Jump to content

Help ASAP: Advert Sounds Playing In Background (Need PC for work)


ashford

Recommended Posts

Hello,

 

Yesterday, in random intervals, advertisement sounds (like ads from the TV for cleaning products and such) would begin to play from my headphones. Now it could only occur when Google Chrome is open, but I haven't been alert enough to check if Chrome is the real issue behind this. It could be some adware or maybe a rootkit? Never the less, I've tried running various programs to try and get rid of this issue but yesterday night I heard one last advert play. I unplugged my wireless adapter (so my infected PC cannot communicate with other PCs and perhaps the hacker himself) and now I've plugged it back in to post this thread.

 

What I've tried to run so far:

Malwarebytes Anti-RootKit

Malwarebytes Anti-Malware (A full system scan, nothing that was actually a virus came up, only the drivers for my FitBit, a Java Updater and BattleLog which is the system Battlefield 4 uses to launch the game from Google Chrome. I removed the java updater)

Kaspersky TDSSKiller (all options in config ticked)

RoughKiller

RKill

JRT

AdwCleaner

 

I have run both the TDSSKiller and MBAR in Safe Mode with Networking and those haven't detected anything. Maybe something happened yesterday to get rid of the virus, but I'm doubtful since I'm very sure I didn't run any new Anti-Virus/Malware/RootKit software after hearing another advert last night.

 

I would run dds to give you the .txt file and such but I'm running Windows 8.1 and apparently the dds.com is not compatible with my Windows version, also ComboFix is not compatible. I need to get this fixed soon because I need this computer for work purposes. There is no torrent software installed and I haven't installed any on this computer ever. No illegal software either so that can't be the issue. Could it be related to the Adobe hackings? I didn't update my CC packages for some time after they were hacked (now I have). My Java might be out of date, I'll have to go check on that.

 

I've had Norton's PC protection running for months now (long before this ad audio started yesterday) and I'm sure it would have detected a serious issue such as a RootKit. So maybe this is something a lot simpler like an adware extension? I only use Google Chrome but a few days ago I did open up Internet Explorer for the first time in a year or so -- I imagine some other adware that's been installed on here before like Conduit or Babylon search have left their mark on IE whilst I was busy removing them from Chrome. (Yesterday I removed a "Search Spinner" extension from Chrome but I still got the ad sounds coming up later).

Any help would be appreciated, last thing I want is to re-install the OS -- I built this computer so I'm not sure what type of support there is or what kind of trouble there will be if I try a re-install (a re-install is not out of the question, I just want to avoid it if possible).

 

Thank you in advance.

Link to post
Share on other sites

  • Staff

Hello ashford

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

I would like you to run this program for me.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Gringo
Link to post
Share on other sites

Here is the FRST.txt file. Everything ran ok with no stuttering or such.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-02-2014

Ran by Zak (administrator) on ZAKAROONY on 18-02-2014 09:34:59

Running from C:\Users\Zak\Desktop

Windows 8.1 Pro (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:

Download link for 32-Bit version:

Download link for 64-Bit Version:

Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe

(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe

(Microsoft Corporation) C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe

(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe

() C:\WINDOWS\SysWOW64\PnkBstrA.exe

(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

() C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe

() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe

(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\skydrive.exe

(NTeWORKS) C:\Program Files (x86)\PicPick\picpick.exe

(Google Inc.) C:\Users\Zak\AppData\Local\Programs\Google\MusicManager\MusicManager.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe

(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe

(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe

(Dropbox, Inc.) C:\Users\Zak\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE

(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\WINDOWS\splwow64.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\WINDOWS\SysWOW64\DllHost.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)

HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

HKLM\...\Run: [shadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)

HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

HKLM-x32\...\Run: [browserPlugInHelper] - C:\Program Files (x86)\Wondershare\Video Converter Pro\BrowserPlugInHelper.exe [1969440 2013-05-07] ()

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-02] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Fitbit Connect] - C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3093024 2013-02-25] (Fitbit, Inc.)

HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442712 2013-11-17] (Razer Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)

HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)

HKLM-x32\...\Run: [] - [X]

HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-23] (Samsung Electronics Co., Ltd.)

HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3551576 2013-12-20] (Electronic Arts)

HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [steam] - C:\Program Files (x86)\Steam\steam.exe [1822400 2014-02-14] (Valve Corporation)

HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [Akamai NetSession Interface] - C:\Users\Zak\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)

HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [spotify] - C:\Users\Zak\AppData\Roaming\Spotify\Spotify.exe [4558336 2013-04-26] (Spotify Ltd)

HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [spotify Web Helper] - C:\Users\Zak\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1105408 2013-04-26] (Spotify Ltd)

HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [PicPick Start] - C:\Program Files (x86)\PicPick\picpick.exe [11479896 2013-04-04] (NTeWORKS)

HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [Google Update] - C:\Users\Zak\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-05-15] (Google Inc.)

HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [MusicManager] - C:\Users\Zak\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7380992 2013-11-11] (Google Inc.)

HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)

HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [Fitbit Connect] - C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3093024 2013-02-25] (Fitbit, Inc.)

HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)

HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)

HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)

HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [HP Officejet 6600 (NET)] - C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-05-23] (Samsung)

Startup: C:\Users\Zak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Zak\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Zak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk

ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5CAE981928E2CD01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5

SearchScopes: HKCU - {664B2564-19E2-4F21-A526-E3FDA5A11AF9} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)

BHO-x32: Wondershare Video Converter Ultimate - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Pro\SVRIEPlugin.dll (Wondershare Software Co., Ltd.)

BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)

Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: 127.0.0.1 localhost

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

Chrome: 

=======


CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.404\_platform_specific\win_x86\widevinecdmadapter.dll ()

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

CHR Plugin: (Battlelog Game Launcher) - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)

CHR Plugin: (Wolfram Mathematica) - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4055459\npmathplugin.dll (Wolfram Research, Inc.)

CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

CHR Plugin: (Java Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

CHR Plugin: (OnLive Game Client Detector) - C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Unity Player) - C:\Users\Zak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

CHR Plugin: (Google Update) - C:\Users\Zak\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

CHR Plugin: (Roblox Launcher Plugin) - C:\Users\Zak\AppData\Local\Roblox\Versions\version-bb07ab23647d4e8a\\NPRobloxProxy.dll ( ROBLOX Corporation)

CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

CHR Extension: (Google Docs) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-02]

CHR Extension: (Google Drive) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-24]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-01-02]

CHR Extension: (YouTube) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-24]

CHR Extension: (Google Cast) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-01-02]

CHR Extension: (Facebook) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-01-02]

CHR Extension: (Adblock Plus) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-02]

CHR Extension: (Google Search) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-24]

CHR Extension: (Search by Image (by Google)) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2014-01-02]

CHR Extension: (Netflix) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2014-01-02]

CHR Extension: (Google News) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2014-01-02]

CHR Extension: (Google Calendar) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-01-02]

CHR Extension: (Full Screen Weather) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2014-01-02]

CHR Extension: (The QR Code Generator) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2014-01-02]

CHR Extension: (AdBlock) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-27]

CHR Extension: (A Journey through Middle-earth) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgkjeheegjnnmheaflhdocglkiegoni [2014-01-02]

CHR Extension: (LastPass: Free Password Manager) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-01-02]

CHR Extension: (Don't Starve) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc [2014-01-02]

CHR Extension: (Google Keep) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-01-02]

CHR Extension: (Cloud Reader) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-01-02]

CHR Extension: (Wolfram|Alpha (Official)) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\icncamkooinmbehmkeilcccmoljfkdhp [2014-01-02]

CHR Extension: (Google Play Music) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2014-01-02]

CHR Extension: (Chrome to Mobile) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-01-02]

CHR Extension: (Dropbox) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-01-02]

CHR Extension: (WhatFont) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2014-01-02]

CHR Extension: (Google Forms) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2014-01-27]

CHR Extension: (Google Play) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-01-02]

CHR Extension: (Google Maps) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-01-02]

CHR Extension: (Google Mail Checker) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-01-02]

CHR Extension: (Quick Note) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2014-02-01]

CHR Extension: (Google Wallet) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-06-03]

CHR Extension: (Khan Academy) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pahdiadnidmaaoohjmlkcjffbfcapgko [2014-01-02]

CHR Extension: (Gmail) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-24]

CHR HKCU\...\Chrome\Extension: [cgpimkfhjdaobobdomcikioipaenlhke] - C:\Users\Zak\AppData\Local\CRE\cgpimkfhjdaobobdomcikioipaenlhke.crx [2012-12-24]

CHR HKLM-x32\...\Chrome\Extension: [cgpimkfhjdaobobdomcikioipaenlhke] - C:\Users\Zak\AppData\Local\CRE\cgpimkfhjdaobobdomcikioipaenlhke.crx [2012-12-24]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\Exts\Chrome.crx [2014-01-20]

 

==================== Services (Whitelisted) =================

 

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-03-10] ()

R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1239584 2013-02-25] (Fitbit, Inc.)

R2 KinectManagement; C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe [98816 2012-09-18] (Microsoft Corporation)

S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe [264360 2013-10-18] (Symantec Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)

R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)

R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2013-12-31] ()

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

R2 WLANBelkinService; C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [36864 2009-12-28] ()

R2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [305200 2012-09-18] ()

R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)

 

==================== Drivers (Whitelisted) ====================

 

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)

S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)

R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-17] (Symantec Corporation)

R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-24] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-22] (Symantec Corporation)

S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)

S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)

S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)

R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140217.001\IDSvia64.sys [521944 2014-01-20] (Symantec Corporation)

R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)

S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-29] (Microsoft Corporation)

S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)

S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140217.066\ENG64.SYS [126040 2014-01-22] (Symantec Corporation)

R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140217.066\EX64.SYS [2099288 2014-01-22] (Symantec Corporation)

R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)

S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)

S3 NPF; C:\Windows\system32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)

S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)

R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2013-11-14] (Razer Inc)

R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [29472 2012-09-05] (SerComm Corporation)

S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)

S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)

R3 SRTSP; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)

S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)

R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)

S0 SymELAM; C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)

R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-24] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)

R1 SymNetS; C:\Windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)

S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org)

S1 AntiLog32; \??\C:\WINDOWS\system32\drivers\AntiLog64.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-02-18 09:34 - 2014-02-18 09:35 - 00030929 _____ () C:\Users\Zak\Desktop\FRST.txt

2014-02-18 09:34 - 2014-02-18 09:34 - 00000000 ____D () C:\FRST

2014-02-18 09:33 - 2014-02-18 09:32 - 02152448 _____ (Farbar) C:\Users\Zak\Desktop\FRST64.exe

2014-02-18 09:32 - 2014-02-18 09:32 - 02152448 _____ (Farbar) C:\Users\Zak\Downloads\FRST64.exe

2014-02-17 16:18 - 2014-02-17 16:20 - 168965850 _____ () C:\Users\Zak\Downloads\@Peral_A-10C.rar

2014-02-17 12:08 - 2014-02-17 12:09 - 00688992 _____ (Swearware) C:\Users\Zak\Desktop\dds.scr

2014-02-16 23:19 - 2014-02-17 11:06 - 00000000 ____D () C:\Users\Zak\AppData\Local\NPE

2014-02-16 23:11 - 2014-02-16 23:11 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos

2014-02-16 23:11 - 2014-02-16 23:11 - 00000000 ____D () C:\ProgramData\Sophos

2014-02-16 23:10 - 2014-02-16 23:10 - 00000000 ____D () C:\Program Files (x86)\Sophos

2014-02-16 23:06 - 2014-02-16 23:06 - 84529880 _____ (Sophos Limited) C:\Users\Zak\Downloads\Sophos Virus Removal Tool.exe

2014-02-16 23:02 - 2014-02-16 23:09 - 00000000 ____D () C:\Users\Zak\Desktop\RK_Quarantine

2014-02-16 23:02 - 2014-02-16 23:02 - 04408320 _____ () C:\Users\Zak\Downloads\RogueKillerX64.exe

2014-02-16 22:55 - 2014-02-16 22:55 - 00387584 _____ () C:\Users\Zak\Downloads\rescue2usb.exe

2014-02-16 22:46 - 2014-02-16 22:46 - 00000000 ____D () C:\TDSSKiller_Quarantine

2014-02-16 22:16 - 2014-02-17 11:37 - 00000000 ____D () C:\Users\Zak\Desktop\mbar

2014-02-16 22:16 - 2014-02-17 11:37 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-02-16 22:16 - 2014-02-17 11:17 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2014-02-16 22:15 - 2014-02-16 22:15 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Zak\Downloads\mbar-1.07.0.1009.exe

2014-02-16 21:51 - 2014-02-16 21:52 - 178479183 _____ () C:\Users\Zak\Downloads\RH Pistol pack 1.11-A3.7z

2014-02-16 21:39 - 2014-02-16 21:41 - 20513950 _____ () C:\Users\Zak\Downloads\FHQ_M4_A4_v1.9.7z

2014-02-16 14:11 - 2014-02-16 14:11 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Zak\Downloads\rkill64.exe

2014-02-16 14:10 - 2014-02-16 14:10 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Zak\Downloads\rkill.exe

2014-02-16 14:07 - 2014-02-16 14:07 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-02-16 14:06 - 2014-02-16 14:06 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Zak\Downloads\iExplore64.exe

2014-02-16 13:48 - 2014-02-16 13:48 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\Malwarebytes

2014-02-16 13:47 - 2014-02-16 13:47 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-16 13:47 - 2014-02-16 13:47 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-16 13:47 - 2014-02-16 13:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-16 13:47 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2014-02-16 13:39 - 2014-02-16 13:39 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Zak\Downloads\iExplore.exe

2014-02-16 13:39 - 2014-02-16 13:39 - 01037530 _____ (Thisisu) C:\Users\Zak\Downloads\JRT.exe

2014-02-16 13:38 - 2014-02-16 13:36 - 01166132 _____ () C:\Users\Zak\Desktop\adwcleaner.exe

2014-02-16 13:37 - 2014-02-16 13:41 - 00000000 ____D () C:\AdwCleaner

2014-02-16 13:36 - 2014-02-16 13:36 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Zak\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-16 13:36 - 2014-02-16 13:36 - 01166132 _____ () C:\Users\Zak\Downloads\adwcleaner.exe

2014-02-16 13:21 - 2014-02-16 13:21 - 04122976 _____ (Kaspersky Lab ZAO) C:\Users\Zak\Downloads\tdsskiller.exe

2014-02-16 13:19 - 2014-02-16 13:18 - 05183112 _____ (Swearware) C:\Users\Zak\Desktop\ComboFix.exe

2014-02-16 13:18 - 2014-02-16 13:18 - 05183112 _____ (Swearware) C:\Users\Zak\Downloads\ComboFix.exe

2014-02-16 13:14 - 2014-02-16 13:14 - 00688992 ____R (Swearware) C:\Users\Zak\Desktop\dds.com

2014-02-14 22:45 - 2013-12-08 16:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll

2014-02-14 22:45 - 2013-12-08 16:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll

2014-02-14 22:45 - 2013-11-27 07:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll

2014-02-14 22:45 - 2013-11-27 07:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2014-02-14 22:45 - 2013-11-27 06:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2014-02-14 22:45 - 2013-11-27 05:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll

2014-02-14 22:45 - 2013-11-27 04:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys

2014-02-14 22:45 - 2013-11-27 02:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll

2014-02-14 22:45 - 2013-11-27 02:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll

2014-02-14 22:45 - 2013-11-27 02:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll

2014-02-14 22:45 - 2013-11-27 01:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll

2014-02-14 22:45 - 2013-11-27 01:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

2014-02-14 22:45 - 2013-11-27 01:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2014-02-14 22:45 - 2013-11-27 01:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll

2014-02-14 22:45 - 2013-11-27 00:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll

2014-02-14 22:45 - 2013-11-27 00:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll

2014-02-14 22:45 - 2013-11-26 20:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml

2014-02-14 22:45 - 2013-11-26 05:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2014-02-14 22:45 - 2013-11-26 05:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2014-02-14 22:45 - 2013-11-26 05:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll

2014-02-14 22:45 - 2013-11-26 05:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll

2014-02-14 22:45 - 2013-11-26 03:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2014-02-14 22:45 - 2013-11-26 03:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2014-02-14 22:45 - 2013-11-26 03:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll

2014-02-14 22:45 - 2013-11-26 02:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-02-14 22:45 - 2013-11-26 01:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2014-02-14 22:45 - 2013-11-26 00:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2014-02-14 22:45 - 2013-11-24 17:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS

2014-02-14 22:45 - 2013-11-24 17:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2014-02-14 22:45 - 2013-11-24 15:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll

2014-02-14 22:45 - 2013-11-24 15:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll

2014-02-14 22:45 - 2013-11-23 04:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll

2014-02-14 22:45 - 2013-11-23 03:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2014-02-14 22:45 - 2013-11-23 00:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2014-02-14 22:45 - 2013-11-22 23:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll

2014-02-14 22:45 - 2013-11-22 23:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys

2014-02-14 22:45 - 2013-11-22 23:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2014-02-14 22:45 - 2013-11-22 20:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll

2014-02-14 22:45 - 2013-11-22 19:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2014-02-14 22:45 - 2013-11-22 19:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2014-02-14 22:45 - 2013-11-22 19:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2014-02-14 22:45 - 2013-11-22 19:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2014-02-14 22:45 - 2013-11-22 19:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2014-02-14 22:45 - 2013-11-22 19:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2014-02-14 22:45 - 2013-11-20 22:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll

2014-02-14 22:45 - 2013-11-20 22:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2014-02-14 22:45 - 2013-11-15 21:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2014-02-14 22:45 - 2013-11-15 10:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2014-02-14 22:45 - 2013-11-15 06:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll

2014-02-14 22:45 - 2013-11-15 06:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll

2014-02-14 22:45 - 2013-11-15 06:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll

2014-02-14 22:45 - 2013-11-15 05:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2014-02-14 22:45 - 2013-11-05 12:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2014-02-14 22:45 - 2013-10-30 16:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2014-02-14 22:45 - 2013-10-30 15:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2014-02-13 10:12 - 2014-02-13 10:25 - 891457474 _____ (SpaceEngine ) C:\Users\Zak\Downloads\SE-0971-setup.exe

2014-02-11 23:13 - 2014-01-06 21:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll

2014-02-11 23:13 - 2014-01-06 20:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll

2014-02-11 23:13 - 2013-12-08 16:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2014-02-11 23:13 - 2013-12-08 16:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll

2014-02-11 23:13 - 2013-12-08 15:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll

2014-02-11 23:13 - 2013-12-08 15:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

2014-02-11 23:13 - 2013-11-20 22:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll

2014-02-11 23:13 - 2013-11-20 21:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2014-02-11 23:12 - 2014-02-06 04:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-02-11 23:12 - 2014-02-06 03:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2014-02-11 23:12 - 2014-02-06 03:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll

2014-02-11 23:12 - 2014-02-06 03:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-02-11 23:12 - 2014-02-06 03:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll

2014-02-11 23:12 - 2014-02-06 03:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll

2014-02-11 23:12 - 2014-02-06 02:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2014-02-11 23:12 - 2014-02-06 02:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2014-02-11 23:12 - 2014-02-06 02:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe

2014-02-11 23:12 - 2014-02-06 02:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2014-02-11 23:12 - 2014-02-06 02:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe

2014-02-11 23:12 - 2014-02-06 02:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-02-11 23:12 - 2014-02-06 02:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-02-11 23:12 - 2014-02-06 02:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2014-02-11 23:12 - 2014-02-06 02:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll

2014-02-11 23:12 - 2014-02-06 02:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-02-11 23:12 - 2014-02-06 02:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll

2014-02-11 23:12 - 2014-02-06 02:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll

2014-02-11 23:12 - 2014-02-06 01:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-02-11 23:12 - 2014-02-06 01:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-02-11 23:12 - 2014-02-06 01:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2014-02-11 23:12 - 2014-02-06 01:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll

2014-02-11 23:12 - 2014-02-06 01:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-02-11 23:12 - 2014-02-06 01:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe

2014-02-11 23:12 - 2014-02-06 01:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2014-02-11 23:12 - 2014-02-06 01:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-02-11 23:12 - 2014-02-06 01:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll

2014-02-11 23:12 - 2014-02-06 01:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-02-11 23:12 - 2014-02-06 01:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-02-11 23:12 - 2014-02-06 01:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-02-11 23:12 - 2014-02-06 01:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-02-11 23:12 - 2014-02-06 01:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-02-11 23:12 - 2014-02-06 00:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-02-11 23:12 - 2014-02-06 00:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-02-11 23:12 - 2014-02-06 00:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-02-11 23:12 - 2014-02-06 00:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-02-11 23:12 - 2014-02-06 00:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-02-11 23:12 - 2014-01-09 00:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2014-02-11 23:12 - 2014-01-08 23:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2014-02-11 23:12 - 2014-01-08 23:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll

2014-02-11 23:12 - 2014-01-08 23:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2014-02-11 23:12 - 2014-01-08 23:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll

2014-02-11 23:12 - 2014-01-08 23:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll

2014-02-11 23:12 - 2014-01-08 23:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll

2014-02-11 23:12 - 2014-01-08 23:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2014-02-11 23:12 - 2014-01-08 23:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll

2014-02-11 23:12 - 2014-01-08 23:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2014-02-11 23:12 - 2014-01-06 23:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe

2014-02-11 23:12 - 2014-01-06 21:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe

2014-02-11 23:12 - 2014-01-04 12:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll

2014-02-11 23:12 - 2014-01-04 11:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll

2014-02-11 23:12 - 2014-01-04 06:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-02-11 23:12 - 2014-01-04 06:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2014-02-11 23:12 - 2014-01-04 05:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll

2014-02-11 23:12 - 2014-01-04 05:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll

2014-02-11 23:12 - 2014-01-04 05:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll

2014-02-11 23:12 - 2014-01-04 05:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll

2014-02-11 23:12 - 2013-12-20 18:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms

2014-02-11 23:12 - 2013-12-20 18:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms

2014-02-11 23:12 - 2013-12-20 02:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2014-02-11 23:12 - 2013-12-19 22:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2014-02-11 23:12 - 2013-12-08 18:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2014-02-11 23:12 - 2013-12-08 17:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2014-02-10 20:11 - 2013-12-16 15:22 - 01569280 _____ (BahraniApps) C:\Users\Zak\Desktop\GifCam.exe

2014-02-10 20:10 - 2014-02-10 20:10 - 00690877 _____ () C:\Users\Zak\Downloads\GifCam.zip

2014-02-09 00:50 - 2014-02-09 00:50 - 12871748 _____ () C:\Users\Zak\Downloads\Apparat - Goodbye (Instrumental).mp4

2014-02-08 13:17 - 2014-02-08 13:17 - 00073111 _____ () C:\Users\Zak\Downloads\redProtect_1.9.6.jar

2014-02-07 23:19 - 2014-02-07 23:19 - 00026177 _____ () C:\Users\Zak\Downloads\CompassNavigation.jar

2014-02-07 23:18 - 2014-02-07 23:18 - 00320559 _____ () C:\Users\Zak\Downloads\worldguard-5.8.zip

2014-02-07 23:17 - 2014-02-07 23:17 - 00816954 _____ () C:\Users\Zak\Downloads\worldedit-5.5.8.zip

2014-02-07 20:11 - 2014-02-07 20:11 - 00004312 _____ () C:\Users\Zak\Downloads\Bar.glet

2014-02-07 00:51 - 2014-02-07 01:04 - 1394761016 _____ (Wolfram Research, Inc. ) C:\Users\Zak\Downloads\Mathematica_9.0.1_WIN.exe

2014-02-05 16:59 - 2014-02-05 18:49 - 00000000 ____D () C:\Users\Zak\Desktop\X-Plane 10 Demo

2014-02-05 16:58 - 2014-02-05 16:58 - 04305431 _____ () C:\Users\Zak\Downloads\X-Plane10DemoInstallerWindows.zip

2014-02-04 17:01 - 2014-02-04 17:04 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online

2014-02-04 17:01 - 2014-02-04 17:01 - 00001415 _____ () C:\Users\Zak\Desktop\The Elder Scrolls Online Beta.lnk

2014-02-04 16:59 - 2014-02-04 17:00 - 55903624 _____ ( ) C:\Users\Zak\Downloads\Install_ESO_Beta.exe

2014-02-04 11:06 - 2014-02-04 11:08 - 38131448 _____ () C:\Users\Zak\Downloads\SU35S_v0.98_BETA_ARMA3.rar

2014-02-04 11:05 - 2014-02-04 11:05 - 38549805 _____ () C:\Users\Zak\Downloads\FA18_v1.2_ArmA_3.rar

2014-02-04 10:40 - 2014-02-04 10:49 - 41023637 _____ () C:\Users\Zak\Downloads\FA18_v1.51_ARMA_3.rar

2014-02-02 17:53 - 2014-02-02 17:53 - 00124395 _____ () C:\Users\Zak\Downloads\armaunpbo_v10.zip

2014-02-02 17:40 - 2014-02-02 17:42 - 353632441 _____ () C:\Users\Zak\Downloads\NATO_Russian_SF_Weapons_v 1.2.7z

2014-02-02 12:25 - 2014-02-02 12:29 - 07044001 _____ () C:\Users\Zak\Downloads\@AS50v1.4.rar

2014-02-02 11:46 - 2014-02-02 11:46 - 52307186 _____ () C:\Users\Zak\Downloads\MK18_Mod1_V02 (1).7z

2014-02-02 11:30 - 2014-02-02 11:30 - 00013390 _____ () C:\Users\Zak\Downloads\asdg_jointrails-v0.8.zip

2014-02-02 11:21 - 2014-02-02 11:21 - 00204678 _____ () C:\Users\Zak\Downloads\CBA_A3_beta4.7z

2014-02-02 00:07 - 2014-02-02 00:08 - 48942905 _____ () C:\Users\Zak\Downloads\FHQ_Accessories_v1.4 (2).7z

2014-02-02 00:07 - 2014-02-02 00:08 - 48942905 _____ () C:\Users\Zak\Downloads\FHQ_Accessories_v1.4 (1).7z

2014-02-02 00:06 - 2014-02-02 00:06 - 00000000 ____D () C:\Users\Zak\Desktop\FHQ_Accessories_v1.4

2014-02-01 23:07 - 2014-02-01 23:07 - 00000000 ____D () C:\Program Files (x86)\7-Zip

2014-02-01 23:06 - 2014-02-01 23:06 - 01110476 _____ () C:\Users\Zak\Downloads\7z920.exe

2014-02-01 23:00 - 2014-02-01 23:02 - 18685952 _____ () C:\Users\Zak\Downloads\FHQ_Accessories_v1.4.7z

2014-02-01 23:00 - 2014-02-01 23:02 - 18304260 _____ () C:\Users\Zak\Downloads\FHQ_M4_A3_v1.8..7z

2014-02-01 22:57 - 2014-02-01 22:57 - 12265603 _____ () C:\Users\Zak\Downloads\m107_V1.5.rar

2014-02-01 22:55 - 2014-02-01 22:55 - 52307186 _____ () C:\Users\Zak\Downloads\MK18_Mod1_V02.7z

2014-02-01 22:50 - 2014-02-01 22:50 - 04256118 _____ () C:\Users\Zak\Downloads\@tmr-0.3.5.zip

2014-02-01 18:18 - 2014-02-01 18:18 - 53957312 _____ (R Core Team ) C:\Users\Zak\Downloads\R-3.0.2-win.exe

2014-02-01 15:05 - 2014-02-01 15:07 - 00000000 ____D () C:\Users\Zak\Documents\maya

2014-02-01 12:51 - 2014-02-01 12:51 - 00001097 _____ () C:\Users\Zak\Desktop\Cheat Engine.lnk

2014-02-01 12:51 - 2014-02-01 12:51 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.3

2014-02-01 12:50 - 2014-02-01 12:50 - 08065840 _____ (Cheat Engine ) C:\Users\Zak\Downloads\CheatEngine63.exe

2014-01-31 09:56 - 2014-01-31 09:56 - 00000351 _____ () C:\Users\Zak\Desktop\Network - Shortcut.lnk

2014-01-29 18:54 - 2014-01-29 18:54 - 00000000 ____D () C:\Users\Zak\Documents\LEGO Creations

2014-01-29 18:54 - 2014-01-29 18:54 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\LEGO Company

2014-01-29 18:53 - 2014-01-29 18:53 - 00002162 _____ () C:\Users\Public\Desktop\LEGO Digital Designer.lnk

2014-01-29 18:53 - 2014-01-29 18:53 - 00000000 ____D () C:\Program Files (x86)\LEGO Company

2014-01-29 18:49 - 2014-01-29 18:50 - 225918672 _____ () C:\Users\Zak\Downloads\setupLDD-PC-4_3_8.exe

2014-01-29 16:44 - 2014-02-10 16:52 - 00001317 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

2014-01-26 18:42 - 2014-02-17 12:10 - 00306176 ___SH () C:\Users\Zak\Desktop\Thumbs.db

2014-01-26 18:15 - 2014-01-26 18:17 - 00000000 ____D () C:\Users\Zak\Desktop\Main Folder

2014-01-26 17:57 - 2014-01-29 16:35 - 00015364 ____H () C:\Users\Zak\Desktop\.DS_Store

2014-01-26 17:41 - 2014-02-15 18:19 - 00021508 ____H () C:\Users\Zak\.DS_Store

2014-01-26 17:25 - 2014-01-26 17:25 - 00000000 ____H () C:\Users\Zak\Documents\Default.rdp

2014-01-24 23:45 - 2014-01-24 23:52 - 00000000 ____D () C:\Users\Zak\Desktop\CRYENGINE_Build_PC_v3_5_6_1833_freesdk

2014-01-24 23:13 - 2014-01-24 23:23 - 1955430390 _____ () C:\Users\Zak\Downloads\CRYENGINE_Build_PC_v3_5_6_1833_freesdk.zip

2014-01-24 23:10 - 2014-01-24 23:10 - 00001812 _____ () C:\Users\Public\Desktop\Maya 2014.lnk

2014-01-24 23:10 - 2014-01-24 23:10 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared

2014-01-24 22:51 - 2014-01-24 22:51 - 00000000 ____D () C:\ProgramData\Applications

2014-01-24 22:50 - 2014-01-24 22:51 - 09658264 _____ (Autodesk, Inc.) C:\Users\Zak\Downloads\AutodeskDownloadManagerSetup.exe

2014-01-24 22:50 - 2014-01-24 22:50 - 11461360 _____ () C:\Users\Zak\Downloads\Autodesk_Maya_2014_wi_en-US_Setup (1).exe

2014-01-23 22:39 - 2013-12-27 10:42 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys

2014-01-23 22:39 - 2013-12-27 10:42 - 00033056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll

2014-01-20 12:30 - 2014-01-20 12:31 - 30714403 _____ () C:\Users\Zak\Downloads\uploads-2013-10-Squad-Texture-Pack-0.1c.zip

2014-01-20 01:25 - 2014-01-20 01:25 - 12030592 _____ () C:\Users\Zak\Downloads\uploads-2013-09-ksp_fustek_station_parts_expansion_r0_03_5a1 (1).zip

2014-01-20 01:21 - 2014-01-20 01:21 - 04837452 _____ () C:\Users\Zak\Downloads\uploads-2013-07-Radial-Nuclear-Engines2.zip

2014-01-20 01:20 - 2014-01-20 01:20 - 00528693 _____ () C:\Users\Zak\Downloads\ISA_MapSat X4r2.zip

2014-01-20 01:09 - 2014-01-20 01:09 - 22538379 _____ () C:\Users\Zak\Downloads\uploads-2013-09-dsm19.zip

2014-01-20 01:08 - 2014-01-20 01:08 - 12030592 _____ () C:\Users\Zak\Downloads\uploads-2013-09-ksp_fustek_station_parts_expansion_r0_03_5a1.zip

2014-01-20 01:05 - 2014-01-20 01:05 - 64092596 _____ () C:\Users\Zak\Downloads\uploads-2013-12-KW-Release-Package-v2.5.6B.zip

2014-01-20 01:04 - 2014-01-20 01:05 - 99627496 _____ () C:\Users\Zak\Downloads\uploads-2013-10-B9-Aerospace-Pack-R4-0c.zip

2014-01-19 22:43 - 2014-01-19 22:43 - 00000885 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk

2014-01-19 22:43 - 2014-01-19 22:43 - 00000000 ____D () C:\Program Files\CPUID

2014-01-19 22:41 - 2014-01-19 22:42 - 01466824 _____ ( ) C:\Users\Zak\Downloads\cpu-z_1.68-setup-en.exe

2014-01-19 16:28 - 2014-01-18 11:13 - 00000000 ____D () C:\Users\Zak\Desktop\CORE - ANVIL v1.7.2

2014-01-19 16:26 - 2014-01-19 16:26 - 08959348 _____ () C:\Users\Zak\Downloads\uploads-2014-01-CORE-ANVIL-v1.7.2.zip

2014-01-19 14:54 - 2014-01-19 14:54 - 00000000 ____D () C:\Program Files (x86)\PC Drivers HeadQuarters

2014-01-19 14:53 - 2014-01-19 14:53 - 02002088 _____ (PC Drivers HeadQuarters) C:\Users\Zak\Downloads\DriverDetective (1).exe

2014-01-19 14:52 - 2014-01-19 14:52 - 02002088 _____ (PC Drivers HeadQuarters) C:\Users\Zak\Downloads\DriverDetective.exe

2014-01-19 14:45 - 2014-01-19 14:45 - 00016896 _____ (ASUS) C:\WINDOWS\AsTaskSched.dll

2014-01-19 14:38 - 2014-01-19 14:38 - 00001769 _____ () C:\WINDOWS\Language_trs.ini

2014-01-19 14:38 - 2014-01-19 14:38 - 00000000 ____D () C:\Program Files (x86)\Realtek

2014-01-19 14:38 - 2013-08-08 19:57 - 02080472 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll

2014-01-19 14:38 - 2011-08-11 16:55 - 00001332 _____ () C:\WINDOWS\system32\Drivers\DTSU2P.DAT

2014-01-19 14:34 - 2014-01-19 14:47 - 296476712 _____ () C:\Users\Zak\Downloads\ASUS_Audio_V51282146_V60121_V70121_XPVistaWin7.zip

2014-01-19 14:32 - 2014-01-19 14:33 - 300035358 _____ () C:\Users\Zak\Downloads\Realtek_Audio_Win8-1_VER6017023.zip

2014-01-19 12:20 - 2014-01-19 12:21 - 471590458 _____ () C:\Users\Zak\Downloads\966 Spectacular Wallpapers (1080p unmarked) - Imgur.zip

 

==================== One Month Modified Files and Folders =======

 

2014-02-18 09:35 - 2014-02-18 09:34 - 00030929 _____ () C:\Users\Zak\Desktop\FRST.txt

2014-02-18 09:34 - 2014-02-18 09:34 - 00000000 ____D () C:\FRST

2014-02-18 09:32 - 2014-02-18 09:33 - 02152448 _____ (Farbar) C:\Users\Zak\Desktop\FRST64.exe

2014-02-18 09:32 - 2014-02-18 09:32 - 02152448 _____ (Farbar) C:\Users\Zak\Downloads\FRST64.exe

2014-02-18 09:32 - 2013-05-15 16:01 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3182746591-648046975-1580014685-1001UA.job

2014-02-18 09:22 - 2013-10-19 19:47 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FD0BE4D7-D646-41C2-8263-602689017EE7}

2014-02-18 09:11 - 2012-12-24 14:45 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-18 09:00 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-02-18 08:42 - 2013-04-12 22:26 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2014-02-18 02:00 - 2013-06-21 00:07 - 00000000 ____D () C:\Users\Zak\AppData\Local\Adobe

2014-02-18 00:25 - 2012-12-24 15:46 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-02-17 16:22 - 2013-06-23 12:11 - 00000000 ____D () C:\Users\Zak\AppData\Local\Arma 3

2014-02-17 16:20 - 2014-02-17 16:18 - 168965850 _____ () C:\Users\Zak\Downloads\@Peral_A-10C.rar

2014-02-17 15:45 - 2013-06-11 17:50 - 00000000 ___RD () C:\Users\Zak\Google Drive

2014-02-17 15:33 - 2012-12-24 14:48 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3182746591-648046975-1580014685-1001

