Jump to content

Recommended Posts

Hello! 

So let me explain what is happening on Wednesday I downloaded WMP x256, I don't have any anti virus software since I do alot of stuff on my pc that is sometimes detected as a trojan. Anyways, what happens is when I start up my PC it starts loading the operating system and it says "Loading Windows" and then instantly almost restarts my PC. 

 

This has never happened before and only started when I downloaded that WMP x256. 

 

The only way to access my computer  it seems is to run Memory Diagnostic from the advance repair settings. It then loads up windows fine. I would be ok with this if I could actually use and save folders to my desktop but I can't. It always resets and I have tried pretty much everything I can.

 

I tried using mbam but this happened:

http://gyazo.com/2fbd9a0b05a91f3a8e76041f426f29a9

 

So yes, could I please have some help? This is my first time doing this (going on a forum and asking help) 

 

If this does work I will be very grateful.

 

Here is the Farbar scan:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2014
Ran by Callum (administrator) on CALLUM-PC on 30-05-2014 20:01:15
Running from C:\Users\TEMP\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Free FLV Converter\FreeFLVConverterUpdt.exe
() C:\Program Files (x86)\LPT\srpts.exe
() C:\Program Files\003\nuttkoqiez64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\LPT\srptm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Beepa P/L) C:\Fraps\fraps.exe
(Beepa P/L) C:\Fraps\fraps64.dat
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iSUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2688920 2014-05-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dual Package.lnk
ShortcutTarget: Dual Package.lnk -> C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Package\bin\Dual Package.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hauppauge Device Properties.lnk
ShortcutTarget: Hauppauge Device Properties.lnk -> C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe (Hauppauge Computer Works, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBooster.lnk
ShortcutTarget: ImageBooster.lnk -> C:\Program Files (x86)\LG Soft India\ImageBooster\bin\ImageBooster.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
ProxyServer:
BHO: HDvid-Codec V9.0 - {11111111-1111-1111-1111-110511131156} - C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-bho64.dll (installdaddy)
BHO: VEEHD Plugin V9.0 - {11111111-1111-1111-1111-110511131184} - C:\Program Files (x86)\VEEHD Plugin V9.0\VEEHD Plugin V9.0-bho64.dll (installdaddy)
BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: FreeFLVConverter - {DC7CE5D0-3608-4FD0-8853-D5822E02135D} - C:\Program Files (x86)\Free FLV Converter\FreeFLVConverter_x64.dll (Free FLV Converter)
BHO-x32: HDvid-Codec V9.0 - {11111111-1111-1111-1111-110511131156} - C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-bho.dll (installdaddy)
BHO-x32: VEEHD Plugin V9.0 - {11111111-1111-1111-1111-110511131184} - C:\Program Files (x86)\VEEHD Plugin V9.0\VEEHD Plugin V9.0-bho.dll (installdaddy)
BHO-x32: Bubble Dock SurfMatch - {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll (Nosibay)
BHO-x32: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -  No File
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FreeFLVConverter - {DC7CE5D0-3608-4FD0-8853-D5822E02135D} - C:\Program Files (x86)\Free FLV Converter\FreeFLVConverter.dll (Free FLV Converter)
BHO-x32: FlowSurf - {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} - C:\Program Files (x86)\Flowsurf\FlowSurf.dll (FlowSurf Inc.)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2014-05-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-14]
FF HKLM-x32\...\Firefox\Extensions: [bubbledock@nosibay.com] - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\FFSurfMatch
FF Extension: Bubble Dock - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\FFSurfMatch [2014-04-18]
 
Chrome: 
=======
CHR DefaultSearchKeyword: google.co.uk
CHR Extension: (Google Docs) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-30]
CHR Extension: (Google Drive) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-30]
CHR Extension: (YouTube) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-30]
CHR Extension: (Google Search) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-30]
CHR Extension: (Google Wallet) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-30]
CHR Extension: (Gmail) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-30]
CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - "C:\Program Files (x86)\Iminent\Iminent.crx" [2014-05-30]
CHR HKLM-x32\...\Chrome\Extension: [kbjlipmgfoamgjaogmbihaffnpkpjajp] - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\GCSurfMatch.crx [2014-01-16]
 
