11e2-bcc3-bcaec54d89f7} - G:\Setup.exe

HKLM-x32\...\Run: [Jomantha] - C:\Program Files (x86)\n52te\n52teHid.exe [159744 2008-06-13] (Razer USA Ltd.)

HKLM-x32\...\Run: [Communicator] - C:\Program Files (x86)\Microsoft Lync\communicator.exe [12108456 2013-06-27] (Microsoft Corporation)

HKLM-x32\...\Run: [V0700Mon.exe] - C:\Windows\V0700Mon.exe [28672 2010-08-17] (Creative Technology Ltd.)

HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-19] (Apple Inc.)

Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nppp.ahk - Shortcut.lnk

ShortcutTarget: nppp.ahk - Shortcut.lnk -> C:\Users\Adam\Dropbox\Scripts\nppp.ahk (No File)

Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk

ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk

ShortcutTarget: Trillian.lnk -> C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios)

Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk

ShortcutTarget: Xfire.lnk -> C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x69FB2F862219CE01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB

BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: 192.168.1.41 ubuntuweb

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{5FA91867-B82F-41E7-B910-CAF54A55D45C}: [NameServer]208.67.222.222 208.67.220.220

 

FireFox:

========

FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\jodf3zlh.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()

FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File

FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File

FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: @soe.sony.com/installer,version=1.0.3 - C:\Users\Adam\AppData\Local\Chromium\User Data\Default\Extensions\dkfjadjghjpjodfhffafagnkbgbpiphf\1.0.3.152_0\npsoe.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Adam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Adam\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Adam\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Adam\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Adam\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Adam\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Adam\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF Extension: British English Dictionary - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\jodf3zlh.default\Extensions\en-GB@dictionaries.addons.mozilla.org

FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\jodf3zlh.default\Extensions\LogMeInClient@logmein.com

FF Extension: firebug - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\jodf3zlh.default\Extensions\firebug@software.joehewitt.com.xpi

FF Extension: noscript - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\jodf3zlh.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}

FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook

FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook

 

Chrome: 

=======


CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\Adam\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll No File

CHR Plugin: (Chrome PDF Viewer) - C:\Users\Adam\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll No File

CHR Plugin: (Shockwave Flash) - C:\Users\Adam\AppData\Local\Google\Chrome\Application\29.0.1547.76\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File

CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File

CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File

CHR Plugin: (Microsoft Lync 2010 Meeting Join Plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll ()

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File

CHR Plugin: (Google Talk Plugin) - C:\Users\Adam\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Adam\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File

CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll No File

CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll No File

CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File

CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Adam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

CHR Plugin: (Google Update) - C:\Users\Adam\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Extension: (Google Drive) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0

CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1

CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1

CHR Extension: (AdBlock) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.55_0

CHR Extension: (FlashBlock) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.31_0

CHR Extension: (Readability Redux) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\jggheggpdocamneaacmfoipeehedigia\1.3.4_0

CHR Extension: (Chrome In-App Payments service) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0

CHR Extension: (Evernote Web Clipper) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.9.5_0

CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

CHR StartMenuInternet: Google Chrome - C:\Users\Adam\AppData\Local\Google\Chrome\Application\chrome.exe

 

==================== Services (Whitelisted) =================

 

R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()

S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)

R2 KinectManagement; C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe [98816 2012-09-18] (Microsoft Corporation)

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2013-10-27] (LogMeIn, Inc.)

R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2013-10-27] (LogMeIn, Inc.)

R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2011-01-11] (LogMeIn, Inc.)

S3 M4-Service; C:\Users\Adam\AppData\Local\Mikogo4\Viewer\Service\M4-Service.exe [1008032 2012-06-15] ()

R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80472 2012-09-06] (Microsoft Corporation)

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)

S3 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)

S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)

R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-08-19] ()

S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)

R2 Synergy; C:\Program Files\Synergy\synergyd.exe [423424 2013-05-03] ()

S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)

R2 Time; C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe [10752 2013-10-19] (Microsoft)

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe /launchService [x]

S2 MSCamSvc; "C:\Program Files\Microsoft LifeCam\MSCamS64.exe" [x]

 

==================== Drivers (Whitelisted) ====================

 

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()

R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-08-01] ()

R2 cpuz135; C:\Windows\system32\drivers\cpuz135_x64.sys [21992 2010-11-09] (CPUID)

R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows ® Win 7 DDK provider)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-25] (DT Soft Ltd)

S3 JmtFltr; C:\Windows\System32\drivers\JmtFltr.sys [46464 2007-09-29] ()

S3 KinectCamera; C:\Windows\System32\Drivers\kinectcamera.sys [192512 2012-09-20] (Microsoft Corporation)

R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2011-06-20] (Logitech Inc.)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-08-01] ()

R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-05-29] (LogMeIn, Inc.)

