Jump to content

PUP.Optional.Sweetpacks removal

thebigd
 Share

Recommended Posts

thebigd

thebigd

Posted
Posted

Hello everyone,

 

I am new to the forums and I am new to being infected. I have read through this thread on the same problem: https://forums.malwarebytes.org/index.php?/topic/134786-malware-removal-request-updater-by-sweetpacks-pupoptionalsweetpacksa/

 

However, I don't know if I am supposed to take the same steps that this man took! 

 

Help would be nice, and if I am going about this wrong then any corrections/suggestions are welcome!

 

 

Link to post
Share on other sites
thebigd

thebigd

Posted
  • Author
Posted

Here is my FRST file from the Farbar Recovery Scan Tool, as instructed by this post: https://forums.malwarebytes.org/index.php?/topic/9573-im-infected-what-do-i-do-now/

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2014
Ran by Daniel (administrator) on DANIEL on 10-07-2014 11:29:36
Running from C:\Users\Daniel\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILAE.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Spotify Ltd) C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
() C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\KLM\KLM.exe
(Corsair Components  Inc) C:\Program Files (x86)\corsair\M95 Mouse\M95Hid.exe
(Corsair Components  Inc) C:\Program Files (x86)\corsair\M95 Mouse\CorsTra.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Daniel\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Daniel\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [bTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [403848 2012-09-13] (MSI)
HKLM\...\Run: [sCM] => C:\Program Files (x86)\SCM\SCM.exe [399776 2012-09-13] (MSI)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\THXCfg64.dll [25600 2010-09-14] (Creative Technology Ltd.)
HKLM\...\Run: [btTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [btvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Qualcomm Atheros Commnucations)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [shadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1279480 2014-05-29] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-29] (NVIDIA Corporation)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-12-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1517056 2011-08-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [updReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502328 2012-05-22] (MSI)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [bDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-04-02] (cyberlink)
HKLM-x32\...\Run: [VGAOCAP] => C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe [89088 2012-06-06] ()
HKLM-x32\...\Run: [KLM] => C:\Program Files (x86)\MSI\KLM\KLM.exe [1522376 2011-12-19] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Corsair Duke] => C:\Program Files (x86)\Corsair\M95 Mouse\M95Hid.exe [1769984 2013-05-27] (Corsair Components  Inc)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [skyDrive] => C:\Users\Daniel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251080 2014-06-20] (Microsoft Corporation)
HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-06-30] (Valve Corporation)
HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [Google Update] => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-23] (Google Inc.)
HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [spotify Web Helper] => C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-29] (Spotify Ltd)
HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [spotify] => C:\Users\Daniel\AppData\Roaming\Spotify\spotify.exe [6189624 2014-06-29] (Spotify Ltd)
HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Policies\Explorer: [NoLogOff] 0
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-19] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-05-19] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-05-19] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi13.msn.com
SearchScopes: HKLM - DefaultScope {F1DED5B2-8519-4E87-935E-D46700481619} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM - {F1DED5B2-8519-4E87-935E-D46700481619} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10042&barid={811B33B0-C824-11E2-BE97-8C89A5090DE5}
SearchScopes: HKLM-x32 - {F1DED5B2-8519-4E87-935E-D46700481619} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKCU - {F1DED5B2-8519-4E87-935E-D46700481619} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 16 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 209.18.47.62 208.67.220.220
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4055459\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Daniel\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Daniel\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\coFFPlgn [2014-07-09]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\IPSFF [2014-04-14]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://search.fantastigames.com/453", "hxxp://www.google.com", "hxxp://www.msn.com/?pc=UP93&ocid=UP93DHP&dt=041413", "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={811B33B0-C824-11E2-BE97-8C89A5090DE5}", "hxxp://start.sweetpacks.com/?barid={811B33B0-C824-11E2-BE97-8C89A5090DE5}&src=10&crg=3.5000006.10042&st=23"
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-29]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (James White) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-06-14]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-29]
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-14]
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-29]
CHR Extension: (Norton Identity Protection) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-06-13]
CHR Extension: (Hangouts) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-06-14]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-29]
CHR HKLM-x32\...\Chrome\Extension: [koalekbhpbggkcfhkkbolikjoaobbppi] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx [2013-04-29]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx [2014-05-17]
 