==================== Services (Whitelisted) =================
 
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-04-27] ()
R2 FreeFLVConverterUpdt; C:\Program Files (x86)\Free FLV Converter\FreeFLVConverterUpdt.exe [252928 2014-02-25] ()
R3 HcwDevCentralService; C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe [395536 2014-02-11] (Hauppauge Computer Works, Inc.)
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [37920 2014-04-08] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe [119408 2014-05-14] (Mozilla Foundation)
R2 nuttkoqiez64; C:\Program Files\003\nuttkoqiez64.exe [706560 2014-04-20] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-19] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 Update Surftastic; "C:\Program Files (x86)\Surftastic\updateSurftastic.exe" [X]
S2 Util Surftastic; "C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
S3 hcwE5bda; C:\Windows\System32\drivers\hcwE5bda.sys [968792 2014-01-07] (Hauppauge Computer Work, Inc.)
S3 LGDDCDevice; C:\Windows\SysWOW64\LGI2CDriver.sys [16384 2010-08-04] (LG Soft India)
S3 LGII2CDevice; C:\Windows\SysWOW64\LGPII2CDriver.sys [19968 2010-08-04] (LG Soft India)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R2 NPF; C:\Windows\SysWOW64\drivers\npf.sys [30336 2003-04-04] (Politecnico di Torino)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN60.sys [24064 2010-12-14] (Windows ® Codename Longhorn DDK provider)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-04-18] (StdLib)
R1 {01531192-f7ef-415f-a549-cfdb11836731}w64; C:\Windows\System32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys [61120 2014-04-24] (StdLib)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-30 20:01 - 2014-05-30 20:01 - 00016881 _____ () C:\Users\TEMP\Desktop\FRST.txt
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Gyazo
2014-05-30 19:52 - 2014-05-30 20:01 - 00000000 ____D () C:\FRST
2014-05-30 19:52 - 2014-05-30 19:52 - 02066944 _____ (Farbar) C:\Users\TEMP\Downloads\FRST64.exe
2014-05-30 19:52 - 2014-05-30 19:52 - 02066944 _____ (Farbar) C:\Users\TEMP\Desktop\FRST64.exe
2014-05-30 19:51 - 2014-05-30 19:58 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-30 19:51 - 2014-05-30 19:51 - 00000000 ____D () C:\Users\TEMP\AppData\Local\CrashDumps
2014-05-30 19:50 - 2014-05-30 19:50 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\TEMP\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-30 19:50 - 2014-05-30 19:50 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-30 19:50 - 2014-05-30 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-30 19:50 - 2014-05-30 19:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-30 19:50 - 2014-05-30 19:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-30 19:50 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-30 19:50 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-30 19:50 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-30 19:48 - 2014-05-30 19:48 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Apple
2014-05-30 19:48 - 2014-05-30 19:48 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-30 19:47 - 2014-05-30 19:47 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Apple Computer
2014-05-30 19:39 - 2014-05-30 19:39 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-05-30 19:38 - 2014-05-30 19:38 - 05201408 _____ () C:\Users\TEMP\Downloads\RogueKillerX64.exe
2014-05-30 19:30 - 2014-05-30 19:30 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\NVIDIA
2014-05-30 19:30 - 2014-05-30 19:30 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\DivX
2014-05-30 19:30 - 2014-05-30 19:29 - 05203398 _____ (Swearware) C:\Users\TEMP\Desktop\ComboFix.exe
2014-05-30 19:29 - 2014-05-30 19:29 - 05203398 _____ (Swearware) C:\Users\TEMP\Downloads\ComboFix.exe
2014-05-30 19:26 - 2014-05-30 19:49 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Apple Computer
2014-05-30 19:26 - 2014-05-30 19:26 - 00002259 _____ () C:\Users\TEMP\Desktop\Google Chrome.lnk
2014-05-30 19:26 - 2014-05-30 19:26 - 00001417 _____ () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-30 19:26 - 2014-05-30 19:26 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-30 19:26 - 2014-05-30 19:26 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-30 19:26 - 2014-05-30 19:26 - 00000000 ____D () C:\Users\TEMP\Documents\LOLReplay
2014-05-30 19:26 - 2014-05-30 19:26 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Adobe
2014-05-30 19:26 - 2014-05-30 19:26 - 00000000 ____D () C:\Users\TEMP\AppData\Local\NVIDIA
2014-05-30 19:26 - 2014-05-30 19:26 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Google
2014-05-30 19:26 - 2014-05-30 19:26 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Adobe
2014-05-30 19:25 - 2014-05-30 20:01 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Temp
2014-05-30 19:25 - 2014-05-30 19:26 - 00000000 ____D () C:\Users\TEMP
2014-05-30 19:25 - 2014-05-30 19:25 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2014-05-30 19:25 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-30 19:25 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-29 16:59 - 2014-05-29 16:59 - 00006120 _____ () C:\Windows\system32\PerfStringBackup.TMP
2014-05-29 00:30 - 2014-05-29 00:30 - 00000000 ____D () C:\Windows\system32\config\mybackup
2014-05-28 16:50 - 2014-05-28 16:50 - 00059640 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-05-28 15:13 - 2014-05-28 15:13 - 00000000 ____D () C:\Users\Splurtle\Documents\bu
2014-05-28 15:00 - 2014-05-28 15:00 - 00000000 ____D () C:\Users\Splurtle\AppData\Roaming\Macromedia
2014-05-28 15:00 - 2014-05-28 15:00 - 00000000 ____D () C:\Users\Splurtle\AppData\Roaming\LolClient
2014-05-28 14:56 - 2014-05-28 15:15 - 00000000 ____D () C:\Users\Splurtle\AppData\Local\Temp
2014-05-28 14:56 - 2014-05-28 14:59 - 00002259 _____ () C:\Users\Splurtle\Desktop\Google Chrome.lnk
2014-05-28 14:56 - 2014-05-28 14:56 - 00001417 _____ () C:\Users\Splurtle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-28 14:56 - 2014-05-28 14:56 - 00000020 ___SH () C:\Users\Splurtle\ntuser.ini
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ___RD () C:\Users\Splurtle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ___RD () C:\Users\Splurtle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ____D () C:\Users\Splurtle\Documents\LOLReplay
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ____D () C:\Users\Splurtle\AppData\Roaming\Apple Computer
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ____D () C:\Users\Splurtle\AppData\Roaming\Adobe
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ____D () C:\Users\Splurtle\AppData\Local\NVIDIA
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ____D () C:\Users\Splurtle\AppData\Local\Google
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ____D () C:\Users\Splurtle\AppData\Local\Adobe
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ____D () C:\Users\Splurtle