2014-02-17 15:11 - 2014-01-02 13:05 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-02-17 15:11 - 2012-12-24 14:45 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-17 14:32 - 2013-05-15 16:00 - 00000868 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3182746591-648046975-1580014685-1001Core.job

2014-02-17 14:18 - 2013-04-11 21:14 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\Skype

2014-02-17 12:43 - 2013-12-26 11:53 - 00000000 ____D () C:\Users\Zak\AppData\Local\DayZ

2014-02-17 12:10 - 2014-01-26 18:42 - 00306176 ___SH () C:\Users\Zak\Desktop\Thumbs.db

2014-02-17 12:09 - 2014-02-17 12:08 - 00688992 _____ (Swearware) C:\Users\Zak\Desktop\dds.scr

2014-02-17 12:07 - 2013-08-26 10:40 - 00008094 _____ () C:\autoupdate.log

2014-02-17 12:02 - 2013-10-18 21:30 - 00000000 __RDO () C:\Users\Zak\SkyDrive

2014-02-17 12:02 - 2013-04-14 11:14 - 00000000 ___RD () C:\Users\Zak\Dropbox

2014-02-17 12:02 - 2013-04-14 11:07 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\Dropbox

2014-02-17 11:58 - 2013-10-17 12:14 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-02-17 11:58 - 2013-08-22 06:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-02-17 11:37 - 2014-02-16 22:16 - 00000000 ____D () C:\Users\Zak\Desktop\mbar

2014-02-17 11:37 - 2014-02-16 22:16 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-02-17 11:17 - 2014-02-16 22:16 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2014-02-17 11:11 - 2013-08-22 05:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI

2014-02-17 11:06 - 2014-02-16 23:19 - 00000000 ____D () C:\Users\Zak\AppData\Local\NPE

2014-02-17 11:00 - 2013-09-29 19:55 - 01498756 _____ () C:\WINDOWS\PFRO.log

2014-02-17 10:59 - 2013-10-17 12:14 - 01944649 _____ () C:\WINDOWS\WindowsUpdate.log

2014-02-17 10:35 - 2013-12-22 17:03 - 00000000 ____D () C:\ProgramData\Norton

2014-02-16 23:11 - 2014-02-16 23:11 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos

2014-02-16 23:11 - 2014-02-16 23:11 - 00000000 ____D () C:\ProgramData\Sophos

2014-02-16 23:10 - 2014-02-16 23:10 - 00000000 ____D () C:\Program Files (x86)\Sophos

2014-02-16 23:09 - 2014-02-16 23:02 - 00000000 ____D () C:\Users\Zak\Desktop\RK_Quarantine

2014-02-16 23:06 - 2014-02-16 23:06 - 84529880 _____ (Sophos Limited) C:\Users\Zak\Downloads\Sophos Virus Removal Tool.exe

2014-02-16 23:02 - 2014-02-16 23:02 - 04408320 _____ () C:\Users\Zak\Downloads\RogueKillerX64.exe

2014-02-16 22:55 - 2014-02-16 22:55 - 00387584 _____ () C:\Users\Zak\Downloads\rescue2usb.exe

2014-02-16 22:46 - 2014-02-16 22:46 - 00000000 ____D () C:\TDSSKiller_Quarantine

2014-02-16 22:15 - 2014-02-16 22:15 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Zak\Downloads\mbar-1.07.0.1009.exe

2014-02-16 21:52 - 2014-02-16 21:51 - 178479183 _____ () C:\Users\Zak\Downloads\RH Pistol pack 1.11-A3.7z

2014-02-16 21:41 - 2014-02-16 21:39 - 20513950 _____ () C:\Users\Zak\Downloads\FHQ_M4_A4_v1.9.7z

2014-02-16 14:16 - 2014-01-04 14:09 - 00000000 ____D () C:\Users\Zak\Downloads\ref=trdrt_prnt_popup_files

2014-02-16 14:11 - 2014-02-16 14:11 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Zak\Downloads\rkill64.exe

2014-02-16 14:10 - 2014-02-16 14:10 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Zak\Downloads\rkill.exe

2014-02-16 14:07 - 2014-02-16 14:07 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-02-16 14:06 - 2014-02-16 14:06 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Zak\Downloads\iExplore64.exe

2014-02-16 13:55 - 2013-09-29 20:04 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-02-16 13:48 - 2014-02-16 13:48 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\Malwarebytes

2014-02-16 13:47 - 2014-02-16 13:47 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-16 13:47 - 2014-02-16 13:47 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-16 13:47 - 2014-02-16 13:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-16 13:41 - 2014-02-16 13:37 - 00000000 ____D () C:\AdwCleaner

2014-02-16 13:41 - 2013-10-17 12:21 - 00000000 ____D () C:\Users\Zak

2014-02-16 13:39 - 2014-02-16 13:39 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Zak\Downloads\iExplore.exe

2014-02-16 13:39 - 2014-02-16 13:39 - 01037530 _____ (Thisisu) C:\Users\Zak\Downloads\JRT.exe

2014-02-16 13:36 - 2014-02-16 13:38 - 01166132 _____ () C:\Users\Zak\Desktop\adwcleaner.exe

2014-02-16 13:36 - 2014-02-16 13:36 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Zak\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-16 13:36 - 2014-02-16 13:36 - 01166132 _____ () C:\Users\Zak\Downloads\adwcleaner.exe

2014-02-16 13:21 - 2014-02-16 13:21 - 04122976 _____ (Kaspersky Lab ZAO) C:\Users\Zak\Downloads\tdsskiller.exe

2014-02-16 13:18 - 2014-02-16 13:19 - 05183112 _____ (Swearware) C:\Users\Zak\Desktop\ComboFix.exe

2014-02-16 13:18 - 2014-02-16 13:18 - 05183112 _____ (Swearware) C:\Users\Zak\Downloads\ComboFix.exe

2014-02-16 13:14 - 2014-02-16 13:14 - 00688992 ____R (Swearware) C:\Users\Zak\Desktop\dds.com

2014-02-15 20:42 - 2013-06-09 10:35 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\.minecraft

2014-02-15 18:19 - 2014-01-26 17:41 - 00021508 ____H () C:\Users\Zak\.DS_Store

2014-02-15 16:16 - 2013-12-25 16:10 - 00000000 ____D () C:\Users\Zak\AppData\Local\CrashDumps

2014-02-15 12:43 - 2012-12-24 14:42 - 00000000 ___RD () C:\Users\Zak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-02-15 12:43 - 2012-12-24 14:42 - 00000000 ___RD () C:\Users\Zak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-02-15 12:14 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-02-15 11:36 - 2013-08-22 05:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-02-15 11:32 - 2013-08-22 06:44 - 05214624 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-02-15 11:28 - 2013-08-22 07:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-02-15 11:28 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\MediaViewer

2014-02-15 11:28 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\FileManager

2014-02-15 11:28 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\Camera

2014-02-15 11:28 - 2013-08-22 05:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism

2014-02-15 11:28 - 2013-08-22 05:36 - 00000000 ____D () C:\WINDOWS\system32\Dism

2014-02-15 05:14 - 2013-08-17 13:41 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-02-15 05:07 - 2012-12-25 15:22 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-02-13 21:44 - 2013-11-05 16:11 - 00000000 ____D () C:\Users\Zak\Desktop\Screenshots

2014-02-13 10:25 - 2014-02-13 10:12 - 891457474 _____ (SpaceEngine ) C:\Users\Zak\Downloads\SE-0971-setup.exe

2014-02-13 05:02 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-02-12 15:06 - 2012-12-24 14:45 - 00003884 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2014-02-12 15:06 - 2012-12-24 14:45 - 00003648 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2014-02-11 23:37 - 2013-05-15 12:53 - 00000000 ____D () C:\Development

2014-02-11 16:16 - 2013-08-22 06:46 - 00386990 _____ () C:\WINDOWS\setupact.log

2014-02-11 14:27 - 2013-05-15 16:01 - 00003862 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3182746591-648046975-1580014685-1001UA

2014-02-11 14:27 - 2013-05-15 16:00 - 00003482 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3182746591-648046975-1580014685-1001Core

2014-02-10 20:10 - 2014-02-10 20:10 - 00690877 _____ () C:\Users\Zak\Downloads\GifCam.zip

2014-02-10 17:37 - 2013-06-21 00:08 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-02-10 17:25 - 2013-06-21 00:33 - 00000000 ____D () C:\Program Files\Adobe

2014-02-10 16:52 - 2014-01-29 16:44 - 00001317 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

2014-02-10 15:30 - 2013-11-05 16:15 - 00000000 ____D () C:\Users\Zak\Desktop\Wallpaper

2014-02-09 00:50 - 2014-02-09 00:50 - 12871748 _____ () C:\Users\Zak\Downloads\Apparat - Goodbye (Instrumental).mp4

2014-02-08 13:17 - 2014-02-08 13:17 - 00073111 _____ () C:\Users\Zak\Downloads\redProtect_1.9.6.jar

2014-02-07 23:23 - 2013-12-22 01:10 - 00000000 ____D () C:\Users\Zak\Desktop\serverTest

2014-02-07 23:19 - 2014-02-07 23:19 - 00026177 _____ () C:\Users\Zak\Downloads\CompassNavigation.jar

2014-02-07 23:18 - 2014-02-07 23:18 - 00320559 _____ () C:\Users\Zak\Downloads\worldguard-5.8.zip

2014-02-07 23:17 - 2014-02-07 23:17 - 00816954 _____ () C:\Users\Zak\Downloads\worldedit-5.5.8.zip

2014-02-07 20:11 - 2014-02-07 20:11 - 00004312 _____ () C:\Users\Zak\Downloads\Bar.glet

2014-02-07 15:24 - 2013-06-08 22:14 - 00000000 ____D () C:\Users\Zak\workspace

2014-02-07 01:04 - 2014-02-07 00:51 - 1394761016 _____ (Wolfram Research, Inc. ) C:\Users\Zak\Downloads\Mathematica_9.0.1_WIN.exe

2014-02-06 04:16 - 2014-02-11 23:12 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-02-06 03:30 - 2014-02-11 23:12 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2014-02-06 03:30 - 2014-02-11 23:12 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll

2014-02-06 03:12 - 2014-02-11 23:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-02-06 03:07 - 2014-02-11 23:12 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll

2014-02-06 03:06 - 2014-02-11 23:12 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll

2014-02-06 02:57 - 2014-02-11 23:12 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2014-02-06 02:56 - 2014-02-11 23:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2014-02-06 02:49 - 2014-02-11 23:12 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe

2014-02-06 02:48 - 2014-02-11 23:12 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2014-02-06 02:48 - 2014-02-11 23:12 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe

2014-02-06 02:38 - 2014-02-11 23:12 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-02-06 02:32 - 2014-02-11 23:12 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-02-06 02:20 - 2014-02-11 23:12 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2014-02-06 02:17 - 2014-02-11 23:12 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll

2014-02-06 02:11 - 2014-02-11 23:12 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-02-06 02:01 - 2014-02-11 23:12 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll

2014-02-06 02:00 - 2014-02-11 23:12 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll

2014-02-06 01:57 - 2014-02-11 23:12 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-02-06 01:57 - 2014-02-11 23:12 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-02-06 01:52 - 2014-02-11 23:12 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2014-02-06 01:52 - 2014-02-11 23:12 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll

2014-02-06 01:50 - 2014-02-11 23:12 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-02-06 01:47 - 2014-02-11 23:12 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe

2014-02-06 01:46 - 2014-02-11 23:12 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2014-02-06 01:25 - 2014-02-11 23:12 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-02-06 01:25 - 2014-02-11 23:12 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll

2014-02-06 01:24 - 2014-02-11 23:12 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-02-06 01:22 - 2014-02-11 23:12 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-02-06 01:13 - 2014-02-11 23:12 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-02-06 01:09 - 2014-02-11 23:12 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-02-06 01:03 - 2014-02-11 23:12 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-02-06 00:55 - 2014-02-11 23:12 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-02-06 00:41 - 2014-02-11 23:12 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-02-06 00:40 - 2014-02-11 23:12 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-02-06 00:36 - 2014-02-11 23:12 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-02-06 00:34 - 2014-02-11 23:12 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-02-05 19:16 - 2013-07-19 19:32 - 00000015 _____ () C:\Users\Zak\AppData\Local\X-Plane_drm.prf

2014-02-05 18:49 - 2014-02-05 16:59 - 00000000 ____D () C:\Users\Zak\Desktop\X-Plane 10 Demo

2014-02-05 18:49 - 2013-05-29 22:28 - 00000080 _____ () C:\Users\Zak\AppData\Local\X-Plane Installer.prf

2014-02-05 16:58 - 2014-02-05 16:58 - 04305431 _____ () C:\Users\Zak\Downloads\X-Plane10DemoInstallerWindows.zip

2014-02-04 17:04 - 2014-02-04 17:01 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online

2014-02-04 17:01 - 2014-02-04 17:01 - 00001415 _____ () C:\Users\Zak\Desktop\The Elder Scrolls Online Beta.lnk

2014-02-04 17:00 - 2014-02-04 16:59 - 55903624 _____ ( ) C:\Users\Zak\Downloads\Install_ESO_Beta.exe

2014-02-04 11:42 - 2013-04-12 22:26 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2014-02-04 11:08 - 2014-02-04 11:06 - 38131448 _____ () C:\Users\Zak\Downloads\SU35S_v0.98_BETA_ARMA3.rar

2014-02-04 11:05 - 2014-02-04 11:05 - 38549805 _____ () C:\Users\Zak\Downloads\FA18_v1.2_ArmA_3.rar

2014-02-04 10:49 - 2014-02-04 10:40 - 41023637 _____ () C:\Users\Zak\Downloads\FA18_v1.51_ARMA_3.rar

2014-02-03 09:54 - 2013-12-26 11:53 - 00000000 ____D () C:\Users\Zak\Documents\DayZ

2014-02-02 17:53 - 2014-02-02 17:53 - 00124395 _____ () C:\Users\Zak\Downloads\armaunpbo_v10.zip

2014-02-02 17:42 - 2014-02-02 17:40 - 353632441 _____ () C:\Users\Zak\Downloads\NATO_Russian_SF_Weapons_v 1.2.7z

2014-02-02 12:29 - 2014-02-02 12:25 - 07044001 _____ () C:\Users\Zak\Downloads\@AS50v1.4.rar

2014-02-02 11:46 - 2014-02-02 11:46 - 52307186 _____ () C:\Users\Zak\Downloads\MK18_Mod1_V02 (1).7z

2014-02-02 11:30 - 2014-02-02 11:30 - 00013390 _____ () C:\Users\Zak\Downloads\asdg_jointrails-v0.8.zip

2014-02-02 11:21 - 2014-02-02 11:21 - 00204678 _____ () C:\Users\Zak\Downloads\CBA_A3_beta4.7z

2014-02-02 00:08 - 2014-02-02 00:07 - 48942905 _____ () C:\Users\Zak\Downloads\FHQ_Accessories_v1.4 (2).7z

2014-02-02 00:08 - 2014-02-02 00:07 - 48942905 _____ () C:\Users\Zak\Downloads\FHQ_Accessories_v1.4 (1).7z

2014-02-02 00:06 - 2014-02-02 00:06 - 00000000 ____D () C:\Users\Zak\Desktop\FHQ_Accessories_v1.4

2014-02-01 23:07 - 2014-02-01 23:07 - 00000000 ____D () C:\Program Files (x86)\7-Zip

2014-02-01 23:06 - 2014-02-01 23:06 - 01110476 _____ () C:\Users\Zak\Downloads\7z920.exe

2014-02-01 23:02 - 2014-02-01 23:00 - 18685952 _____ () C:\Users\Zak\Downloads\FHQ_Accessories_v1.4.7z

2014-02-01 23:02 - 2014-02-01 23:00 - 18304260 _____ () C:\Users\Zak\Downloads\FHQ_M4_A3_v1.8..7z

2014-02-01 22:57 - 2014-02-01 22:57 - 12265603 _____ () C:\Users\Zak\Downloads\m107_V1.5.rar

2014-02-01 22:55 - 2014-02-01 22:55 - 52307186 _____ () C:\Users\Zak\Downloads\MK18_Mod1_V02.7z

2014-02-01 22:50 - 2014-02-01 22:50 - 04256118 _____ () C:\Users\Zak\Downloads\@tmr-0.3.5.zip

2014-02-01 18:18 - 2014-02-01 18:18 - 53957312 _____ (R Core Team ) C:\Users\Zak\Downloads\R-3.0.2-win.exe

2014-02-01 15:07 - 2014-02-01 15:05 - 00000000 ____D () C:\Users\Zak\Documents\maya

2014-02-01 15:07 - 2012-12-25 01:12 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\Autodesk

2014-02-01 15:07 - 2012-12-25 01:12 - 00000000 ____D () C:\ProgramData\Autodesk

2014-02-01 12:51 - 2014-02-01 12:51 - 00001097 _____ () C:\Users\Zak\Desktop\Cheat Engine.lnk

2014-02-01 12:51 - 2014-02-01 12:51 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.3

2014-02-01 12:50 - 2014-02-01 12:50 - 08065840 _____ (Cheat Engine ) C:\Users\Zak\Downloads\CheatEngine63.exe

2014-01-31 09:56 - 2014-01-31 09:56 - 00000351 _____ () C:\Users\Zak\Desktop\Network - Shortcut.lnk

2014-01-30 12:47 - 2013-11-16 11:25 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-01-30 12:47 - 2013-11-16 11:25 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-01-29 18:54 - 2014-01-29 18:54 - 00000000 ____D () C:\Users\Zak\Documents\LEGO Creations

2014-01-29 18:54 - 2014-01-29 18:54 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\LEGO Company

2014-01-29 18:53 - 2014-01-29 18:53 - 00002162 _____ () C:\Users\Public\Desktop\LEGO Digital Designer.lnk

2014-01-29 18:53 - 2014-01-29 18:53 - 00000000 ____D () C:\Program Files (x86)\LEGO Company

2014-01-29 18:50 - 2014-01-29 18:49 - 225918672 _____ () C:\Users\Zak\Downloads\setupLDD-PC-4_3_8.exe

2014-01-29 16:35 - 2014-01-26 17:57 - 00015364 ____H () C:\Users\Zak\Desktop\.DS_Store

2014-01-29 16:35 - 2013-04-16 21:27 - 00000000 ____D () C:\Users\Zak\Desktop\Education