==================== Services (Whitelisted) =================
 
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2279608 2014-05-21] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [247768 2013-04-02] (CyberLink)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-12-07] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2012-09-13] (Micro-Star International Co., Ltd.) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [142904 2012-05-22] (MSI)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [490496 2012-09-25] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R3 akw8x64; C:\Windows\system32\DRIVERS\akw8x64.sys [3203440 2012-09-25] (Qualcomm Atheros, Inc.)
S1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2012-09-25] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2014-02-24] (Symantec Corporation)
S3 DUKEMS; C:\Windows\system32\drivers\DUKEMS.sys [25600 2012-08-16] ( )
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-10] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\IPSDefs\20140709.001\IDSvia64.sys [525016 2014-04-11] (Symantec Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [17936 2011-12-12] (Windows ® Win 7 DDK provider)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [164720 2012-09-25] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\VirusDefs\20140709.034\ENG64.SYS [126040 2014-06-04] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\VirusDefs\20140709.034\EX64.SYS [2099288 2014-06-04] (Symantec Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1503000.00C\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-04-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 WsAudio_Device(1); C:\Windows\system32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
S3 MBfilt; \SystemRoot\system32\drivers\MBfilt64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-10 11:29 - 2014-07-10 11:30 - 00031331 _____ () C:\Users\Daniel\Downloads\FRST.txt
2014-07-10 11:29 - 2014-07-10 11:29 - 00000000 ____D () C:\FRST
2014-07-10 11:26 - 2014-07-10 11:26 - 02084352 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2014-07-09 23:01 - 2014-07-09 23:01 - 00000000 ___RD () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-08 22:28 - 2014-04-13 22:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-08 22:27 - 2014-07-08 22:27 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-08 19:42 - 2014-06-16 17:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-08 19:42 - 2014-06-16 17:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-08 19:42 - 2014-06-06 09:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-08 19:42 - 2014-05-29 22:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-08 19:42 - 2014-05-29 07:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-08 19:42 - 2014-05-29 02:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-08 19:42 - 2014-05-29 01:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-08 19:42 - 2014-05-29 01:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-08 19:42 - 2014-05-29 00:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-08 19:42 - 2014-05-29 00:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-08 19:41 - 2014-06-30 17:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-08 19:41 - 2014-06-28 02:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-08 19:41 - 2014-06-28 02:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-08 19:41 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-08 19:41 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-08 19:41 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-08 19:41 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-08 19:41 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-08 19:41 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-08 19:41 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-08 19:41 - 2014-06-18 18:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-08 19:41 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-08 19:41 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-08 19:41 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-08 19:41 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-08 19:41 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-08 19:41 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-08 19:41 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-08 19:41 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-08 19:41 - 2014-06-18 17:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-08 19:41 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-08 19:41 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-08 19:41 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-08 19:41 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-08 19:41 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-08 19:41 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-08 19:41 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-08 19:41 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-08 19:41 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-08 19:41 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-08 19:41 - 2014-06-06 08:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-08 19:41 - 2014-06-06 07:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-08 03:08 - 2014-07-08 18:40 - 00014092 _____ () C:\Users\Daniel\Documents\Jul 8 2014.kdb
2014-07-08 03:07 - 2014-07-08 03:08 - 00010862 _____ () C:\Users\Daniel\Documents\Jul 8 2014.kdbx
2014-07-08 03:00 - 2014-07-08 03:00 - 00001129 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass.lnk
2014-07-08 03:00 - 2014-07-08 03:00 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe
2014-07-08 02:59 - 2014-07-08 02:59 - 01891395 _____ (Dominik Reichl ) C:\Users\Daniel\Downloads\KeePass-1.27-Setup.exe
2014-07-01 04:04 - 2014-07-01 04:04 - 00002782 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mbam.lnk
2014-06-30 09:22 - 2014-06-30 09:22 - 01034936 _____ () C:\WINDOWS\Minidump\063014-33875-01.dmp
2014-06-29 16:21 - 2014-07-09 23:14 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-29 16:20 - 2014-07-03 12:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-29 16:20 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-06-29 16:20 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-06-20 21:39 - 2014-06-20 21:39 - 00003118 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00003090 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00003060 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-06-20 21:39 - 2014-06-20 21:39 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-06-20 15:14 - 2014-06-20 15:14 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-06-20 02:49 - 2014-06-20 02:49 - 00000000 ____D () C:\NVIDIA Corporation
2014-06-19 11:56 - 2014-06-19 11:56 - 00000874 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1154547124-2327209256-1540992038-1002Core1cf8bdf5a91e8ca.job
2014-06-19 11:51 - 2014-06-19 11:51 - 00302416 _____ () C:\WINDOWS\Minidump\061914-36031-01.dmp
2014-06-16 12:36 - 2014-06-16 12:36 - 00001167 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Speccy.lnk
2014-06-16 12:35 - 2014-06-16 12:35 - 00000000 ____D () C:\Program Files\Speccy
2014-06-16 12:33 - 2014-06-16 12:33 - 04890736 _____ (Piriform Ltd) C:\Users\Daniel\Downloads\spsetup126.exe
2014-06-15 16:07 - 2014-06-15 16:07 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-06-15 14:22 - 2014-06-15 14:46 - 00000000 ____D () C:\Users\Daniel\Documents\Dolphin Emulator
2014-06-15 01:39 - 2014-06-15 01:39 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-06-15 01:20 - 2014-05-31 01:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-15 01:20 - 2014-05-14 17:47 - 04720640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-15 01:20 - 2014-05-13 02:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-06-15 01:20 - 2014-05-13 00:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-06-15 01:20 - 2014-05-12 23:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-06-15 01:20 - 2014-05-12 23:27 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-15 01:20 - 2014-05-12 23:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-06-15 01:20 - 2014-05-12 22:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-06-15 01:20 - 2014-05-12 22:41 - 01118720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-15 01:20 - 2014-05-12 22:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-06-15 01:20 - 2014-05-05 01:11 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-06-15 01:20 - 2014-05-05 01:11 - 00418136 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-06-15 01:20 - 2014-05-05 01:11 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-06-15 01:20 - 2014-05-05 01:11 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-06-15 01:20 - 2014-05-03 06:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-06-15 01:20 - 2014-05-03 04:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-06-15 01:20 - 2014-05-03 02:40 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-06-15 01:20 - 2014-05-03 00:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-06-15 01:20 - 2014-05-03 00:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-06-15 01:20 - 2014-05-03 00:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-06-15 01:20 - 2014-05-03 00:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-06-15 01:20 - 2014-05-02 23:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-06-15 01:20 - 2014-05-02 23:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-06-15 01:20 - 2014-05-02 23:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-06-15 01:20 - 2014-05-02 22:30 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-06-15 01:20 - 2014-05-02 22:27 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-06-15 01:20 - 2014-05-02 18:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-06-15 01:20 - 2014-05-01 08:19 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-06-15 01:20 - 2014-05-01 00:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-15 01:20 - 2014-05-01 00:34 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-06-15 01:20 - 2014-04-30 01:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-06-15 01:20 - 2014-04-30 01:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-15 01:20 - 2014-04-30 01:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-06-15 01:20 - 2014-04-30 01:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-06-15 01:20 - 2014-04-30 00:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-06-15 01:20 - 2014-04-29 23:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-06-15 01:20 - 2014-04-29 23:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-06-15 01:20 - 2014-04-29 23:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-06-15 01:20 - 2014-04-29 23:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-06-15 01:20 - 2014-04-29 23:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-06-15 01:20 - 2014-04-29 23:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-06-15 01:20 - 2014-04-29 22:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-06-15 01:20 - 2014-04-29 22:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-06-15 01:20 - 2014-04-29 22:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-06-15 01:20 - 2014-04-29 22:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-06-15 01:20 - 2014-04-29 22:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-06-15 01:20 - 2014-04-29 22:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-06-15 01:20 - 2014-04-28 17:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-06-15 01:20 - 2014-04-26 17:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-15 01:20 - 2014-04-26 15:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-15 01:20 - 2014-04-26 11:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-06-15 01:20 - 2014-04-14 04:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-15 01:20 - 2014-04-14 03:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-15 01:20 - 2014-04-14 00:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-15 01:20 - 2014-04-09 01:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-06-15 01:20 - 2014-04-09 00:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-06-15 01:19 - 2014-06-15 01:19 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-12 22:02 - 2014-06-18 13:54 - 00018371 ____H () C:\Users\Daniel\Desktop\~WRL0745.tmp
2014-06-12 19:59 - 2014-06-12 19:59 - 04479808 _____ () C:\Users\Daniel\Downloads\LockDownSFX-107-01.exe
2014-06-12 19:59 - 2014-06-12 19:59 - 00001973 _____ () C:\Users\Public\Desktop\LockDown Browser.lnk
2014-06-12 19:59 - 2014-06-12 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Respondus
2014-06-12 19:59 - 2014-06-12 19:59 - 00000000 ____D () C:\Program Files (x86)\Respondus LockDown Browser