2014-05-28 14:56 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Splurtle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-28 14:56 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Splurtle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-28 14:34 - 2014-05-29 17:11 - 00000000 ____D () C:\Documenterinos
2014-05-28 14:23 - 2014-05-28 15:49 - 00059640 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-05-27 21:28 - 2014-05-28 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
2014-05-27 21:22 - 2014-05-27 21:22 - 00000000 ____D () C:\adobeTemp
2014-05-27 21:04 - 2014-05-28 22:47 - 00000000 ____D () C:\deeff789ef251c466ba7bd88bb12bc
2014-05-27 21:03 - 2014-05-28 22:47 - 00000000 ____D () C:\Windows\System32\Tasks\SystemSockets
2014-05-27 21:03 - 2014-05-28 22:47 - 00000000 ____D () C:\Windows\System32\Tasks\Browser Updater
2014-05-27 21:03 - 2014-05-28 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
2014-05-27 21:03 - 2014-05-28 22:47 - 00000000 ____D () C:\Program Files (x86)\Zapp
2014-05-27 21:03 - 2014-05-28 22:47 - 00000000 ____D () C:\Program Files (x86)\Wajam
2014-05-27 21:03 - 2014-05-28 22:46 - 00000000 ____D () C:\Program Files\Zapp
2014-05-27 21:03 - 2014-04-09 07:55 - 00034376 _____ () C:\Windows\Launcher.exe
2014-05-27 20:49 - 2014-05-27 20:49 - 00001313 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-05-27 17:20 - 2014-05-28 22:47 - 00000000 ____D () C:\Program Files (x86)\save ona
2014-05-27 17:20 - 2014-05-28 22:46 - 00000000 ____D () C:\ProgramData\TopApp soft
2014-05-27 17:20 - 2014-05-28 14:56 - 00000452 ____H () C:\Windows\Tasks\SO.Booster-S-5078429478.job
2014-05-27 17:20 - 2014-05-27 17:20 - 04210176 _____ () C:\Program Files (x86)\SO_x64.Booster
2014-05-27 17:20 - 2014-05-27 17:20 - 00174928 _____ () C:\Program Files (x86)\SOSvc.dll
2014-05-27 17:20 - 2014-05-27 17:20 - 00002698 _____ () C:\Windows\System32\Tasks\SO.Booster-S-5078429478
2014-05-27 17:20 - 2014-05-27 17:20 - 00000000 ____D () C:\ProgramData\save ona
2014-05-27 08:11 - 2014-05-27 08:11 - 00291048 _____ () C:\Windows\Minidump\052714-26691-01.dmp
2014-05-26 14:02 - 2014-05-26 14:03 - 00295416 _____ () C:\Windows\Minidump\052614-55754-01.dmp
2014-05-25 14:03 - 2014-05-28 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
2014-05-25 14:03 - 2014-05-27 17:22 - 00000000 ____D () C:\Program Files (x86)\EZDownloader
2014-05-25 14:03 - 2014-05-25 14:03 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-05-25 14:03 - 2014-05-25 14:03 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-05-25 14:03 - 2014-05-25 14:03 - 00000000 ____D () C:\ProgramData\SNT
2014-05-25 14:03 - 2014-05-25 14:03 - 00000000 ____D () C:\Program Files (x86)\SNT
2014-05-25 14:02 - 2014-05-28 22:47 - 00000000 ____D () C:\ProgramData\1617bd3103911570
2014-05-25 14:02 - 2014-05-28 22:46 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-25 14:02 - 2014-05-28 14:56 - 00000468 ____H () C:\Windows\Tasks\SW-Booster-S-5808190755.job
2014-05-25 14:02 - 2014-05-27 17:20 - 00000000 ____D () C:\Program Files (x86)\SW-Booster
2014-05-25 14:02 - 2014-05-25 14:03 - 00000000 ____D () C:\ProgramData\TopApp software
2014-05-25 14:02 - 2014-05-25 14:02 - 00002714 _____ () C:\Windows\System32\Tasks\SW-Booster-S-5808190755
2014-05-25 14:02 - 2014-05-25 14:02 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker
2014-05-25 14:02 - 2014-05-25 14:02 - 00000000 ____D () C:\ProgramData\saVee on
2014-05-25 14:02 - 2014-05-25 14:02 - 00000000 ____D () C:\Program Files (x86)\YoutubeAdblocker
2014-05-25 14:02 - 2014-05-25 14:02 - 00000000 ____D () C:\Program Files (x86)\saVee on
2014-05-25 12:29 - 2014-05-28 14:49 - 00000000 ____D () C:\Users\GFX
2014-05-25 12:16 - 2014-05-25 12:17 - 00291024 _____ () C:\Windows\Minidump\052514-23805-01.dmp
2014-05-25 12:04 - 2014-05-25 12:05 - 00291016 _____ () C:\Windows\Minidump\052514-37721-01.dmp
2014-05-25 08:14 - 2014-05-25 08:14 - 00291048 _____ () C:\Windows\Minidump\052514-25630-01.dmp
2014-05-24 19:56 - 2014-05-24 19:57 - 00291048 _____ () C:\Windows\Minidump\052414-14180-01.dmp
2014-05-24 13:23 - 2014-05-24 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-24 13:23 - 2014-05-24 13:23 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-05-24 07:20 - 2014-05-24 07:20 - 00291048 _____ () C:\Windows\Minidump\052414-15412-01.dmp
2014-05-22 16:37 - 2014-05-22 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-05-22 16:37 - 2014-05-22 16:37 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-05-22 16:37 - 2014-05-22 16:37 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-05-19 21:24 - 2014-05-19 21:24 - 00000000 ____D () C:\Program Files (x86)\SiteLookup
2014-05-19 21:24 - 2014-05-19 21:24 - 00000000 ____D () C:\Program Files (x86)\SiteFinder
2014-05-19 21:22 - 2014-05-19 21:22 - 00001024 _____ () C:\.rnd
2014-05-19 21:22 - 2014-05-19 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-19 21:22 - 2011-08-22 17:07 - 00942192 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2014-05-19 21:22 - 2011-08-22 17:07 - 00354416 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2014-05-19 21:22 - 2011-08-22 17:07 - 00062064 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2014-05-19 21:22 - 2011-08-22 17:07 - 00031344 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMparport.sys
2014-05-19 21:22 - 2011-08-22 17:06 - 00432752 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2014-05-19 21:22 - 2011-08-22 17:06 - 00030320 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2014-05-19 21:22 - 2011-08-21 23:11 - 00039024 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2014-05-19 21:21 - 2014-05-28 14:23 - 00000000 ____D () C:\ProgramData\VMware
2014-05-19 21:21 - 2014-05-19 21:21 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines
2014-05-19 21:21 - 2014-05-19 21:21 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-19 21:21 - 2014-05-19 21:21 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-05-19 19:12 - 2014-05-19 19:12 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-17 07:30 - 2014-05-17 07:29 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-17 07:30 - 2014-05-17 07:29 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-17 07:30 - 2014-05-17 07:29 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-17 07:30 - 2014-05-17 07:29 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-17 07:29 - 2014-05-17 07:29 - 00000000 ____D () C:\Program Files\Java
2014-05-16 08:23 - 2014-05-16 08:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ophcrack
2014-05-15 08:18 - 2014-05-15 08:18 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-05-15 08:18 - 2014-05-15 08:18 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-05-15 08:18 - 2014-05-15 08:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-15 08:18 - 2014-05-15 08:18 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-05-15 08:18 - 2014-05-15 08:18 - 00000000 ____D () C:\Program Files\iTunes
2014-05-15 08:18 - 2014-05-15 08:18 - 00000000 ____D () C:\Program Files\iPod
2014-05-15 08:18 - 2014-05-15 08:18 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-15 08:18 - 2014-05-15 08:18 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-05-15 08:18 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-05-15 08:17 - 2014-05-15 08:17 - 00000000 ____D () C:\ProgramData\Apple