S4 LMIRfsClientNP; No ImagePath

R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-07-20] (ManyCam LLC)

R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()

S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)

R3 nvlddmkm; C:\Windows\SysWow64\DRIVERS\nvlddmkm.sys [11048736 2013-03-15] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-27] (NVIDIA Corporation)

S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-03-30] (Duplex Secure Ltd.)

R3 V0700Vid; C:\Windows\System32\DRIVERS\V0700Vid.sys [393728 2010-10-17] (Creative Technology Ltd.)

S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106408 2012-12-19] (Oracle Corporation)

S3 vhidmini; C:\Windows\System32\DRIVERS\vhidmini.sys [13952 2007-09-29] (Windows ® Codename Longhorn DDK provider)

S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)

R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

U3 affvb4we; C:\Windows\System32\Drivers\affvb4we.sys [0 ] (Advanced Micro Devices)

S3 NLNdisMP; system32\DRIVERS\nlndis.sys [x]

S3 NLNdisPT; system32\DRIVERS\nlndis.sys [x]

S3 VGPU; System32\drivers\rdvgkmd.sys [x]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-11-02 12:01 - 2013-11-02 12:01 - 00000000 ____D C:\FRST

2013-11-02 11:24 - 2013-11-02 11:24 - 00032876 _____ C:\Users\Adam\Desktop\dds.txt

2013-11-02 11:24 - 2013-11-02 11:24 - 00025223 _____ C:\Users\Adam\Desktop\attach.txt

2013-10-29 13:59 - 2013-10-23 10:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-10-29 13:59 - 2013-10-23 10:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll

2013-10-29 13:59 - 2013-10-23 10:30 - 00023287 _____ C:\Windows\system32\nvinfo.pb

2013-10-29 13:59 - 2013-10-23 08:20 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2013-10-29 13:59 - 2013-10-23 08:20 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

2013-10-29 13:59 - 2013-10-23 08:20 - 03426956 _____ C:\Windows\system32\nvcoproc.bin

2013-10-29 13:59 - 2013-10-23 08:20 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2013-10-29 13:59 - 2013-10-23 08:20 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2013-10-29 13:59 - 2013-10-23 08:20 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2013-10-29 13:59 - 2013-06-16 12:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys

2013-10-29 13:59 - 2013-06-16 12:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll

2013-10-29 13:59 - 2013-01-29 08:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll

2013-10-29 13:16 - 2013-10-18 01:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2013-10-29 13:16 - 2013-10-18 01:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2013-10-29 13:16 - 2013-09-27 23:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

2013-10-29 13:16 - 2013-09-27 23:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

2013-10-27 17:47 - 2013-10-27 17:47 - 00000833 _____ C:\Users\Adam\AppData\Local\recently-used.xbel

2013-10-27 17:38 - 2013-10-27 17:47 - 00000000 ____D C:\Users\Adam\AppData\Local\gtk-2.0

2013-10-27 17:28 - 2013-10-27 22:28 - 00000000 ____D C:\Users\Adam\.gimp-2.8

2013-10-27 17:28 - 2013-10-27 17:28 - 00000000 ____D C:\Users\Adam\AppData\Local\gegl-0.2

2013-10-27 17:27 - 2013-10-27 17:28 - 00000000 ____D C:\Program Files\GIMP 2

2013-10-27 16:56 - 2013-10-27 16:56 - 00000000 ____D C:\Users\Adam\Desktop\flowtime.js-master

2013-10-27 01:43 - 2013-10-27 01:43 - 00000000 ____D C:\Users\Adam\AppData\Roaming\PingPlotter

2013-10-27 01:43 - 2013-10-27 01:43 - 00000000 ____D C:\Program Files (x86)\PingPlotter Standard

2013-10-27 01:43 - 2013-10-25 13:43 - 00000044 ____H C:\Program Files (x86)\e0e3d898.tmp

2013-10-27 01:42 - 2013-10-27 01:42 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Downloaded Installations

2013-10-27 01:26 - 2013-10-27 01:26 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Wargaming.net

2013-10-26 11:53 - 2013-10-26 11:53 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Nifflas