2014-06-12 19:59 - 2006-01-04 13:04 - 01410704 _____ (FarPoint Technologies, Inc.) C:\WINDOWS\SysWOW64\FPSPR70.ocx
2014-06-12 19:59 - 2006-01-04 13:04 - 00729161 _____ (FarPoint Technologies, Inc.) C:\WINDOWS\SysWOW64\fpimage.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00000000 ____D () C:\Users\Daniel\Documents\OneNote Notebooks
2014-06-11 11:40 - 2014-05-30 04:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 11:40 - 2014-05-30 04:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 11:40 - 2014-05-30 03:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 11:40 - 2014-05-30 03:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 11:40 - 2014-05-09 22:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 11:40 - 2014-05-09 22:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 11:40 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 11:40 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 11:40 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 11:40 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 11:40 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 11:40 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 11:40 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 11:40 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 11:40 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 11:40 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 11:40 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 11:40 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 11:39 - 2014-05-08 18:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 11:39 - 2014-05-04 23:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 11:39 - 2014-05-03 02:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-11 11:39 - 2014-05-02 23:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 11:39 - 2014-05-02 23:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 11:39 - 2014-05-02 22:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-11 11:39 - 2014-05-02 22:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-11 11:39 - 2014-04-30 06:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 11:39 - 2014-04-29 22:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 11:39 - 2014-04-18 09:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-11 11:39 - 2014-04-18 04:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-11 11:39 - 2014-04-18 03:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-11 11:39 - 2014-04-18 03:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-11 11:39 - 2014-04-18 03:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-11 11:39 - 2014-04-18 03:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-11 11:39 - 2014-04-18 02:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-11 11:39 - 2014-04-18 02:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-11 11:39 - 2014-04-14 04:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-11 11:39 - 2014-04-14 03:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-11 11:39 - 2014-04-11 01:13 - 01200128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-06-11 11:39 - 2014-04-10 23:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-11 11:39 - 2014-04-10 23:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-11 11:39 - 2014-04-10 22:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-11 11:39 - 2014-04-09 06:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-11 11:39 - 2014-04-07 21:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-11 11:39 - 2014-04-06 11:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-11 11:39 - 2014-04-06 11:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-11 11:39 - 2014-04-06 11:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-11 11:39 - 2014-04-06 11:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-11 11:39 - 2014-04-06 11:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-11 11:39 - 2014-04-06 11:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-11 11:39 - 2014-04-06 11:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-11 11:39 - 2014-04-06 10:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-11 11:39 - 2014-04-06 10:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-11 11:39 - 2014-04-06 10:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-11 11:39 - 2014-04-06 10:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-11 11:39 - 2014-04-06 10:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-11 11:39 - 2014-04-06 10:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-11 11:39 - 2014-04-06 07:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-11 11:39 - 2014-04-06 06:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-11 11:39 - 2014-04-06 06:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-11 11:39 - 2014-04-06 06:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-11 11:39 - 2014-04-06 05:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-11 11:39 - 2014-04-06 05:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-11 11:39 - 2014-04-06 05:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-11 11:39 - 2014-04-06 05:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-11 11:39 - 2014-04-06 05:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-11 11:39 - 2014-04-06 04:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-11 11:39 - 2014-04-03 02:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 11:39 - 2014-04-03 02:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-11 11:39 - 2014-04-02 21:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-11 11:39 - 2014-04-02 21:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-11 11:39 - 2014-03-31 00:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-11 11:39 - 2014-03-30 17:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-11 11:39 - 2014-03-28 10:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-11 11:39 - 2014-03-27 00:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-11 11:39 - 2014-03-26 22:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-11 11:39 - 2014-03-26 22:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-11 11:39 - 2014-03-19 22:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-11 11:39 - 2014-03-19 19:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-11 11:39 - 2014-03-19 18:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-11 11:39 - 2014-03-19 03:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-11 11:39 - 2014-03-18 23:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-11 11:39 - 2014-03-18 03:19 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-11 11:39 - 2014-03-18 00:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-11 11:39 - 2014-03-17 23:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-11 11:39 - 2014-03-17 00:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-11 11:39 - 2014-03-16 23:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-11 11:39 - 2014-03-16 22:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-11 11:39 - 2014-03-16 21:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-11 11:39 - 2014-03-14 01:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-11 11:39 - 2014-03-14 01:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-11 11:39 - 2014-03-06 07:42 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-11 11:38 - 2014-05-19 01:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 11:38 - 2014-05-19 01:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 11:38 - 2014-05-19 00:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 11:38 - 2014-05-01 08:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 11:38 - 2014-05-01 08:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 11:38 - 2014-05-01 02:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 11:38 - 2014-05-01 02:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 11:38 - 2014-05-01 01:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 11:38 - 2014-05-01 00:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 11:38 - 2014-04-29 23:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 11:38 - 2014-04-29 23:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 11:38 - 2014-04-29 22:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 11:38 - 2014-04-18 09:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-11 11:38 - 2014-04-18 08:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-11 11:38 - 2014-04-18 04:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-11 11:38 - 2014-04-09 01:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-11 11:38 - 2014-04-09 00:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-11 11:38 - 2014-04-08 22:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-11 11:38 - 2014-04-06 11:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-11 11:38 - 2014-04-06 11:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-11 11:38 - 2014-04-06 11:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-11 11:38 - 2014-04-06 11:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-11 11:38 - 2014-04-06 11:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-11 11:38 - 2014-04-06 11:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-11 11:38 - 2014-04-06 11:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-11 11:38 - 2014-04-06 11:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-11 11:38 - 2014-04-06 11:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-11 11:38 - 2014-04-06 11:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-11 11:38 - 2014-04-06 10:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-11 11:38 - 2014-04-06 10:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-11 11:38 - 2014-04-06 10:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-11 11:38 - 2014-04-06 10:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-11 11:38 - 2014-04-06 10:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-11 11:38 - 2014-04-06 07:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-11 11:38 - 2014-04-06 07:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-11 11:38 - 2014-04-06 07:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-11 11:38 - 2014-04-06 07:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-11 11:38 - 2014-04-06 06:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-11 11:38 - 2014-04-06 06:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-11 11:38 - 2014-04-03 03:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-11 11:38 - 2014-04-03 03:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-11 11:38 - 2014-04-02 23:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-11 11:38 - 2014-04-02 23:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-11 11:38 - 2014-04-02 21:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-11 11:38 - 2014-04-02 21:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-11 11:38 - 2014-04-01 01:23 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-11 11:38 - 2014-03-30 19:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-11 11:38 - 2014-03-30 18:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-11 11:38 - 2014-03-30 17:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-11 11:38 - 2014-03-30 17:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-11 11:38 - 2014-03-27 01:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-11 11:38 - 2014-03-26 23:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-11 11:38 - 2014-03-26 23:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-11 11:38 - 2014-03-26 23:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-11 11:38 - 2014-03-26 22:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-11 11:38 - 2014-03-19 03:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-11 11:38 - 2014-03-19 02:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-11 11:38 - 2014-03-19 02:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-11 11:38 - 2014-03-19 01:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-11 11:38 - 2014-03-19 00:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-11 11:38 - 2014-03-19 00:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-11 11:38 - 2014-03-19 00:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-11 11:38 - 2014-03-19 00:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-11 11:38 - 2014-03-19 00:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-11 11:38 - 2014-03-19 00:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-11 11:38 - 2014-03-18 23:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-11 11:38 - 2014-03-18 23:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-11 11:38 - 2014-03-18 03:18 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xusb22.sys
2014-06-11 11:37 - 2014-06-11 11:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-10 17:13 - 2014-06-10 17:13 - 00299704 _____ () C:\WINDOWS\Minidump\061014-29375-01.dmp
 