2014-01-29 14:51 - 2012-12-24 14:55 - 00000000 ____D () C:\Firefox

2014-01-28 18:36 - 2013-08-24 11:45 - 00000000 ____D () C:\Users\Zak\Desktop\Dev

2014-01-26 18:17 - 2014-01-26 18:15 - 00000000 ____D () C:\Users\Zak\Desktop\Main Folder

2014-01-26 17:25 - 2014-01-26 17:25 - 00000000 ____H () C:\Users\Zak\Documents\Default.rdp

2014-01-26 13:44 - 2013-04-16 20:56 - 00000000 ____D () C:\Program Files\Microsoft Office 15

2014-01-24 23:52 - 2014-01-24 23:45 - 00000000 ____D () C:\Users\Zak\Desktop\CRYENGINE_Build_PC_v3_5_6_1833_freesdk

2014-01-24 23:25 - 2012-12-25 02:34 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared

2014-01-24 23:23 - 2014-01-24 23:13 - 1955430390 _____ () C:\Users\Zak\Downloads\CRYENGINE_Build_PC_v3_5_6_1833_freesdk.zip

2014-01-24 23:15 - 2012-12-25 02:34 - 00000000 ____D () C:\Program Files\Autodesk

2014-01-24 23:10 - 2014-01-24 23:10 - 00001812 _____ () C:\Users\Public\Desktop\Maya 2014.lnk

2014-01-24 23:10 - 2014-01-24 23:10 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared

2014-01-24 22:55 - 2012-12-24 16:45 - 00298449 _____ () C:\WINDOWS\DirectX.log

2014-01-24 22:52 - 2012-12-25 01:11 - 00000000 ____D () C:\Users\Zak\AppData\Local\Akamai

2014-01-24 22:51 - 2014-01-24 22:51 - 00000000 ____D () C:\ProgramData\Applications

2014-01-24 22:51 - 2014-01-24 22:50 - 09658264 _____ (Autodesk, Inc.) C:\Users\Zak\Downloads\AutodeskDownloadManagerSetup.exe

2014-01-24 22:50 - 2014-01-24 22:50 - 11461360 _____ () C:\Users\Zak\Downloads\Autodesk_Maya_2014_wi_en-US_Setup (1).exe

2014-01-24 22:06 - 2012-12-25 01:10 - 00000000 ____D () C:\Autodesk

2014-01-23 22:40 - 2013-10-17 12:13 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-01-23 18:20 - 2013-10-17 13:05 - 00000000 ____D () C:\Program Files (x86)\MSBuild

2014-01-23 18:20 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared

2014-01-23 18:20 - 2013-04-25 21:23 - 00000000 ____D () C:\WINDOWS\system32\1033

2014-01-23 18:20 - 2013-04-25 21:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0

2014-01-23 18:20 - 2013-04-25 21:20 - 00000000 ____D () C:\ProgramData\Package Cache

2014-01-23 18:12 - 2013-04-25 21:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs

2014-01-23 18:10 - 2013-04-25 22:07 - 00000000 ____D () C:\WINDOWS\SysWOW64\1033

2014-01-23 18:00 - 2013-04-26 00:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET

2014-01-23 17:59 - 2013-10-17 13:05 - 00000000 ____D () C:\Program Files\MSBuild

2014-01-23 17:49 - 2012-12-24 16:52 - 00000000 ____D () C:\Users\Zak\Documents\My Games

2014-01-20 18:53 - 2013-10-28 12:51 - 01179576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll

2014-01-20 18:53 - 2013-10-28 12:51 - 01048152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll

2014-01-20 17:15 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

2014-01-20 12:31 - 2014-01-20 12:30 - 30714403 _____ () C:\Users\Zak\Downloads\uploads-2013-10-Squad-Texture-Pack-0.1c.zip

2014-01-20 01:25 - 2014-01-20 01:25 - 12030592 _____ () C:\Users\Zak\Downloads\uploads-2013-09-ksp_fustek_station_parts_expansion_r0_03_5a1 (1).zip

2014-01-20 01:21 - 2014-01-20 01:21 - 04837452 _____ () C:\Users\Zak\Downloads\uploads-2013-07-Radial-Nuclear-Engines2.zip

2014-01-20 01:20 - 2014-01-20 01:20 - 00528693 _____ () C:\Users\Zak\Downloads\ISA_MapSat X4r2.zip

2014-01-20 01:09 - 2014-01-20 01:09 - 22538379 _____ () C:\Users\Zak\Downloads\uploads-2013-09-dsm19.zip

2014-01-20 01:08 - 2014-01-20 01:08 - 12030592 _____ () C:\Users\Zak\Downloads\uploads-2013-09-ksp_fustek_station_parts_expansion_r0_03_5a1.zip

2014-01-20 01:05 - 2014-01-20 01:05 - 64092596 _____ () C:\Users\Zak\Downloads\uploads-2013-12-KW-Release-Package-v2.5.6B.zip

2014-01-20 01:05 - 2014-01-20 01:04 - 99627496 _____ () C:\Users\Zak\Downloads\uploads-2013-10-B9-Aerospace-Pack-R4-0c.zip

2014-01-19 22:43 - 2014-01-19 22:43 - 00000885 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk

2014-01-19 22:43 - 2014-01-19 22:43 - 00000000 ____D () C:\Program Files\CPUID

2014-01-19 22:42 - 2014-01-19 22:41 - 01466824 _____ ( ) C:\Users\Zak\Downloads\cpu-z_1.68-setup-en.exe

2014-01-19 16:26 - 2014-01-19 16:26 - 08959348 _____ () C:\Users\Zak\Downloads\uploads-2014-01-CORE-ANVIL-v1.7.2.zip

2014-01-19 14:54 - 2014-01-19 14:54 - 00000000 ____D () C:\Program Files (x86)\PC Drivers HeadQuarters

2014-01-19 14:53 - 2014-01-19 14:53 - 02002088 _____ (PC Drivers HeadQuarters) C:\Users\Zak\Downloads\DriverDetective (1).exe

2014-01-19 14:52 - 2014-01-19 14:52 - 02002088 _____ (PC Drivers HeadQuarters) C:\Users\Zak\Downloads\DriverDetective.exe

2014-01-19 14:47 - 2014-01-19 14:34 - 296476712 _____ () C:\Users\Zak\Downloads\ASUS_Audio_V51282146_V60121_V70121_XPVistaWin7.zip

2014-01-19 14:45 - 2014-01-19 14:45 - 00016896 _____ (ASUS) C:\WINDOWS\AsTaskSched.dll

2014-01-19 14:38 - 2014-01-19 14:38 - 00001769 _____ () C:\WINDOWS\Language_trs.ini

2014-01-19 14:38 - 2014-01-19 14:38 - 00000000 ____D () C:\Program Files (x86)\Realtek

2014-01-19 14:38 - 2013-03-27 12:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-01-19 14:33 - 2014-01-19 14:32 - 300035358 _____ () C:\Users\Zak\Downloads\Realtek_Audio_Win8-1_VER6017023.zip

2014-01-19 12:21 - 2014-01-19 12:20 - 471590458 _____ () C:\Users\Zak\Downloads\966 Spectacular Wallpapers (1080p unmarked) - Imgur.zip

 

Files to move or delete:

====================

C:\Users\Public\AlexaNSISPlugin.6028.dll

C:\Users\Zak\studio.exe

C:\Users\Zak\worldpainter_1.4.0.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2014-02-17 12:36

 

==================== End Of Log ============================

Link to post
Share on other sites

And now the Addition file.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-02-2014

Ran by Zak at 2014-02-18 09:35:49

Running from C:\Users\Zak\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Norton Security Suite (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Norton Security Suite (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Security Suite (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

 

==================== Installed Programs ======================

 

7-Zip 9.20 (x32 Version:  - )

Adobe After Effects CC (x32 Version: 12.2.0 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated) Hidden

Adobe Creative Cloud (x32 Version: 2.4.0.348 - Adobe Systems Incorporated)

Adobe Dreamweaver CC (x32 Version: 13 - Adobe Systems Incorporated)

Adobe Edge Code CC (x32 Version: 0.94 - Adobe Systems Incorporated)

Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)

Adobe Illustrator CC (x32 Version: 17.0 - Adobe Systems Incorporated)

Adobe Muse (x32 Version: 5.0 - Adobe Systems Incorporated)

Adobe Muse (x32 Version: 6.0.751 - Adobe Systems Incorporated)

Adobe Muse (x32 Version: 6.0.751 - Adobe Systems Incorporated) Hidden

Adobe Photoshop CC (x32 Version: 14.0 - Adobe Systems Incorporated)

Adobe Photoshop Lightroom 5 64-bit (Version: 5.0.1 - Adobe)

Adobe Premiere Pro CC (x32 Version: 7.0.0 - Adobe Systems Incorporated)

Akamai NetSession Interface (HKCU Version:  - Akamai Technologies, Inc)

Android Studio (x32 Version: 1.0 - Google Inc.)

Apache Tomcat 7.0.34 (Version:  - )

Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)

Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)

Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)

Arduino (x32 Version: 1.0.5 - Arduino LLC)

Arma 3 Alpha (x32 Version:  - Bohemia Interactive)

Assetto Corsa (x32 Version:  - Kunos Simulazioni)

AudibleManager (x32 Version: 18414980.4759644.48.2000566088 - Audible, Inc.)

Autodesk 123D Catch (x32 Version: 1.0.296 - Autodesk)

Autodesk 123D Make 1.2.0 (x32 Version: 1.20.0000 - Autodesk)

Autodesk Backburner 2012.0.0 (x32 Version: 2012.0.0 - Autodesk, Inc.)

Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk)

Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden

Autodesk DirectConnect 2013 64-bit (Version: 7.0.28.0 - Autodesk)

Autodesk DirectConnect 2013 64-bit (Version: 7.0.28.0 - Autodesk) Hidden

Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk)

Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden

Autodesk Essential Skills Movies for 3ds Max 2013 64-bit (Version: 1.0.0.1 - Autodesk)

Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit (Version:  - Autodesk)

Autodesk FBX Plug-in 2013.1 - 3ds Max 2013 64-bit (Version:  - Autodesk)

Autodesk Inventor Server Engine for 3ds Max 2013 64-bit (Version: 15.0 - Autodesk)

Autodesk MatchMover 2014 (Version: 14.00.0000 - Autodesk)

Autodesk Material Library 2012 (x32 Version: 2.5.0.8 - Autodesk)

Autodesk Material Library 2013 (x32 Version: 3.0.13 - Autodesk)

Autodesk Material Library Base Resolution Image Library 2012 (x32 Version: 2.5.0.8 - Autodesk)

Autodesk Material Library Base Resolution Image Library 2013 (x32 Version: 3.0.13 - Autodesk)

Autodesk Material Library Medium Resolution Image Library 2012 (x32 Version: 2.5.0.8 - Autodesk)

Autodesk Material Library Medium Resolution Image Library 2013 (x32 Version: 3.0.13 - Autodesk)

Autodesk Maya 2014 (Version: 16.0.0.0 - Autodesk)

Autodesk Maya 2014 (Version: 16.0.0.0 - Autodesk) Hidden

Autodesk Revit Interoperability for 3ds Max and 3ds Max Design 2013 64-bit (Version: 1.0.0.1 - Autodesk)

Battlefield 4™ (x32 Version: 1.0.0.1 - Electronic Arts)

Battlelog Web Plugins (x32 Version: 2.3.2 - EA Digital Illusions CE AB)

BattlEye for OA Uninstall (x32 Version:  - )

BattlEye Uninstall (x32 Version:  - )

Belkin N600 DB USB Wireless Adapter (x32 Version: 1.00.0184.2 - Belkin International, Inc.)

Bonjour (Version: 3.0.0.10 - Apple Inc.)

Cheat Engine 6.2 (x32 Version:  - Dark Byte)

Cheat Engine 6.3 (x32 Version:  - Cheat Engine)

CM Installer (x32 Version: 1.0.0.0 - Cyanogen Inc.)

CodeBlocks (HKCU Version: 12.11 - The Code::Blocks Team)

Composite 2013 64-bit (Version: 8.0.0 - Autodesk)

CPUID CPU-Z 1.68 (Version:  - )

Cube World version 0.0.1 (x32 Version: 0.0.1 - Picroma)

DayZ (x32 Version:  - Bohemia Interactive)

DayZ Commander (x32 Version: 0.92.69 - Dotjosh Studios)

Dev-C++ (x32 Version: 5.4.1 - )

DiRT 3 (x32 Version:  - Codemasters)

Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)

eLecta Live Virtual Room 8.0 (x32 Version: 8.0 - ELECTA COMMUNICATIONS LTD)

Entity Framework Designer for Visual Studio 2012 - enu (x32 Version: 11.1.20702.00 - Microsoft Corporation)

Far Cry® 3 (x32 Version:  - Ubisoft)

FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2 - FileZilla Project)

Final Draft (x32 Version: 8.0.3.120 - Final Draft, Inc.)

Fitbit Connect (x32 Version: 1.0.0.2578 - Fitbit Inc.)

Fliqlo Screen Saver (x32 Version:  - )

Fraps (remove only) (x32 Version:  - )

GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden

GIMP 2.8.4 (Version: 2.8.4 - The GIMP Team)

GitHub (HKCU Version: 1.2.5.0 - GitHub, Inc.)

GlassFish Server Open Source Edition 3.1.2.2 (Version:  - )

Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)

Google Drive (x32 Version: 1.14.6059.644 - Google, Inc.)

Google Earth (x32 Version: 7.1.2.2041 - Google)

Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden

Grand Theft Auto IV (x32 Version:  - Rockstar North)

Gyazo 1.0 (x32 Version:  - Toshiyuki Masui)

Hoolapp for Android (HKCU Version:  - ) <==== ATTENTION

HP Officejet 6600 Basic Device Software (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Officejet 6600 Help (x32 Version: 140.0.2.2 - Hewlett Packard)

HP Officejet 6600 Product Improvement Study (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Update (x32 Version: 5.003.003.001 - Hewlett-Packard)

HxD Hex Editor version 1.7.7.0 (x32 Version: 1.7.7.0 - Maël Hörz)

I.R.I.S. OCR (x32 Version: 12.3.4.0 - HP)

iCloud (Version: 3.1.0.40 - Apple Inc.)

IIS 8.0 Express (Version: 8.0.1557 - Microsoft Corporation)

IIS Express Application Compatibility Database for x64 (Version:  - )

IIS Express Application Compatibility Database for x86 (Version:  - )

iTunes (Version: 11.1.3.8 - Apple Inc.)

Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)

Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Java SE Development Kit 7 Update 25 (64-bit) (Version: 1.7.0.250 - Oracle)

Kerbal Space Program (x32 Version:  - )

Kinect for Windows Drivers v1.6 (Version: 1.6.0.505 - Microsoft Corporation)

Kinect for Windows Runtime v1.6 (Version: 1.6.0.505 - Microsoft Corporation)

Kinect for Windows SDK v1.6 (Version: 1.6.0.505 - Microsoft Corporation)

Kinect for Windows Speech Recognition Language Pack (en-US) (x32 Version: 11.0.7400.336 - Microsoft Corporation)

Kinemote Lite (x32 Version: 1.0.0 - Lateral Flux)

LEGO Digital Designer (x32 Version:  - LEGO A/S)

Lightroom 5.0 (x32 Version: 5.0 - Adobe Systems Incorporated)

Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)

Mathematica Extras 9.0 (4055459) (Version: 9.0.1 - Wolfram Research, Inc.)

MathType 6 (x32 Version: 6.9 - Design Science, Inc.)

mental ray renderer for Autodesk Maya 2014 (Version: 13.0.1.0 - mental ray)

Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50709 - Microsoft Corporation)

Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50709 - Microsoft Corporation)

Microsoft ASP.NET MVC 3 (x32 Version: 3.0.20105.0 - Microsoft Corporation)

Microsoft ASP.NET Web Pages (x32 Version: 1.0.20105.0 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation)

Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden

Microsoft Office 365 Home Premium - en-us (Version: 15.0.4551.1512 - Microsoft Corporation)

Microsoft Server Speech Platform Runtime (x64) (Version: 11.0.7400.345 - Microsoft Corporation)

Microsoft Server Speech Platform Runtime (x86) (x32 Version: 11.0.7400.345 - Microsoft Corporation)

Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft Silverlight 4 SDK (x32 Version: 4.0.60310.0 - Microsoft Corporation)

Microsoft SkyDrive (HKCU Version: 17.0.2003.1112 - Microsoft Corporation)

Microsoft SQL Server 2012 Command Line Utilities  (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework  (Version: 11.0.2316.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework  (x32 Version: 11.0.2316.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Express LocalDB  (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects  (x32 Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects  (x64) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Native Client  (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Transact-SQL Compiler Service  (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Transact-SQL ScriptDom  (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 T-SQL Language Service  (x32 Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server Compact 4.0 SP1 x64 ENU (Version: 4.0.8876.1 - Microsoft Corporation)

Microsoft SQL Server Data Tools - enu (11.1.20627.00) (x32 Version: 11.1.20627.00 - Microsoft Corporation)

Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (x32 Version: 11.1.20627.00 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (x32 Version: 10.50.1600.1 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1600.1 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (x32 Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (x64) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden

Microsoft Web Deploy 3.0 (Version: 3.1236.1631 - Microsoft Corporation)

Microsoft Web Deploy dbSqlPackage Provider - enu (x32 Version: 10.3.20225.0 - Microsoft Corporation)

Microsoft Web Platform Installer 4.0 (Version: 4.0.1622 - Microsoft Corporation)

Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)

MinGW-Get version 0.5-beta-20120426-1 (x32 Version: 0.5-beta-20120426-1 - MinGW)

Mobile Mouse Server (x32 Version: 2.7.0 - RPA Tech, Inc)

Music Manager (HKCU Version:  - Google, Inc.)

