Jump to content

176.121.11.12 (Type: outgoing, Port: 50697, Process: chrome.exe)


Recommended Posts

I accidentally downloaded and installed winrar from an unsecure website. it gave me some kind of virus. i was able to remove most of the problems with malware and adaware. I am still experiencing minor issues. The main issue is i keep getting this error from malwarebytes: BLOCKED: 176.121.11.12 (Type: outgoing, Port: 50697, Process: chrome.exe)

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16521
Run by Dan at 5:20:26 on 2014-03-18
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.16325.12389 [GMT -4:00]
.
AV: Ad-Aware Antivirus *Disabled/Outdated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
SP: Ad-Aware Antivirus *Disabled/Outdated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Microsoft Games\chess\chess.exe
C:\Users\Dan\AppData\Local\GCC\CHROME~1\chrome.exe
C:\Users\Dan\AppData\Local\GCC\CHROME~1\chrome.exe
C:\Users\Dan\AppData\Local\GCC\CHROME~1\chrome.exe
C:\Users\Dan\AppData\Local\GCC\CHROME~1\chrome.exe
C:\Users\Dan\AppData\Local\GCC\CHROME~1\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Program Files (x86)\Battle.net\Battle.net.4269\Battle.net.exe
C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
C:\Users\Dan\AppData\Local\GCC\CHROME~1\chrome.exe
C:\Users\Dan\AppData\Local\GCC\CHROME~1\chrome.exe
C:\Users\Dan\AppData\Local\GCC\CHROME~1\chrome.exe
C:\Users\Dan\AppData\Local\GCC\CHROME~1\chrome.exe
C:\Users\Dan\AppData\Local\GCC\CHROME~1\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [steelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SOFTET~1.LNK - C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{DC9573D4-F90A-43B9-9594-2DD64BB4C4ED} : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [softEther VPN Client UI Helper] "C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe" /uihelp
x64-Run: [AdAwareTray] "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe"
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\7h7p4dij.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
.
============= SERVICES / DRIVERS ===============
.
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2014-1-23 178344]
R2 LavasoftAdAwareService11;Ad-Aware Service 11;C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [2014-1-23 702744]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-3-12 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-3-12 701512]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-23 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-1-23 15129376]
R2 SEVPNCLIENT;SoftEther VPN Client;C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [2014-3-10 4298808]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2013-8-16 140032]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2013-8-16 424192]
R3 busenum;SteelBusSvc;C:\Windows\System32\drivers\SteelBus64.sys [2013-10-30 140800]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\System32\drivers\CT20XUT.sys [2011-8-22 202840]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\System32\drivers\CTEXFIFX.sys [2011-8-22 1417304]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\System32\drivers\CTHWIUT.sys [2011-8-22 94808]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-3-12 25928]
R3 Neo_VPN;VPN Client Device Driver - VPN;C:\Windows\System32\drivers\Neo_0013.sys [2014-3-10 28768]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-1-23 39200]
R3 SAlphamHid;SteelHIDSvc;C:\Windows\System32\drivers\SAlpham64.sys [2013-5-31 38016]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2014-1-23 79360]
S3 CT20XUT;CT20XUT;C:\Windows\System32\drivers\CT20XUT.sys [2011-8-22 202840]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\System32\drivers\CTEXFIFX.sys [2011-8-22 1417304]
S3 CTHWIUT;CTHWIUT;C:\Windows\System32\drivers\CTHWIUT.sys [2011-8-22 94808]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-12 111616]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\Windows\System32\drivers\LGSHidFilt.Sys [2013-5-30 64280]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-1-15 289256]
S3 rzdaendpt;Razer DeathAdder end point;C:\Windows\System32\drivers\rzdaendpt.sys [2013-11-15 33448]
S3 rzudd;Razer Keyboard Driver;C:\Windows\System32\drivers\rzudd.sys [2013-11-15 149160]
S3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\Windows\System32\drivers\rzvkeyboard.sys [2013-11-15 30888]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2013-3-18 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-1-24 1255736]
.
=============== Created Last 30 ================
.
2014-03-18 08:53:57    --------    d-----w-    C:\Users\Dan\AppData\Local\Microsoft Games
2014-03-18 08:48:54    --------    d-----w-    C:\FRST
2014-03-18 08:33:16    --------    d-----w-    C:\Program Files (x86)\ESET
2014-03-18 08:30:57    --------    d-----w-    C:\AdwCleaner
2014-03-18 08:25:33    --------    d-----w-    C:\Windows\ERUNT
2014-03-18 08:20:40    --------    d-----w-    C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-18 08:19:50    91352    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-03-18 00:06:03    --------    d-----w-    C:\Program Files\Logitech Gaming Software
2014-03-17 23:41:07    10536864    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6CD2F3CC-997F-420B-B0BA-FBD37E7186A8}\mpengine.dll
2014-03-12 22:32:25    --------    d-----w-    C:\Users\Dan\AppData\Roaming\LavasoftStatistics
2014-03-12 22:26:11    --------    d-----w-    C:\Program Files\Lavasoft
2014-03-12 22:23:20    --------    d-----w-    C:\Program Files\Common Files\Lavasoft
2014-03-12 21:26:37    --------    d-----w-    C:\Users\Dan\AppData\Roaming\Malwarebytes
2014-03-12 21:26:32    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-03-12 21:26:32    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-03-12 21:26:32    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-12 21:07:42    --------    d-----w-    C:\Users\Dan\AppData\Local\Dolphe
2014-03-12 20:58:51    --------    d-----w-    C:\Users\Dan\AppData\Local\GCC
2014-03-12 20:58:49    --------    d-----w-    C:\Users\Dan\AppData\Local\Programs
2014-03-11 02:55:25    28768    ----a-w-    C:\Windows\System32\drivers\Neo_0013.sys
2014-03-11 02:54:50    135736    ----a-w-    C:\Windows\System32\vpncmd.exe
2014-03-11 02:54:42    --------    d-----w-    C:\Program Files\SoftEther VPN Client
2014-03-11 00:33:39    --------    d-----w-    C:\Users\Dan\AppData\Local\SteelSeries_ApS
2014-03-11 00:33:33    --------    d-----w-    C:\Users\Dan\AppData\Roaming\SteelSeries
2014-03-11 00:32:20    --------    d-----w-    C:\ProgramData\SteelSeries
2014-03-11 00:30:15    --------    d-----w-    C:\Program Files\SteelSeries
2014-03-10 05:55:44    --------    d-----w-    C:\Users\Dan\AppData\Local\Razer
2014-02-28 19:41:35    --------    d-----w-    C:\Users\Dan\AppData\Roaming\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1
2014-02-28 19:41:35    --------    d-----w-    C:\Users\Dan\AppData\Roaming\com.pandora.desktop
2014-02-28 19:41:35    --------    d-----w-    C:\Program Files (x86)\Pandora
2014-02-24 18:36:34    --------    d-----w-    C:\Program Files (x86)\Diablo III
2014-02-19 05:10:49    --------    d-----w-    C:\Program Files\Ventrilo
2014-02-19 05:10:36    --------    d-----w-    C:\Program Files (x86)\Common Files\Wise Installation Wizard
2014-02-18 00:12:14    --------    d-----w-    C:\Program Files\McAfee Security Scan
.
==================== Find3M  ====================
.
2014-03-11 23:05:12    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-11 23:05:12    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-01 05:17:02    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-03-01 05:16:26    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 04:11:20    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-03-01 03:54:33    5768704    ----a-w-    C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11    2041856    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15    4244480    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2014-03-01 03:00:08    1964032    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-02-07 01:23:30    3156480    ----a-w-    C:\Windows\System32\win32k.sys
2014-02-04 02:32:12    624128    ----a-w-    C:\Windows\System32\qedit.dll
2014-02-04 02:04:11    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2014-02-03 17:20:54    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2014-01-29 02:32:18    484864    ----a-w-    C:\Windows\System32\wer.dll
2014-01-29 02:06:47    381440    ----a-w-    C:\Windows\SysWow64\wer.dll
2014-01-23 18:30:28    9728    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-01-23 18:29:50    1887232    ----a-w-    C:\Windows\System32\d3d11.dll
2014-01-23 18:29:50    1505280    ----a-w-    C:\Windows\SysWow64\d3d11.dll
2014-01-23 17:51:13    466520    ----a-w-    C:\Windows\System32\wrap_oal.dll
2014-01-23 17:51:13    445016    ----a-w-    C:\Windows\SysWow64\wrap_oal.dll
2014-01-23 17:51:13    123480    ----a-w-    C:\Windows\System32\OpenAL32.dll
2014-01-23 17:51:13    109144    ----a-w-    C:\Windows\SysWow64\OpenAL32.dll
2014-01-23 17:28:25    18960    ----a-w-    C:\Windows\System32\drivers\LNonPnP.sys
2014-01-14 01:53:50    88576    ----a-w-    C:\Windows\SysWow64\rzdevinfo.dll
2014-01-14 01:53:44    296448    ----a-w-    C:\Windows\SysWow64\rzaudiodll.dll
2013-12-24 23:09:41    1987584    ----a-w-    C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32    2565120    ----a-w-    C:\Windows\System32\d3d10warp.dll
2013-12-21 09:53:45    548864    ----a-w-    C:\Windows\System32\vbscript.dll
2013-12-21 08:56:47    454656    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2013-12-19 18:53:46    6671648    ----a-w-    C:\Windows\System32\nvcpl.dll
2013-12-19 18:53:46    3490080    ----a-w-    C:\Windows\System32\nvsvc64.dll
2013-12-19 18:53:44    922912    ----a-w-    C:\Windows\System32\nvvsvc.exe
2013-12-19 18:53:44    63776    ----a-w-    C:\Windows\System32\nvshext.dll
2013-12-19 18:53:44    386336    ----a-w-    C:\Windows\System32\nvmctray.dll
2013-12-19 05:01:48    3539040    ----a-w-    C:\Windows\System32\nvcoproc.bin
.
============= FINISH:  5:20:31.28 ===============
 

 

Link to post
Share on other sites

Hello and welcome!