2013-10-24 17:36 - 2013-10-24 17:36 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-24 17:36 - 2013-10-24 17:36 - 00000000 ____D C:\Program Files\iTunes

2013-10-24 17:36 - 2013-10-24 17:36 - 00000000 ____D C:\Program Files\iPod

2013-10-24 17:36 - 2013-10-24 17:36 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-10-23 17:01 - 2013-10-23 17:01 - 00000000 ____D C:\Users\Adam\AppData\Roaming\.StarMade

2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

2013-10-21 16:44 - 2013-10-21 16:44 - 00053483 _____ C:\Users\Adam\Desktop\DxDiag.txt

2013-10-19 21:18 - 2013-10-19 21:18 - 00000000 ____D C:\Users\Adam\AppData\Local\Harebrained Schemes

2013-10-19 21:18 - 2013-10-19 21:18 - 00000000 ____D C:\Users\Adam\AppData\Local\EMU

2013-10-19 14:16 - 2013-10-20 23:58 - 00000000 ____D C:\steamcmd

2013-10-18 21:54 - 2013-10-18 21:54 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BBC iPlayer

2013-10-18 21:54 - 2013-10-18 21:54 - 00000000 ____D C:\Users\Adam\AppData\Local\BBC

2013-10-17 09:19 - 2013-10-17 09:19 - 00000000 ____D C:\Users\Adam\AppData\Local\FluxSoftware

2013-10-13 13:01 - 2013-10-13 13:01 - 00000000 ____D C:\Users\Adam\AppData\Roaming\3909

2013-10-13 12:59 - 2013-10-13 13:01 - 00000000 ____D C:\Users\Adam\Desktop\Papers_Please_v1.0.37-VACE

2013-10-10 07:39 - 2013-09-22 23:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-10-10 07:39 - 2013-09-22 23:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-10-10 07:39 - 2013-09-22 23:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-10-10 07:39 - 2013-09-22 23:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-10-10 07:39 - 2013-09-22 23:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-10-10 07:39 - 2013-09-22 23:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-10-10 07:39 - 2013-09-22 23:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-10-10 07:39 - 2013-09-22 23:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-10-10 07:39 - 2013-09-22 23:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-10-10 07:39 - 2013-09-22 23:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-10-10 07:39 - 2013-09-22 23:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-10-10 07:39 - 2013-09-22 23:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-10-10 07:39 - 2013-09-22 23:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-10-10 07:39 - 2013-09-22 22:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-10-10 07:39 - 2013-09-22 22:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-10-10 07:39 - 2013-09-22 22:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-10-10 07:39 - 2013-09-22 22:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-10-10 07:39 - 2013-09-22 22:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-10-10 07:39 - 2013-09-22 22:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-10-10 07:39 - 2013-09-22 22:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-10-10 07:39 - 2013-09-22 22:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-10-10 07:39 - 2013-09-22 22:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-10-10 07:39 - 2013-09-22 22:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-10-10 07:39 - 2013-09-22 22:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-10-10 07:39 - 2013-09-22 22:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-10-10 07:39 - 2013-09-22 22:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-10-10 07:39 - 2013-09-22 22:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-10-10 07:39 - 2013-09-21 03:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-10-10 07:39 - 2013-09-21 03:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-10-10 07:39 - 2013-09-21 02:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-10-10 07:39 - 2013-09-21 02:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-10-09 07:37 - 2013-09-14 01:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2013-10-09 07:37 - 2013-09-08 02:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2013-10-09 07:37 - 2013-09-08 02:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll

2013-10-09 07:37 - 2013-09-08 02:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll

2013-10-09 07:37 - 2013-09-04 12:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2013-10-09 07:37 - 2013-09-04 12:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2013-10-09 07:37 - 2013-09-04 12:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2013-10-09 07:37 - 2013-09-04 12:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2013-10-09 07:37 - 2013-09-04 12:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2013-10-09 07:37 - 2013-09-04 12:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys

2013-10-09 07:37 - 2013-09-04 12:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2013-10-09 07:37 - 2013-08-29 02:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2013-10-09 07:37 - 2013-08-29 02:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2013-10-09 07:37 - 2013-08-29 02:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2013-10-09 07:37 - 2013-08-29 02:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2013-10-09 07:37 - 2013-08-29 02:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2013-10-09 07:37 - 2013-08-29 01:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2013-10-09 07:37 - 2013-08-29 01:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2013-10-09 07:37 - 2013-08-29 01:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2013-10-09 07:37 - 2013-08-29 01:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll

2013-10-09 07:37 - 2013-08-29 01:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2013-10-09 07:37 - 2013-08-29 01:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2013-10-09 07:37 - 2013-08-29 00:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2013-10-09 07:37 - 2013-08-29 00:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2013-10-09 07:37 - 2013-08-29 00:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2013-10-09 07:37 - 2013-08-29 00:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2013-10-09 07:37 - 2013-08-28 01:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-10-09 07:37 - 2013-08-28 01:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll

2013-10-09 07:37 - 2013-08-01 12:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2013-10-09 07:37 - 2013-07-20 10:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 07:37 - 2013-07-20 10:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 07:37 - 2013-07-12 10:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys

2013-10-09 07:37 - 2013-07-12 10:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys

2013-10-09 07:37 - 2013-07-04 12:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2013-10-09 07:37 - 2013-07-04 12:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2013-10-09 07:37 - 2013-07-04 12:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2013-10-09 07:37 - 2013-07-04 11:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll

2013-10-09 07:37 - 2013-07-04 11:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll

2013-10-09 07:37 - 2013-07-04 11:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2013-10-09 07:37 - 2013-07-04 10:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2013-10-09 07:37 - 2013-07-03 04:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys

2013-10-09 07:37 - 2013-07-03 04:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys

2013-10-09 07:37 - 2013-06-25 22:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys

2013-10-09 07:37 - 2013-06-06 05:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2013-10-09 07:37 - 2013-06-06 05:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2013-10-09 07:37 - 2013-06-06 05:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2013-10-09 07:37 - 2013-06-06 05:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2013-10-09 07:37 - 2013-06-06 04:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2013-10-09 07:37 - 2013-06-06 04:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2013-10-09 07:37 - 2013-06-06 04:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2013-10-09 07:37 - 2013-06-06 03:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2013-10-09 07:37 - 2013-06-06 03:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2013-10-09 07:37 - 2013-06-06 03:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2013-10-05 18:34 - 2013-10-05 18:34 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Oracle

2013-10-05 18:34 - 2013-10-05 18:34 - 00000000 ____D C:\ProgramData\Oracle

2013-10-05 18:33 - 2013-10-05 18:33 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-10-05 18:33 - 2013-10-05 18:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-10-05 18:33 - 2013-10-05 18:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-10-05 18:33 - 2013-10-05 18:33 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-10-05 17:01 - 2013-10-05 17:03 - 00000000 ____D C:\AdwCleaner

2013-10-05 15:33 - 2013-10-05 15:33 - 00234010 _____ C:\Windows\SysWOW64\poclbm130302GeForce GTX 660gv1w256l4.bin

2013-10-05 10:47 - 2013-10-05 10:48 - 00000000 ____D C:\Users\Adam\AppData\Roaming\miner

2013-10-03 21:29 - 2013-10-03 21:29 - 00000000 ____D C:\terrariaserv

 

==================== One Month Modified Files and Folders =======

 

2013-11-02 12:01 - 2013-11-02 12:01 - 00000000 ____D C:\FRST

2013-11-02 11:31 - 2012-03-30 15:37 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-11-02 11:24 - 2013-11-02 11:24 - 00032876 _____ C:\Users\Adam\Desktop\dds.txt

2013-11-02 11:24 - 2013-11-02 11:24 - 00025223 _____ C:\Users\Adam\Desktop\attach.txt

2013-11-02 11:22 - 2012-04-30 18:42 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-11-02 11:22 - 2009-07-14 04:45 - 00019152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-11-02 11:22 - 2009-07-14 04:45 - 00019152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-11-02 11:21 - 2011-06-20 16:42 - 01294639 _____ C:\Windows\WindowsUpdate.log

2013-11-02 11:18 - 2011-06-23 16:41 - 00000000 ____D C:\ProgramData\Xfire

2013-11-02 11:15 - 2011-09-16 19:54 - 00000000 ____D C:\Users\Adam\AppData\Roaming\NVIDIA

2013-11-02 11:11 - 2011-06-27 11:03 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2347419715-266202084-3160654399-1000UA.job

2013-11-02 11:11 - 2011-06-20 18:27 - 00000000 ____D C:\Users\Adam\AppData\Roaming\NoNameScript

2013-11-02 11:11 - 2011-06-20 18:26 - 00000000 ____D C:\Program Files (x86)\mIRC

2013-11-02 11:11 - 2011-06-20 17:59 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Dropbox