==================== One Month Modified Files and Folders =======
 
2014-07-10 11:30 - 2014-07-10 11:29 - 00031331 _____ () C:\Users\Daniel\Downloads\FRST.txt
2014-07-10 11:29 - 2014-07-10 11:29 - 00000000 ____D () C:\FRST
2014-07-10 11:28 - 2014-02-25 22:11 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Spotify
2014-07-10 11:27 - 2014-05-29 18:49 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DDFE3C04-5C53-4F08-A36C-D3E82AAEA852}
2014-07-10 11:27 - 2014-03-17 02:38 - 01405547 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-10 11:26 - 2014-07-10 11:26 - 02084352 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2014-07-10 11:25 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-10 11:23 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-10 11:23 - 2013-05-05 04:48 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-10 02:41 - 2013-04-29 19:41 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1154547124-2327209256-1540992038-1002
2014-07-10 02:33 - 2014-02-11 03:33 - 00000933 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {916CA065-A97C-4543-9414-76866D10E65E}.job
2014-07-10 02:33 - 2014-02-11 03:33 - 00000747 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {916CA065-A97C-4543-9414-76866D10E65E}.job
2014-07-10 02:33 - 2013-04-29 20:43 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-10 01:36 - 2013-05-01 19:47 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Mumble
2014-07-10 00:49 - 2014-02-25 22:11 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Spotify
2014-07-09 23:14 - 2014-06-29 16:21 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-09 23:01 - 2014-07-09 23:01 - 00000000 ___RD () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-09 22:53 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-09 22:33 - 2013-04-29 20:46 - 00002213 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-09 22:33 - 2013-04-29 20:43 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-09 20:35 - 2014-04-21 19:26 - 00000000 ____D () C:\Users\Daniel\.VirtualBox
2014-07-09 19:59 - 2013-05-02 17:04 - 00004970 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DANIEL-Daniel Daniel
2014-07-09 15:03 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-09 13:56 - 2014-03-17 02:47 - 00000000 ____D () C:\Users\Daniel
2014-07-09 13:56 - 2013-05-02 08:32 - 00000000 ___DO () C:\Users\Daniel\SkyDrive
2014-07-09 13:56 - 2012-12-07 07:42 - 00000000 ____D () C:\temp
2014-07-09 13:41 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-09 13:40 - 2013-08-22 09:44 - 05178544 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-09 13:39 - 2013-08-22 08:25 - 01048576 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-09 13:37 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 13:37 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-08 22:29 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-08 22:29 - 2013-08-14 11:52 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-08 22:28 - 2013-11-14 02:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-08 22:28 - 2013-04-30 23:24 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-08 22:27 - 2014-07-08 22:27 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-08 18:40 - 2014-07-08 03:08 - 00014092 _____ () C:\Users\Daniel\Documents\Jul 8 2014.kdb
2014-07-08 17:44 - 2014-02-11 03:33 - 00003964 _____ () C:\WINDOWS\System32\Tasks\EPSON XP-410 Series Update {916CA065-A97C-4543-9414-76866D10E65E}
2014-07-08 17:44 - 2014-02-11 03:33 - 00003778 _____ () C:\WINDOWS\System32\Tasks\EPSON XP-410 Series Invitation {916CA065-A97C-4543-9414-76866D10E65E}
2014-07-08 17:44 - 2013-04-29 20:43 - 00003884 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-08 17:13 - 2013-04-29 19:31 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Packages
2014-07-08 16:34 - 2013-08-19 02:43 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\vlc
2014-07-08 15:54 - 2014-01-21 14:42 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\KeePass
2014-07-08 11:48 - 2013-04-29 20:14 - 00000000 ____D () C:\Users\Daniel\AppData\Local\CrashDumps
2014-07-08 03:08 - 2014-07-08 03:07 - 00010862 _____ () C:\Users\Daniel\Documents\Jul 8 2014.kdbx
2014-07-08 03:00 - 2014-07-08 03:00 - 00001129 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass.lnk
2014-07-08 03:00 - 2014-07-08 03:00 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe
2014-07-08 02:59 - 2014-07-08 02:59 - 01891395 _____ (Dominik Reichl ) C:\Users\Daniel\Downloads\KeePass-1.27-Setup.exe
2014-07-07 23:09 - 2013-11-14 02:28 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-07 23:06 - 2013-08-22 09:46 - 00304264 _____ () C:\WINDOWS\setupact.log
2014-07-03 12:48 - 2013-07-02 21:09 - 00835072 ___SH () C:\Users\Daniel\Downloads\Thumbs.db
2014-07-03 12:42 - 2014-06-29 16:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-02 00:58 - 2014-01-21 14:42 - 00010878 _____ () C:\Users\Daniel\Documents\jan 21 2014.kdbx
2014-07-01 20:44 - 2013-04-08 21:43 - 00000000 ____D () C:\Users\Daniel\Desktop\Stuff
2014-07-01 04:04 - 2014-07-01 04:04 - 00002782 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mbam.lnk
2014-07-01 03:22 - 2014-05-29 17:08 - 00000000 ____D () C:\Users\Daniel\Desktop\College
2014-06-30 17:45 - 2014-07-08 19:41 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-30 09:22 - 2014-06-30 09:22 - 01034936 _____ () C:\WINDOWS\Minidump\063014-33875-01.dmp
2014-06-30 09:22 - 2014-04-13 14:13 - 00000000 ____D () C:\WINDOWS\Minidump
2014-06-30 09:22 - 2013-09-02 13:13 - 1003930229 _____ () C:\WINDOWS\MEMORY.DMP
2014-06-29 16:20 - 2014-02-09 03:21 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Malwarebytes
2014-06-29 16:20 - 2014-02-09 03:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-28 02:48 - 2014-07-08 19:41 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-28 02:07 - 2014-07-08 19:41 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-06-26 15:55 - 2013-08-22 10:38 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 15:55 - 2013-08-22 10:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-22 15:34 - 2013-04-08 21:44 - 00000000 ____D () C:\Users\Daniel\Desktop\GAMES
2014-06-20 22:28 - 2013-04-29 20:43 - 00003648 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 21:39 - 2014-06-20 21:39 - 00003118 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00003090 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00003060 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-06-20 21:39 - 2014-06-20 21:39 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-06-20 15:14 - 2014-06-20 15:14 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-06-20 02:49 - 2014-06-20 02:49 - 00000000 ____D () C:\NVIDIA Corporation
2014-06-20 02:49 - 2013-05-23 23:10 - 00000000 ____D () C:\NVIDIA
2014-06-19 22:33 - 2012-11-22 08:14 - 00369825 _____ () C:\WINDOWS\DirectX.log
2014-06-19 11:56 - 2014-06-19 11:56 - 00000874 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1154547124-2327209256-1540992038-1002Core1cf8bdf5a91e8ca.job
2014-06-19 11:51 - 2014-06-19 11:51 - 00302416 _____ () C:\WINDOWS\Minidump\061914-36031-01.dmp
2014-06-18 20:39 - 2014-07-08 19:41 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-18 19:48 - 2014-07-08 19:41 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-18 19:16 - 2014-07-08 19:41 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-18 19:09 - 2014-07-08 19:41 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-18 18:51 - 2014-07-08 19:41 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-18 18:50 - 2014-07-08 19:41 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-18 18:48 - 2014-07-08 19:41 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-18 18:46 - 2014-07-08 19:41 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-06-18 18:39 - 2014-07-08 19:41 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-18 18:33 - 2014-07-08 19:41 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-18 18:32 - 2014-07-08 19:41 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-18 18:27 - 2014-07-08 19:41 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-18 18:12 - 2014-07-08 19:41 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-18 17:59 - 2014-07-08 19:41 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-18 17:58 - 2014-07-08 19:41 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-18 17:58 - 2014-07-08 19:41 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-18 17:57 - 2014-07-08 19:41 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-06-18 17:52 - 2014-07-08 19:41 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-18 17:51 - 2014-07-08 19:41 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-18 17:49 - 2014-07-08 19:41 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-18 17:45 - 2014-07-08 19:41 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-18 17:35 - 2014-07-08 19:41 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-18 17:34 - 2014-07-08 19:41 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-18 17:15 - 2014-07-08 19:41 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-18 17:13 - 2014-07-08 19:41 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-18 17:09 - 2014-07-08 19:41 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-18 17:07 - 2014-07-08 19:41 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-18 16:44 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-06-18 14:59 - 2014-04-21 21:27 - 00000000 ____D () C:\Users\Daniel\VirtualBox VMs
2014-06-18 13:54 - 2014-06-12 22:02 - 00018371 ____H () C:\Users\Daniel\Desktop\~WRL0745.tmp
2014-06-18 13:31 - 2013-05-09 22:39 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-17 16:39 - 2013-05-10 17:28 - 00007611 _____ () C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg
2014-06-16 17:26 - 2014-07-08 19:42 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-06-16 17:24 - 2014-07-08 19:42 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-06-16 12:36 - 2014-06-16 12:36 - 00001167 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Speccy.lnk
2014-06-16 12:35 - 2014-06-16 12:35 - 00000000 ____D () C:\Program Files\Speccy
2014-06-16 12:33 - 2014-06-16 12:33 - 04890736 _____ (Piriform Ltd) C:\Users\Daniel\Downloads\spsetup126.exe
2014-06-16 00:08 - 2014-03-28 20:21 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Battle.net
2014-06-15 23:43 - 2014-03-28 20:21 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-15 23:43 - 2013-10-13 14:39 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-06-15 20:59 - 2012-12-07 07:47 - 00036612 _____ () C:\WINDOWS\DPINST.LOG
2014-06-15 16:07 - 2014-06-15 16:07 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-06-15 15:51 - 2013-11-14 02:20 - 00015062 _____ () C:\WINDOWS\PFRO.log
2014-06-15 14:46 - 2014-06-15 14:22 - 00000000 ____D () C:\Users\Daniel\Documents\Dolphin Emulator
2014-06-15 01:39 - 2014-06-15 01:39 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-06-15 01:37 - 2014-06-01 22:20 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-06-15 01:37 - 2014-06-01 22:20 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-06-15 01:34 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-06-15 01:34 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-06-15 01:34 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-06-15 01:19 - 2014-06-15 01:19 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-13 11:45 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-13 11:45 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-13 11:45 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-13 11:45 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-12 19:59 - 2014-06-12 19:59 - 04479808 _____ () C:\Users\Daniel\Downloads\LockDownSFX-107-01.exe
2014-06-12 19:59 - 2014-06-12 19:59 - 00001973 _____ () C:\Users\Public\Desktop\LockDown Browser.lnk
2014-06-12 19:59 - 2014-06-12 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Respondus
2014-06-12 19:59 - 2014-06-12 19:59 - 00000000 ____D () C:\Program Files (x86)\Respondus LockDown Browser
2014-06-12 19:59 - 2012-12-07 07:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-12 19:42 - 2013-05-02 08:17 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-06-11 15:28 - 2014-06-11 15:28 - 00000000 ____D () C:\Users\Daniel\Documents\OneNote Notebooks
2014-06-11 11:37 - 2014-06-11 11:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-10 17:13 - 2014-06-10 17:13 - 00299704 _____ () C:\WINDOWS\Minidump\061014-29375-01.dmp
2014-06-10 12:03 - 2013-04-23 08:13 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
 
Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Daniel\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Daniel\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Daniel\AppData\Local\Temp\SpotifyUninstall.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-09 13:53
 
==================== End Of Log ============================
Link to post
Share on other sites
thebigd

thebigd

Posted
  • Author
Posted

Furthermore, Here is my Addition file from the Farbar Recovery Scan Tool, as instructed by this post: https://forums.malwa...at-do-i-do-now/

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2014
Ran by Daniel at 2014-07-10 11:30:27
Running from C:\Users\Daniel\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
„Windows Live Essentials“ (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 16.4.3503.0728 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 16.4.3503.0728 - „Microsoft Corporation“) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - )
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Batman: Arkham City™ GOTY (HKLM-x32\...\GFWL_{57520FA0-DF38-46A1-8046-3B1000008500}) (Version: 1.0.0000.133 - WB Games)
Batman: Arkham City™ GOTY (x32 Version: 1.0.0000.133 - WB Games) Hidden
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1208.0301 - Micro-Star International Co., Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 4.0.1211.2901 - Micro-Star International Co., Ltd.)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
ComicRack v0.9.175 (HKLM\...\ComicRack) (Version: v0.9.175 - cYo Soft)
Corsair M95 Firmware Update Application (HKLM-x32\...\{4E44154D-0699-4D6C-996F-66D47B9A40D2}_is1) (Version:  - )
Corsair M95 Gaming Mouse Driver V1.0 (HKLM-x32\...\{9C9EA6B0-2138-4111-BF26-9D0D40D12C0F}_is1) (Version: 1.00.00.11 - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5202.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.5202.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version:  - FromSoftware, Inc)
Deus Ex (HKLM-x32\...\Deus Ex) (Version:  - )
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DmC Devil May Cry (HKLM-x32\...\Steam App 220440) (Version:  - Ninja Theory)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.3.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version:  - SEIKO EPSON Corporation)
Epson XP-410 User's Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-410 User's Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Fallout (HKLM-x32\...\Steam App 38400) (Version:  - Interplay Inc.)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version:  - Square Enix)
Fotoattēlu galerija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerii (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
KB9X Radio Switch Driver (HKLM\...\B16388B2E5D3CBA8F0EE88A8C5459BADAF4DE251) (Version: 1.0.7112.20593 - ENE TECHNOLOGY INC.)
KeePass Password Safe 1.27 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.27 - Dominik Reichl)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
KLM (HKLM-x32\...\InstallShield_{4DEA5B85-6C56-45F3-AE00-FED756B0D3B4}) (Version: 1.0.1112.1901 - Micro-Star International Co., Ltd.)
KLM (x32 Version: 1.0.1112.1901 - Micro-Star International Co., Ltd.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mathematica Extras 9.0 (4055459) (HKLM\...\A-WIN-Extras 9.0.1 4055459_is1) (Version: 9.0.1 - Wolfram Research, Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics Add-In for Word and OneNote (HKLM-x32\...\{90150000-00D8-0409-0000-0000000FF1CE}) (Version: 15.0.4481.1002 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4623.1003 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4623.1003 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1165.0612 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Minecraft1.7.9 (HKLM-x32\...\Minecraft1.7.9) (Version:  - )
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSI Remind Manager (HKLM-x32\...\{7359585E-A828-4EFC-8177-7D1883DDA0B5}) (Version: 2.12.1003 - MSI)
MSI VGA Overclock Tool (HKLM-x32\...\{26C18D1A-CA42-4682-8CBA-98929848278A}) (Version: 12.06.0601 - MSI)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.3.0.12 - Symantec Corporation)
NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Pošta Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Prince of Persia: The Sands of Time (HKLM-x32\...\Steam App 13600) (Version:  - Kudosoft)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.437 - Qualcomm Atheros)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.437 - Qualcomm Atheros) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.)
Respondus LockDown Browser (HKLM-x32\...\{C0E5147E-C9F3-4360-9ED0-2E875F11766C}) (Version: 1.02.0001 - Respondus, Inc.)
Sacrifice (HKLM-x32\...\{6231FDA0-7E6F-11D4-A671-006008D09831}) (Version:  - )
SCM (HKLM\...\{FA8AB91A-0B41-4797-9015-9B3FBC7834CC}) (Version: 10.012.09132 -  )
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Software Updater (HKLM-x32\...\{129C5695-0C85-4D78-827B-6CF2B0155F05}) (Version: 4.2.0 - SEIKO EPSON CORPORATION)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.22.gf87988f9 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
StepMania v5.0 beta 2a (remove only) (HKLM-x32\...\StepMania 5) (Version:  - StepMania Team)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.010 - MSI)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Thief Gold (HKLM-x32\...\Steam App 211600) (Version:  - Looking Glass Studios)
THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.04.02 - Creative Technology Limited)
Transistor (HKLM-x32\...\Transistor_is1) (Version:  - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Valokuvavalikoima (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Intel (NETwNe64) net  (09/12/2012 15.5.4.45) (HKLM\...\A007E57753F87B14A4737DA95057F173950A6A3D) (Version: 09/12/2012 15.5.4.45 - Intel)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3503.0728 - společnost Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3503.0728 - Корпорація Майкрософт) Hidden
Windows Live Messenger (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3503.0728 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3503.0728 - Корпорация Майкрософт) Hidden
Windows Live Messenger (x32 Version: 16.4.3503.0728 - Корпорація Майкрософт) Hidden
Windows Live MIME IFilter (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Pošta (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live メール (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live 메일 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live 필수 패키지 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Wolfram Mathematica 9 (M-WIN-L 9.0.1 4055652) (HKLM\...\M-WIN-L 9.0.1 4055652_is1) (Version: 9.0.1 - Wolfram Research, Inc.)
Συλλογή φωτογραφιών (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 16.4.3503.0728 - Корпорация Майкрософт) Hidden
Фотоальбом (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Фотоколекція (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
フォト ギャラリー (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
معرض الصور (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
사진 갤러리 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
 