Please run a FRST scan:

Please download Farbar Recovery Scan Tool and save it to your Desktop.

  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Dan (administrator) on DAN-PC on 18-03-2014 06:05:14
Running from C:\Users\Dan\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Users\Dan\AppData\Local\GCC\Chrome-bin\chrome.exe
(Google Inc.) C:\Users\Dan\AppData\Local\GCC\Chrome-bin\chrome.exe
(Google Inc.) C:\Users\Dan\AppData\Local\GCC\Chrome-bin\chrome.exe
(Google Inc.) C:\Users\Dan\AppData\Local\GCC\Chrome-bin\chrome.exe
(Google Inc.) C:\Users\Dan\AppData\Local\GCC\Chrome-bin\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.4269\Battle.net.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
(Google Inc.) C:\Users\Dan\AppData\Local\GCC\Chrome-bin\chrome.exe
(Google Inc.) C:\Users\Dan\AppData\Local\GCC\Chrome-bin\chrome.exe
(Google Inc.) C:\Users\Dan\AppData\Local\GCC\Chrome-bin\chrome.exe
(Google Inc.) C:\Users\Dan\AppData\Local\GCC\Chrome-bin\chrome.exe
(Google Inc.) C:\Users\Dan\AppData\Local\GCC\Chrome-bin\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\NOTEPAD.EXE
(Farbar) C:\Users\Dan\Downloads\FRST64(2).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-09] (NVIDIA Corporation)
HKLM\...\Run: [shadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-09] (NVIDIA Corporation)
HKLM\...\Run: [softEther VPN Client UI Helper] - C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4298808 2014-03-10] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [AdAwareTray] - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [4114264 2014-01-23] ()
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8294680 2014-02-27] (Logitech Inc.)
HKLM-x32\...\Run: [CTxfiHlp] - CTXFIHLP.EXE
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442712 2014-01-16] (Razer Inc.)
HKU\S-1-5-21-1087343437-1330967424-4291709060-1000\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-1087343437-1330967424-4291709060-1000\...\Run: [steelSeries Engine] - C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [242688 2013-11-05] (SteelSeries ApS)
HKU\S-1-5-21-1087343437-1330967424-4291709060-1000\...\MountPoints2: {bcc97a4a-8469-11e3-926c-806e6f6e6963} - E:\.\Bin\ASSETUP.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC5D9DE036018CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\7h7p4dij.default
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Extension: Reddit Enhancement Suite - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\7h7p4dij.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2014-01-23]
FF Extension: Adblock Plus - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\7h7p4dij.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-23]

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-15]
CHR Extension: (Google Drive) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-15]
CHR Extension: (YouTube) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-15]
CHR Extension: (McAfee Security Scan+) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-24]
CHR Extension: (Google Search) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-15]
CHR Extension: (Google Wallet) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-15]
CHR Extension: (Gmail) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-15]

==================== Services (Whitelisted) =================

R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [702744 2014-01-23] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-09] (NVIDIA Corporation)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4298808 2014-03-10] (SoftEther VPN Project at University of Tsukuba, Japan.)

==================== Drivers (Whitelisted) ====================

S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0013.sys [28768 2014-03-10] (SoftEther VPN Project at University of Tsukuba, Japan.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2013-11-15] (Razer Inc)
S3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [30888 2013-11-15] (Razer Inc)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-18 06:04 - 2014-03-18 06:04 - 02157056 _____ (Farbar) C:\Users\Dan\Downloads\FRST64(2).exe
2014-03-18 05:20 - 2014-03-18 05:20 - 00688992 ____R (Swearware) C:\Users\Dan\Downloads\dds.scr
2014-03-18 05:20 - 2014-03-18 05:20 - 00016539 _____ () C:\Users\Dan\Desktop\dds.txt
2014-03-18 05:20 - 2014-03-18 05:20 - 00005323 _____ () C:\Users\Dan\Desktop\attach.txt
2014-03-18 05:11 - 2014-03-18 05:11 - 00987442 _____ () C:\Users\Dan\Downloads\SecurityCheck.exe
2014-03-18 05:10 - 2014-03-18 05:10 - 02157056 _____ (Farbar) C:\Users\Dan\Downloads\FRST64(1).exe
2014-03-18 05:09 - 2014-03-18 05:09 - 00003158 _____ () C:\Users\Dan\Desktop\RKreport[0]_D_03182014_050924.txt
2014-03-18 05:02 - 2014-03-18 05:02 - 00003099 _____ () C:\Users\Dan\Desktop\RKreport[0]_S_03182014_050245.txt
2014-03-18 04:59 - 2014-03-18 05:09 - 00000000 ____D () C:\Users\Dan\Desktop\RK_Quarantine
2014-03-18 04:59 - 2014-03-18 04:59 - 04497920 _____ () C:\Users\Dan\Downloads\RogueKillerX64.exe
2014-03-18 04:58 - 2014-03-18 04:58 - 02347384 _____ (ESET) C:\Users\Dan\Downloads\esetsmartinstaller_enu(1).exe
2014-03-18 04:53 - 2014-03-18 04:53 - 00448512 _____ (OldTimer Tools) C:\Users\Dan\Downloads\TFC.exe
2014-03-18 04:53 - 2014-03-18 04:53 - 00021310 _____ () C:\Users\Dan\Downloads\Result.txt
2014-03-18 04:53 - 2014-03-18 04:53 - 00000000 ____D () C:\Users\Dan\AppData\Local\Microsoft Games
2014-03-18 04:52 - 2014-03-18 04:52 - 00982016 _____ (Farbar) C:\Users\Dan\Downloads\MiniToolBox.exe
2014-03-18 04:49 - 2014-03-18 04:49 - 00031421 _____ () C:\Users\Dan\Downloads\Addition.txt
2014-03-18 04:48 - 2014-03-18 06:05 - 00011089 _____ () C:\Users\Dan\Downloads\FRST.txt
2014-03-18 04:48 - 2014-03-18 06:05 - 00000000 ____D () C:\FRST
2014-03-18 04:33 - 2014-03-18 04:33 - 02347384 _____ (ESET) C:\Users\Dan\Downloads\esetsmartinstaller_enu.exe
2014-03-18 04:33 - 2014-03-18 04:33 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-18 04:30 - 2014-03-18 04:31 - 00000000 ____D () C:\AdwCleaner
2014-03-18 04:30 - 2014-03-18 04:30 - 00001234 _____ () C:\Users\Dan\Desktop\JRT.txt
2014-03-18 04:25 - 2014-03-18 04:25 - 00000000 ____D () C:\Windows\ERUNT
2014-03-18 04:22 - 2014-03-18 04:22 - 02157056 _____ (Farbar) C:\Users\Dan\Downloads\FRST64.exe
2014-03-18 04:22 - 2014-03-18 04:22 - 01950720 _____ () C:\Users\Dan\Downloads\AdwCleaner.exe
2014-03-18 04:22 - 2014-03-18 04:22 - 01037734 _____ (Thisisu) C:\Users\Dan\Downloads\JRT.exe
2014-03-18 04:20 - 2014-03-18 04:25 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-18 04:20 - 2014-03-18 04:20 - 00000000 ____D () C:\Users\Dan\Desktop\mal
2014-03-18 04:19 - 2014-03-18 04:25 - 00000000 ____D () C:\Users\Dan\Desktop\mbar
2014-03-18 04:19 - 2014-03-18 04:19 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Dan\Downloads\mbar-1.07.0.1009.exe
2014-03-18 04:19 - 2014-03-18 04:19 - 03901952 _____ () C:\Users\Dan\Downloads\RogueKiller.exe
2014-03-18 04:19 - 2014-03-18 04:19 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-18 04:18 - 2014-03-18 04:18 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dan\Downloads\rkill.exe
2014-03-17 20:06 - 2014-03-17 20:06 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-03-17 20:05 - 2014-03-17 20:05 - 55906432 _____ (Logitech Inc.) C:\Users\Dan\Downloads\LGS_8.52.15_x64_Logitech.exe
2014-03-17 11:57 - 2014-03-17 12:01 - 00000000 ____D () C:\Users\Dan\Desktop\FK 3.2.5
2014-03-17 11:56 - 2014-03-17 11:56 - 05543897 _____ () C:\Users\Dan\Downloads\FK(3)
2014-03-17 11:56 - 2014-03-17 11:56 - 00000816 _____ () C:\Users\Dan\Downloads\FK(3) - Shortcut.lnk
2014-03-12 20:19 - 2014-03-12 20:19 - 16969459 _____ () C:\Users\Dan\Downloads\evasi0n7-win-1.0.7-633a643e10531c58e7ce18018986b6d14774102d.zip
2014-03-12 18:32 - 2014-03-12 18:32 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\LavasoftStatistics
2014-03-12 18:32 - 2014-03-12 18:32 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Lavasoft
2014-03-12 18:26 - 2014-03-18 04:32 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 ____D () C:\Program Files\Lavasoft
2014-03-12 18:23 - 2014-03-12 18:23 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-03-12 17:32 - 2014-03-12 17:32 - 00001015 _____ () C:\Users\Dan\Desktop\WinRAR.lnk
2014-03-12 17:31 - 2014-03-12 17:31 - 01977432 _____ () C:\Users\Dan\Downloads\winrar-x64-501.exe
2014-03-12 17:31 - 2014-03-12 17:31 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-03-12 17:31 - 2014-03-12 17:31 - 00000000 ____D () C:\Program Files\WinRAR
2014-03-12 17:26 - 2014-03-12 17:26 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dan\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-12 17:26 - 2014-03-12 17:26 - 01727624 _____ () C:\Users\Dan\Downloads\Adaware_Installer.exe
2014-03-12 17:26 - 2014-03-12 17:26 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-12 17:26 - 2014-03-12 17:26 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Malwarebytes
2014-03-12 17:26 - 2014-03-12 17:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-12 17:26 - 2014-03-12 17:26 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-12 17:26 - 2014-03-12 17:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-12 17:26 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-12 17:07 - 2014-03-17 12:13 - 00000000 ____D () C:\Users\Dan\AppData\Local\Dolphe
2014-03-12 16:59 - 2014-03-12 16:59 - 05534512 _____ () C:\Users\Dan\Downloads\FK(2)
2014-03-12 16:59 - 2014-03-12 16:59 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\WinRAR
2014-03-12 16:58 - 2014-03-12 17:30 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-03-12 16:58 - 2014-03-12 16:59 - 00000000 ____D () C:\Users\Dan\AppData\Local\GCC
2014-03-12 16:58 - 2014-03-12 16:58 - 05534512 _____ () C:\Users\Dan\Downloads\FK(1)
2014-03-12 16:57 - 2014-03-12 16:57 - 05534512 _____ () C:\Users\Dan\Downloads\FK
2014-03-12 09:31 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 09:31 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 09:31 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 09:31 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 09:31 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 09:31 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 09:31 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 09:31 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 09:31 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 09:31 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 09:31 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 09:31 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 09:31 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 09:31 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 09:31 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 09:31 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 09:31 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 09:31 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 09:31 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 09:31 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 09:31 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 09:31 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 09:31 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 09:31 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 09:31 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 09:31 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 09:31 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 09:31 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 09:31 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 09:31 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 09:31 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 09:31 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 09:31 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 09:31 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 09:31 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 09:31 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 09:31 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 09:31 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 09:31 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 09:31 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 09:31 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 09:31 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 09:31 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 09:31 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 09:31 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-11 15:56 - 2014-03-11 15:56 - 00000633 _____ () C:\Users\Dan\Desktop\Music - Shortcut.lnk
2014-03-10 22:55 - 2014-03-10 22:55 - 00028768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\Drivers\Neo_0013.sys
2014-03-10 22:54 - 2014-03-18 04:32 - 00000000 ____D () C:\Program Files\SoftEther VPN Client
2014-03-10 22:54 - 2014-03-18 04:20 - 00000000 ____D () C:\Users\Dan\Desktop\New folder
2014-03-10 22:54 - 2014-03-10 22:54 - 00135736 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\vpncmd.exe
2014-03-10 22:54 - 2014-03-10 22:54 - 00001933 _____ () C:\Users\Public\Desktop\SoftEther VPN Client Manager.lnk
2014-03-10 22:53 - 2014-03-10 22:53 - 38069664 _____ () C:\Users\Dan\Downloads\vpngate-client-2014.03.11-build-9423.129120.zip
2014-03-10 20:40 - 2014-03-10 20:40 - 00018015 _____ () C:\Users\Dan\Downloads\mousemovementrecorder.zip
2014-03-10 20:33 - 2014-03-10 20:33 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\SteelSeries
2014-03-10 20:33 - 2014-03-10 20:33 - 00000000 ____D () C:\Users\Dan\AppData\Local\SteelSeries_ApS
2014-03-10 20:32 - 2014-03-10 20:32 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2014-03-10 20:32 - 2014-03-10 20:32 - 00000000 ____D () C:\ProgramData\SteelSeries
2014-03-10 20:30 - 2014-03-10 20:30 - 00000000 ____D () C:\Program Files\SteelSeries
2014-03-10 20:29 - 2014-03-10 20:29 - 46074088 _____ () C:\Users\Dan\Downloads\SteelSeriesEngine_2.8.0171.exe
2014-03-10 08:35 - 2014-03-10 08:35 - 00001182 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-03-10 01:58 - 2014-03-10 01:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2014-03-10 01:58 - 2014-03-10 01:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzdaendpt_01009.Wdf
2014-03-10 01:55 - 2014-03-10 01:58 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-03-10 01:55 - 2014-03-10 01:55 - 00000000 ____D () C:\Users\Dan\AppData\Local\Razer
2014-03-10 01:55 - 2014-03-10 01:55 - 00000000 ____D () C:\ProgramData\Razer
2014-03-10 01:54 - 2014-03-10 01:54 - 14188912 _____ (Razer Inc.) C:\Users\Dan\Downloads\Razer_Synapse_Framework_V1.16.06.18562.exe
2014-02-28 15:41 - 2014-02-28 15:41 - 01060624 _____ () C:\Users\Dan\Downloads\pandora_2_0_8.air
2014-02-28 15:41 - 2014-02-28 15:41 - 00000857 _____ () C:\Users\Public\Desktop\Pandora.lnk
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Program Files (x86)\Pandora
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-28 15:40 - 2014-02-28 15:41 - 18126032 _____ (Adobe Systems Inc.) C:\Users\Dan\Downloads\AdobeAIRInstaller.exe
2014-02-25 21:28 - 2014-02-25 21:28 - 00000000 ____D () C:\Users\Dan\Documents\Diablo III
2014-02-24 14:36 - 2014-03-11 10:36 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-02-24 14:36 - 2014-02-24 14:36 - 00001144 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-02-19 01:10 - 2014-02-19 01:11 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Ventrilo
2014-02-19 01:10 - 2014-02-19 01:10 - 04135696 _____ () C:\Users\Dan\Downloads\ventrilo-3.0.8-Windows-x64.exe
2014-02-19 01:10 - 2014-02-19 01:10 - 04135696 _____ () C:\Users\Dan\Downloads\ventrilo-3.0.8-Windows-x64(1).exe
2014-02-19 01:10 - 2014-02-19 01:10 - 00000917 _____ () C:\Users\Dan\Desktop\Ventrilo.lnk
2014-02-19 01:10 - 2014-02-19 01:10 - 00000262 _____ () C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
2014-02-19 01:10 - 2014-02-19 01:10 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
2014-02-19 01:10 - 2014-02-19 01:10 - 00000000 ____D () C:\Program Files\Ventrilo
2014-02-17 20:12 - 2014-02-17 20:12 - 00000000 ____D () C:\Program Files\McAfee Security Scan