Native Instruments Controller Editor (Version: 1.5.7.1480 - Native Instruments) Hidden

Native Instruments Controller Editor (x32 Version: 1.5.7.1480 - Native Instruments)

Native Instruments Service Center (Version: 2.4.3.1177 - Native Instruments) Hidden

Native Instruments Service Center (x32 Version: 2.4.3.1177 - Native Instruments)

Native Instruments Traktor 2 (Version: 2.6.4.228 - Native Instruments) Hidden

Native Instruments Traktor 2 (x32 Version: 2.6.4.228 - Native Instruments)

NetBeans IDE 7.3 (Version: 7.3 - NetBeans.org)

NETGEAR WNDA3100v2 wireless USB 2.0 adapter (x32 Version: 2.1.0.3 - NETGEAR)

Nexus Mod Manager (Version: 0.44.13 - Black Tree Gaming)

Norton Security Suite (x32 Version: 21.1.0.18 - Symantec Corporation)

Notepad++ (x32 Version: 6.4.5 - Notepad++ Team)

NVIDIA 3D Vision Controller Driver 332.21 (Version: 332.21 - NVIDIA Corporation)

NVIDIA 3D Vision Driver 332.21 (Version: 332.21 - NVIDIA Corporation)

NVIDIA Control Panel 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden

NVIDIA GeForce Experience 1.8.2 (Version: 1.8.2 - NVIDIA Corporation)

NVIDIA Graphics Driver 332.21 (Version: 332.21 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.30.1 (Version: 1.3.30.1 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden

NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden

NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)

NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden

NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden

NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.20 (Version: 1.2.20 - NVIDIA Corporation)

Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden

OnLive (x32 Version:  - OnLive)

OpenAL (x32 Version:  - )

OpenNI 1.0.0 for Windows (remove only) (x32 Version:  - )

Origin (x32 Version: 9.1.3.2637 - Electronic Arts, Inc.)

PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden

PicPick (x32 Version: 3.2.4 - NTeWORKS)

Play Wireless USB Adapter (x32 Version: 1.0.0.03 - Belkin)

Play Wireless USB Adapter (x32 Version: 1.0.0.03 - Belkin) Hidden

Play withSIX (x32 Version: 1.00.0196 - SIX Networks)

Prerequisites for SSDT  (x32 Version: 11.0.2100.60 - Microsoft Corporation)

Prime Sense - NITE 1.3.0 for Windows (remove only) (x32 Version:  - )

PrimeSensor 5.0.0 for Windows (Kinect Mod) (remove only) (x32 Version:  - )

PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)

QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)

Rapture3D 2.4.8 Game (x32 Version:  - Blue Ripple Sound)

Razer Game Booster (x32 Version: 3.7 - Razer USA Ltd)

Razer Synapse 2.0 (x32 Version: 1.16.6 - Razer Inc.)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.7023 - Realtek Semiconductor Corp.)

ROBLOX Player for Zak (HKCU Version:  - ROBLOX Corporation)

ROBLOX Studio 2013 for Zak (HKCU Version:  - ROBLOX Corporation)

Saba Client (x32 Version:  - )

Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.)

Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Driver for Mobile Phones (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)

SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden

Sid Meier's Civilization V (x32 Version:  - 2K Games, Inc.)

SigmaNILFramework (x32 Version: 1.0.0 - sigmard.com)

SketchUp 2013 (x32 Version: 13.0.4124 - Trimble Navigation Limited)

Skype Click to Call (x32 Version: 6.13.13771 - Skype Technologies S.A.)

Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)

Sophos Virus Removal Tool (x32 Version: 2.4 - Sophos Limited)

SpeedFan (remove only) (x32 Version:  - )

Spotify (HKCU Version: 0.9.0.129.g6978da9c - Spotify AB)

Steam (x32 Version: 1.0.0.0 - Valve Corporation)

Sublime Text 2.0.2 (Version:  - )

Sublime Text Build 3047 (Version:  - Sublime HQ Pty Ltd)

TechPowerUp GPU-Z (x32 Version:  - TechPowerUp)

The Elder Scrolls Online Beta (x32 Version: 0.3.4 - )

The Elder Scrolls V: Skyrim (x32 Version:  - Bethesda Game Studios)

The Sims™ 3 (x32 Version: 1.50.56 - Electronic Arts)

Tom Clancy's Splinter Cell® Blacklist™ (x32 Version: 1.02 - Ubisoft)

Unity Web Player (HKCU Version:  - Unity Technologies ApS)

Update for  (KB2504637) (x32 Version: 1 - Microsoft Corporation)

Uplay (x32 Version: 2.0 - Ubisoft)

V-Ray for 3dsmax 2012 for x64 (Version: 2.30.01 - Chaos Software Ltd)

Wacom (Version: 5.3.2-1 - Wacom Technology Corp.)

WCF RIA Services V1.0 SP2 (x32 Version: 4.1.61829.0 - Microsoft Corporation)

WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.2 - Wacom Technology Corp.)

WebTablet FB Plugin 64 bit (Version: 2.1.0.2 - Wacom Technology Corp.)

Wikiquote Screensaver 2.0.0.1 (x32 Version: 2.0.0.1 - Wikiquote Screensaver Team)

Windows Driver Package - PrimeSense (psdrv3) PrimeSense  (11/21/2011 3.1.3.1) (Version: 11/21/2011 3.1.3.1 - PrimeSense)

Windows Driver Package - PrimeSense (psdrv3) PrimeSensor  (07/13/2010 3.1.0.4) (Version: 07/13/2010 3.1.0.4 - PrimeSense)

WinRAR 4.20 (32-bit) (x32 Version: 4.20.0 - win.rar GmbH)

WinRAR Packages (HKCU Version:  - ) <==== ATTENTION

WinSCP 5.1.4 (x32 Version: 5.1.4 - Martin Prikryl)

Wolfram Mathematica 9 (M-WIN-L 9.0.1 4055652) (Version: 9.0.1 - Wolfram Research, Inc.)

Wondershare Video Converter Pro(Build 6.5.0.2) (x32 Version: 6.5.0.2 - Wondershare Software)

World Machine 2.3 Basic Edition (x32 Version:  - )

WorldPainter 1.4.0 (x32 Version: 1.4.0 - pepsoft.org)

 

==================== Restore Points  =========================

 

12-02-2014 08:44:58 Windows Update

15-02-2014 13:04:35 Windows Update

17-02-2014 07:10:29 Installed Sophos Virus Removal Tool.

 

==================== Hosts content: ==========================

 

2013-08-22 05:25 - 2014-02-17 11:11 - 00000741 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask

Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)

Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)

Task: {3FBEA883-D3C2-4544-B924-EE6785618D6C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-15] (Microsoft Corporation)

Task: {44230FFD-0C42-4484-B08E-197A796C03A1} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)

Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance

Task: {6604890B-AC4C-474C-98C4-EFC042E84AAE} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)

Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup

Task: {6BA94C37-66B9-465D-BA15-329160CB6E1F} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)

Task: {6BB0D523-FD6C-434F-9616-1F84B70D140E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task

Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

Task: {743F9046-3C24-4855-A568-FFABD4F77ADB} - System32\Tasks\Hoolapp Init => HOOLAP~1\Hoolapp.exe <==== ATTENTION

Task: {764756FB-2FE6-4F72-B6CC-F9B270DAB653} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task

Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask

Task: {93DC00BE-F1B8-4C92-9213-8C9CE885D5AF} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-04] (Adobe Systems Incorporated)

Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work

Task: {AAACB6E9-815A-4FEF-A48A-CF8015C1B6B0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3182746591-648046975-1580014685-1001UA => C:\Users\Zak\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-15] (Google Inc.)

Task: {BE2CAD64-AA41-4EC6-ADE0-0B5219B16934} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24] (Google Inc.)

Task: {BE6CB0B1-1BA9-44D4-9CBE-C51B40F615AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24] (Google Inc.)

Task: {C3696828-6E36-4389-A88B-8F59FBD19313} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3182746591-648046975-1580014685-1001Core => C:\Users\Zak\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-15] (Google Inc.)

Task: {C4AEB1F5-2A1F-470A-A4DD-5AC4693E4332} - System32\Tasks\Hoolapp for Android => HOOLAP~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: {CC7D7DF8-75CD-43F0-931F-9041157BB590} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)

Task: {CD58A55F-CEAC-4349-8A3C-3EED4A03350F} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)

Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask

Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing

Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization

Task: {DC3C675E-7237-4F89-BC47-A10CA1CF05A7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-14] (Microsoft Corporation)

Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE

Task: {EF619445-17A2-45D9-8EFD-718B8006C5AC} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2013-06-05] ()

Task: {FE2AD784-AF87-4CF2-A291-A125F938E22A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-zak.golding@live.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3182746591-648046975-1580014685-1001Core.job => C:\Users\Zak\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3182746591-648046975-1580014685-1001UA.job => C:\Users\Zak\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2014-01-31 16:45 - 2014-01-31 16:45 - 00643952 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll

2014-01-14 20:23 - 2014-01-14 20:23 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2013-05-16 20:20 - 2013-03-25 09:57 - 00727952 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll

2010-01-02 06:42 - 2010-01-02 06:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

2013-04-04 14:54 - 2012-12-11 12:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll

2013-01-28 12:08 - 2013-01-28 12:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2013-01-28 12:08 - 2013-01-28 12:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2012-11-29 13:59 - 2012-11-29 13:59 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll

2013-11-19 11:05 - 2013-12-31 12:57 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe

2009-12-28 16:25 - 2009-12-28 16:25 - 00036864 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe

2013-09-13 22:05 - 2013-09-13 22:05 - 00000000 _____ () C:\WINDOWS\SYSTEM32\packet.dll

2013-10-19 11:38 - 2012-09-18 17:46 - 00305200 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe

2013-10-19 11:38 - 2012-09-21 14:25 - 00380928 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiLib.dll

2013-09-13 22:05 - 2013-09-13 22:05 - 00000000 _____ () C:\WINDOWS\SYSTEM32\nvapi.dll

2013-02-27 11:33 - 2013-02-27 11:33 - 10683392 _____ () C:\Users\Zak\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll

2013-02-27 11:32 - 2013-02-27 11:32 - 07741952 _____ () C:\Users\Zak\AppData\Local\Programs\Google\MusicManager\QtGui4.dll

2013-02-27 11:33 - 2013-02-27 11:33 - 01681408 _____ () C:\Users\Zak\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll

2013-02-27 11:32 - 2013-02-27 11:32 - 02248192 _____ () C:\Users\Zak\AppData\Local\Programs\Google\MusicManager\QtCore4.dll

2013-11-11 17:03 - 2013-11-11 17:03 - 00117248 _____ () C:\Users\Zak\AppData\Local\Programs\Google\MusicManager\libaacdec.dll

2013-11-11 17:04 - 2013-11-11 17:04 - 00231936 _____ () C:\Users\Zak\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll

2013-11-11 17:03 - 2013-11-11 17:03 - 00253440 _____ () C:\Users\Zak\AppData\Local\Programs\Google\MusicManager\libid3tag.dll

2013-11-11 17:05 - 2013-11-11 17:05 - 00344064 _____ () C:\Users\Zak\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll

2013-02-27 11:33 - 2013-02-27 11:33 - 00026624 _____ () C:\Users\Zak\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll

2014-02-17 11:59 - 2014-02-17 11:59 - 00098816 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\win32api.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00110080 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\pywintypes27.dll

2014-02-17 11:59 - 2014-02-17 11:59 - 00364544 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\pythoncom27.dll

2014-02-17 11:59 - 2014-02-17 11:59 - 00044032 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\_socket.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 01157120 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\_ssl.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00320512 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\win32com.shell.shell.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00712192 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\_hashlib.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 01175040 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\wx._core_.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00805888 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\wx._gdi_.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00811008 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\wx._windows_.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 01062400 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\wx._controls_.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00735232 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\wx._misc_.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00128512 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\_elementtree.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00127488 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\pyexpat.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00557056 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\pysqlite2._sqlite.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00087040 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\_ctypes.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00119808 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\win32file.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00108544 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\win32security.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00018432 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\win32event.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00038912 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\win32inet.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00122368 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\wx._wizard.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00070656 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\wx._html2.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00026624 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\_multiprocessing.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00010240 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\select.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00024064 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\win32pipe.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00686080 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\unicodedata.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00025600 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\win32pdh.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00525640 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\windows._lib_cacheinvalidation.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00011264 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\win32crypt.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00035840 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\win32process.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00017408 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\win32profile.pyd

2014-02-17 11:59 - 2014-02-17 11:59 - 00022528 _____ () C:\Users\Zak\AppData\Local\Temp\_MEI52602\win32ts.pyd

2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll

2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll

2013-10-18 15:55 - 2013-10-18 15:55 - 25100288 _____ () C:\Users\Zak\AppData\Roaming\Dropbox\bin\libcef.dll

2014-02-02 14:26 - 2014-02-02 14:26 - 32733080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll

2013-11-15 05:50 - 2013-12-13 06:20 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll

2014-01-14 20:19 - 2014-01-14 20:19 - 00359592 _____ () C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll

2013-09-13 22:05 - 2013-09-13 22:05 - 00000000 _____ () C:\WINDOWS\SYSTEM32\nvd3dum.dll

2013-09-13 22:05 - 2013-09-13 22:05 - 00000000 _____ () C:\WINDOWS\SYSTEM32\rzdevicedll.dll

2013-09-13 22:05 - 2013-09-13 22:05 - 00000000 _____ () C:\WINDOWS\SYSTEM32\rzaudiodll.dll

2013-12-14 17:58 - 2013-12-12 14:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll

2013-12-14 17:58 - 2013-11-04 17:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll

2013-03-25 13:23 - 2014-02-10 18:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll

2012-12-24 15:46 - 2014-02-14 11:47 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL

2012-12-24 15:46 - 2014-01-10 15:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

2012-12-24 15:46 - 2013-06-14 15:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll

2012-12-24 15:46 - 2013-06-14 15:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll

2012-12-24 15:46 - 2013-06-14 15:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll

2014-02-03 17:07 - 2014-02-01 15:41 - 00715592 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll

2014-02-03 17:07 - 2014-02-01 15:41 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll

2014-02-03 17:07 - 2014-02-01 15:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll

2014-02-03 17:07 - 2014-02-01 15:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll

2014-02-03 17:07 - 2014-02-01 15:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\Users\Zak\.DS_Store:AFP_AfpInfo

AlternateDataStreams: C:\Users\Zak\SkyDrive:ms-properties

AlternateDataStreams: C:\Users\Zak\SkyDrive (2).old:ms-properties

AlternateDataStreams: C:\Users\Zak\Desktop\.DS_Store:AFP_AfpInfo

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\11957305.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\42979355.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\54806007.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\61272394.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\11957305.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\42979355.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\54806007.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\61272394.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR410 => ""="Service"

 

==================== Disabled items from MSCONFIG ==============

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (02/18/2014 05:56:31 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".

Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (02/18/2014 05:55:38 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".

Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (02/18/2014 05:55:04 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

 

Error: (02/17/2014 07:48:30 PM) (Source: Application Hang) (User: )

Description: The program LiveComm.exe version 17.5.9600.20315 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 22cc

 

Start Time: 01cf2c5b928f7505

 

Termination Time: 4294967295

 

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe

 

Report Id: 86acabd6-984f-11e3-bed6-5404a60bcb0e

 

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe

 

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

 

Error: (02/17/2014 07:41:03 PM) (Source: Application Hang) (User: )

Description: The program LiveComm.exe version 17.5.9600.20315 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 165c

 

Start Time: 01cf2c5330cc7cd3

 

Termination Time: 4294967295

 

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe

 

Report Id: 25d095a6-9847-11e3-bed6-5404a60bcb0e

 

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe

 

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

 

Error: (02/17/2014 07:18:30 PM) (Source: Application Hang) (User: )

Description: The program LiveComm.exe version 17.5.9600.20315 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: cb8

 

Start Time: 01cf2c5761acfbc1

 

Termination Time: 4294967295

 

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe

 

Report Id: 55da33c6-984b-11e3-bed6-5404a60bcb0e

 

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe

 

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

 

Error: (02/17/2014 06:18:42 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".

Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (02/17/2014 06:18:37 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".

Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (02/17/2014 06:18:32 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

 

Error: (02/17/2014 06:15:55 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".

Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

 

System errors:

=============

Error: (02/17/2014 00:02:46 PM) (Source: Service Control Manager) (User: )

Description: The Software Protection service hung on starting.

 

Error: (02/17/2014 11:57:13 AM) (Source: DCOM) (User: ZAKAROONY)

Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (02/17/2014 11:57:07 AM) (Source: DCOM) (User: ZAKAROONY)

Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (02/17/2014 11:56:58 AM) (Source: DCOM) (User: ZAKAROONY)

Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (02/17/2014 11:54:43 AM) (Source: DCOM) (User: ZAKAROONY)

Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (02/17/2014 11:54:06 AM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/17/2014 11:54:06 AM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/17/2014 11:54:06 AM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/17/2014 11:51:58 AM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/17/2014 11:51:58 AM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

 

Microsoft Office Sessions:

=========================

Error: (02/18/2014 05:56:31 AM) (Source: SideBySide)(User: )

Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files\Autodesk\composite2014\python\lib\distutils\command\wininst-8_d.exe

 

Error: (02/18/2014 05:55:38 AM) (Source: SideBySide)(User: )

Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe

 

Error: (02/18/2014 05:55:04 AM) (Source: SideBySide)(User: )

Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe

 

Error: (02/17/2014 07:48:30 PM) (Source: Application Hang)(User: )

Description: LiveComm.exe17.5.9600.2031522cc01cf2c5b928f75054294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe86acabd6-984f-11e3-bed6-5404a60bcb0emicrosoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

 

Error: (02/17/2014 07:41:03 PM) (Source: Application Hang)(User: )

Description: LiveComm.exe17.5.9600.20315165c01cf2c5330cc7cd34294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe25d095a6-9847-11e3-bed6-5404a60bcb0emicrosoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

 

Error: (02/17/2014 07:18:30 PM) (Source: Application Hang)(User: )

Description: LiveComm.exe17.5.9600.20315cb801cf2c5761acfbc14294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe55da33c6-984b-11e3-bed6-5404a60bcb0emicrosoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

 

Error: (02/17/2014 06:18:42 PM) (Source: SideBySide)(User: )

Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files\Autodesk\composite2014\python\lib\distutils\command\wininst-8_d.exe

 

Error: (02/17/2014 06:18:37 PM) (Source: SideBySide)(User: )

Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe

 

Error: (02/17/2014 06:18:32 PM) (Source: SideBySide)(User: )

Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe

 

Error: (02/17/2014 06:15:55 PM) (Source: SideBySide)(User: )

Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files\Autodesk\composite2014\python\lib\distutils\command\wininst-8_d.exe

 

 

CodeIntegrity Errors:

===================================

  Date: 2013-12-20 15:50:02.091

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2013-12-20 15:50:01.947

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2013-12-20 15:50:01.758

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2013-12-20 15:50:01.650

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2013-12-20 15:50:01.577

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2013-12-20 15:50:01.386

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2013-12-20 15:50:01.178

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2013-12-20 15:50:00.741

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2013-12-20 15:50:00.445

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2013-12-20 15:47:00.469

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 47%

Total physical RAM: 8136.27 MB

Available physical RAM: 4307.33 MB

Total Pagefile: 14280.27 MB

Available Pagefile: 9947.17 MB

Total Virtual: 131072 MB

Available Virtual: 131071.79 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:465.42 GB) (Free:108.73 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 20FFAD14)

Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites

  • Staff

Hello ashford

No there is nothing that can be used in any way

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo

Link to post
Share on other sites

Ok, so I've ran the AdwCleaner and it looked like it cleaned some stuff including something called "pokki" which (upon further investigation) doesn't look so good. Going to run JRT now.