==================== Restore Points  =========================
 
20-06-2014 03:32:34 Installed DirectX
29-06-2014 03:36:37 Scheduled Checkpoint
07-07-2014 08:01:36 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0419E610-C446-47A2-B3DE-9A9039BE3436} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {05039F76-1F9D-4BFB-9ACE-154C10785311} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {11D412EB-103A-4B1E-8DD0-1F257DDDC028} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {149AC67E-49DA-48FC-B00F-5C96A5BDA6C0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {16A333E4-E076-427B-9D19-41CF6A97E0E2} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1154547124-2327209256-1540992038-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {17EDFFC7-23C3-4FFD-A59F-8DF5C463D2BC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-08] (Microsoft Corporation)
Task: {1EF0C895-8FC6-4B01-A6C4-41D25BF62227} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {3075E4CA-FA2F-42A1-987A-4A90786CC3EE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3A4C19CA-006C-4B80-B46E-DBED2FA10C49} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3CFF87AE-3118-42F4-81DB-30F2FD7A873C} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {4838B8BE-FF18-47A8-94C5-62280F3385A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-29] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4DCB7A9D-AC6D-4AC0-984D-920F7B8D5706} - System32\Tasks\EPSON XP-410 Series Invitation {916CA065-A97C-4543-9414-76866D10E65E} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {4DD66F53-26CE-407F-A5FF-C7ABA1FAB241} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {50E90160-F29C-4185-B57E-6FABD6FB6E53} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {537B0D8A-BC7D-44DB-9BAD-CA44F261F62E} - System32\Tasks\EPSON XP-410 Series Update {916CA065-A97C-4543-9414-76866D10E65E} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {573F1E2A-FB7C-4393-B546-964E81BF7963} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-05-13] (Microsoft Corporation)
Task: {5DE0BA75-3D0E-491C-8A78-1D2687F180F1} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {62339840-9E05-40BC-AF80-5951AEA5BDAD} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-12] (Microsoft Corporation)
Task: {63A49A9D-6DF3-4229-8E93-B4CCC76FAAF2} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {6681437B-9BBA-453C-8ED9-3616EF169A82} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {7472CF23-05E6-4DC6-854B-929156282E34} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-12-07] (Synaptics Incorporated)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {82E59406-FEEC-4668-862E-E60D667683AE} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8DC3CBFB-22B4-4A54-98AB-762A6C95D2DC} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {9CACD137-ECA7-42C8-BFA5-FF7FE16F342B} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A90E09DB-CD88-4D1C-905E-F6E2E13446C1} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe [2014-05-10] (Symantec Corporation)
Task: {BF577828-2DF9-43A0-93EC-BC302046BEB5} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DDC1992C-D46B-4F15-9360-B2E27D2453BD} - System32\Tasks\Shutdown => C:\WINDOWS\system32\Shutdown.exe [2013-08-22] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EF48056B-FBDB-4126-9046-C142D18BEA76} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DANIEL-Daniel Daniel => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-06-12] (Microsoft Corporation)
Task: {FAD38D29-AE35-4B35-AA7A-E049F208B800} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-29] (Google Inc.)
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {916CA065-A97C-4543-9414-76866D10E65E}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {916CA065-A97C-4543-9414-76866D10E65E}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1154547124-2327209256-1540992038-1002Core1cf8bdf5a91e8ca.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-03-10 18:32 - 2014-05-19 21:44 - 00014280 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-03-17 02:38 - 2014-05-19 20:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-20 17:31 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-09-25 01:08 - 2012-09-25 01:08 - 00490496 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
2011-05-09 22:46 - 2011-05-09 22:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-09 22:56 - 2011-05-09 22:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-09 22:47 - 2011-05-09 22:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2012-09-25 01:08 - 2012-09-25 01:08 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-09 22:48 - 2011-05-09 22:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2011-05-10 14:32 - 2011-05-10 14:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2014-06-12 19:28 - 2014-06-12 19:28 - 08890536 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-12-07 08:00 - 2010-05-04 14:00 - 00237056 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2012-08-10 20:28 - 2012-08-10 20:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-06-06 18:18 - 2012-06-06 18:18 - 00089088 _____ () C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe
2014-02-25 22:11 - 2014-06-29 05:26 - 00598072 _____ () C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-31 10:05 - 2013-10-31 10:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2014-04-11 02:11 - 2014-04-11 02:11 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\f95a84be655dce46534e2570f3b8bef6\PSIClient.ni.dll
2012-12-07 07:51 - 2012-12-07 17:57 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-06-12 19:28 - 2014-06-12 19:28 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-03-10 18:32 - 2014-05-19 21:44 - 00012120 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-06-02 00:26 - 2013-06-02 00:26 - 00133640 _____ () C:\Program Files (x86)\Mumble\mumble_ol.dll
2014-06-12 19:26 - 2014-06-12 19:26 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2013-08-04 17:00 - 2012-05-14 12:43 - 00043008 _____ () C:\Program Files (x86)\corsair\M95 Mouse\hidGetKey.dll
2014-06-10 14:29 - 2014-06-05 08:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-10 14:29 - 2014-06-05 08:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-10 14:29 - 2014-06-05 08:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-10 14:29 - 2014-06-05 08:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-10 14:29 - 2014-06-05 08:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-06-10 14:29 - 2014-06-05 08:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
2014-06-18 12:48 - 2014-05-30 20:27 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-06-18 12:48 - 2014-05-30 20:27 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-06-18 12:48 - 2014-05-30 20:27 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-06-18 12:48 - 2014-05-30 20:27 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-06-18 12:49 - 2014-06-26 17:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-06-18 12:49 - 2014-06-30 16:47 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll
2014-06-18 12:48 - 2014-04-28 19:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2014-06-18 12:48 - 2014-05-01 18:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-06-18 12:48 - 2013-06-14 18:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2014-06-18 12:48 - 2013-06-14 18:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2014-06-18 12:48 - 2013-06-14 18:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-06-18 12:49 - 2014-06-30 16:46 - 00130752 _____ () C:\Program Files (x86)\Steam\bin\audio.dll
2014-06-18 12:48 - 2014-05-30 20:27 - 00071680 _____ () C:\Program Files (x86)\Steam\bin\mssmp3.asi
2014-06-18 12:48 - 2014-05-30 20:27 - 00153088 _____ () C:\Program Files (x86)\Steam\bin\mssvoice.asi
2014-02-25 22:11 - 2014-06-29 05:26 - 36966968 _____ () C:\Users\Daniel\AppData\Roaming\Spotify\Data\libcef.dll
2014-02-25 22:11 - 2014-06-29 05:26 - 00886840 _____ () C:\Users\Daniel\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-02-25 22:11 - 2014-06-29 05:26 - 00108600 _____ () C:\Users\Daniel\AppData\Roaming\Spotify\Data\libegl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade
AlternateDataStreams: C:\Users\Daniel\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKCU\...\StartupApproved\Run: => "Spotify"
HKCU\...\StartupApproved\Run: => "SkyDrive"
HKCU\...\StartupApproved\Run: => "Steam"
HKCU\...\StartupApproved\Run: => "ooVoo.exe"
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/10/2014 02:41:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8359
 
Error: (07/10/2014 02:41:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8359
 
Error: (07/10/2014 02:41:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/10/2014 02:41:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7156
 
Error: (07/10/2014 02:41:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7156
 
Error: (07/10/2014 02:41:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/10/2014 02:41:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5968
 
Error: (07/10/2014 02:41:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5968
 
Error: (07/10/2014 02:41:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/10/2014 02:41:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4797
 
 
System errors:
=============
Error: (07/10/2014 11:27:21 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer ROUTER
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A5EF661C-99EF-41AE-9628-FCE6B506B3FE}.
The master browser is stopping or an election is being forced.
 
Error: (07/09/2014 10:53:31 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (07/09/2014 08:39:26 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer CHRISTOPHER-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A5EF661C-99EF-41AE-9628-FCE6B506B3FE}.
The master browser is stopping or an election is being forced.
 
Error: (07/09/2014 07:19:40 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer CHRISTOPHER-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A5EF661C-99EF-41AE-9628-FCE6B506B3FE}.
The master browser is stopping or an election is being forced.
 
Error: (07/09/2014 06:13:08 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer ASUS
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A5EF661C-99EF-41AE-9628-FCE6B506B3FE}.
The master browser is stopping or an election is being forced.
 
Error: (07/09/2014 06:05:29 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 172.16.25.28.
The computer with the IP address 172.16.25.85 did not allow the name to be claimed by
this computer.
 