==================== One Month Modified Files and Folders =======

2014-03-18 06:05 - 2014-03-18 04:48 - 00011089 _____ () C:\Users\Dan\Downloads\FRST.txt
2014-03-18 06:05 - 2014-03-18 04:48 - 00000000 ____D () C:\FRST
2014-03-18 06:05 - 2014-01-23 13:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-18 06:04 - 2014-03-18 06:04 - 02157056 _____ (Farbar) C:\Users\Dan\Downloads\FRST64(2).exe
2014-03-18 06:04 - 2014-01-23 13:56 - 00000000 ____D () C:\Users\Dan\AppData\Local\Battle.net
2014-03-18 06:00 - 2014-01-23 16:11 - 02064447 _____ () C:\Windows\WindowsUpdate.log
2014-03-18 05:20 - 2014-03-18 05:20 - 00688992 ____R (Swearware) C:\Users\Dan\Downloads\dds.scr
2014-03-18 05:20 - 2014-03-18 05:20 - 00016539 _____ () C:\Users\Dan\Desktop\dds.txt
2014-03-18 05:20 - 2014-03-18 05:20 - 00005323 _____ () C:\Users\Dan\Desktop\attach.txt
2014-03-18 05:11 - 2014-03-18 05:11 - 00987442 _____ () C:\Users\Dan\Downloads\SecurityCheck.exe
2014-03-18 05:10 - 2014-03-18 05:10 - 02157056 _____ (Farbar) C:\Users\Dan\Downloads\FRST64(1).exe
2014-03-18 05:09 - 2014-03-18 05:09 - 00003158 _____ () C:\Users\Dan\Desktop\RKreport[0]_D_03182014_050924.txt
2014-03-18 05:09 - 2014-03-18 04:59 - 00000000 ____D () C:\Users\Dan\Desktop\RK_Quarantine
2014-03-18 05:02 - 2014-03-18 05:02 - 00003099 _____ () C:\Users\Dan\Desktop\RKreport[0]_S_03182014_050245.txt
2014-03-18 04:59 - 2014-03-18 04:59 - 04497920 _____ () C:\Users\Dan\Downloads\RogueKillerX64.exe
2014-03-18 04:58 - 2014-03-18 04:58 - 02347384 _____ (ESET) C:\Users\Dan\Downloads\esetsmartinstaller_enu(1).exe
2014-03-18 04:53 - 2014-03-18 04:53 - 00448512 _____ (OldTimer Tools) C:\Users\Dan\Downloads\TFC.exe
2014-03-18 04:53 - 2014-03-18 04:53 - 00021310 _____ () C:\Users\Dan\Downloads\Result.txt
2014-03-18 04:53 - 2014-03-18 04:53 - 00000000 ____D () C:\Users\Dan\AppData\Local\Microsoft Games
2014-03-18 04:52 - 2014-03-18 04:52 - 00982016 _____ (Farbar) C:\Users\Dan\Downloads\MiniToolBox.exe
2014-03-18 04:49 - 2014-03-18 04:49 - 00031421 _____ () C:\Users\Dan\Downloads\Addition.txt
2014-03-18 04:39 - 2009-07-14 00:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-18 04:39 - 2009-07-14 00:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-18 04:38 - 2009-07-14 01:13 - 00779266 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-18 04:35 - 2014-01-23 14:15 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Mumble
2014-03-18 04:33 - 2014-03-18 04:33 - 02347384 _____ (ESET) C:\Users\Dan\Downloads\esetsmartinstaller_enu.exe
2014-03-18 04:33 - 2014-03-18 04:33 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-18 04:32 - 2014-03-12 18:26 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-03-18 04:32 - 2014-03-10 22:54 - 00000000 ____D () C:\Program Files\SoftEther VPN Client
2014-03-18 04:32 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-18 04:32 - 2009-07-14 00:51 - 00029003 _____ () C:\Windows\setupact.log
2014-03-18 04:31 - 2014-03-18 04:30 - 00000000 ____D () C:\AdwCleaner
2014-03-18 04:30 - 2014-03-18 04:30 - 00001234 _____ () C:\Users\Dan\Desktop\JRT.txt
2014-03-18 04:25 - 2014-03-18 04:25 - 00000000 ____D () C:\Windows\ERUNT
2014-03-18 04:25 - 2014-03-18 04:20 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-18 04:25 - 2014-03-18 04:19 - 00000000 ____D () C:\Users\Dan\Desktop\mbar
2014-03-18 04:22 - 2014-03-18 04:22 - 02157056 _____ (Farbar) C:\Users\Dan\Downloads\FRST64.exe
2014-03-18 04:22 - 2014-03-18 04:22 - 01950720 _____ () C:\Users\Dan\Downloads\AdwCleaner.exe
2014-03-18 04:22 - 2014-03-18 04:22 - 01037734 _____ (Thisisu) C:\Users\Dan\Downloads\JRT.exe
2014-03-18 04:20 - 2014-03-18 04:20 - 00000000 ____D () C:\Users\Dan\Desktop\mal
2014-03-18 04:20 - 2014-03-10 22:54 - 00000000 ____D () C:\Users\Dan\Desktop\New folder
2014-03-18 04:19 - 2014-03-18 04:19 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Dan\Downloads\mbar-1.07.0.1009.exe
2014-03-18 04:19 - 2014-03-18 04:19 - 03901952 _____ () C:\Users\Dan\Downloads\RogueKiller.exe
2014-03-18 04:19 - 2014-03-18 04:19 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-18 04:18 - 2014-03-18 04:18 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dan\Downloads\rkill.exe
2014-03-18 04:07 - 2014-01-23 13:56 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Battle.net
2014-03-17 20:06 - 2014-03-17 20:06 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-03-17 20:05 - 2014-03-17 20:05 - 55906432 _____ (Logitech Inc.) C:\Users\Dan\Downloads\LGS_8.52.15_x64_Logitech.exe
2014-03-17 16:08 - 2014-02-05 20:20 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-17 14:58 - 2014-01-23 13:54 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-17 12:13 - 2014-03-12 17:07 - 00000000 ____D () C:\Users\Dan\AppData\Local\Dolphe
2014-03-17 12:01 - 2014-03-17 11:57 - 00000000 ____D () C:\Users\Dan\Desktop\FK 3.2.5
2014-03-17 11:56 - 2014-03-17 11:56 - 05543897 _____ () C:\Users\Dan\Downloads\FK(3)
2014-03-17 11:56 - 2014-03-17 11:56 - 00000816 _____ () C:\Users\Dan\Downloads\FK(3) - Shortcut.lnk
2014-03-17 11:43 - 2014-02-14 18:25 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-17 00:36 - 2014-01-23 14:12 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-16 23:57 - 2009-07-14 00:45 - 00291368 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 20:19 - 2014-03-12 20:19 - 16969459 _____ () C:\Users\Dan\Downloads\evasi0n7-win-1.0.7-633a643e10531c58e7ce18018986b6d14774102d.zip
2014-03-12 18:32 - 2014-03-12 18:32 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\LavasoftStatistics
2014-03-12 18:32 - 2014-03-12 18:32 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Lavasoft
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 ____D () C:\Program Files\Lavasoft
2014-03-12 18:23 - 2014-03-12 18:23 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-03-12 17:32 - 2014-03-12 17:32 - 00001015 _____ () C:\Users\Dan\Desktop\WinRAR.lnk
2014-03-12 17:31 - 2014-03-12 17:31 - 01977432 _____ () C:\Users\Dan\Downloads\winrar-x64-501.exe
2014-03-12 17:31 - 2014-03-12 17:31 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-03-12 17:31 - 2014-03-12 17:31 - 00000000 ____D () C:\Program Files\WinRAR
2014-03-12 17:30 - 2014-03-12 16:58 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-03-12 17:30 - 2010-11-20 23:47 - 00010044 _____ () C:\Windows\PFRO.log
2014-03-12 17:26 - 2014-03-12 17:26 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dan\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-12 17:26 - 2014-03-12 17:26 - 01727624 _____ () C:\Users\Dan\Downloads\Adaware_Installer.exe
2014-03-12 17:26 - 2014-03-12 17:26 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-12 17:26 - 2014-03-12 17:26 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Malwarebytes
2014-03-12 17:26 - 2014-03-12 17:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-12 17:26 - 2014-03-12 17:26 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-12 17:26 - 2014-03-12 17:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-12 16:59 - 2014-03-12 16:59 - 05534512 _____ () C:\Users\Dan\Downloads\FK(2)
2014-03-12 16:59 - 2014-03-12 16:59 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\WinRAR
2014-03-12 16:59 - 2014-03-12 16:58 - 00000000 ____D () C:\Users\Dan\AppData\Local\GCC
2014-03-12 16:58 - 2014-03-12 16:58 - 05534512 _____ () C:\Users\Dan\Downloads\FK(1)
2014-03-12 16:57 - 2014-03-12 16:57 - 05534512 _____ () C:\Users\Dan\Downloads\FK
2014-03-11 23:00 - 2014-02-14 18:25 - 00000000 ____D () C:\ProgramData\Origin
2014-03-11 19:05 - 2014-01-23 13:39 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 19:05 - 2014-01-23 13:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 19:05 - 2014-01-23 13:39 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 15:56 - 2014-03-11 15:56 - 00000633 _____ () C:\Users\Dan\Desktop\Music - Shortcut.lnk