 

After AdwCleaner rebooted my PC I see that some files on my desktop have either a white tick in a green circle at the bottom left or a grey tick instead -- I don't see this elsewhere from what I can tell. Doesn't seem like an issue since the files that have Grey X's still open fine - including GIFs and such.

 

Here is the txt for AdwCleaner[s1].txt

 

# AdwCleaner v3.019 - Report created 18/02/2014 at 20:30:48
# Updated 17/02/2014 by Xplode
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : Zak - ZAKAROONY
# Running from : C:\Users\Zak\Downloads\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\WINDOWS\SysWOW64\AI_RecycleBin
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{87BEF026-9269-413C-A5B3-11F35451380E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Google Chrome v32.0.1700.107
 
[ File : C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [7141 octets] - [16/02/2014 13:38:21]
AdwCleaner[R1].txt - [1585 octets] - [18/02/2014 20:28:40]
AdwCleaner[s0].txt - [6808 octets] - [16/02/2014 13:41:16]
AdwCleaner[s1].txt - [1514 octets] - [18/02/2014 20:30:48]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1574 octets] ##########
Link to post
Share on other sites

Here's the JRT file:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 8.1 Pro x64
Ran by Zak on Tue 02/18/2014 at 20:49:13.37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\browserpluginhelper
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02DD8284-A49F-43E5-9D84-CF19DC9AD21D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{27DE7D30-BCCD-44D1-ADCB-A74A4259EBEF}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3A0EFC4E-F167-4D0E-9C24-FC5519237993}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{65DEE40A-3E93-4CAE-9F98-B8E06DCEE2BF}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65DEE40A-3E93-4CAE-9F98-B8E06DCEE2BF}
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\WINDOWS\syswow64\wscm32.dll"
Successfully deleted: [File] "C:\WINDOWS\syswow64\wscm64.dll"
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/18/2014 at 20:55:15.62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

  • Staff

Hello ashford

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.

1. Close any open browsers or any other programs that are open.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
Link to post
Share on other sites

It updated itself a few times and now it's run. Here's the new FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-02-2014
Ran by Zak (administrator) on ZAKAROONY on 20-02-2014 12:17:26
Running from C:\Users\Zak\Desktop
Windows 8.1 Pro (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link for 32-Bit version:
Download link for 64-Bit Version:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\WINDOWS\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NTeWORKS) C:\Program Files (x86)\PicPick\picpick.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncV1\CoreSync.exe
(Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [shadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Fitbit Connect] - C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3093024 2013-02-25] (Fitbit, Inc.)
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442712 2013-11-17] (Razer Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-23] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3551576 2013-12-20] (Electronic Arts)
HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [steam] - C:\Program Files (x86)\Steam\steam.exe [1822400 2014-02-19] (Valve Corporation)
HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [Akamai NetSession Interface] - C:\Users\Zak\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [spotify] - C:\Users\Zak\AppData\Roaming\Spotify\Spotify.exe [4558336 2013-04-26] (Spotify Ltd)
HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [spotify Web Helper] - C:\Users\Zak\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1105408 2013-04-26] (Spotify Ltd)
HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [PicPick Start] - C:\Program Files (x86)\PicPick\picpick.exe [11479896 2013-04-04] (NTeWORKS)
HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [Google Update] - C:\Users\Zak\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-05-15] (Google Inc.)
HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [MusicManager] - C:\Users\Zak\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7380992 2013-11-11] (Google Inc.)
HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [Fitbit Connect] - C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3093024 2013-02-25] (Fitbit, Inc.)
HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [HP Officejet 6600 (NET)] - C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3182746591-648046975-1580014685-1001\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-05-23] (Samsung)
Startup: C:\Users\Zak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Zak\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Zak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5CAE981928E2CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
SearchScopes: HKCU - {664B2564-19E2-4F21-A526-E3FDA5A11AF9} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-02]
CHR Extension: (Google Drive) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-01-02]
CHR Extension: (YouTube) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-24]
CHR Extension: (Google Cast) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-01-02]
CHR Extension: (Facebook) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-01-02]
CHR Extension: (Adblock Plus) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-02]
CHR Extension: (Google Search) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-24]
CHR Extension: (Search by Image (by Google)) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2014-01-02]
CHR Extension: (Netflix) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2014-01-02]
CHR Extension: (Google News) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2014-01-02]
CHR Extension: (Google Calendar) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-01-02]
CHR Extension: (Full Screen Weather) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2014-01-02]
CHR Extension: (The QR Code Generator) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2014-01-02]
CHR Extension: (AdBlock) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-27]
CHR Extension: (A Journey through Middle-earth) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgkjeheegjnnmheaflhdocglkiegoni [2014-01-02]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-01-02]
CHR Extension: (Don't Starve) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc [2014-01-02]
CHR Extension: (Google Keep) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-01-02]
CHR Extension: (Cloud Reader) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-01-02]
CHR Extension: (Wolfram|Alpha (Official)) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\icncamkooinmbehmkeilcccmoljfkdhp [2014-01-02]
CHR Extension: (Google Play Music) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2014-01-02]
CHR Extension: (Chrome to Mobile) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-01-02]
CHR Extension: (Dropbox) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-01-02]
CHR Extension: (WhatFont) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2014-01-02]
CHR Extension: (Google Forms) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2014-01-27]
CHR Extension: (Google Play) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-01-02]
CHR Extension: (Google Maps) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-01-02]
CHR Extension: (Google Mail Checker) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-01-02]
CHR Extension: (Quick Note) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2014-02-01]
CHR Extension: (Google Wallet) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-06-03]
CHR Extension: (Khan Academy) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pahdiadnidmaaoohjmlkcjffbfcapgko [2014-01-02]
CHR Extension: (Gmail) - C:\Users\Zak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-24]
CHR HKCU\...\Chrome\Extension: [cgpimkfhjdaobobdomcikioipaenlhke] - C:\Users\Zak\AppData\Local\CRE\cgpimkfhjdaobobdomcikioipaenlhke.crx [2012-12-24]
CHR HKLM-x32\...\Chrome\Extension: [cgpimkfhjdaobobdomcikioipaenlhke] - C:\Users\Zak\AppData\Local\CRE\cgpimkfhjdaobobdomcikioipaenlhke.crx [2012-12-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\Exts\Chrome.crx [2014-01-20]
 
==================== Services (Whitelisted) =================
 
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-02-19] ()
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1239584 2013-02-25] (Fitbit, Inc.)
R2 KinectManagement; C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe [98816 2012-09-18] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe [264360 2013-10-18] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2013-12-31] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 WLANBelkinService; C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [36864 2009-12-28] ()
R2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [305200 2012-09-18] ()
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-17] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-24] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-22] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140219.001\IDSvia64.sys [521944 2014-01-20] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-29] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140220.003\ENG64.SYS [126040 2014-01-22] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140220.003\EX64.SYS [2099288 2014-01-22] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 NPF; C:\Windows\system32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2013-11-14] (Razer Inc)
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [29472 2012-09-05] (SerComm Corporation)
S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
R3 SRTSP; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-24] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org)
S1 AntiLog32; \??\C:\WINDOWS\system32\drivers\AntiLog64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-20 12:17 - 2014-02-20 12:17 - 00000000 ____D () C:\Users\Zak\Desktop\FRST-OlderVersion
2014-02-19 09:49 - 2014-02-19 09:59 - 00000000 ___SD () C:\32788R22FWJFW
2014-02-19 09:49 - 2014-02-19 09:49 - 00000000 ____D () C:\WINDOWS\erdnt
2014-02-19 09:47 - 2014-02-19 09:47 - 05183254 _____ (Swearware) C:\Users\Zak\Downloads\ComboFix (1).exe
2014-02-18 20:55 - 2014-02-18 20:55 - 00001456 _____ () C:\Users\Zak\Desktop\JRT.txt
2014-02-18 20:29 - 2014-02-18 20:27 - 01037530 _____ (Thisisu) C:\Users\Zak\Desktop\JRT (1).exe
2014-02-18 20:27 - 2014-02-18 20:27 - 01241834 _____ () C:\Users\Zak\Downloads\AdwCleaner (1).exe
2014-02-18 20:27 - 2014-02-18 20:27 - 01037530 _____ (Thisisu) C:\Users\Zak\Downloads\JRT (1).exe
2014-02-18 13:31 - 2014-02-18 13:31 - 00000222 _____ () C:\Users\Zak\Desktop\Arma 2 DayZ Mod.url
2014-02-18 11:11 - 2014-02-18 11:11 - 00000221 _____ () C:\Users\Zak\Desktop\Arma 2 Operation Arrowhead.url
2014-02-18 10:47 - 2014-02-18 10:47 - 00000221 _____ () C:\Users\Zak\Desktop\Arma 2.url
2014-02-18 10:35 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-02-18 10:35 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-02-18 10:35 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-02-18 10:35 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-02-18 10:34 - 2014-02-18 10:35 - 00005175 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-18 10:32 - 2014-02-18 10:32 - 00921000 _____ (Oracle Corporation) C:\Users\Zak\Downloads\chromeinstall-7u51.exe
2014-02-18 09:35 - 2014-02-18 09:36 - 00053542 _____ () C:\Users\Zak\Desktop\Addition.txt
2014-02-18 09:34 - 2014-02-20 12:17 - 00026033 _____ () C:\Users\Zak\Desktop\FRST.txt
2014-02-18 09:34 - 2014-02-20 12:17 - 00000000 ____D () C:\FRST
2014-02-18 09:33 - 2014-02-20 12:17 - 02153984 _____ (Farbar) C:\Users\Zak\Desktop\FRST64.exe
2014-02-18 09:32 - 2014-02-18 09:32 - 02152448 _____ (Farbar) C:\Users\Zak\Downloads\FRST64.exe
2014-02-17 16:18 - 2014-02-17 16:20 - 168965850 _____ () C:\Users\Zak\Downloads\@Peral_A-10C.rar
2014-02-17 12:08 - 2014-02-17 12:09 - 00688992 _____ (Swearware) C:\Users\Zak\Desktop\dds.scr
2014-02-16 23:19 - 2014-02-17 11:06 - 00000000 ____D () C:\Users\Zak\AppData\Local\NPE
2014-02-16 23:11 - 2014-02-16 23:11 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-02-16 23:11 - 2014-02-16 23:11 - 00000000 ____D () C:\ProgramData\Sophos
2014-02-16 23:10 - 2014-02-16 23:10 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-02-16 23:06 - 2014-02-16 23:06 - 84529880 _____ (Sophos Limited) C:\Users\Zak\Downloads\Sophos Virus Removal Tool.exe
2014-02-16 23:02 - 2014-02-16 23:09 - 00000000 ____D () C:\Users\Zak\Desktop\RK_Quarantine
2014-02-16 23:02 - 2014-02-16 23:02 - 04408320 _____ () C:\Users\Zak\Downloads\RogueKillerX64.exe
2014-02-16 22:55 - 2014-02-16 22:55 - 00387584 _____ () C:\Users\Zak\Downloads\rescue2usb.exe
2014-02-16 22:46 - 2014-02-16 22:46 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-02-16 22:16 - 2014-02-17 11:37 - 00000000 ____D () C:\Users\Zak\Desktop\mbar
2014-02-16 22:16 - 2014-02-17 11:37 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-16 22:16 - 2014-02-17 11:17 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-02-16 22:15 - 2014-02-16 22:15 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Zak\Downloads\mbar-1.07.0.1009.exe
2014-02-16 21:51 - 2014-02-16 21:52 - 178479183 _____ () C:\Users\Zak\Downloads\RH Pistol pack 1.11-A3.7z
2014-02-16 21:39 - 2014-02-16 21:41 - 20513950 _____ () C:\Users\Zak\Downloads\FHQ_M4_A4_v1.9.7z
2014-02-16 14:11 - 2014-02-16 14:11 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Zak\Downloads\rkill64.exe
2014-02-16 14:10 - 2014-02-16 14:10 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Zak\Downloads\rkill.exe
2014-02-16 14:07 - 2014-02-16 14:07 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-16 14:06 - 2014-02-16 14:06 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Zak\Downloads\iExplore64.exe
2014-02-16 13:48 - 2014-02-16 13:48 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\Malwarebytes
2014-02-16 13:47 - 2014-02-16 13:47 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-16 13:47 - 2014-02-16 13:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-16 13:47 - 2014-02-16 13:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-16 13:47 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-16 13:39 - 2014-02-16 13:39 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Zak\Downloads\iExplore.exe
2014-02-16 13:39 - 2014-02-16 13:39 - 01037530 _____ (Thisisu) C:\Users\Zak\Downloads\JRT.exe
2014-02-16 13:38 - 2014-02-16 13:36 - 01166132 _____ () C:\Users\Zak\Desktop\adwcleaner.exe
2014-02-16 13:37 - 2014-02-18 20:31 - 00000000 ____D () C:\AdwCleaner
2014-02-16 13:36 - 2014-02-16 13:36 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Zak\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-16 13:36 - 2014-02-16 13:36 - 01166132 _____ () C:\Users\Zak\Downloads\adwcleaner.exe
2014-02-16 13:21 - 2014-02-16 13:21 - 04122976 _____ (Kaspersky Lab ZAO) C:\Users\Zak\Downloads\tdsskiller.exe
2014-02-16 13:19 - 2014-02-19 09:47 - 05183254 ____R (Swearware) C:\Users\Zak\Desktop\ComboFix.exe
2014-02-16 13:18 - 2014-02-16 13:18 - 05183112 _____ (Swearware) C:\Users\Zak\Downloads\ComboFix.exe
2014-02-16 13:14 - 2014-02-16 13:14 - 00688992 ____R (Swearware) C:\Users\Zak\Desktop\dds.com