2013-11-02 11:10 - 2013-08-08 07:53 - 00022057 _____ C:\Windows\setupact.log

2013-11-02 11:10 - 2013-03-31 21:08 - 00000000 ____D C:\ProgramData\NVIDIA

2013-11-02 11:10 - 2012-04-30 18:42 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-11-02 11:10 - 2012-01-13 21:50 - 00000000 ____D C:\Program Files (x86)\Trillian

2013-11-02 11:10 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-11-02 00:38 - 2011-06-20 18:45 - 00000000 ____D C:\ProgramData\LogMeIn

2013-11-02 00:34 - 2012-01-13 22:18 - 00000000 ____D C:\Users\Adam\AppData\Roaming\TS3Client

2013-11-01 23:16 - 2012-04-27 12:18 - 00000000 ____D C:\Program Files (x86)\GW2

2013-11-01 22:07 - 2011-07-06 23:46 - 00000922 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2347419715-266202084-3160654399-1000UA.job

2013-11-01 22:07 - 2011-07-06 23:46 - 00000900 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2347419715-266202084-3160654399-1000Core.job

2013-11-01 19:11 - 2011-06-27 11:03 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2347419715-266202084-3160654399-1000Core.job

2013-11-01 17:59 - 2011-10-07 21:21 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Mumble

2013-11-01 01:18 - 2011-07-17 15:58 - 00000396 _____ C:\Windows\Tasks\Defraggler Volume H Task.job

2013-10-31 22:31 - 2011-06-20 19:35 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Spotify

2013-10-31 17:50 - 2012-01-13 22:17 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client

2013-10-31 17:16 - 2011-06-20 19:35 - 00000000 ____D C:\Users\Adam\AppData\Local\Spotify

2013-10-31 01:00 - 2011-07-17 15:58 - 00000396 _____ C:\Windows\Tasks\Defraggler Volume G Task.job

2013-10-30 02:12 - 2011-07-17 15:57 - 00000396 _____ C:\Windows\Tasks\Defraggler Volume F Task.job

2013-10-29 23:19 - 2011-06-20 17:41 - 00000000 ____D C:\Users\Adam\AppData\Roaming\TeraCopy

2013-10-29 14:00 - 2011-09-16 19:04 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2013-10-29 13:59 - 2013-03-31 21:08 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-10-29 13:59 - 2011-09-16 19:04 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2013-10-29 13:59 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\Help

2013-10-29 01:00 - 2011-07-17 15:57 - 00000396 _____ C:\Windows\Tasks\Defraggler Volume E Task.job

2013-10-28 09:05 - 2013-09-12 16:17 - 00008592 _____ C:\Windows\PFRO.log

2013-10-28 02:04 - 2011-07-17 15:57 - 00000396 _____ C:\Windows\Tasks\Defraggler Volume D Task.job

2013-10-27 22:28 - 2013-10-27 17:28 - 00000000 ____D C:\Users\Adam\.gimp-2.8

2013-10-27 22:27 - 2011-06-20 18:48 - 00000600 _____ C:\Users\Adam\AppData\Roaming\winscp.rnd

2013-10-27 17:47 - 2013-10-27 17:47 - 00000833 _____ C:\Users\Adam\AppData\Local\recently-used.xbel

2013-10-27 17:47 - 2013-10-27 17:38 - 00000000 ____D C:\Users\Adam\AppData\Local\gtk-2.0

2013-10-27 17:28 - 2013-10-27 17:28 - 00000000 ____D C:\Users\Adam\AppData\Local\gegl-0.2

2013-10-27 17:28 - 2013-10-27 17:27 - 00000000 ____D C:\Program Files\GIMP 2

2013-10-27 17:28 - 2011-06-20 16:42 - 00000000 ____D C:\Users\Adam

2013-10-27 17:13 - 2012-03-31 13:49 - 00000000 ____D C:\Users\Adam\AppData\Local\Paint.NET

2013-10-27 16:56 - 2013-10-27 16:56 - 00000000 ____D C:\Users\Adam\Desktop\flowtime.js-master

2013-10-27 16:56 - 2012-11-13 19:37 - 00000000 ____D C:\Program Files\Sublime Text 2

2013-10-27 11:08 - 2011-06-20 17:10 - 00000000 ____D C:\Program Files (x86)\SRWare Iron

2013-10-27 08:23 - 2011-06-20 18:44 - 00000000 ____D C:\Program Files (x86)\LogMeIn

2013-10-27 08:22 - 2011-06-20 18:45 - 00107368 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll

2013-10-27 08:22 - 2011-06-20 18:45 - 00092488 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll

2013-10-27 08:22 - 2011-06-20 18:45 - 00035656 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll

2013-10-27 02:05 - 2011-06-21 10:53 - 00007602 _____ C:\Users\Adam\AppData\Local\Resmon.ResmonCfg

2013-10-27 01:43 - 2013-10-27 01:43 - 00000000 ____D C:\Users\Adam\AppData\Roaming\PingPlotter

2013-10-27 01:43 - 2013-10-27 01:43 - 00000000 ____D C:\Program Files (x86)\PingPlotter Standard

2013-10-27 01:43 - 2013-06-04 17:55 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin

2013-10-27 01:42 - 2013-10-27 01:42 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Downloaded Installations

2013-10-27 01:26 - 2013-10-27 01:26 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Wargaming.net

2013-10-26 23:29 - 2011-07-16 22:27 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Dwarfs

2013-10-26 20:50 - 2011-06-21 17:40 - 00282296 _____ C:\Windows\SysWOW64\PnkBstrB.xtr

2013-10-26 20:50 - 2011-06-21 17:38 - 00282296 _____ C:\Windows\SysWOW64\PnkBstrB.exe

2013-10-26 20:47 - 2011-06-21 17:38 - 00215128 _____ C:\Windows\SysWOW64\PnkBstrB.ex0

2013-10-26 20:27 - 2013-08-08 16:57 - 00000000 ____D C:\vanilla17serv

2013-10-26 11:53 - 2013-10-26 11:53 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Nifflas

2013-10-25 18:24 - 2013-08-21 23:09 - 00037252 _____ C:\Windows\DirectX.log

2013-10-25 13:43 - 2013-10-27 01:43 - 00000044 ____H C:\Program Files (x86)\e0e3d898.tmp

2013-10-25 09:12 - 2011-06-29 15:17 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Mozilla

2013-10-24 17:36 - 2013-10-24 17:36 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-24 17:36 - 2013-10-24 17:36 - 00000000 ____D C:\Program Files\iTunes

2013-10-24 17:36 - 2013-10-24 17:36 - 00000000 ____D C:\Program Files\iPod

2013-10-24 17:36 - 2013-10-24 17:36 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-10-23 17:01 - 2013-10-23 17:01 - 00000000 ____D C:\Users\Adam\AppData\Roaming\.StarMade

2013-10-23 10:30 - 2013-10-29 13:59 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-10-23 10:30 - 2013-10-29 13:59 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll

2013-10-23 10:30 - 2013-10-29 13:59 - 00023287 _____ C:\Windows\system32\nvinfo.pb

2013-10-23 08:20 - 2013-10-29 13:59 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2013-10-23 08:20 - 2013-10-29 13:59 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

2013-10-23 08:20 - 2013-10-29 13:59 - 03426956 _____ C:\Windows\system32\nvcoproc.bin

2013-10-23 08:20 - 2013-10-29 13:59 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2013-10-23 08:20 - 2013-10-29 13:59 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2013-10-23 08:20 - 2013-10-29 13:59 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

2013-10-22 15:57 - 2013-09-05 17:44 - 00000000 ____D C:\Program Files (x86)\QuickTime

2013-10-21 16:44 - 2013-10-21 16:44 - 00053483 _____ C:\Users\Adam\Desktop\DxDiag.txt

2013-10-20 23:58 - 2013-10-19 14:16 - 00000000 ____D C:\steamcmd

2013-10-20 12:17 - 2013-08-06 17:18 - 00000000 ____D C:\Users\Adam\AppData\Roaming\vlc

2013-10-19 21:18 - 2013-10-19 21:18 - 00000000 ____D C:\Users\Adam\AppData\Local\Harebrained Schemes

2013-10-19 21:18 - 2013-10-19 21:18 - 00000000 ____D C:\Users\Adam\AppData\Local\EMU

2013-10-19 21:05 - 2011-11-24 18:08 - 00000000 ____D C:\Users\Adam\AppData\Local\Plex

2013-10-19 20:15 - 2011-06-23 16:41 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Xfire

2013-10-18 21:54 - 2013-10-18 21:54 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BBC iPlayer

2013-10-18 21:54 - 2013-10-18 21:54 - 00000000 ____D C:\Users\Adam\AppData\Local\BBC