Error: (07/09/2014 01:39:13 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Background Intelligent Transfer Service service terminated with the following service-specific error: 
%%2147942450
 
Error: (07/09/2014 01:39:13 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
Description: The BITS service failed to start.  Error 2147942450.
 
Error: (07/09/2014 01:34:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:26:41 AM on ‎7/‎9/‎2014 was unexpected.
 
Error: (07/08/2014 11:46:09 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer JOSEPH-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A5EF661C-99EF-41AE-9628-FCE6B506B3FE}.
The master browser is stopping or an election is being forced.
 
 
Microsoft Office Sessions:
=========================
Error: (07/10/2014 02:41:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8359
 
Error: (07/10/2014 02:41:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8359
 
Error: (07/10/2014 02:41:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/10/2014 02:41:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7156
 
Error: (07/10/2014 02:41:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7156
 
Error: (07/10/2014 02:41:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/10/2014 02:41:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5968
 
Error: (07/10/2014 02:41:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5968
 
Error: (07/10/2014 02:41:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/10/2014 02:41:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4797
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-04-16 14:36:38.104
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-04-16 14:16:42.714
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-04-16 00:49:03.367
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-04-16 00:47:36.247
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-04-15 18:11:14.416
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-04-15 18:10:42.718
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-04-15 18:10:41.779
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-04-15 18:08:31.419
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-04-15 18:07:58.028
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-04-15 18:06:43.469
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 25%
Total physical RAM: 16275.58 MB
Available physical RAM: 12202.99 MB
Total Pagefile: 32659.58 MB
Available Pagefile: 27497.32 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (OS_Install) (Fixed) (Total:676.43 GB) (Free:299.01 GB) NTFS
Drive d: (The Big ) (Fixed) (Total:698.51 GB) (Free:679.29 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 8A440388)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Hello and :welcome:

Please read the following and post back the logs when ready and we'll see about getting you cleaned up.

General P2P/Piracy Warning:
 
 

 
If you're using
Peer 2 Peer
software such as
uTorrent, BitTorrent
or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have
illegal/cracked software, cracks, keygens etc
. on the system, please remove or uninstall them now and read the policy on
Piracy
.



 
Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.
  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
    • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

    [*]Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive [*]Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you. [*]The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone. [*]Perform everything in the correct order. Sometimes one step requires the previous one. [*]If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue. [*]You can check here if you're not sure if your computer is 32-bit or 64-bit [*]Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners. [*]When we are done, I'll give you instructions on how to cleanup all the tools and logs [*]Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. [*]Your topic will be closed if you haven't replied within 3 days [*](If I have not responded within 24 hours, please send me a Private Message as a reminder)


 
STEP 0
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.
 


Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.
  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02
Please run a Threat Scan with MBAM.  If you're unable to run or complete the scan as shown below please see the following:  MBAM Clean Removal Process 2x
When reinstalling the program please try the latest version.

Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.
 
 
STEP 03
Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.


Thank you
 

Link to post
Share on other sites
thebigd

thebigd

Posted
  • Author
Posted

I am having trouble completing this step:

 

  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.

due to the fact that I am not given the option to disallow ERUNT from creating a startup folder.

 

How should I proceed?

Link to post
Share on other sites
thebigd

thebigd

Posted
  • Author
Posted
Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 7/14/2014

Scan Time: 7:33:05 PM

Logfile: 

Administrator: Yes

 

Version: 2.00.2.1012

Malware Database: v2014.07.14.14

Rootkit Database: v2014.07.14.01

License: Premium

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 8.1

CPU: x64

File System: NTFS

User: Daniel

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 320578

Time Elapsed: 11 min, 44 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 1

PUP.Optional.SweetPacks.A, C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ ""http://www.google.com", "http://www.msn.com/?pc=UP93&ocid=UP93DHP&dt=041413", "http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={811B33B0-C824-11E2-BE97-8C89A5090DE5}", "http://start.sweetpacks.com/?barid={811B33B0-C824-11E2-BE97-8C89A5090DE5}&src=10&crg=3.5000006.10042&st=23" ],), Replaced,[8ee65d426417171f0387d6fa2fd5936d]

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites
thebigd

thebigd

Posted
  • Author
Posted
RogueKiller V9.2.3.0 (x64) [Jul 11 2014] by Adlice Software





 

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version

Started in : Normal mode

User : Daniel [Admin rights]

Mode : Scan -- Date : 07/14/2014  20:09:11

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 8 ¤¤¤

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 208.67.222.222 209.18.47.62 208.67.220.220  -> FOUND

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 208.67.222.222 209.18.47.62 208.67.220.220  -> FOUND

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A5EF661C-99EF-41AE-9628-FCE6B506B3FE} | DhcpNameServer : 208.67.222.222 209.18.47.62 208.67.220.220  -> FOUND

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{A5EF661C-99EF-41AE-9628-FCE6B506B3FE} | DhcpNameServer : 208.67.222.222 209.18.47.62 208.67.220.220  -> FOUND

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND

 

¤¤¤ Scheduled tasks : 0 ¤¤¤

 

¤¤¤ Files : 0 ¤¤¤

 

¤¤¤ HOSTS File : 0 ¤¤¤

 

¤¤¤ Antirootkit : 2 (Driver: LOADED) ¤¤¤

[EAT:Addr] (explorer.exe) UIAutomationCore.DLL - GetOpenCompiler10Size : C:\WINDOWS\SYSTEM32\igdusc64.dll @ 0x7ffc583313a0

[EAT:Addr] (explorer.exe) UIAutomationCore.DLL - OpenCompiler10 : C:\WINDOWS\SYSTEM32\igdusc64.dll @ 0x7ffc58331000

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ MBR Check : ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS727575A9E364 +++++

--- User ---

[MBR] 87617264457380b43b250225ed78df6a

[bSP] 790ba8a92d91faeab986d816823a6dcb : Empty MBR Code

Partition table:

0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB

User = LL1 ... OK

User = LL2 ... OK

 

+++++ PhysicalDrive1: ST9750420AS +++++

--- User ---

[MBR] 0086f36f0b7bc8b257f89fc226376c3d

[bSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code

Partition table:

0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB

User = LL1 ... OK

User = LL2 ... OK

 

 

============================================

RKreport_SCN_07142014_195826.log

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Yes, typically once done scanning you need to re-enable your antivirus.

 

 

Please go ahead and run through the following steps and post back the logs when ready.
 
STEP 04
Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus


STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.


STEP 06
Please open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkits, Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button. Remove any threats found
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.


STEP 07
button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology


    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.


STEP 08
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

Link to post
Share on other sites
thebigd

thebigd

Posted
  • Author
Posted
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.3 (03.23.2014:1)

OS: Windows 8.1 x64

Ran by Daniel on Tue 07/15/2014 at 22:09:53.00

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1154547124-2327209256-1540992038-1002\Software\sweetim

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\putlockerdownloader

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\apn"

Successfully deleted: [Folder] "C:\ProgramData\tarma installer"

Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Tue 07/15/2014 at 22:13:19.69

Computer was rebooted

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites
thebigd

thebigd

Posted
  • Author
Posted

  # AdwCleaner v3.215 - Report created 15/07/2014 at 22:31:51

# Updated 09/07/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Daniel - DANIEL
# Running from : C:\Users\Daniel\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Daniel\AppData\Local\PutLockerDownloader
File Deleted : C:\WINDOWS\System32\roboot64.exe
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\Software\PIP
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Mozilla Firefox v
 
[ File : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [startup_urls] : hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={811B33B0-C824-11E2-BE97-8C89A5090DE5}
Deleted [startup_urls] : hxxp://start.sweetpacks.com/?barid={811B33B0-C824-11E2-BE97-8C89A5090DE5}&src=10&crg=3.5000006.10042&st=23
 