2014-03-11 10:36 - 2014-02-24 14:36 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-03-10 22:58 - 2014-02-14 19:44 - 00000000 ____D () C:\Users\Dan\Documents\Respawn
2014-03-10 22:58 - 2014-02-14 18:25 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-03-10 22:55 - 2014-03-10 22:55 - 00028768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\Drivers\Neo_0013.sys
2014-03-10 22:54 - 2014-03-10 22:54 - 00135736 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\vpncmd.exe
2014-03-10 22:54 - 2014-03-10 22:54 - 00001933 _____ () C:\Users\Public\Desktop\SoftEther VPN Client Manager.lnk
2014-03-10 22:53 - 2014-03-10 22:53 - 38069664 _____ () C:\Users\Dan\Downloads\vpngate-client-2014.03.11-build-9423.129120.zip
2014-03-10 20:40 - 2014-03-10 20:40 - 00018015 _____ () C:\Users\Dan\Downloads\mousemovementrecorder.zip
2014-03-10 20:33 - 2014-03-10 20:33 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\SteelSeries
2014-03-10 20:33 - 2014-03-10 20:33 - 00000000 ____D () C:\Users\Dan\AppData\Local\SteelSeries_ApS
2014-03-10 20:32 - 2014-03-10 20:32 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2014-03-10 20:32 - 2014-03-10 20:32 - 00000000 ____D () C:\ProgramData\SteelSeries
2014-03-10 20:30 - 2014-03-10 20:30 - 00000000 ____D () C:\Program Files\SteelSeries
2014-03-10 20:29 - 2014-03-10 20:29 - 46074088 _____ () C:\Users\Dan\Downloads\SteelSeriesEngine_2.8.0171.exe
2014-03-10 19:26 - 2014-02-14 18:27 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-10 08:35 - 2014-03-10 08:35 - 00001182 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-03-10 08:24 - 2014-02-01 13:34 - 00045767 _____ () C:\Windows\DirectX.log
2014-03-10 05:30 - 2014-02-14 18:26 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Origin
2014-03-10 01:58 - 2014-03-10 01:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2014-03-10 01:58 - 2014-03-10 01:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzdaendpt_01009.Wdf
2014-03-10 01:58 - 2014-03-10 01:55 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-03-10 01:58 - 2014-01-23 13:43 - 00054214 _____ () C:\Windows\DPINST.LOG
2014-03-10 01:58 - 2014-01-23 13:37 - 00058008 _____ () C:\Users\Dan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-10 01:55 - 2014-03-10 01:55 - 00000000 ____D () C:\Users\Dan\AppData\Local\Razer
2014-03-10 01:55 - 2014-03-10 01:55 - 00000000 ____D () C:\ProgramData\Razer
2014-03-10 01:54 - 2014-03-10 01:54 - 14188912 _____ (Razer Inc.) C:\Users\Dan\Downloads\Razer_Synapse_Framework_V1.16.06.18562.exe
2014-03-09 19:58 - 2014-01-23 13:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-06 02:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-05 17:06 - 2014-01-23 13:55 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-01 02:05 - 2014-03-12 09:31 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 01:17 - 2014-03-12 09:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 01:16 - 2014-03-12 09:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 00:58 - 2014-03-12 09:31 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 00:52 - 2014-03-12 09:31 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 00:51 - 2014-03-12 09:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 00:42 - 2014-03-12 09:31 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 00:40 - 2014-03-12 09:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 00:37 - 2014-03-12 09:31 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 00:33 - 2014-03-12 09:31 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 00:33 - 2014-03-12 09:31 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 00:32 - 2014-03-12 09:31 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 00:30 - 2014-03-12 09:31 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 00:23 - 2014-03-12 09:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 00:17 - 2014-03-12 09:31 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 00:11 - 2014-03-12 09:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 00:02 - 2014-03-12 09:31 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-28 23:54 - 2014-03-12 09:31 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-28 23:52 - 2014-03-12 09:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-28 23:51 - 2014-03-12 09:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-28 23:47 - 2014-03-12 09:31 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 23:43 - 2014-03-12 09:31 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-28 23:43 - 2014-03-12 09:31 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-28 23:42 - 2014-03-12 09:31 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-28 23:40 - 2014-03-12 09:31 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-28 23:38 - 2014-03-12 09:31 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 23:37 - 2014-03-12 09:31 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-28 23:35 - 2014-03-12 09:31 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-28 23:18 - 2014-03-12 09:31 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-28 23:16 - 2014-03-12 09:31 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-28 23:14 - 2014-03-12 09:31 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-12 09:31 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-12 09:31 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 23:00 - 2014-03-12 09:31 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 22:57 - 2014-03-12 09:31 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 22:38 - 2014-03-12 09:31 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-12 09:31 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 22:27 - 2014-03-12 09:31 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-12 09:31 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-12 09:31 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 15:41 - 2014-02-28 15:41 - 01060624 _____ () C:\Users\Dan\Downloads\pandora_2_0_8.air
2014-02-28 15:41 - 2014-02-28 15:41 - 00000857 _____ () C:\Users\Public\Desktop\Pandora.lnk
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Program Files (x86)\Pandora
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-28 15:41 - 2014-02-28 15:40 - 18126032 _____ (Adobe Systems Inc.) C:\Users\Dan\Downloads\AdobeAIRInstaller.exe
2014-02-28 15:41 - 2014-01-23 13:39 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Adobe
2014-02-28 15:41 - 2014-01-23 13:39 - 00000000 ____D () C:\Users\Dan\AppData\Local\Adobe
2014-02-25 21:28 - 2014-02-25 21:28 - 00000000 ____D () C:\Users\Dan\Documents\Diablo III
2014-02-24 14:36 - 2014-02-24 14:36 - 00001144 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-02-19 01:11 - 2014-02-19 01:10 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Ventrilo
2014-02-19 01:10 - 2014-02-19 01:10 - 04135696 _____ () C:\Users\Dan\Downloads\ventrilo-3.0.8-Windows-x64.exe
2014-02-19 01:10 - 2014-02-19 01:10 - 04135696 _____ () C:\Users\Dan\Downloads\ventrilo-3.0.8-Windows-x64(1).exe
2014-02-19 01:10 - 2014-02-19 01:10 - 00000917 _____ () C:\Users\Dan\Desktop\Ventrilo.lnk
2014-02-19 01:10 - 2014-02-19 01:10 - 00000262 _____ () C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
2014-02-19 01:10 - 2014-02-19 01:10 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
2014-02-19 01:10 - 2014-02-19 01:10 - 00000000 ____D () C:\Program Files\Ventrilo
2014-02-17 20:12 - 2014-02-17 20:12 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-17 20:12 - 2014-01-23 13:39 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-16 04:00 - 2014-01-23 14:18 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 04:00 - 2014-01-23 14:18 - 00000000 ____D () C:\Windows\system32\MRT