2014-05-15 08:17 - 2014-05-15 08:17 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-15 08:17 - 2014-05-15 08:17 - 00000000 ____D () C:\Program Files\Bonjour
2014-05-15 08:17 - 2014-05-15 08:17 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-05-15 06:59 - 2014-05-15 06:59 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-14 22:33 - 2014-05-06 05:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 22:33 - 2014-05-06 05:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:33 - 2014-05-06 04:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 22:33 - 2014-05-06 04:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 22:33 - 2014-05-06 04:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 22:33 - 2014-05-06 03:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 21:12 - 2014-05-14 21:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-14 15:27 - 2014-05-09 07:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 15:27 - 2014-05-09 07:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 15:27 - 2014-04-12 03:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 15:27 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 15:27 - 2014-04-12 03:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 15:27 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 15:27 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 15:27 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 15:27 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 15:27 - 2014-04-12 03:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 15:27 - 2014-04-12 03:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 15:27 - 2014-03-25 03:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 15:27 - 2014-03-25 03:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 15:27 - 2014-03-04 10:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 15:27 - 2014-03-04 10:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 15:27 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 15:27 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 15:27 - 2014-03-04 10:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 15:27 - 2014-03-04 10:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 15:27 - 2014-03-04 10:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 15:27 - 2014-03-04 10:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 15:27 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 15:27 - 2014-03-04 10:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 15:27 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 15:27 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 15:27 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 15:27 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 15:27 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 15:27 - 2014-03-04 10:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 15:27 - 2014-03-04 10:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 15:27 - 2014-03-04 10:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 15:27 - 2014-03-04 10:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 15:27 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 15:27 - 2014-03-04 10:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 15:27 - 2014-03-04 10:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 15:27 - 2014-03-04 10:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 15:27 - 2014-03-04 10:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 15:27 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 15:27 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 15:27 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 15:27 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 15:27 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 15:27 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 15:27 - 2014-03-04 10:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 15:27 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 21:03 - 2014-05-13 21:03 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-13 21:03 - 2014-05-13 21:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-13 21:03 - 2014-05-13 21:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-13 21:03 - 2014-05-13 21:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-13 21:03 - 2014-05-13 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-12 22:00 - 2011-06-01 04:16 - 00535656 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-05-12 22:00 - 2011-06-01 04:16 - 00107624 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-05-12 22:00 - 2011-06-01 04:16 - 00074344 _____ () C:\Windows\system32\RtNicProp64.dll
2014-05-12 21:58 - 2014-05-12 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2014-05-12 21:58 - 2010-12-14 04:54 - 00058472 ____R (Realtek Corporation) C:\Windows\system32\Drivers\RtTeam60.sys
2014-05-12 21:58 - 2010-12-14 04:54 - 00027136 ____R (Realtek ) C:\Windows\system32\Drivers\RtNdPt60.sys
2014-05-12 21:58 - 2010-12-14 04:54 - 00024064 ____R (Windows ® Codename Longhorn DDK provider) C:\Windows\system32\Drivers\RtVlan60.sys
2014-05-12 21:56 - 2014-05-12 21:56 - 00000010 _____ () C:\Windows\GSetup.ini
2014-05-12 18:39 - 2014-05-12 18:40 - 00000000 ____D () C:\ProgramData\Splashtop
2014-05-12 18:38 - 2014-05-12 18:39 - 00000000 ____D () C:\Program Files\GIGABYTE
2014-05-12 18:38 - 2014-05-12 18:39 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2014-05-12 18:38 - 2014-05-12 18:38 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-05-12 18:35 - 2014-05-12 22:00 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-05-12 18:35 - 2014-05-12 21:35 - 00000086 _____ () C:\csb.log
2014-05-12 18:35 - 2014-05-12 21:35 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-05-12 18:35 - 2014-05-12 21:35 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-05-12 18:34 - 2014-05-12 21:49 - 00000000 ____D () C:\Program Files (x86)\Splashtop
2014-05-11 13:34 - 2014-05-11 13:34 - 00000000 ____D () C:\Windows\Options
2014-05-11 13:28 - 2014-05-12 21:49 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-05-11 13:28 - 2014-05-12 21:49 - 00000000 ____D () C:\Program Files (x86)\PassShow-soft
2014-05-10 10:54 - 2014-05-13 21:03 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-10 10:54 - 2014-05-10 10:54 - 00000000 ____D () C:\ProgramData\Sun
2014-05-10 10:54 - 2014-05-10 10:54 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-10 09:04 - 2014-05-10 09:06 - 01404416 _____ () C:\Windows\Minidump\051014-23306-01.dmp
2014-05-08 19:43 - 2014-05-08 19:43 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-08 16:33 - 2014-05-08 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-05-04 20:33 - 2014-05-04 20:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
2014-05-03 14:38 - 2014-05-03 15:49 - 00000000 ____D () C:\Program Files (x86)\LOLReplay
2014-05-03 14:38 - 2014-05-03 14:38 - 00001917 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk
 