2014-02-14 22:45 - 2013-12-08 16:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-14 22:45 - 2013-12-08 16:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-14 22:45 - 2013-11-27 07:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-14 22:45 - 2013-11-27 07:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-14 22:45 - 2013-11-27 06:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-14 22:45 - 2013-11-27 05:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-14 22:45 - 2013-11-27 04:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-14 22:45 - 2013-11-27 02:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-14 22:45 - 2013-11-27 02:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-14 22:45 - 2013-11-27 02:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-14 22:45 - 2013-11-27 01:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-14 22:45 - 2013-11-27 01:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-14 22:45 - 2013-11-27 01:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-14 22:45 - 2013-11-27 01:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-14 22:45 - 2013-11-27 00:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-14 22:45 - 2013-11-27 00:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-14 22:45 - 2013-11-26 20:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-14 22:45 - 2013-11-26 05:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-14 22:45 - 2013-11-26 05:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-14 22:45 - 2013-11-26 05:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-14 22:45 - 2013-11-26 05:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-14 22:45 - 2013-11-26 03:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-14 22:45 - 2013-11-26 03:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-14 22:45 - 2013-11-26 03:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-14 22:45 - 2013-11-26 02:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-14 22:45 - 2013-11-26 01:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-14 22:45 - 2013-11-26 00:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-14 22:45 - 2013-11-24 17:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-14 22:45 - 2013-11-24 17:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-14 22:45 - 2013-11-24 15:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-14 22:45 - 2013-11-24 15:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-14 22:45 - 2013-11-23 04:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-14 22:45 - 2013-11-23 03:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-14 22:45 - 2013-11-23 00:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-14 22:45 - 2013-11-22 23:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-14 22:45 - 2013-11-22 23:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-14 22:45 - 2013-11-22 23:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-14 22:45 - 2013-11-22 20:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-14 22:45 - 2013-11-22 19:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-14 22:45 - 2013-11-22 19:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-14 22:45 - 2013-11-22 19:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-14 22:45 - 2013-11-22 19:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-14 22:45 - 2013-11-22 19:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-14 22:45 - 2013-11-22 19:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-14 22:45 - 2013-11-20 22:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-14 22:45 - 2013-11-20 22:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-14 22:45 - 2013-11-15 21:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-14 22:45 - 2013-11-15 10:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-14 22:45 - 2013-11-15 06:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-14 22:45 - 2013-11-15 06:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-14 22:45 - 2013-11-15 06:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-14 22:45 - 2013-11-15 05:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-14 22:45 - 2013-11-05 12:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-14 22:45 - 2013-10-30 16:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-14 22:45 - 2013-10-30 15:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-13 10:12 - 2014-02-13 10:25 - 891457474 _____ (SpaceEngine ) C:\Users\Zak\Downloads\SE-0971-setup.exe
2014-02-11 23:13 - 2014-01-06 21:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-11 23:13 - 2014-01-06 20:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-11 23:13 - 2013-12-08 16:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-11 23:13 - 2013-12-08 16:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-11 23:13 - 2013-12-08 15:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-11 23:13 - 2013-12-08 15:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-11 23:13 - 2013-11-20 22:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-11 23:13 - 2013-11-20 21:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-11 23:12 - 2014-02-06 04:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-11 23:12 - 2014-02-06 03:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-11 23:12 - 2014-02-06 03:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-11 23:12 - 2014-02-06 03:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-11 23:12 - 2014-02-06 03:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-11 23:12 - 2014-02-06 03:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-11 23:12 - 2014-02-06 02:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-11 23:12 - 2014-02-06 02:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-11 23:12 - 2014-02-06 02:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-11 23:12 - 2014-02-06 02:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-11 23:12 - 2014-02-06 02:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-11 23:12 - 2014-02-06 02:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-11 23:12 - 2014-02-06 02:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-11 23:12 - 2014-02-06 02:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-11 23:12 - 2014-02-06 02:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-11 23:12 - 2014-02-06 02:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-11 23:12 - 2014-02-06 02:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-11 23:12 - 2014-02-06 02:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-11 23:12 - 2014-02-06 01:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-11 23:12 - 2014-02-06 01:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-11 23:12 - 2014-02-06 01:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-11 23:12 - 2014-02-06 01:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-11 23:12 - 2014-02-06 01:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-11 23:12 - 2014-02-06 01:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-11 23:12 - 2014-02-06 01:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-11 23:12 - 2014-02-06 01:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-11 23:12 - 2014-02-06 01:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-11 23:12 - 2014-02-06 01:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-11 23:12 - 2014-02-06 01:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-11 23:12 - 2014-02-06 01:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-11 23:12 - 2014-02-06 01:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-11 23:12 - 2014-02-06 01:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-11 23:12 - 2014-02-06 00:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-11 23:12 - 2014-02-06 00:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-11 23:12 - 2014-02-06 00:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-11 23:12 - 2014-02-06 00:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-11 23:12 - 2014-02-06 00:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-11 23:12 - 2014-01-09 00:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-11 23:12 - 2014-01-08 23:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-11 23:12 - 2014-01-08 23:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-11 23:12 - 2014-01-08 23:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-11 23:12 - 2014-01-08 23:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-11 23:12 - 2014-01-08 23:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-11 23:12 - 2014-01-08 23:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-11 23:12 - 2014-01-08 23:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-11 23:12 - 2014-01-08 23:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-11 23:12 - 2014-01-08 23:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-11 23:12 - 2014-01-06 23:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-11 23:12 - 2014-01-06 21:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-11 23:12 - 2014-01-04 12:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-11 23:12 - 2014-01-04 11:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-11 23:12 - 2014-01-04 06:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-11 23:12 - 2014-01-04 06:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-11 23:12 - 2014-01-04 05:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-11 23:12 - 2014-01-04 05:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-11 23:12 - 2014-01-04 05:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-11 23:12 - 2014-01-04 05:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-11 23:12 - 2013-12-20 18:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-11 23:12 - 2013-12-20 18:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-11 23:12 - 2013-12-20 02:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-11 23:12 - 2013-12-19 22:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-11 23:12 - 2013-12-08 18:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-11 23:12 - 2013-12-08 17:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-10 20:11 - 2013-12-16 15:22 - 01569280 _____ (BahraniApps) C:\Users\Zak\Desktop\GifCam.exe
2014-02-10 20:10 - 2014-02-10 20:10 - 00690877 _____ () C:\Users\Zak\Downloads\GifCam.zip
2014-02-09 00:50 - 2014-02-09 00:50 - 12871748 _____ () C:\Users\Zak\Downloads\Apparat - Goodbye (Instrumental).mp4
2014-02-08 13:17 - 2014-02-08 13:17 - 00073111 _____ () C:\Users\Zak\Downloads\redProtect_1.9.6.jar
2014-02-07 23:19 - 2014-02-07 23:19 - 00026177 _____ () C:\Users\Zak\Downloads\CompassNavigation.jar
2014-02-07 23:18 - 2014-02-07 23:18 - 00320559 _____ () C:\Users\Zak\Downloads\worldguard-5.8.zip
2014-02-07 23:17 - 2014-02-07 23:17 - 00816954 _____ () C:\Users\Zak\Downloads\worldedit-5.5.8.zip
2014-02-07 20:11 - 2014-02-07 20:11 - 00004312 _____ () C:\Users\Zak\Downloads\Bar.glet
2014-02-07 00:51 - 2014-02-07 01:04 - 1394761016 _____ (Wolfram Research, Inc. ) C:\Users\Zak\Downloads\Mathematica_9.0.1_WIN.exe
2014-02-05 16:59 - 2014-02-05 18:49 - 00000000 ____D () C:\Users\Zak\Desktop\X-Plane 10 Demo
2014-02-05 16:58 - 2014-02-05 16:58 - 04305431 _____ () C:\Users\Zak\Downloads\X-Plane10DemoInstallerWindows.zip
2014-02-04 17:01 - 2014-02-04 17:04 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-02-04 17:01 - 2014-02-04 17:01 - 00001415 _____ () C:\Users\Zak\Desktop\The Elder Scrolls Online Beta.lnk
2014-02-04 16:59 - 2014-02-04 17:00 - 55903624 _____ ( ) C:\Users\Zak\Downloads\Install_ESO_Beta.exe
2014-02-04 11:06 - 2014-02-04 11:08 - 38131448 _____ () C:\Users\Zak\Downloads\SU35S_v0.98_BETA_ARMA3.rar
2014-02-04 11:05 - 2014-02-04 11:05 - 38549805 _____ () C:\Users\Zak\Downloads\FA18_v1.2_ArmA_3.rar
2014-02-04 10:40 - 2014-02-04 10:49 - 41023637 _____ () C:\Users\Zak\Downloads\FA18_v1.51_ARMA_3.rar
2014-02-02 17:53 - 2014-02-02 17:53 - 00124395 _____ () C:\Users\Zak\Downloads\armaunpbo_v10.zip
2014-02-02 17:40 - 2014-02-02 17:42 - 353632441 _____ () C:\Users\Zak\Downloads\NATO_Russian_SF_Weapons_v 1.2.7z
2014-02-02 12:25 - 2014-02-02 12:29 - 07044001 _____ () C:\Users\Zak\Downloads\@AS50v1.4.rar
2014-02-02 11:46 - 2014-02-02 11:46 - 52307186 _____ () C:\Users\Zak\Downloads\MK18_Mod1_V02 (1).7z
2014-02-02 11:30 - 2014-02-02 11:30 - 00013390 _____ () C:\Users\Zak\Downloads\asdg_jointrails-v0.8.zip
2014-02-02 11:21 - 2014-02-02 11:21 - 00204678 _____ () C:\Users\Zak\Downloads\CBA_A3_beta4.7z
2014-02-02 00:07 - 2014-02-02 00:08 - 48942905 _____ () C:\Users\Zak\Downloads\FHQ_Accessories_v1.4 (2).7z
2014-02-02 00:07 - 2014-02-02 00:08 - 48942905 _____ () C:\Users\Zak\Downloads\FHQ_Accessories_v1.4 (1).7z
2014-02-02 00:06 - 2014-02-02 00:06 - 00000000 ____D () C:\Users\Zak\Desktop\FHQ_Accessories_v1.4
2014-02-01 23:07 - 2014-02-01 23:07 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-02-01 23:06 - 2014-02-01 23:06 - 01110476 _____ () C:\Users\Zak\Downloads\7z920.exe
2014-02-01 23:00 - 2014-02-01 23:02 - 18685952 _____ () C:\Users\Zak\Downloads\FHQ_Accessories_v1.4.7z
2014-02-01 23:00 - 2014-02-01 23:02 - 18304260 _____ () C:\Users\Zak\Downloads\FHQ_M4_A3_v1.8..7z
2014-02-01 22:57 - 2014-02-01 22:57 - 12265603 _____ () C:\Users\Zak\Downloads\m107_V1.5.rar
2014-02-01 22:55 - 2014-02-01 22:55 - 52307186 _____ () C:\Users\Zak\Downloads\MK18_Mod1_V02.7z
2014-02-01 22:50 - 2014-02-01 22:50 - 04256118 _____ () C:\Users\Zak\Downloads\@tmr-0.3.5.zip
2014-02-01 18:18 - 2014-02-01 18:18 - 53957312 _____ (R Core Team ) C:\Users\Zak\Downloads\R-3.0.2-win.exe
2014-02-01 15:05 - 2014-02-01 15:07 - 00000000 ____D () C:\Users\Zak\Documents\maya
2014-02-01 12:51 - 2014-02-01 12:51 - 00001097 _____ () C:\Users\Zak\Desktop\Cheat Engine.lnk
2014-02-01 12:51 - 2014-02-01 12:51 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.3
2014-02-01 12:50 - 2014-02-01 12:50 - 08065840 _____ (Cheat Engine ) C:\Users\Zak\Downloads\CheatEngine63.exe
2014-01-31 09:56 - 2014-01-31 09:56 - 00000351 _____ () C:\Users\Zak\Desktop\Network - Shortcut.lnk
2014-01-29 18:54 - 2014-01-29 18:54 - 00000000 ____D () C:\Users\Zak\Documents\LEGO Creations
2014-01-29 18:54 - 2014-01-29 18:54 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\LEGO Company
2014-01-29 18:53 - 2014-01-29 18:53 - 00002162 _____ () C:\Users\Public\Desktop\LEGO Digital Designer.lnk
2014-01-29 18:53 - 2014-01-29 18:53 - 00000000 ____D () C:\Program Files (x86)\LEGO Company
2014-01-29 18:49 - 2014-01-29 18:50 - 225918672 _____ () C:\Users\Zak\Downloads\setupLDD-PC-4_3_8.exe
2014-01-29 16:44 - 2014-02-10 16:52 - 00001317 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-01-26 18:42 - 2014-02-20 12:16 - 00306176 ___SH () C:\Users\Zak\Desktop\Thumbs.db
2014-01-26 17:57 - 2014-01-29 16:35 - 00015364 ____H () C:\Users\Zak\Desktop\.DS_Store
2014-01-26 17:41 - 2014-02-15 18:19 - 00021508 ____H () C:\Users\Zak\.DS_Store
2014-01-26 17:25 - 2014-01-26 17:25 - 00000000 ____H () C:\Users\Zak\Documents\Default.rdp
2014-01-24 23:45 - 2014-01-24 23:52 - 00000000 ____D () C:\Users\Zak\Desktop\CRYENGINE_Build_PC_v3_5_6_1833_freesdk
2014-01-24 23:13 - 2014-01-24 23:23 - 1955430390 _____ () C:\Users\Zak\Downloads\CRYENGINE_Build_PC_v3_5_6_1833_freesdk.zip
2014-01-24 23:10 - 2014-01-24 23:10 - 00001812 _____ () C:\Users\Public\Desktop\Maya 2014.lnk
2014-01-24 23:10 - 2014-01-24 23:10 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-01-24 22:51 - 2014-01-24 22:51 - 00000000 ____D () C:\ProgramData\Applications
2014-01-24 22:50 - 2014-01-24 22:51 - 09658264 _____ (Autodesk, Inc.) C:\Users\Zak\Downloads\AutodeskDownloadManagerSetup.exe
2014-01-24 22:50 - 2014-01-24 22:50 - 11461360 _____ () C:\Users\Zak\Downloads\Autodesk_Maya_2014_wi_en-US_Setup (1).exe
2014-01-23 22:39 - 2013-12-27 10:42 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-01-23 22:39 - 2013-12-27 10:42 - 00033056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
 