Some content of TEMP:
====================
C:\Users\Dan\AppData\Local\Temp\ntdll_dump.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-10 08:54

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Dan at 2014-03-18 06:05:25
Running from C:\Users\Dan\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

Ad-Aware Antivirus (HKLM\...\{6A16ADA5-0B30-4893-84AB-961B1340D14A}_AdAwareUpdater) (Version: 11.1.5354.0 - Lavasoft)
AdAwareInstaller (Version: 11.1.5354.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.1.5354.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.00 - Creative Technology Limited)
Creative Console Launcher (HKLM-x32\...\Console Launcher) (Version:  - )
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel® Network Connections 16.6.126.0 (HKLM\...\PROSetDX) (Version: 16.6.126.0 - Intel)
Intel® Network Connections 16.6.126.0 (Version: 16.6.126.0 - Intel) Hidden
iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.52 (HKLM\...\Logitech Gaming Software) (Version: 8.52.15 - Logitech Inc.)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig)
NVIDIA Control Panel 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.5.195 - Electronic Arts, Inc.)
Pandora (HKLM-x32\...\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1) (Version: 2.0.8 - PANDORA MEDIA, INC.)
Pandora (x32 Version: 2.0.8 - PANDORA MEDIA, INC.) Hidden
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.16.6.18562 - Razer Inc.)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.05.9423 - SoftEther VPN Project)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.171.34768 - SteelSeries)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.0.3 - Electronic Arts)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Restore Points  =========================

10-03-2014 13:01:00 Scheduled Checkpoint
11-03-2014 02:55:27 Device Driver Package Install: SoftEther VPN Project Network adapters
11-03-2014 16:11:34 Windows Update
12-03-2014 22:23:06 AA11
13-03-2014 01:04:24 Windows Update
17-03-2014 04:01:14 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {D4528FFA-773B-49AC-A22C-A1E76874DF9D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-01-23 13:36 - 2013-12-19 14:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-23 16:09 - 2014-01-23 16:09 - 00702744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
2014-01-23 16:30 - 2014-01-23 16:30 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_thread-vc100-mt-1_55.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_system-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_chrono-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_date_time-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_filesystem-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 03720040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareServiceKernel.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SQLite.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\pugixml.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 02595144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\RCF.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_regex-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00602984 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareActivation.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareApplicationUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareGamingMode.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareReset.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTime.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00268152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIgnoreList.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00253800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareQuarantine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00293744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiMalwareEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiRootkitEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerHistory.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00607584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScanner.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_timer-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00325488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00333688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareRealTimeProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIncompatibles.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00219488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiSpam.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00129896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiPhishing.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00599920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareParentalControl.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 01926504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareWebProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00263536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareEmailProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareNetworkProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00490848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareInstaller.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\zlib.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\libssh2.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwarePromo.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareFeedback.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SecurityCenter.dll
2013-07-17 17:10 - 2013-07-17 17:10 - 00777296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\BDSmartDB.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 04114264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
2014-01-23 16:29 - 2014-01-23 16:29 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_locale-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00361824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\HtmlFramework.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\DllStorage.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTrayDefaultSkin.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\Localization.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00708096 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00175104 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-03-10 20:33 - 2014-03-10 20:33 - 00089915 _____ () C:\Users\Dan\AppData\Local\Temp\10d2ca4a-28d7-4d81-8c1e-dc42bb6c83fc\CliSecureRT64.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00280064 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00139776 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00148480 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00145408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2013-01-10 01:46 - 2013-01-10 01:46 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 09562112 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2013-01-10 01:46 - 2013-01-10 01:46 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00209408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CustomWPFColorPicker.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00349696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00173056 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00307200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00154624 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00169472 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00157184 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2013-11-05 13:19 - 2013-11-05 13:19 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-23 13:51 - 2009-03-26 15:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-03-12 16:59 - 2013-12-03 22:48 - 04055504 _____ () C:\Users\Dan\AppData\Local\GCC\Chrome-bin\31.0.1650.63\pdf.dll
2014-03-12 16:59 - 2013-12-03 22:48 - 00399312 _____ () C:\Users\Dan\AppData\Local\GCC\Chrome-bin\31.0.1650.63\ppgooglenaclpluginchrome.dll
2014-03-12 16:59 - 2013-12-03 22:47 - 01619408 _____ () C:\Users\Dan\AppData\Local\GCC\Chrome-bin\31.0.1650.63\ffmpegsumo.dll
2013-08-13 08:15 - 2013-08-13 08:15 - 00206336 _____ () C:\Users\Dan\AppData\Local\Temp\GC\Profiles\{78F68E73-39BD-4A89-A66D-120E21C42718}\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\convenience.dll
2014-02-15 14:19 - 2014-02-15 14:19 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-11 19:05 - 2014-03-11 19:05 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2014-03-04 19:55 - 2014-03-04 19:55 - 26118656 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4269\libcef.dll
2014-03-04 19:55 - 2014-03-04 19:55 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4269\libglesv2.dll
2014-03-04 19:55 - 2014-03-04 19:55 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4269\libegl.dll
2013-08-13 08:15 - 2013-08-13 08:15 - 00206336 _____ () C:\Users\Dan\AppData\Local\Temp\GC\Profiles\{859DD81C-BA39-4EDE-8493-1298922357E2}\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\convenience.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Marvell 91xx Config ATA Device
Description: Marvell 91xx Config ATA Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/18/2014 04:49:36 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/18/2014 04:34:14 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2014 04:33:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/18/2014 04:33:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/18/2014 04:30:34 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/18/2014 04:53:44 AM) (Source: DCOM) (User: Dan-PC)
Description: machine-defaultLocalActivation{3EEF301F-B596-4C0B-BD92-013BEAFCE793}{3EEF301F-B596-4C0B-BD92-013BEAFCE793}Dan-PCDanS-1-5-21-1087343437-1330967424-4291709060-1000LocalHost (Using LRPC)

Error: (03/18/2014 04:53:32 AM) (Source: Service Control Manager) (User: )
Description: The Creative Audio Service service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (03/18/2014 04:49:36 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dan\Downloads\esetsmartinstaller_enu.exe

Error: (03/18/2014 04:34:14 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2014 04:33:15 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dan\Downloads\esetsmartinstaller_enu.exe

Error: (03/18/2014 04:33:12 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dan\Downloads\esetsmartinstaller_enu.exe

Error: (03/18/2014 04:30:34 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 24%
Total physical RAM: 16325.15 MB
Available physical RAM: 12279.7 MB
Total Pagefile: 32648.48 MB
Available Pagefile: 28417.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.25 GB) (Free:112.12 GB) NTFS
Drive d: (Storage) (Fixed) (Total:465.76 GB) (Free:291.4 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (MB Support CD) (CDROM) (Total:2.99 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6F76EC62)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

Are these IP blocks by MBAM gone after the following fix?


Step 1

Please download this attached fixlist.txt and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button. Allow a reboot if requested.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

 

 

 

Step 2

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.
Link to post
Share on other sites

I am monitoring now to see if the problem was fixed. will report back with results. Logs:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Dan (administrator) on DAN-PC on 18-03-2014 13:46:53
Running from C:\Users\Dan\Desktop\New folder (2)
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Dan\Desktop\New folder (2)\FRST64(2).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-09] (NVIDIA Corporation)
HKLM\...\Run: [shadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-09] (NVIDIA Corporation)
HKLM\...\Run: [softEther VPN Client UI Helper] - C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4298808 2014-03-10] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [AdAwareTray] - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [4114264 2014-01-23] ()
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8294680 2014-02-27] (Logitech Inc.)
HKLM-x32\...\Run: [CTxfiHlp] - CTXFIHLP.EXE
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442712 2014-01-16] (Razer Inc.)
HKU\S-1-5-21-1087343437-1330967424-4291709060-1000\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-1087343437-1330967424-4291709060-1000\...\Run: [steelSeries Engine] - C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [242688 2013-11-05] (SteelSeries ApS)
HKU\S-1-5-21-1087343437-1330967424-4291709060-1000\...\MountPoints2: {bcc97a4a-8469-11e3-926c-806e6f6e6963} - E:\.\Bin\ASSETUP.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC5D9DE036018CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\7h7p4dij.default
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Extension: Reddit Enhancement Suite - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\7h7p4dij.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2014-01-23]
FF Extension: Adblock Plus - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\7h7p4dij.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-23]

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-15]
CHR Extension: (Google Drive) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-15]
CHR Extension: (YouTube) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-15]
CHR Extension: (McAfee Security Scan+) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-24]
CHR Extension: (Google Search) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-15]
CHR Extension: (Google Wallet) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-15]
CHR Extension: (Gmail) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-15]

==================== Services (Whitelisted) =================

R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [702744 2014-01-23] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-09] (NVIDIA Corporation)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4298808 2014-03-10] (SoftEther VPN Project at University of Tsukuba, Japan.)