==================== One Month Modified Files and Folders =======
 
2014-05-30 20:01 - 2014-05-30 20:01 - 00016881 _____ () C:\Users\TEMP\Desktop\FRST.txt
2014-05-30 20:01 - 2014-05-30 19:52 - 00000000 ____D () C:\FRST
2014-05-30 20:01 - 2014-05-30 19:25 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Temp
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Gyazo
2014-05-30 19:58 - 2014-05-30 19:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-30 19:53 - 2014-04-19 19:28 - 00000000 ____D () C:\Program Files (x86)\HDvid-Codec V9.0
2014-05-30 19:53 - 2014-04-18 18:23 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-30 19:52 - 2014-05-30 19:52 - 02066944 _____ (Farbar) C:\Users\TEMP\Downloads\FRST64.exe
2014-05-30 19:52 - 2014-05-30 19:52 - 02066944 _____ (Farbar) C:\Users\TEMP\Desktop\FRST64.exe
2014-05-30 19:51 - 2014-05-30 19:51 - 00000000 ____D () C:\Users\TEMP\AppData\Local\CrashDumps
2014-05-30 19:50 - 2014-05-30 19:50 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\TEMP\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-30 19:50 - 2014-05-30 19:50 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-30 19:50 - 2014-05-30 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-30 19:50 - 2014-05-30 19:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-30 19:50 - 2014-05-30 19:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-30 19:49 - 2014-05-30 19:26 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Apple Computer
2014-05-30 19:48 - 2014-05-30 19:48 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Apple
2014-05-30 19:48 - 2014-05-30 19:48 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-30 19:47 - 2014-05-30 19:47 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Apple Computer
2014-05-30 19:47 - 2014-04-19 01:18 - 01461132 _____ () C:\Windows\WindowsUpdate.log
2014-05-30 19:47 - 2009-07-14 05:51 - 00039357 _____ () C:\Windows\setupact.log
2014-05-30 19:39 - 2014-05-30 19:39 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-05-30 19:38 - 2014-05-30 19:38 - 05201408 _____ () C:\Users\TEMP\Downloads\RogueKillerX64.exe
2014-05-30 19:35 - 2014-04-27 22:39 - 00000286 _____ () C:\Windows\Tasks\bench-Updater removing.job
2014-05-30 19:33 - 2014-04-19 19:28 - 00003114 _____ () C:\Windows\Tasks\HDvid-Codec V9.0-chromeinstaller.job
2014-05-30 19:32 - 2009-07-14 05:45 - 00017888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-30 19:32 - 2009-07-14 05:45 - 00017888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-30 19:30 - 2014-05-30 19:30 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\NVIDIA
2014-05-30 19:30 - 2014-05-30 19:30 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\DivX
2014-05-30 19:29 - 2014-05-30 19:30 - 05203398 _____ (Swearware) C:\Users\TEMP\Desktop\ComboFix.exe
2014-05-30 19:29 - 2014-05-30 19:29 - 05203398 _____ (Swearware) C:\Users\TEMP\Downloads\ComboFix.exe
2014-05-30 19:29 - 2014-04-19 19:29 - 00001538 _____ () C:\Windows\Tasks\HDvid-Codec V9.0-updater.job
2014-05-30 19:29 - 2014-04-19 19:29 - 00001482 _____ () C:\Windows\Tasks\HDvid-Codec V9.0-codedownloader.job
2014-05-30 19:29 - 2014-04-19 19:29 - 00001372 _____ () C:\Windows\Tasks\HDvid-Codec V9.0-enabler.job
2014-05-30 19:28 - 2014-04-19 19:28 - 00002424 _____ () C:\Windows\Tasks\HDvid-Codec V9.0-firefoxinstaller.job
2014-05-30 19:26 - 2014-05-30 19:26 - 00002259 _____ () C:\Users\TEMP\Desktop\Google Chrome.lnk
2014-05-30 19:26 - 2014-05-30 19:26 - 00001417 _____ () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-30 19:26 - 2014-05-30 19:26 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-30 19:26 - 2014-05-30 19:26 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-30 19:26 - 2014-05-30 19:26 - 00000000 ____D () C:\Users\TEMP\Documents\LOLReplay
2014-05-30 19:26 - 2014-05-30 19:26 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Adobe
2014-05-30 19:26 - 2014-05-30 19:26 - 00000000 ____D () C:\Users\TEMP\AppData\Local\NVIDIA
2014-05-30 19:26 - 2014-05-30 19:26 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Google
2014-05-30 19:26 - 2014-05-30 19:26 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Adobe
2014-05-30 19:26 - 2014-05-30 19:25 - 00000000 ____D () C:\Users\TEMP
2014-05-30 19:26 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-30 19:25 - 2014-05-30 19:25 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2014-05-30 19:25 - 2014-04-20 21:23 - 00002788 _____ () C:\Windows\Tasks\f5565969-65b9-4d2f-bc36-007702568f6e-3.job
2014-05-30 19:25 - 2014-04-20 21:23 - 00002244 _____ () C:\Windows\Tasks\f5565969-65b9-4d2f-bc36-007702568f6e-4.job
2014-05-30 19:25 - 2014-04-20 21:23 - 00001450 _____ () C:\Windows\Tasks\f5565969-65b9-4d2f-bc36-007702568f6e-5.job
2014-05-30 19:25 - 2014-04-20 21:23 - 00001382 _____ () C:\Windows\Tasks\f5565969-65b9-4d2f-bc36-007702568f6e-1.job
2014-05-30 19:25 - 2014-04-20 21:23 - 00001342 _____ () C:\Windows\Tasks\f5565969-65b9-4d2f-bc36-007702568f6e-2.job
2014-05-30 19:25 - 2014-04-18 19:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-30 19:25 - 2014-04-18 18:23 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-30 19:25 - 2014-04-18 17:55 - 00000342 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-05-30 19:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-30 17:05 - 2014-04-21 21:10 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-30 14:39 - 2014-04-23 17:19 - 00000346 _____ () C:\Windows\Tasks\bench-sys.job