2013-10-18 01:36 - 2013-10-29 13:16 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2013-10-18 01:36 - 2013-10-29 13:16 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2013-10-17 09:19 - 2013-10-17 09:19 - 00000000 ____D C:\Users\Adam\AppData\Local\FluxSoftware

2013-10-17 09:19 - 2011-10-04 19:41 - 00000000 ____D C:\Users\Adam\AppData\Local\Apps\F.lux

2013-10-16 08:38 - 2013-09-12 16:20 - 00001945 _____ C:\Windows\epplauncher.mif

2013-10-16 08:38 - 2013-09-12 16:20 - 00000000 ____D C:\Program Files\Microsoft Security Client

2013-10-16 08:38 - 2013-09-12 16:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

2013-10-13 18:17 - 2012-04-30 18:42 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-10-13 18:17 - 2012-04-30 18:42 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2013-10-13 13:01 - 2013-10-13 13:01 - 00000000 ____D C:\Users\Adam\AppData\Roaming\3909

2013-10-13 13:01 - 2013-10-13 12:59 - 00000000 ____D C:\Users\Adam\Desktop\Papers_Please_v1.0.37-VACE

2013-10-10 18:06 - 2011-06-27 11:03 - 00003876 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2347419715-266202084-3160654399-1000UA

2013-10-10 18:06 - 2011-06-27 11:03 - 00003480 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2347419715-266202084-3160654399-1000Core

2013-10-10 10:21 - 2013-09-14 17:04 - 00000000 ____D C:\Windows\rescache

2013-10-10 09:24 - 2009-07-14 05:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2013-10-10 09:18 - 2012-05-16 02:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-10-10 09:18 - 2012-05-16 02:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2013-10-10 09:18 - 2009-07-14 04:45 - 02467680 _____ C:\Windows\system32\FNTCACHE.DAT

2013-10-10 07:40 - 2011-06-21 13:37 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-10-10 07:37 - 2013-08-16 10:07 - 00000000 ____D C:\Windows\system32\MRT

2013-10-10 07:35 - 2011-06-20 17:02 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-10-09 10:31 - 2012-03-30 15:37 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-10-09 10:31 - 2012-03-30 15:37 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2013-10-09 10:31 - 2011-06-20 18:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-10-05 18:37 - 2013-04-28 14:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-10-05 18:34 - 2013-10-05 18:34 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Oracle

2013-10-05 18:34 - 2013-10-05 18:34 - 00000000 ____D C:\ProgramData\Oracle

2013-10-05 18:34 - 2012-02-07 22:01 - 00000000 ____D C:\Program Files\Java

2013-10-05 18:33 - 2013-10-05 18:33 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-10-05 18:33 - 2013-10-05 18:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-10-05 18:33 - 2013-10-05 18:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-10-05 18:33 - 2013-10-05 18:33 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-10-05 18:33 - 2012-08-31 13:36 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll

2013-10-05 18:33 - 2011-06-21 20:19 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll

2013-10-05 17:03 - 2013-10-05 17:01 - 00000000 ____D C:\AdwCleaner

2013-10-05 15:38 - 2012-04-19 18:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-10-05 15:33 - 2013-10-05 15:33 - 00234010 _____ C:\Windows\SysWOW64\poclbm130302GeForce GTX 660gv1w256l4.bin

2013-10-05 13:08 - 2012-12-23 20:43 - 00000000 ____D C:\Users\Adam\AppData\Roaming\ftblauncher

2013-10-05 10:48 - 2013-10-05 10:47 - 00000000 ____D C:\Users\Adam\AppData\Roaming\miner

2013-10-03 21:29 - 2013-10-03 21:29 - 00000000 ____D C:\terrariaserv

2013-10-03 17:21 - 2013-08-29 21:03 - 00000000 ____D C:\Users\Adam\Desktop\iPlayer Recordings

2013-10-03 16:48 - 2013-08-29 21:07 - 00000260 _____ C:\Users\Adam\.swfinfo

2013-10-03 16:48 - 2013-08-29 21:03 - 00000000 ____D C:\Users\Adam\.get_iplayer

 

Some content of TEMP:

====================

C:\Users\Adam\AppData\Local\Temp\Checkupdate.exe

C:\Users\Adam\AppData\Local\Temp\Foxit Reader Updater.exe

C:\Users\Adam\AppData\Local\Temp\gcapi_dll.dll

C:\Users\Adam\AppData\Local\Temp\gtapi_signed.dll

C:\Users\Adam\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Adam\AppData\Local\Temp\nvSCPAPI64.dll

C:\Users\Adam\AppData\Local\Temp\nvStInst.exe

C:\Users\Adam\AppData\Local\Temp\Quarantine.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2013-10-31 00:27

 

==================== End Of Log ============================

Link to post
Share on other sites

Download the attached fixlist.txt to the same folder as FRST.