==================== Drivers (Whitelisted) ====================

S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0013.sys [28768 2014-03-10] (SoftEther VPN Project at University of Tsukuba, Japan.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2013-11-15] (Razer Inc)
S3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [30888 2013-11-15] (Razer Inc)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-18 13:43 - 2014-03-18 13:46 - 00000000 ____D () C:\Users\Dan\Desktop\New folder (2)
2014-03-18 13:42 - 2014-03-18 13:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 05:20 - 2014-03-18 05:20 - 00688992 ____R (Swearware) C:\Users\Dan\Downloads\dds.scr
2014-03-18 05:20 - 2014-03-18 05:20 - 00016539 _____ () C:\Users\Dan\Desktop\dds.txt
2014-03-18 05:20 - 2014-03-18 05:20 - 00005323 _____ () C:\Users\Dan\Desktop\attach.txt
2014-03-18 05:11 - 2014-03-18 05:11 - 00987442 _____ () C:\Users\Dan\Downloads\SecurityCheck.exe
2014-03-18 05:10 - 2014-03-18 05:10 - 02157056 _____ (Farbar) C:\Users\Dan\Downloads\FRST64(1).exe
2014-03-18 05:09 - 2014-03-18 05:09 - 00003158 _____ () C:\Users\Dan\Desktop\RKreport[0]_D_03182014_050924.txt
2014-03-18 05:02 - 2014-03-18 05:02 - 00003099 _____ () C:\Users\Dan\Desktop\RKreport[0]_S_03182014_050245.txt
2014-03-18 04:59 - 2014-03-18 05:09 - 00000000 ____D () C:\Users\Dan\Desktop\RK_Quarantine
2014-03-18 04:59 - 2014-03-18 04:59 - 04497920 _____ () C:\Users\Dan\Downloads\RogueKillerX64.exe
2014-03-18 04:58 - 2014-03-18 04:58 - 02347384 _____ (ESET) C:\Users\Dan\Downloads\esetsmartinstaller_enu(1).exe
2014-03-18 04:53 - 2014-03-18 04:53 - 00448512 _____ (OldTimer Tools) C:\Users\Dan\Downloads\TFC.exe
2014-03-18 04:53 - 2014-03-18 04:53 - 00021310 _____ () C:\Users\Dan\Downloads\Result.txt
2014-03-18 04:53 - 2014-03-18 04:53 - 00000000 ____D () C:\Users\Dan\AppData\Local\Microsoft Games
2014-03-18 04:52 - 2014-03-18 04:52 - 00982016 _____ (Farbar) C:\Users\Dan\Downloads\MiniToolBox.exe
2014-03-18 04:49 - 2014-03-18 06:05 - 00028152 _____ () C:\Users\Dan\Downloads\Addition.txt
2014-03-18 04:48 - 2014-03-18 13:46 - 00000000 ____D () C:\FRST
2014-03-18 04:48 - 2014-03-18 06:05 - 00045787 _____ () C:\Users\Dan\Downloads\FRST.txt
2014-03-18 04:33 - 2014-03-18 04:33 - 02347384 _____ (ESET) C:\Users\Dan\Downloads\esetsmartinstaller_enu.exe
2014-03-18 04:30 - 2014-03-18 04:31 - 00000000 ____D () C:\AdwCleaner
2014-03-18 04:30 - 2014-03-18 04:30 - 00001234 _____ () C:\Users\Dan\Desktop\JRT.txt
2014-03-18 04:25 - 2014-03-18 04:25 - 00000000 ____D () C:\Windows\ERUNT
2014-03-18 04:22 - 2014-03-18 04:22 - 02157056 _____ (Farbar) C:\Users\Dan\Downloads\FRST64.exe
2014-03-18 04:22 - 2014-03-18 04:22 - 01950720 _____ () C:\Users\Dan\Downloads\AdwCleaner.exe
2014-03-18 04:22 - 2014-03-18 04:22 - 01037734 _____ (Thisisu) C:\Users\Dan\Downloads\JRT.exe
2014-03-18 04:20 - 2014-03-18 04:25 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-18 04:20 - 2014-03-18 04:20 - 00000000 ____D () C:\Users\Dan\Desktop\mal
2014-03-18 04:19 - 2014-03-18 04:25 - 00000000 ____D () C:\Users\Dan\Desktop\mbar
2014-03-18 04:19 - 2014-03-18 04:19 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Dan\Downloads\mbar-1.07.0.1009.exe
2014-03-18 04:19 - 2014-03-18 04:19 - 03901952 _____ () C:\Users\Dan\Downloads\RogueKiller.exe
2014-03-18 04:19 - 2014-03-18 04:19 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-18 04:18 - 2014-03-18 04:18 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dan\Downloads\rkill.exe
2014-03-17 20:06 - 2014-03-17 20:06 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-03-17 20:05 - 2014-03-17 20:05 - 55906432 _____ (Logitech Inc.) C:\Users\Dan\Downloads\LGS_8.52.15_x64_Logitech.exe
2014-03-17 11:57 - 2014-03-17 12:01 - 00000000 ____D () C:\Users\Dan\Desktop\FK 3.2.5
2014-03-17 11:56 - 2014-03-17 11:56 - 05543897 _____ () C:\Users\Dan\Downloads\FK(3)
2014-03-17 11:56 - 2014-03-17 11:56 - 00000816 _____ () C:\Users\Dan\Downloads\FK(3) - Shortcut.lnk
2014-03-12 20:19 - 2014-03-12 20:19 - 16969459 _____ () C:\Users\Dan\Downloads\evasi0n7-win-1.0.7-633a643e10531c58e7ce18018986b6d14774102d.zip
2014-03-12 18:32 - 2014-03-12 18:32 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\LavasoftStatistics
2014-03-12 18:32 - 2014-03-12 18:32 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Lavasoft
2014-03-12 18:26 - 2014-03-18 13:44 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 ____D () C:\Program Files\Lavasoft
2014-03-12 18:23 - 2014-03-12 18:23 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-03-12 17:32 - 2014-03-12 17:32 - 00001015 _____ () C:\Users\Dan\Desktop\WinRAR.lnk
2014-03-12 17:31 - 2014-03-12 17:31 - 01977432 _____ () C:\Users\Dan\Downloads\winrar-x64-501.exe
2014-03-12 17:31 - 2014-03-12 17:31 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-03-12 17:31 - 2014-03-12 17:31 - 00000000 ____D () C:\Program Files\WinRAR
2014-03-12 17:26 - 2014-03-12 17:26 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dan\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-12 17:26 - 2014-03-12 17:26 - 01727624 _____ () C:\Users\Dan\Downloads\Adaware_Installer.exe
2014-03-12 17:26 - 2014-03-12 17:26 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-12 17:26 - 2014-03-12 17:26 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Malwarebytes
2014-03-12 17:26 - 2014-03-12 17:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-12 17:26 - 2014-03-12 17:26 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-12 17:26 - 2014-03-12 17:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-12 17:26 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-12 17:07 - 2014-03-17 12:13 - 00000000 ____D () C:\Users\Dan\AppData\Local\Dolphe
2014-03-12 16:59 - 2014-03-12 16:59 - 05534512 _____ () C:\Users\Dan\Downloads\FK(2)
2014-03-12 16:59 - 2014-03-12 16:59 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\WinRAR
2014-03-12 16:58 - 2014-03-12 17:30 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-03-12 16:58 - 2014-03-12 16:58 - 05534512 _____ () C:\Users\Dan\Downloads\FK(1)
2014-03-12 16:57 - 2014-03-12 16:57 - 05534512 _____ () C:\Users\Dan\Downloads\FK
2014-03-12 09:31 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 09:31 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 09:31 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 09:31 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 09:31 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 09:31 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 09:31 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 09:31 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 09:31 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 09:31 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 09:31 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 09:31 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 09:31 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 09:31 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 09:31 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 09:31 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 09:31 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 09:31 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 09:31 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 09:31 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 09:31 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 09:31 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 09:31 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 09:31 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 09:31 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 09:31 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 09:31 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 09:31 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 09:31 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 09:31 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 09:31 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 09:31 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 09:31 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 09:31 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 09:31 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 09:31 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 09:31 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 09:31 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 09:31 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 09:31 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 09:31 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 09:31 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 09:31 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 09:31 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 09:31 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-11 15:56 - 2014-03-11 15:56 - 00000633 _____ () C:\Users\Dan\Desktop\Music - Shortcut.lnk
2014-03-10 22:55 - 2014-03-10 22:55 - 00028768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\Drivers\Neo_0013.sys
2014-03-10 22:54 - 2014-03-18 13:45 - 00000000 ____D () C:\Program Files\SoftEther VPN Client
2014-03-10 22:54 - 2014-03-18 04:20 - 00000000 ____D () C:\Users\Dan\Desktop\New folder
2014-03-10 22:54 - 2014-03-10 22:54 - 00135736 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\vpncmd.exe
2014-03-10 22:54 - 2014-03-10 22:54 - 00001933 _____ () C:\Users\Public\Desktop\SoftEther VPN Client Manager.lnk
2014-03-10 22:53 - 2014-03-10 22:53 - 38069664 _____ () C:\Users\Dan\Downloads\vpngate-client-2014.03.11-build-9423.129120.zip
2014-03-10 20:40 - 2014-03-10 20:40 - 00018015 _____ () C:\Users\Dan\Downloads\mousemovementrecorder.zip
2014-03-10 20:33 - 2014-03-10 20:33 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\SteelSeries
2014-03-10 20:33 - 2014-03-10 20:33 - 00000000 ____D () C:\Users\Dan\AppData\Local\SteelSeries_ApS
2014-03-10 20:32 - 2014-03-10 20:32 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2014-03-10 20:32 - 2014-03-10 20:32 - 00000000 ____D () C:\ProgramData\SteelSeries
2014-03-10 20:30 - 2014-03-10 20:30 - 00000000 ____D () C:\Program Files\SteelSeries
2014-03-10 20:29 - 2014-03-10 20:29 - 46074088 _____ () C:\Users\Dan\Downloads\SteelSeriesEngine_2.8.0171.exe
2014-03-10 08:35 - 2014-03-10 08:35 - 00001182 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-03-10 01:58 - 2014-03-10 01:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2014-03-10 01:58 - 2014-03-10 01:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzdaendpt_01009.Wdf
2014-03-10 01:55 - 2014-03-10 01:58 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-03-10 01:55 - 2014-03-10 01:55 - 00000000 ____D () C:\Users\Dan\AppData\Local\Razer
2014-03-10 01:55 - 2014-03-10 01:55 - 00000000 ____D () C:\ProgramData\Razer
2014-03-10 01:54 - 2014-03-10 01:54 - 14188912 _____ (Razer Inc.) C:\Users\Dan\Downloads\Razer_Synapse_Framework_V1.16.06.18562.exe
2014-02-28 15:41 - 2014-02-28 15:41 - 01060624 _____ () C:\Users\Dan\Downloads\pandora_2_0_8.air
2014-02-28 15:41 - 2014-02-28 15:41 - 00000857 _____ () C:\Users\Public\Desktop\Pandora.lnk
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Program Files (x86)\Pandora
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-28 15:40 - 2014-02-28 15:41 - 18126032 _____ (Adobe Systems Inc.) C:\Users\Dan\Downloads\AdobeAIRInstaller.exe
2014-02-25 21:28 - 2014-02-25 21:28 - 00000000 ____D () C:\Users\Dan\Documents\Diablo III
2014-02-24 14:36 - 2014-03-11 10:36 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-02-24 14:36 - 2014-02-24 14:36 - 00001144 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-02-19 01:10 - 2014-02-19 01:11 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Ventrilo
2014-02-19 01:10 - 2014-02-19 01:10 - 04135696 _____ () C:\Users\Dan\Downloads\ventrilo-3.0.8-Windows-x64.exe
2014-02-19 01:10 - 2014-02-19 01:10 - 04135696 _____ () C:\Users\Dan\Downloads\ventrilo-3.0.8-Windows-x64(1).exe
2014-02-19 01:10 - 2014-02-19 01:10 - 00000917 _____ () C:\Users\Dan\Desktop\Ventrilo.lnk
2014-02-19 01:10 - 2014-02-19 01:10 - 00000262 _____ () C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
2014-02-19 01:10 - 2014-02-19 01:10 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
2014-02-19 01:10 - 2014-02-19 01:10 - 00000000 ____D () C:\Program Files\Ventrilo
2014-02-17 20:12 - 2014-02-17 20:12 - 00000000 ____D () C:\Program Files\McAfee Security Scan