2014-05-29 21:35 - 2014-04-26 20:04 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-29 17:11 - 2014-05-28 14:34 - 00000000 ____D () C:\Documenterinos
2014-05-29 16:59 - 2014-05-29 16:59 - 00006120 _____ () C:\Windows\system32\PerfStringBackup.TMP
2014-05-29 00:30 - 2014-05-29 00:30 - 00000000 ____D () C:\Windows\system32\config\mybackup
2014-05-28 22:47 - 2014-05-27 21:04 - 00000000 ____D () C:\deeff789ef251c466ba7bd88bb12bc
2014-05-28 22:47 - 2014-05-27 21:03 - 00000000 ____D () C:\Windows\System32\Tasks\SystemSockets
2014-05-28 22:47 - 2014-05-27 21:03 - 00000000 ____D () C:\Windows\System32\Tasks\Browser Updater
2014-05-28 22:47 - 2014-05-27 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
2014-05-28 22:47 - 2014-05-27 21:03 - 00000000 ____D () C:\Program Files (x86)\Zapp
2014-05-28 22:47 - 2014-05-27 21:03 - 00000000 ____D () C:\Program Files (x86)\Wajam
2014-05-28 22:47 - 2014-05-27 17:20 - 00000000 ____D () C:\Program Files (x86)\save ona
2014-05-28 22:47 - 2014-05-25 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
2014-05-28 22:47 - 2014-05-25 14:02 - 00000000 ____D () C:\ProgramData\1617bd3103911570
2014-05-28 22:47 - 2014-04-28 16:53 - 00000000 ____D () C:\Windows\Minidump
2014-05-28 22:47 - 2014-04-21 12:53 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-28 22:47 - 2014-04-21 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-28 22:47 - 2011-04-12 09:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-28 22:47 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-05-28 22:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-05-28 22:46 - 2014-05-27 21:03 - 00000000 ____D () C:\Program Files\Zapp
2014-05-28 22:46 - 2014-05-27 17:20 - 00000000 ____D () C:\ProgramData\TopApp soft
2014-05-28 22:46 - 2014-05-25 14:02 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-28 22:46 - 2014-04-18 22:27 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-28 22:45 - 2013-12-07 22:52 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-28 16:50 - 2014-05-28 16:50 - 00059640 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-05-28 16:24 - 2014-05-27 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
2014-05-28 15:49 - 2014-05-28 14:23 - 00059640 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-05-28 15:49 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-28 15:49 - 2009-07-14 05:45 - 04940304 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-28 15:15 - 2014-05-28 14:56 - 00000000 ____D () C:\Users\Splurtle\AppData\Local\Temp
2014-05-28 15:13 - 2014-05-28 15:13 - 00000000 ____D () C:\Users\Splurtle\Documents\bu
2014-05-28 15:00 - 2014-05-28 15:00 - 00000000 ____D () C:\Users\Splurtle\AppData\Roaming\Macromedia
2014-05-28 15:00 - 2014-05-28 15:00 - 00000000 ____D () C:\Users\Splurtle\AppData\Roaming\LolClient
2014-05-28 14:59 - 2014-05-28 14:56 - 00002259 _____ () C:\Users\Splurtle\Desktop\Google Chrome.lnk
2014-05-28 14:58 - 2014-04-18 17:35 - 00000000 ____D () C:\Users\Callum
2014-05-28 14:56 - 2014-05-28 14:56 - 00001417 _____ () C:\Users\Splurtle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-28 14:56 - 2014-05-28 14:56 - 00000020 ___SH () C:\Users\Splurtle\ntuser.ini
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ___RD () C:\Users\Splurtle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ___RD () C:\Users\Splurtle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ____D () C:\Users\Splurtle\Documents\LOLReplay
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ____D () C:\Users\Splurtle\AppData\Roaming\Apple Computer
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ____D () C:\Users\Splurtle\AppData\Roaming\Adobe
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ____D () C:\Users\Splurtle\AppData\Local\NVIDIA
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ____D () C:\Users\Splurtle\AppData\Local\Google
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ____D () C:\Users\Splurtle\AppData\Local\Adobe
2014-05-28 14:56 - 2014-05-28 14:56 - 00000000 ____D () C:\Users\Splurtle
2014-05-28 14:56 - 2014-05-27 17:20 - 00000452 ____H () C:\Windows\Tasks\SO.Booster-S-5078429478.job
2014-05-28 14:56 - 2014-05-25 14:02 - 00000468 ____H () C:\Windows\Tasks\SW-Booster-S-5808190755.job
2014-05-28 14:56 - 2014-04-18 19:20 - 00000000 ____D () C:\ProgramData\Origin
2014-05-28 14:49 - 2014-05-25 12:29 - 00000000 ____D () C:\Users\GFX
2014-05-28 14:45 - 2014-04-27 22:17 - 00000000 ____D () C:\Users\calzo
2014-05-28 14:38 - 2014-02-22 15:59 - 00000000 ____D () C:\Users\Abarated.censoredED\AppData\Roaming\Spotify
2014-05-28 14:38 - 2014-02-22 13:33 - 00000000 ____D () C:\Users\Abarated.censoredED
2014-05-28 14:28 - 2014-04-23 17:15 - 00003864 _____ () C:\Windows\System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl
2014-05-28 14:23 - 2014-05-19 21:21 - 00000000 ____D () C:\ProgramData\VMware
2014-05-28 14:22 - 2014-04-18 19:20 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-27 21:22 - 2014-05-27 21:22 - 00000000 ____D () C:\adobeTemp
2014-05-27 21:02 - 2013-12-28 16:59 - 00000000 _____ () C:\END
2014-05-27 20:49 - 2014-05-27 20:49 - 00001313 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-05-27 18:43 - 2010-11-21 04:47 - 00008048 _____ () C:\Windows\PFRO.log
2014-05-27 17:22 - 2014-05-25 14:03 - 00000000 ____D () C:\Program Files (x86)\EZDownloader
2014-05-27 17:20 - 2014-05-27 17:20 - 04210176 _____ () C:\Program Files (x86)\SO_x64.Booster