Run FRST and click Fix only once and wait

The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.

Then......

Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look like this, not "sponsored ad links":

bleep-crop.jpg

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-10-2013

Ran by Adam at 2013-11-02 12:23:45 Run:1

Running from C:\Users\Adam\Desktop

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

C:\ProgramData\Microsoft\Windows\Time

R2 Time;Time;C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe [2013-10-19 10752]

 

 

*****************

 

C:\ProgramData\Microsoft\Windows\Time => Moved successfully.

Time => Service deleted successfully.

 

 

The system needs a manual reboot. 

 

==== End of Fixlog ====

 


Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.11.02.03

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16721

Adam :: ADAM-PC [administrator]

 

02/11/2013 12:32:19

mbam-log-2013-11-02 (12-32-19).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 241108

Time elapsed: 3 minute(s), 43 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

 

Seems much better, there was definite slugishness and that time-svc process has gone away now. Thanks very much for your help!

Link to post
Share on other sites

I did, here's the log sorry...

 

# AdwCleaner v3.010 - Report created 02/11/2013 at 12:29:01
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Enterprise Service Pack 1 (64 bits)
# Username : Adam - ADAM-PC
# Running from : F:\Downloaded\Browsers\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16720
 
 
-\\ Mozilla Firefox v24.0 (en-US)
 
[ File : C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\jodf3zlh.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2372 octets] - [05/10/2013 17:01:29]
AdwCleaner[R1].txt - [334 octets] - [02/11/2013 12:27:08]
AdwCleaner[R2].txt - [1056 octets] - [02/11/2013 12:27:43]
AdwCleaner[s0].txt - [2348 octets] - [05/10/2013 17:02:56]
AdwCleaner[s1].txt - [979 octets] - [02/11/2013 12:29:01]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1038 octets] ##########
 
Link to post
Share on other sites

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!
MrC
Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.76  

 Windows 7 Service Pack 1 x64 (UAC is disabled!)  

 Internet Explorer 10  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

Microsoft Security Essentials   

 Antivirus up to date!  

`````````Anti-malware/Other Utilities Check:````````` 

 Malwarebytes Anti-Malware version 1.75.0.1300  

 Java 7 Update 40  

 JavaScript Tooling    

 Visual Studio Extensions for Windows Library for JavaScript 1.0.9200.20602 

 Visual Studio Extensions for Windows Library for JavaScript 

 Java version out of Date! 

 Adobe Flash Player 11.9.900.117  

 Adobe Reader XI  

 Mozilla Firefox (24.0) 

 Google Chrome 30.0.1599.101  

 Google Chrome 30.0.1599.69  

````````Process Check: objlist.exe by Laurent````````  

 Microsoft Security Essentials MSMpEng.exe 

 Microsoft Security Essentials msseces.exe 

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C: 45% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

Here's an updated one... I updated Java!

 

 Results of screen317's Security Check version 0.99.76  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 45  
 JavaScript Tooling    
 Visual Studio Extensions for Windows Library for JavaScript 1.0.9200.20602 
 Visual Studio Extensions for Windows Library for JavaScript 
 Adobe Flash Player 11.9.900.117  
 Adobe Reader XI  
 Mozilla Firefox (24.0) 
 Google Chrome 30.0.1599.101  
 Google Chrome 30.0.1599.69  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 45% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

Good.....

A little clean up to do....

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall or download and run the uninstaller)

---------------------------------

Please download OTC to your desktop.

http://oldtimer.geekstogo.com/OTC.exe

Double-click OTC to run it. (Vista and up users, please right click on OTC and select "Run as an Administrator")

Click on the CleanUp! button and follow the prompts.

(If you get a warning from your firewall or other security programs regarding OTC attempting to contact the Internet, please allow the connection.)

You will be asked to reboot the machine to finish the Cleanup process, choose Yes.

After the reboot all the tools we used should be gone.

Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.

Any other programs or logs you can manually delete.

IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, MBAR, etc....AdwCleaner > just run the program and click uninstall.

Note:

If you used FRST and can't delete the quarantine folder:

Download the fixlist.txt to the same folder as FRST.

Run FRST and click Fix only once and wait

That will delete the quarantine folder created by FRST.

The rest you can manually delete.

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again. (also HERE)

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.