==================== One Month Modified Files and Folders =======

2014-03-18 13:46 - 2014-03-18 13:43 - 00000000 ____D () C:\Users\Dan\Desktop\New folder (2)
2014-03-18 13:46 - 2014-03-18 04:48 - 00000000 ____D () C:\FRST
2014-03-18 13:45 - 2014-03-10 22:54 - 00000000 ____D () C:\Program Files\SoftEther VPN Client
2014-03-18 13:45 - 2014-01-23 13:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-18 13:44 - 2014-03-12 18:26 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-03-18 13:44 - 2014-01-23 16:11 - 02077453 _____ () C:\Windows\WindowsUpdate.log
2014-03-18 13:44 - 2014-01-23 13:56 - 00000000 ____D () C:\Users\Dan\AppData\Local\Battle.net
2014-03-18 13:44 - 2010-11-20 23:47 - 00010584 _____ () C:\Windows\PFRO.log
2014-03-18 13:44 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-18 13:44 - 2009-07-14 00:51 - 00029171 _____ () C:\Windows\setupact.log
2014-03-18 13:42 - 2014-03-18 13:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 13:39 - 2009-07-14 00:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-18 13:39 - 2009-07-14 00:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-18 13:21 - 2014-01-23 14:15 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Mumble
2014-03-18 13:05 - 2014-01-23 13:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-18 06:05 - 2014-03-18 04:49 - 00028152 _____ () C:\Users\Dan\Downloads\Addition.txt
2014-03-18 06:05 - 2014-03-18 04:48 - 00045787 _____ () C:\Users\Dan\Downloads\FRST.txt
2014-03-18 05:20 - 2014-03-18 05:20 - 00688992 ____R (Swearware) C:\Users\Dan\Downloads\dds.scr
2014-03-18 05:20 - 2014-03-18 05:20 - 00016539 _____ () C:\Users\Dan\Desktop\dds.txt
2014-03-18 05:20 - 2014-03-18 05:20 - 00005323 _____ () C:\Users\Dan\Desktop\attach.txt
2014-03-18 05:11 - 2014-03-18 05:11 - 00987442 _____ () C:\Users\Dan\Downloads\SecurityCheck.exe
2014-03-18 05:10 - 2014-03-18 05:10 - 02157056 _____ (Farbar) C:\Users\Dan\Downloads\FRST64(1).exe
2014-03-18 05:09 - 2014-03-18 05:09 - 00003158 _____ () C:\Users\Dan\Desktop\RKreport[0]_D_03182014_050924.txt
2014-03-18 05:09 - 2014-03-18 04:59 - 00000000 ____D () C:\Users\Dan\Desktop\RK_Quarantine
2014-03-18 05:02 - 2014-03-18 05:02 - 00003099 _____ () C:\Users\Dan\Desktop\RKreport[0]_S_03182014_050245.txt
2014-03-18 04:59 - 2014-03-18 04:59 - 04497920 _____ () C:\Users\Dan\Downloads\RogueKillerX64.exe
2014-03-18 04:58 - 2014-03-18 04:58 - 02347384 _____ (ESET) C:\Users\Dan\Downloads\esetsmartinstaller_enu(1).exe
2014-03-18 04:53 - 2014-03-18 04:53 - 00448512 _____ (OldTimer Tools) C:\Users\Dan\Downloads\TFC.exe
2014-03-18 04:53 - 2014-03-18 04:53 - 00021310 _____ () C:\Users\Dan\Downloads\Result.txt
2014-03-18 04:53 - 2014-03-18 04:53 - 00000000 ____D () C:\Users\Dan\AppData\Local\Microsoft Games
2014-03-18 04:52 - 2014-03-18 04:52 - 00982016 _____ (Farbar) C:\Users\Dan\Downloads\MiniToolBox.exe
2014-03-18 04:38 - 2009-07-14 01:13 - 00779266 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-18 04:33 - 2014-03-18 04:33 - 02347384 _____ (ESET) C:\Users\Dan\Downloads\esetsmartinstaller_enu.exe
2014-03-18 04:31 - 2014-03-18 04:30 - 00000000 ____D () C:\AdwCleaner
2014-03-18 04:30 - 2014-03-18 04:30 - 00001234 _____ () C:\Users\Dan\Desktop\JRT.txt
2014-03-18 04:25 - 2014-03-18 04:25 - 00000000 ____D () C:\Windows\ERUNT
2014-03-18 04:25 - 2014-03-18 04:20 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-18 04:25 - 2014-03-18 04:19 - 00000000 ____D () C:\Users\Dan\Desktop\mbar
2014-03-18 04:22 - 2014-03-18 04:22 - 02157056 _____ (Farbar) C:\Users\Dan\Downloads\FRST64.exe
2014-03-18 04:22 - 2014-03-18 04:22 - 01950720 _____ () C:\Users\Dan\Downloads\AdwCleaner.exe
2014-03-18 04:22 - 2014-03-18 04:22 - 01037734 _____ (Thisisu) C:\Users\Dan\Downloads\JRT.exe
2014-03-18 04:20 - 2014-03-18 04:20 - 00000000 ____D () C:\Users\Dan\Desktop\mal
2014-03-18 04:20 - 2014-03-10 22:54 - 00000000 ____D () C:\Users\Dan\Desktop\New folder
2014-03-18 04:19 - 2014-03-18 04:19 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Dan\Downloads\mbar-1.07.0.1009.exe
2014-03-18 04:19 - 2014-03-18 04:19 - 03901952 _____ () C:\Users\Dan\Downloads\RogueKiller.exe
2014-03-18 04:19 - 2014-03-18 04:19 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-18 04:18 - 2014-03-18 04:18 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dan\Downloads\rkill.exe
2014-03-18 04:07 - 2014-01-23 13:56 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Battle.net
2014-03-17 20:06 - 2014-03-17 20:06 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-03-17 20:05 - 2014-03-17 20:05 - 55906432 _____ (Logitech Inc.) C:\Users\Dan\Downloads\LGS_8.52.15_x64_Logitech.exe
2014-03-17 16:08 - 2014-02-05 20:20 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-17 14:58 - 2014-01-23 13:54 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-17 12:13 - 2014-03-12 17:07 - 00000000 ____D () C:\Users\Dan\AppData\Local\Dolphe
2014-03-17 12:01 - 2014-03-17 11:57 - 00000000 ____D () C:\Users\Dan\Desktop\FK 3.2.5
2014-03-17 11:56 - 2014-03-17 11:56 - 05543897 _____ () C:\Users\Dan\Downloads\FK(3)
2014-03-17 11:56 - 2014-03-17 11:56 - 00000816 _____ () C:\Users\Dan\Downloads\FK(3) - Shortcut.lnk
2014-03-17 11:43 - 2014-02-14 18:25 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-17 00:36 - 2014-01-23 14:12 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-16 23:57 - 2009-07-14 00:45 - 00291368 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 20:19 - 2014-03-12 20:19 - 16969459 _____ () C:\Users\Dan\Downloads\evasi0n7-win-1.0.7-633a643e10531c58e7ce18018986b6d14774102d.zip
2014-03-12 18:32 - 2014-03-12 18:32 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\LavasoftStatistics
2014-03-12 18:32 - 2014-03-12 18:32 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Lavasoft
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 ____D () C:\Program Files\Lavasoft
2014-03-12 18:23 - 2014-03-12 18:23 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-03-12 17:32 - 2014-03-12 17:32 - 00001015 _____ () C:\Users\Dan\Desktop\WinRAR.lnk
2014-03-12 17:31 - 2014-03-12 17:31 - 01977432 _____ () C:\Users\Dan\Downloads\winrar-x64-501.exe
2014-03-12 17:31 - 2014-03-12 17:31 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-03-12 17:31 - 2014-03-12 17:31 - 00000000 ____D () C:\Program Files\WinRAR
2014-03-12 17:30 - 2014-03-12 16:58 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-03-12 17:26 - 2014-03-12 17:26 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dan\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-12 17:26 - 2014-03-12 17:26 - 01727624 _____ () C:\Users\Dan\Downloads\Adaware_Installer.exe
2014-03-12 17:26 - 2014-03-12 17:26 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-12 17:26 - 2014-03-12 17:26 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Malwarebytes
2014-03-12 17:26 - 2014-03-12 17:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-12 17:26 - 2014-03-12 17:26 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-12 17:26 - 2014-03-12 17:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-12 16:59 - 2014-03-12 16:59 - 05534512 _____ () C:\Users\Dan\Downloads\FK(2)
2014-03-12 16:59 - 2014-03-12 16:59 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\WinRAR
2014-03-12 16:58 - 2014-03-12 16:58 - 05534512 _____ () C:\Users\Dan\Downloads\FK(1)
2014-03-12 16:57 - 2014-03-12 16:57 - 05534512 _____ () C:\Users\Dan\Downloads\FK
2014-03-11 23:00 - 2014-02-14 18:25 - 00000000 ____D () C:\ProgramData\Origin
2014-03-11 19:05 - 2014-01-23 13:39 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 19:05 - 2014-01-23 13:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 19:05 - 2014-01-23 13:39 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 15:56 - 2014-03-11 15:56 - 00000633 _____ () C:\Users\Dan\Desktop\Music - Shortcut.lnk
2014-03-11 10:36 - 2014-02-24 14:36 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-03-10 22:58 - 2014-02-14 19:44 - 00000000 ____D () C:\Users\Dan\Documents\Respawn
2014-03-10 22:58 - 2014-02-14 18:25 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-03-10 22:55 - 2014-03-10 22:55 - 00028768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\Drivers\Neo_0013.sys
2014-03-10 22:54 - 2014-03-10 22:54 - 00135736 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\vpncmd.exe
2014-03-10 22:54 - 2014-03-10 22:54 - 00001933 _____ () C:\Users\Public\Desktop\SoftEther VPN Client Manager.lnk
2014-03-10 22:53 - 2014-03-10 22:53 - 38069664 _____ () C:\Users\Dan\Downloads\vpngate-client-2014.03.11-build-9423.129120.zip
2014-03-10 20:40 - 2014-03-10 20:40 - 00018015 _____ () C:\Users\Dan\Downloads\mousemovementrecorder.zip