2014-05-27 17:20 - 2014-05-27 17:20 - 00174928 _____ () C:\Program Files (x86)\SOSvc.dll
2014-05-27 17:20 - 2014-05-27 17:20 - 00002698 _____ () C:\Windows\System32\Tasks\SO.Booster-S-5078429478
2014-05-27 17:20 - 2014-05-27 17:20 - 00000000 ____D () C:\ProgramData\save ona
2014-05-27 17:20 - 2014-05-25 14:02 - 00000000 ____D () C:\Program Files (x86)\SW-Booster
2014-05-27 08:15 - 2014-04-21 12:53 - 00000000 ____D () C:\ProgramData\Skype
2014-05-27 08:11 - 2014-05-27 08:11 - 00291048 _____ () C:\Windows\Minidump\052714-26691-01.dmp
2014-05-27 08:11 - 2014-04-28 16:52 - 856701932 _____ () C:\Windows\MEMORY.DMP
2014-05-26 14:03 - 2014-05-26 14:02 - 00295416 _____ () C:\Windows\Minidump\052614-55754-01.dmp
2014-05-25 14:03 - 2014-05-25 14:03 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-05-25 14:03 - 2014-05-25 14:03 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-05-25 14:03 - 2014-05-25 14:03 - 00000000 ____D () C:\ProgramData\SNT
2014-05-25 14:03 - 2014-05-25 14:03 - 00000000 ____D () C:\Program Files (x86)\SNT
2014-05-25 14:03 - 2014-05-25 14:02 - 00000000 ____D () C:\ProgramData\TopApp software
2014-05-25 14:02 - 2014-05-25 14:02 - 00002714 _____ () C:\Windows\System32\Tasks\SW-Booster-S-5808190755
2014-05-25 14:02 - 2014-05-25 14:02 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker
2014-05-25 14:02 - 2014-05-25 14:02 - 00000000 ____D () C:\ProgramData\saVee on
2014-05-25 14:02 - 2014-05-25 14:02 - 00000000 ____D () C:\Program Files (x86)\YoutubeAdblocker
2014-05-25 14:02 - 2014-05-25 14:02 - 00000000 ____D () C:\Program Files (x86)\saVee on
2014-05-25 12:17 - 2014-05-25 12:16 - 00291024 _____ () C:\Windows\Minidump\052514-23805-01.dmp
2014-05-25 12:05 - 2014-05-25 12:04 - 00291016 _____ () C:\Windows\Minidump\052514-37721-01.dmp
2014-05-25 08:14 - 2014-05-25 08:14 - 00291048 _____ () C:\Windows\Minidump\052514-25630-01.dmp
2014-05-24 20:53 - 2009-07-14 03:34 - 00000505 _____ () C:\Windows\win.ini
2014-05-24 19:57 - 2014-05-24 19:56 - 00291048 _____ () C:\Windows\Minidump\052414-14180-01.dmp
2014-05-24 13:23 - 2014-05-24 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-24 13:23 - 2014-05-24 13:23 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-05-24 07:20 - 2014-05-24 07:20 - 00291048 _____ () C:\Windows\Minidump\052414-15412-01.dmp
2014-05-22 17:14 - 2014-04-19 01:59 - 00027923 _____ () C:\Windows\DirectX.log
2014-05-22 16:37 - 2014-05-22 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-05-22 16:37 - 2014-05-22 16:37 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-05-22 16:37 - 2014-05-22 16:37 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-05-22 16:37 - 2014-04-18 17:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-19 21:24 - 2014-05-19 21:24 - 00000000 ____D () C:\Program Files (x86)\SiteLookup
2014-05-19 21:24 - 2014-05-19 21:24 - 00000000 ____D () C:\Program Files (x86)\SiteFinder
2014-05-19 21:22 - 2014-05-19 21:22 - 00001024 _____ () C:\.rnd
2014-05-19 21:22 - 2014-05-19 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-19 21:22 - 2014-04-19 03:48 - 00798048 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-19 21:21 - 2014-05-19 21:21 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines
2014-05-19 21:21 - 2014-05-19 21:21 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-19 21:21 - 2014-05-19 21:21 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-05-19 19:13 - 2014-04-18 22:00 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-19 19:12 - 2014-05-19 19:12 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-17 07:29 - 2014-05-17 07:30 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-17 07:29 - 2014-05-17 07:30 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-17 07:29 - 2014-05-17 07:30 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-17 07:29 - 2014-05-17 07:30 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-17 07:29 - 2014-05-17 07:29 - 00000000 ____D () C:\Program Files\Java
2014-05-16 19:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 08:23 - 2014-05-16 08:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ophcrack
2014-05-16 08:20 - 2009-07-14 06:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-15 08:18 - 2014-05-15 08:18 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-05-15 08:18 - 2014-05-15 08:18 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-05-15 08:18 - 2014-05-15 08:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-15 08:18 - 2014-05-15 08:18 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-05-15 08:18 - 2014-05-15 08:18 - 00000000 ____D () C:\Program Files\iTunes
2014-05-15 08:18 - 2014-05-15 08:18 - 00000000 ____D () C:\Program Files\iPod
2014-05-15 08:18 - 2014-05-15 08:18 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-15 08:18 - 2014-05-15 08:18 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-05-15 08:17 - 2014-05-15 08:17 - 00000000 ____D () C:\ProgramData\Apple
2014-05-15 08:17 - 2014-05-15 08:17 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-15 08:17 - 2014-05-15 08:17 - 00000000 ____D () C:\Program Files\Bonjour