==================== One Month Modified Files and Folders =======
 
2014-02-20 12:17 - 2014-02-20 12:17 - 00000000 ____D () C:\Users\Zak\Desktop\FRST-OlderVersion
2014-02-20 12:17 - 2014-02-18 09:34 - 00026033 _____ () C:\Users\Zak\Desktop\FRST.txt
2014-02-20 12:17 - 2014-02-18 09:34 - 00000000 ____D () C:\FRST
2014-02-20 12:17 - 2014-02-18 09:33 - 02153984 _____ (Farbar) C:\Users\Zak\Desktop\FRST64.exe
2014-02-20 12:16 - 2014-01-26 18:42 - 00306176 ___SH () C:\Users\Zak\Desktop\Thumbs.db
2014-02-20 12:14 - 2013-10-19 19:47 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FD0BE4D7-D646-41C2-8263-602689017EE7}
2014-02-20 12:11 - 2012-12-24 14:45 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-20 12:00 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-20 11:42 - 2013-04-12 22:26 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-02-20 11:42 - 2013-04-12 22:26 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-20 11:41 - 2013-10-17 12:14 - 01247205 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-20 11:32 - 2013-05-15 16:01 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3182746591-648046975-1580014685-1001UA.job
2014-02-20 07:23 - 2012-12-24 15:46 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-19 21:53 - 2012-12-24 14:48 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3182746591-648046975-1580014685-1001
2014-02-19 18:59 - 2012-12-25 11:42 - 00000000 ____D () C:\Users\Zak\AppData\Local\ArmA 2 OA
2014-02-19 18:02 - 2013-12-26 11:53 - 00000000 ____D () C:\Users\Zak\AppData\Local\DayZ
2014-02-19 15:11 - 2014-01-02 13:05 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-19 15:11 - 2012-12-24 14:45 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-19 14:32 - 2013-05-15 16:00 - 00000868 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3182746591-648046975-1580014685-1001Core.job
2014-02-19 09:59 - 2014-02-19 09:49 - 00000000 ___SD () C:\32788R22FWJFW
2014-02-19 09:49 - 2014-02-19 09:49 - 00000000 ____D () C:\WINDOWS\erdnt
2014-02-19 09:47 - 2014-02-19 09:47 - 05183254 _____ (Swearware) C:\Users\Zak\Downloads\ComboFix (1).exe
2014-02-19 09:47 - 2014-02-16 13:19 - 05183254 ____R (Swearware) C:\Users\Zak\Desktop\ComboFix.exe
2014-02-19 02:04 - 2013-06-21 00:07 - 00000000 ____D () C:\Users\Zak\AppData\Local\Adobe
2014-02-18 21:01 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-18 20:55 - 2014-02-18 20:55 - 00001456 _____ () C:\Users\Zak\Desktop\JRT.txt
2014-02-18 20:40 - 2013-08-26 10:40 - 00008244 _____ () C:\autoupdate.log
2014-02-18 20:38 - 2013-10-18 21:30 - 00000000 __RDO () C:\Users\Zak\SkyDrive
2014-02-18 20:36 - 2013-04-14 11:14 - 00000000 ___RD () C:\Users\Zak\Dropbox
2014-02-18 20:36 - 2013-04-14 11:07 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\Dropbox
2014-02-18 20:35 - 2013-06-11 17:50 - 00000000 ___RD () C:\Users\Zak\Google Drive
2014-02-18 20:33 - 2013-10-17 12:14 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-18 20:33 - 2013-09-29 19:55 - 01507618 _____ () C:\WINDOWS\PFRO.log
2014-02-18 20:33 - 2013-08-22 06:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-18 20:32 - 2013-08-22 05:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-18 20:31 - 2014-02-16 13:37 - 00000000 ____D () C:\AdwCleaner
2014-02-18 20:27 - 2014-02-18 20:29 - 01037530 _____ (Thisisu) C:\Users\Zak\Desktop\JRT (1).exe
2014-02-18 20:27 - 2014-02-18 20:27 - 01241834 _____ () C:\Users\Zak\Downloads\AdwCleaner (1).exe
2014-02-18 20:27 - 2014-02-18 20:27 - 01037530 _____ (Thisisu) C:\Users\Zak\Downloads\JRT (1).exe
2014-02-18 13:31 - 2014-02-18 13:31 - 00000222 _____ () C:\Users\Zak\Desktop\Arma 2 DayZ Mod.url
2014-02-18 13:31 - 2012-12-24 15:56 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-02-18 11:11 - 2014-02-18 11:11 - 00000221 _____ () C:\Users\Zak\Desktop\Arma 2 Operation Arrowhead.url
2014-02-18 10:47 - 2014-02-18 10:47 - 00000221 _____ () C:\Users\Zak\Desktop\Arma 2.url
2014-02-18 10:35 - 2014-02-18 10:34 - 00005175 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-18 10:35 - 2013-10-17 10:45 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-18 10:35 - 2013-08-27 15:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-18 10:32 - 2014-02-18 10:32 - 00921000 _____ (Oracle Corporation) C:\Users\Zak\Downloads\chromeinstall-7u51.exe
2014-02-18 09:50 - 2013-06-23 12:11 - 00000000 ____D () C:\Users\Zak\AppData\Local\Arma 3
2014-02-18 09:36 - 2014-02-18 09:35 - 00053542 _____ () C:\Users\Zak\Desktop\Addition.txt
2014-02-18 09:32 - 2014-02-18 09:32 - 02152448 _____ (Farbar) C:\Users\Zak\Downloads\FRST64.exe
2014-02-17 16:20 - 2014-02-17 16:18 - 168965850 _____ () C:\Users\Zak\Downloads\@Peral_A-10C.rar
2014-02-17 14:18 - 2013-04-11 21:14 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\Skype
2014-02-17 12:09 - 2014-02-17 12:08 - 00688992 _____ (Swearware) C:\Users\Zak\Desktop\dds.scr
2014-02-17 11:37 - 2014-02-16 22:16 - 00000000 ____D () C:\Users\Zak\Desktop\mbar
2014-02-17 11:37 - 2014-02-16 22:16 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-17 11:17 - 2014-02-16 22:16 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-02-17 11:06 - 2014-02-16 23:19 - 00000000 ____D () C:\Users\Zak\AppData\Local\NPE
2014-02-17 10:35 - 2013-12-22 17:03 - 00000000 ____D () C:\ProgramData\Norton
2014-02-16 23:11 - 2014-02-16 23:11 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-02-16 23:11 - 2014-02-16 23:11 - 00000000 ____D () C:\ProgramData\Sophos
2014-02-16 23:10 - 2014-02-16 23:10 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-02-16 23:09 - 2014-02-16 23:02 - 00000000 ____D () C:\Users\Zak\Desktop\RK_Quarantine
2014-02-16 23:06 - 2014-02-16 23:06 - 84529880 _____ (Sophos Limited) C:\Users\Zak\Downloads\Sophos Virus Removal Tool.exe
2014-02-16 23:02 - 2014-02-16 23:02 - 04408320 _____ () C:\Users\Zak\Downloads\RogueKillerX64.exe
2014-02-16 22:55 - 2014-02-16 22:55 - 00387584 _____ () C:\Users\Zak\Downloads\rescue2usb.exe
2014-02-16 22:46 - 2014-02-16 22:46 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-02-16 22:15 - 2014-02-16 22:15 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Zak\Downloads\mbar-1.07.0.1009.exe
2014-02-16 21:52 - 2014-02-16 21:51 - 178479183 _____ () C:\Users\Zak\Downloads\RH Pistol pack 1.11-A3.7z
2014-02-16 21:41 - 2014-02-16 21:39 - 20513950 _____ () C:\Users\Zak\Downloads\FHQ_M4_A4_v1.9.7z
2014-02-16 14:16 - 2014-01-04 14:09 - 00000000 ____D () C:\Users\Zak\Downloads\ref=trdrt_prnt_popup_files
2014-02-16 14:11 - 2014-02-16 14:11 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Zak\Downloads\rkill64.exe
2014-02-16 14:10 - 2014-02-16 14:10 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Zak\Downloads\rkill.exe
2014-02-16 14:07 - 2014-02-16 14:07 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-16 14:06 - 2014-02-16 14:06 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Zak\Downloads\iExplore64.exe
2014-02-16 13:55 - 2013-09-29 20:04 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-16 13:48 - 2014-02-16 13:48 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\Malwarebytes
2014-02-16 13:47 - 2014-02-16 13:47 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-16 13:47 - 2014-02-16 13:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-16 13:47 - 2014-02-16 13:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-16 13:41 - 2013-10-17 12:21 - 00000000 ____D () C:\Users\Zak
2014-02-16 13:39 - 2014-02-16 13:39 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Zak\Downloads\iExplore.exe
2014-02-16 13:39 - 2014-02-16 13:39 - 01037530 _____ (Thisisu) C:\Users\Zak\Downloads\JRT.exe
2014-02-16 13:36 - 2014-02-16 13:38 - 01166132 _____ () C:\Users\Zak\Desktop\adwcleaner.exe
2014-02-16 13:36 - 2014-02-16 13:36 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Zak\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-16 13:36 - 2014-02-16 13:36 - 01166132 _____ () C:\Users\Zak\Downloads\adwcleaner.exe
2014-02-16 13:21 - 2014-02-16 13:21 - 04122976 _____ (Kaspersky Lab ZAO) C:\Users\Zak\Downloads\tdsskiller.exe
2014-02-16 13:18 - 2014-02-16 13:18 - 05183112 _____ (Swearware) C:\Users\Zak\Downloads\ComboFix.exe
2014-02-16 13:14 - 2014-02-16 13:14 - 00688992 ____R (Swearware) C:\Users\Zak\Desktop\dds.com
2014-02-15 20:42 - 2013-06-09 10:35 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\.minecraft
2014-02-15 18:19 - 2014-01-26 17:41 - 00021508 ____H () C:\Users\Zak\.DS_Store
2014-02-15 16:16 - 2013-12-25 16:10 - 00000000 ____D () C:\Users\Zak\AppData\Local\CrashDumps
2014-02-15 12:43 - 2012-12-24 14:42 - 00000000 ___RD () C:\Users\Zak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-15 12:43 - 2012-12-24 14:42 - 00000000 ___RD () C:\Users\Zak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-15 12:14 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-15 11:36 - 2013-08-22 05:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-02-15 11:32 - 2013-08-22 06:44 - 05214624 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-15 11:28 - 2013-08-22 07:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-15 11:28 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-15 11:28 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-15 11:28 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-15 11:28 - 2013-08-22 05:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-15 11:28 - 2013-08-22 05:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-15 05:14 - 2013-08-17 13:41 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-15 05:07 - 2012-12-25 15:22 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-13 21:44 - 2013-11-05 16:11 - 00000000 ____D () C:\Users\Zak\Desktop\Screenshots
2014-02-13 10:25 - 2014-02-13 10:12 - 891457474 _____ (SpaceEngine ) C:\Users\Zak\Downloads\SE-0971-setup.exe
2014-02-12 15:06 - 2012-12-24 14:45 - 00003884 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 15:06 - 2012-12-24 14:45 - 00003648 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-11 23:37 - 2013-05-15 12:53 - 00000000 ____D () C:\Development
2014-02-11 16:16 - 2013-08-22 06:46 - 00386990 _____ () C:\WINDOWS\setupact.log
2014-02-11 14:27 - 2013-05-15 16:01 - 00003862 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3182746591-648046975-1580014685-1001UA
2014-02-11 14:27 - 2013-05-15 16:00 - 00003482 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3182746591-648046975-1580014685-1001Core
2014-02-10 20:10 - 2014-02-10 20:10 - 00690877 _____ () C:\Users\Zak\Downloads\GifCam.zip
2014-02-10 17:37 - 2013-06-21 00:08 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-10 17:25 - 2013-06-21 00:33 - 00000000 ____D () C:\Program Files\Adobe
2014-02-10 16:52 - 2014-01-29 16:44 - 00001317 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-02-10 15:30 - 2013-11-05 16:15 - 00000000 ____D () C:\Users\Zak\Desktop\Wallpaper
2014-02-09 00:50 - 2014-02-09 00:50 - 12871748 _____ () C:\Users\Zak\Downloads\Apparat - Goodbye (Instrumental).mp4
2014-02-08 13:17 - 2014-02-08 13:17 - 00073111 _____ () C:\Users\Zak\Downloads\redProtect_1.9.6.jar
2014-02-07 23:23 - 2013-12-22 01:10 - 00000000 ____D () C:\Users\Zak\Desktop\serverTest
2014-02-07 23:19 - 2014-02-07 23:19 - 00026177 _____ () C:\Users\Zak\Downloads\CompassNavigation.jar
2014-02-07 23:18 - 2014-02-07 23:18 - 00320559 _____ () C:\Users\Zak\Downloads\worldguard-5.8.zip
2014-02-07 23:17 - 2014-02-07 23:17 - 00816954 _____ () C:\Users\Zak\Downloads\worldedit-5.5.8.zip
2014-02-07 20:11 - 2014-02-07 20:11 - 00004312 _____ () C:\Users\Zak\Downloads\Bar.glet
2014-02-07 15:24 - 2013-06-08 22:14 - 00000000 ____D () C:\Users\Zak\workspace
2014-02-07 01:04 - 2014-02-07 00:51 - 1394761016 _____ (Wolfram Research, Inc. ) C:\Users\Zak\Downloads\Mathematica_9.0.1_WIN.exe
2014-02-06 04:16 - 2014-02-11 23:12 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 03:30 - 2014-02-11 23:12 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 03:30 - 2014-02-11 23:12 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 03:12 - 2014-02-11 23:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 03:07 - 2014-02-11 23:12 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 03:06 - 2014-02-11 23:12 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 02:57 - 2014-02-11 23:12 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 02:56 - 2014-02-11 23:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 02:49 - 2014-02-11 23:12 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 02:48 - 2014-02-11 23:12 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 02:48 - 2014-02-11 23:12 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 02:38 - 2014-02-11 23:12 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 02:32 - 2014-02-11 23:12 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 02:20 - 2014-02-11 23:12 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 02:17 - 2014-02-11 23:12 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 02:11 - 2014-02-11 23:12 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 02:01 - 2014-02-11 23:12 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 02:00 - 2014-02-11 23:12 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 01:57 - 2014-02-11 23:12 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 01:57 - 2014-02-11 23:12 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 01:52 - 2014-02-11 23:12 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 01:52 - 2014-02-11 23:12 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 01:50 - 2014-02-11 23:12 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 01:47 - 2014-02-11 23:12 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 01:46 - 2014-02-11 23:12 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 01:25 - 2014-02-11 23:12 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 01:25 - 2014-02-11 23:12 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 01:24 - 2014-02-11 23:12 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 01:22 - 2014-02-11 23:12 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 01:13 - 2014-02-11 23:12 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 01:09 - 2014-02-11 23:12 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 01:03 - 2014-02-11 23:12 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 00:55 - 2014-02-11 23:12 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 00:41 - 2014-02-11 23:12 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 00:40 - 2014-02-11 23:12 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 00:36 - 2014-02-11 23:12 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 00:34 - 2014-02-11 23:12 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-05 19:16 - 2013-07-19 19:32 - 00000015 _____ () C:\Users\Zak\AppData\Local\X-Plane_drm.prf
2014-02-05 18:49 - 2014-02-05 16:59 - 00000000 ____D () C:\Users\Zak\Desktop\X-Plane 10 Demo
2014-02-05 18:49 - 2013-05-29 22:28 - 00000080 _____ () C:\Users\Zak\AppData\Local\X-Plane Installer.prf
2014-02-05 16:58 - 2014-02-05 16:58 - 04305431 _____ () C:\Users\Zak\Downloads\X-Plane10DemoInstallerWindows.zip
2014-02-04 17:04 - 2014-02-04 17:01 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-02-04 17:01 - 2014-02-04 17:01 - 00001415 _____ () C:\Users\Zak\Desktop\The Elder Scrolls Online Beta.lnk
2014-02-04 17:00 - 2014-02-04 16:59 - 55903624 _____ ( ) C:\Users\Zak\Downloads\Install_ESO_Beta.exe
2014-02-04 11:08 - 2014-02-04 11:06 - 38131448 _____ () C:\Users\Zak\Downloads\SU35S_v0.98_BETA_ARMA3.rar
2014-02-04 11:05 - 2014-02-04 11:05 - 38549805 _____ () C:\Users\Zak\Downloads\FA18_v1.2_ArmA_3.rar
2014-02-04 10:49 - 2014-02-04 10:40 - 41023637 _____ () C:\Users\Zak\Downloads\FA18_v1.51_ARMA_3.rar
2014-02-03 09:54 - 2013-12-26 11:53 - 00000000 ____D () C:\Users\Zak\Documents\DayZ
2014-02-02 17:53 - 2014-02-02 17:53 - 00124395 _____ () C:\Users\Zak\Downloads\armaunpbo_v10.zip
2014-02-02 17:42 - 2014-02-02 17:40 - 353632441 _____ () C:\Users\Zak\Downloads\NATO_Russian_SF_Weapons_v 1.2.7z
2014-02-02 12:29 - 2014-02-02 12:25 - 07044001 _____ () C:\Users\Zak\Downloads\@AS50v1.4.rar
2014-02-02 11:46 - 2014-02-02 11:46 - 52307186 _____ () C:\Users\Zak\Downloads\MK18_Mod1_V02 (1).7z
2014-02-02 11:30 - 2014-02-02 11:30 - 00013390 _____ () C:\Users\Zak\Downloads\asdg_jointrails-v0.8.zip
2014-02-02 11:21 - 2014-02-02 11:21 - 00204678 _____ () C:\Users\Zak\Downloads\CBA_A3_beta4.7z
2014-02-02 00:08 - 2014-02-02 00:07 - 48942905 _____ () C:\Users\Zak\Downloads\FHQ_Accessories_v1.4 (2).7z
2014-02-02 00:08 - 2014-02-02 00:07 - 48942905 _____ () C:\Users\Zak\Downloads\FHQ_Accessories_v1.4 (1).7z
2014-02-02 00:06 - 2014-02-02 00:06 - 00000000 ____D () C:\Users\Zak\Desktop\FHQ_Accessories_v1.4
2014-02-01 23:07 - 2014-02-01 23:07 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-02-01 23:06 - 2014-02-01 23:06 - 01110476 _____ () C:\Users\Zak\Downloads\7z920.exe
2014-02-01 23:02 - 2014-02-01 23:00 - 18685952 _____ () C:\Users\Zak\Downloads\FHQ_Accessories_v1.4.7z
2014-02-01 23:02 - 2014-02-01 23:00 - 18304260 _____ () C:\Users\Zak\Downloads\FHQ_M4_A3_v1.8..7z
2014-02-01 22:57 - 2014-02-01 22:57 - 12265603 _____ () C:\Users\Zak\Downloads\m107_V1.5.rar
2014-02-01 22:55 - 2014-02-01 22:55 - 52307186 _____ () C:\Users\Zak\Downloads\MK18_Mod1_V02.7z
2014-02-01 22:50 - 2014-02-01 22:50 - 04256118 _____ () C:\Users\Zak\Downloads\@tmr-0.3.5.zip
2014-02-01 18:18 - 2014-02-01 18:18 - 53957312 _____ (R Core Team ) C:\Users\Zak\Downloads\R-3.0.2-win.exe
2014-02-01 15:07 - 2014-02-01 15:05 - 00000000 ____D () C:\Users\Zak\Documents\maya
2014-02-01 15:07 - 2012-12-25 01:12 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\Autodesk
2014-02-01 15:07 - 2012-12-25 01:12 - 00000000 ____D () C:\ProgramData\Autodesk
2014-02-01 12:51 - 2014-02-01 12:51 - 00001097 _____ () C:\Users\Zak\Desktop\Cheat Engine.lnk
2014-02-01 12:51 - 2014-02-01 12:51 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.3
2014-02-01 12:50 - 2014-02-01 12:50 - 08065840 _____ (Cheat Engine ) C:\Users\Zak\Downloads\CheatEngine63.exe
2014-01-31 09:56 - 2014-01-31 09:56 - 00000351 _____ () C:\Users\Zak\Desktop\Network - Shortcut.lnk
2014-01-30 12:47 - 2013-11-16 11:25 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 12:47 - 2013-11-16 11:25 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-29 18:54 - 2014-01-29 18:54 - 00000000 ____D () C:\Users\Zak\Documents\LEGO Creations
2014-01-29 18:54 - 2014-01-29 18:54 - 00000000 ____D () C:\Users\Zak\AppData\Roaming\LEGO Company
2014-01-29 18:53 - 2014-01-29 18:53 - 00002162 _____ () C:\Users\Public\Desktop\LEGO Digital Designer.lnk
2014-01-29 18:53 - 2014-01-29 18:53 - 00000000 ____D () C:\Program Files (x86)\LEGO Company
2014-01-29 18:50 - 2014-01-29 18:49 - 225918672 _____ () C:\Users\Zak\Downloads\setupLDD-PC-4_3_8.exe
2014-01-29 16:35 - 2014-01-26 17:57 - 00015364 ____H () C:\Users\Zak\Desktop\.DS_Store
2014-01-29 16:35 - 2013-04-16 21:27 - 00000000 ____D () C:\Users\Zak\Desktop\Education
2014-01-29 14:51 - 2012-12-24 14:55 - 00000000 ____D () C:\Firefox
2014-01-28 18:36 - 2013-08-24 11:45 - 00000000 ____D () C:\Users\Zak\Desktop\Dev
2014-01-26 17:25 - 2014-01-26 17:25 - 00000000 ____H () C:\Users\Zak\Documents\Default.rdp
2014-01-26 13:44 - 2013-04-16 20:56 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-01-24 23:52 - 2014-01-24 23:45 - 00000000 ____D () C:\Users\Zak\Desktop\CRYENGINE_Build_PC_v3_5_6_1833_freesdk
2014-01-24 23:25 - 2012-12-25 02:34 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-01-24 23:23 - 2014-01-24 23:13 - 1955430390 _____ () C:\Users\Zak\Downloads\CRYENGINE_Build_PC_v3_5_6_1833_freesdk.zip
2014-01-24 23:15 - 2012-12-25 02:34 - 00000000 ____D () C:\Program Files\Autodesk
2014-01-24 23:10 - 2014-01-24 23:10 - 00001812 _____ () C:\Users\Public\Desktop\Maya 2014.lnk
2014-01-24 23:10 - 2014-01-24 23:10 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-01-24 22:55 - 2012-12-24 16:45 - 00298449 _____ () C:\WINDOWS\DirectX.log
2014-01-24 22:52 - 2012-12-25 01:11 - 00000000 ____D () C:\Users\Zak\AppData\Local\Akamai
2014-01-24 22:51 - 2014-01-24 22:51 - 00000000 ____D () C:\ProgramData\Applications
2014-01-24 22:51 - 2014-01-24 22:50 - 09658264 _____ (Autodesk, Inc.) C:\Users\Zak\Downloads\AutodeskDownloadManagerSetup.exe
2014-01-24 22:50 - 2014-01-24 22:50 - 11461360 _____ () C:\Users\Zak\Downloads\Autodesk_Maya_2014_wi_en-US_Setup (1).exe
2014-01-24 22:06 - 2012-12-25 01:10 - 00000000 ____D () C:\Autodesk
2014-01-23 22:40 - 2013-10-17 12:13 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-23 18:20 - 2013-10-17 13:05 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-01-23 18:20 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-01-23 18:20 - 2013-04-25 21:23 - 00000000 ____D () C:\WINDOWS\system32\1033
2014-01-23 18:20 - 2013-04-25 21:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-01-23 18:20 - 2013-04-25 21:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-01-23 18:12 - 2013-04-25 21:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-01-23 18:10 - 2013-04-25 22:07 - 00000000 ____D () C:\WINDOWS\SysWOW64\1033
2014-01-23 18:00 - 2013-04-26 00:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-01-23 17:59 - 2013-10-17 13:05 - 00000000 ____D () C:\Program Files\MSBuild
2014-01-23 17:49 - 2012-12-24 16:52 - 00000000 ____D () C:\Users\Zak\Documents\My Games
 
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.6028.dll
C:\Users\Zak\studio.exe
C:\Users\Zak\worldpainter_1.4.0.exe
 
 
Some content of TEMP:
====================
C:\Users\Zak\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-18 21:00
 
==================== End Of Log ============================
Link to post
Share on other sites

  • Staff

Hello ashford

I need you to download this script I have made for you --> fixlist.txt

It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

Run FRST again but this time press the Fix button just once and wait.

When finished, it will make a log (fixlog.txt) next to FRST. Please copy and paste the content of this file to your reply.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Gringo

Link to post
Share on other sites

Here you go, doesn't look like it's removed, rather moved. It's also moved something to do with the Java Update I recently downloaded; I still have Java 7u51 though, right?

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-02-2014

Ran by Zak at 2014-02-20 17:57:41 Run:1

Running from C:\Users\Zak\Desktop

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

C:\Users\Public\AlexaNSISPlugin.6028.dll

C:\Users\Zak\studio.exe

C:\Users\Zak\worldpainter_1.4.0.exe

C:\Users\Zak\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

 

*****************

 

C:\Users\Public\AlexaNSISPlugin.6028.dll => Moved successfully.

C:\Users\Zak\studio.exe => Moved successfully.

C:\Users\Zak\worldpainter_1.4.0.exe => Moved successfully.

C:\Users\Zak\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe => Moved successfully.

 

==== End of Fixlog ====

Link to post
Share on other sites

  • Staff

Hello ashford

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok
copy and paste the report into this topic for me to review

Gringo

Link to post
Share on other sites

  • Staff

Greetings

I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools

Gringo

Link to post
Share on other sites

  • Staff

Hello

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here CCleaner

    • Run the installer to install the application.
    • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
    • Run CCleaner. default settings are fine
    • Click Run Cleaner.
    • Close CCleaner.
Run Malwarebytes

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.

Click OK to either and let MBAM proceed with the disinfection process.

If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Download HijackThis

  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic
"information and logs"
  • In your next post I need the following
    • Log From MBAM
    • report from Hijackthis
    • let me know of any problems you may have had
    • How is the computer doing now?
Gringo
Link to post
Share on other sites

  • Staff

Greetings

I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools

Gringo

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.