2014-03-10 20:33 - 2014-03-10 20:33 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\SteelSeries
2014-03-10 20:33 - 2014-03-10 20:33 - 00000000 ____D () C:\Users\Dan\AppData\Local\SteelSeries_ApS
2014-03-10 20:32 - 2014-03-10 20:32 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2014-03-10 20:32 - 2014-03-10 20:32 - 00000000 ____D () C:\ProgramData\SteelSeries
2014-03-10 20:30 - 2014-03-10 20:30 - 00000000 ____D () C:\Program Files\SteelSeries
2014-03-10 20:29 - 2014-03-10 20:29 - 46074088 _____ () C:\Users\Dan\Downloads\SteelSeriesEngine_2.8.0171.exe
2014-03-10 19:26 - 2014-02-14 18:27 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-10 08:35 - 2014-03-10 08:35 - 00001182 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-03-10 08:24 - 2014-02-01 13:34 - 00045767 _____ () C:\Windows\DirectX.log
2014-03-10 05:30 - 2014-02-14 18:26 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Origin
2014-03-10 01:58 - 2014-03-10 01:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2014-03-10 01:58 - 2014-03-10 01:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzdaendpt_01009.Wdf
2014-03-10 01:58 - 2014-03-10 01:55 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-03-10 01:58 - 2014-01-23 13:43 - 00054214 _____ () C:\Windows\DPINST.LOG
2014-03-10 01:58 - 2014-01-23 13:37 - 00058008 _____ () C:\Users\Dan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-10 01:55 - 2014-03-10 01:55 - 00000000 ____D () C:\Users\Dan\AppData\Local\Razer
2014-03-10 01:55 - 2014-03-10 01:55 - 00000000 ____D () C:\ProgramData\Razer
2014-03-10 01:54 - 2014-03-10 01:54 - 14188912 _____ (Razer Inc.) C:\Users\Dan\Downloads\Razer_Synapse_Framework_V1.16.06.18562.exe
2014-03-06 02:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-05 17:06 - 2014-01-23 13:55 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-01 02:05 - 2014-03-12 09:31 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 01:17 - 2014-03-12 09:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 01:16 - 2014-03-12 09:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 00:58 - 2014-03-12 09:31 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 00:52 - 2014-03-12 09:31 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 00:51 - 2014-03-12 09:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 00:42 - 2014-03-12 09:31 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 00:40 - 2014-03-12 09:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 00:37 - 2014-03-12 09:31 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 00:33 - 2014-03-12 09:31 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 00:33 - 2014-03-12 09:31 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 00:32 - 2014-03-12 09:31 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 00:30 - 2014-03-12 09:31 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 00:23 - 2014-03-12 09:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 00:17 - 2014-03-12 09:31 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 00:11 - 2014-03-12 09:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 00:02 - 2014-03-12 09:31 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-28 23:54 - 2014-03-12 09:31 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-28 23:52 - 2014-03-12 09:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-28 23:51 - 2014-03-12 09:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-28 23:47 - 2014-03-12 09:31 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 23:43 - 2014-03-12 09:31 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-28 23:43 - 2014-03-12 09:31 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-28 23:42 - 2014-03-12 09:31 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-28 23:40 - 2014-03-12 09:31 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-28 23:38 - 2014-03-12 09:31 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 23:37 - 2014-03-12 09:31 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-28 23:35 - 2014-03-12 09:31 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-28 23:18 - 2014-03-12 09:31 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-28 23:16 - 2014-03-12 09:31 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-28 23:14 - 2014-03-12 09:31 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-12 09:31 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-12 09:31 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 23:00 - 2014-03-12 09:31 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 22:57 - 2014-03-12 09:31 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 22:38 - 2014-03-12 09:31 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-12 09:31 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 22:27 - 2014-03-12 09:31 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-12 09:31 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-12 09:31 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 15:41 - 2014-02-28 15:41 - 01060624 _____ () C:\Users\Dan\Downloads\pandora_2_0_8.air
2014-02-28 15:41 - 2014-02-28 15:41 - 00000857 _____ () C:\Users\Public\Desktop\Pandora.lnk
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Program Files (x86)\Pandora
2014-02-28 15:41 - 2014-02-28 15:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-28 15:41 - 2014-02-28 15:40 - 18126032 _____ (Adobe Systems Inc.) C:\Users\Dan\Downloads\AdobeAIRInstaller.exe
2014-02-28 15:41 - 2014-01-23 13:39 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Adobe
2014-02-28 15:41 - 2014-01-23 13:39 - 00000000 ____D () C:\Users\Dan\AppData\Local\Adobe
2014-02-25 21:28 - 2014-02-25 21:28 - 00000000 ____D () C:\Users\Dan\Documents\Diablo III
2014-02-24 14:36 - 2014-02-24 14:36 - 00001144 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-02-19 01:11 - 2014-02-19 01:10 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Ventrilo
2014-02-19 01:10 - 2014-02-19 01:10 - 04135696 _____ () C:\Users\Dan\Downloads\ventrilo-3.0.8-Windows-x64.exe
2014-02-19 01:10 - 2014-02-19 01:10 - 04135696 _____ () C:\Users\Dan\Downloads\ventrilo-3.0.8-Windows-x64(1).exe
2014-02-19 01:10 - 2014-02-19 01:10 - 00000917 _____ () C:\Users\Dan\Desktop\Ventrilo.lnk
2014-02-19 01:10 - 2014-02-19 01:10 - 00000262 _____ () C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
2014-02-19 01:10 - 2014-02-19 01:10 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
2014-02-19 01:10 - 2014-02-19 01:10 - 00000000 ____D () C:\Program Files\Ventrilo
2014-02-17 20:12 - 2014-02-17 20:12 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-17 20:12 - 2014-01-23 13:39 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-16 04:00 - 2014-01-23 14:18 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 04:00 - 2014-01-23 14:18 - 00000000 ____D () C:\Windows\system32\MRT

Some content of TEMP:
====================
C:\Users\Dan\AppData\Local\Temp\ntdll_dump.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-10 08:54

==================== End Of Log ============================

1.txt

Link to post
Share on other sites

The logs indicate that it is fixed.

I suggest that we do the clean up now while you keep monitoring the situation and give a feedback after enough time has passed to tell.

That's it! Your logs look clean to me at the moment.

We're gonna clean up everything now and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.

My help is free for everybody.

If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif.

Thank you!

Clean Up

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:

  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download DelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.
Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.

Link to post
Share on other sites

Thanks for the help. It appears the problem is fixed. Are you able to tell me what the problem was? I definitely know the source of the problem. I was in a hurry to download winrar and did a quick google search for 'winrar'. I clicked the first link that popped up (advertised link) and downloaded winrar. The download was packaged with a bunch of nonsense. Thanks again for the help.

Link to post
Share on other sites

Are you able to tell me what the problem was?

The download was packaged with a bunch of nonsense.

Yes it was adware and another piece of nonsense that was bundled with this winrar installer. (This is a short description of this particular adware that caused the IP blocks by MBAM: http://www.shouldiremoveit.com/gigaclicks-crawler-99419-program.aspx)
Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.