2014-05-15 08:17 - 2014-05-15 08:17 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-05-15 06:59 - 2014-05-15 06:59 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-15 06:59 - 2013-12-07 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-15 06:54 - 2014-04-26 13:21 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 22:32 - 2014-04-19 03:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:31 - 2014-04-19 03:04 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 21:12 - 2014-05-14 21:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-14 08:05 - 2014-04-21 21:10 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 08:05 - 2014-04-21 21:10 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 08:05 - 2014-04-21 21:10 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 21:03 - 2014-05-13 21:03 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-13 21:03 - 2014-05-13 21:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-13 21:03 - 2014-05-13 21:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-13 21:03 - 2014-05-13 21:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-13 21:03 - 2014-05-13 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-13 21:03 - 2014-05-10 10:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-12 22:00 - 2014-05-12 18:35 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-05-12 21:58 - 2014-05-12 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2014-05-12 21:56 - 2014-05-12 21:56 - 00000010 _____ () C:\Windows\GSetup.ini
2014-05-12 21:49 - 2014-05-12 18:34 - 00000000 ____D () C:\Program Files (x86)\Splashtop
2014-05-12 21:49 - 2014-05-11 13:28 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-05-12 21:49 - 2014-05-11 13:28 - 00000000 ____D () C:\Program Files (x86)\PassShow-soft
2014-05-12 21:49 - 2014-04-26 13:14 - 00000000 ____D () C:\Program Files (x86)\Cain
2014-05-12 21:49 - 2014-04-23 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
2014-05-12 21:49 - 2014-04-18 17:47 - 00000000 ____D () C:\ProgramData\InstallShield
2014-05-12 21:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-12 21:35 - 2014-05-12 18:35 - 00000086 _____ () C:\csb.log
2014-05-12 21:35 - 2014-05-12 18:35 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-05-12 21:35 - 2014-05-12 18:35 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-05-12 21:35 - 2012-10-09 03:31 - 00003246 _____ () C:\RHDSetup.log
2014-05-12 18:40 - 2014-05-12 18:39 - 00000000 ____D () C:\ProgramData\Splashtop
2014-05-12 18:39 - 2014-05-12 18:38 - 00000000 ____D () C:\Program Files\GIGABYTE
2014-05-12 18:39 - 2014-05-12 18:38 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2014-05-12 18:38 - 2014-05-12 18:38 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-05-12 18:37 - 2014-04-20 17:22 - 00000000 ____D () C:\Users\Public\Hauppauge Capture
2014-05-12 07:26 - 2014-05-30 19:50 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-30 19:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-30 19:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 13:34 - 2014-05-11 13:34 - 00000000 ____D () C:\Windows\Options
2014-05-11 13:34 - 2013-05-04 23:16 - 00000000 ____D () C:\Temp
2014-05-10 10:54 - 2014-05-10 10:54 - 00000000 ____D () C:\ProgramData\Sun
2014-05-10 10:54 - 2014-05-10 10:54 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-10 09:06 - 2014-05-10 09:04 - 01404416 _____ () C:\Windows\Minidump\051014-23306-01.dmp
2014-05-09 07:14 - 2014-05-14 15:27 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 07:11 - 2014-05-14 15:27 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 19:43 - 2014-05-08 19:43 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-08 19:42 - 2014-02-23 13:01 - 00000000 ____D () C:\Program Files\Adobe
2014-05-08 16:33 - 2014-05-08 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-05-06 05:40 - 2014-05-14 22:33 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:17 - 2014-05-14 22:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 04:25 - 2014-05-14 22:33 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 04:07 - 2014-05-14 22:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 04:00 - 2014-05-14 22:33 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 03:10 - 2014-05-14 22:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 23:48 - 2014-04-18 18:23 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-05 23:48 - 2014-04-18 18:23 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-04 20:33 - 2014-05-04 20:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
2014-05-03 15:49 - 2014-05-03 14:38 - 00000000 ____D () C:\Program Files (x86)\LOLReplay
2014-05-03 14:38 - 2014-05-03 14:38 - 00001917 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk
2014-05-03 14:38 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-30 15:45 - 2014-04-18 17:56 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-05-30 07:58
 
==================== End Of Log ============================

Addition.txt

Link to post
Share on other sites

Hello callum3030 and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Now you are right here, because you don't have any antivirus program. You should take some measures when we are ready here.

Step 1

Please uninstall the following programs:

HDvid-Codec V9.0

Iminent

LPT System Updater Service

MyPC Backup

Search Protect

Registry Dr

Search Protect

Snap.Do

Software Version Updater

Surftastic

UpdateMyDrivers

VEEHD Plugin V9.0

When you are ready, please reboot your system.

Step 2

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Threat Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.
Link to post
Share on other sites

  • 1 month later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.