*************************
 
AdwCleaner[R0].txt - [1343 octets] - [15/07/2014 22:18:35]
AdwCleaner[s0].txt - [1276 octets] - [15/07/2014 22:31:51]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1336 octets] ##########
Link to post
Share on other sites
thebigd

thebigd

Posted
  • Author
Posted
Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 7/15/2014

Scan Time: 11:10:05 PM

Logfile: 

Administrator: Yes

 

Version: 2.00.2.1012

Malware Database: v2014.07.16.02

Rootkit Database: v2014.07.14.01

License: Premium

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 8.1

CPU: x64

File System: NTFS

User: Daniel

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 321117

Time Elapsed: 11 min, 57 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 1

PUP.Optional.SweetPacks.A, C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ ""http://www.google.com", "http://www.msn.com/?pc=UP93&ocid=UP93DHP&dt=041413", "http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={811B33B0-C824-11E2-BE97-8C89A5090DE5}", "http://start.sweetpacks.com/?barid={811B33B0-C824-11E2-BE97-8C89A5090DE5}&src=10&crg=3.5000006.10042&st=23" ],), Replaced,[1163cbd45922171fe29b5a78e91b40c0]

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please go into Control Panel, Add/Remove and uninstall ALL versions of Java and then run the following.
 
Please download JavaRa-1.16 and save it to your computer.

  • Double click to open the zip file and then select all and choose Copy.
  • Create a new folder on your Desktop named RemoveJava and paste the files into this new folder.
  • Quit all browsers and other running applications.
  • Right-click on JavaRa.exe in RemoveJava folder and choose Run as administrator to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it in your next reply.

Next:
 
Please Run TFC by OldTimer to clear temporary files:
  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.


 
 

Then restart the computer again and run a new FRST scan and make sure you put a check mark in the ADDITIONS.TXT check box and post back both new logs when ready.

Link to post
Share on other sites
thebigd

thebigd

Posted
  • Author
Posted

ESET Online scanner file:

 

C:\Users\Daniel\Desktop\unsorted music\flstudio_10.0.9.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\Daniel\Documents\APNSetup.exe a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application deleted - quarantined
C:\Users\Daniel\Downloads\spsetup126.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
Link to post
Share on other sites
thebigd

thebigd

Posted
  • Author
Posted
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01

Ran by Daniel (administrator) on DANIEL on 16-07-2014 15:37:15

Running from C:\Users\Daniel\Desktop

Platform: Windows 8.1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe

(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe

(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe

(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe

() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILAE.EXE

(Spotify Ltd) C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google) C:\Users\Daniel\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe

() C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe

(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\KLM\KLM.exe

(Corsair Components  Inc) C:\Program Files (x86)\corsair\M95 Mouse\M95Hid.exe

(Corsair Components  Inc) C:\Program Files (x86)\corsair\M95 Mouse\CorsTra.exe

(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [bTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)

HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [403848 2012-09-13] (MSI)

HKLM\...\Run: [sCM] => C:\Program Files (x86)\SCM\SCM.exe [399776 2012-09-13] (MSI)

HKLM\...\Run: [THXCfg64] => C:\Windows\system32\THXCfg64.dll [25600 2010-09-14] (Creative Technology Ltd.)

HKLM\...\Run: [btTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)

HKLM\...\Run: [btvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Qualcomm Atheros Commnucations)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

HKLM\...\Run: [shadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1279480 2014-05-29] (NVIDIA Corporation)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-29] (NVIDIA Corporation)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-12-07] (Synaptics Incorporated)

HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)

HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1517056 2011-08-29] (Creative Technology Ltd)

HKLM-x32\...\Run: [updReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)

HKLM-x32\...\Run: [super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502328 2012-05-22] (MSI)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)

HKLM-x32\...\Run: [bDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-04-02] (cyberlink)

HKLM-x32\...\Run: [VGAOCAP] => C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe [89088 2012-06-06] ()

HKLM-x32\...\Run: [KLM] => C:\Program Files (x86)\MSI\KLM\KLM.exe [1522376 2011-12-19] (Micro-Star International Co., Ltd.)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)

HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)

HKLM-x32\...\Run: [Corsair Duke] => C:\Program Files (x86)\Corsair\M95 Mouse\M95Hid.exe [1769984 2013-05-27] (Corsair Components  Inc)

HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)

HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)

Winlogon\Notify\igfxcui: igfxdev.dll [X]

HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [skyDrive] => C:\Users\Daniel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251080 2014-06-20] (Microsoft Corporation)

HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-07-11] (Valve Corporation)

HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [Google Update] => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-23] (Google Inc.)

HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [spotify Web Helper] => C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-29] (Spotify Ltd)

HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [spotify] => C:\Users\Daniel\AppData\Roaming\Spotify\spotify.exe [6189624 2014-06-29] (Spotify Ltd)

HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Policies\Explorer: [NoChangeStartMenu] 0

HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Policies\Explorer: [NoLogOff] 0

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-19] (NVIDIA Corporation)

AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-05-19] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-05-19] (NVIDIA Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk

ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()

Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk

ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi13.msn.com

SearchScopes: HKLM - DefaultScope {F1DED5B2-8519-4E87-935E-D46700481619} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;

SearchScopes: HKLM - {F1DED5B2-8519-4E87-935E-D46700481619} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;

SearchScopes: HKLM-x32 - DefaultScope value is missing.

SearchScopes: HKLM-x32 - {F1DED5B2-8519-4E87-935E-D46700481619} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;

SearchScopes: HKCU - {F1DED5B2-8519-4E87-935E-D46700481619} URL = 

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)

BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 209.18.47.62 208.67.220.220

 

FireFox:

========

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.0.0.5099479\npmathplugin.dll (Wolfram Research, Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

FF Plugin ProgramFiles/Appdata: C:\Users\Daniel\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Daniel\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\coFFPlgn

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\coFFPlgn [2014-07-15]

FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\IPSFF

FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\IPSFF [2014-04-14]

 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com/

CHR StartupUrls: "hxxp://search.fantastigames.com/453", "hxxp://www.google.com", "hxxp://www.msn.com/?pc=UP93&ocid=UP93DHP&dt=041413", "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={811B33B0-C824-11E2-BE97-8C89A5090DE5}", "hxxp://start.sweetpacks.com/?barid={811B33B0-C824-11E2-BE97-8C89A5090DE5}&src=10&crg=3.5000006.10042&st=23"

CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-29]

CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-29]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]

CHR Extension: (James White) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-06-14]

CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-29]

CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-14]

CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-29]

CHR Extension: (Norton Identity Protection) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-06-13]

CHR Extension: (Hangouts) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-06-14]

CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]

CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-29]

CHR HKLM-x32\...\Chrome\Extension: [koalekbhpbggkcfhkkbolikjoaobbppi] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx [2013-04-29]

CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\Exts\Chrome.crx [2014-07-15]

 

==================== Services (Whitelisted) =================

 

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)

S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [247768 2013-04-02] (CyberLink)

R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)

R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-12-07] (Intel Corporation)

S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2012-09-13] (Micro-Star International Co., Ltd.) [File not signed]

R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)

R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [142904 2012-05-22] (MSI)

R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe [276376 2014-06-27] (Symantec Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)

R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]

R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [490496 2012-09-25] () [File not signed]

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

 

==================== Drivers (Whitelisted) ====================

 

R3 akw8x64; C:\Windows\system32\DRIVERS\akw8x64.sys [3203440 2012-09-25] (Qualcomm Atheros, Inc.)

S1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2012-09-25] (Qualcomm Atheros, Inc.)

R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)

S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)

R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1504000.00D\ccSetx64.sys [162392 2014-02-24] (Symantec Corporation)

S3 DUKEMS; C:\Windows\system32\drivers\DUKEMS.sys [25600 2012-08-16] ( )

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-10] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-10] (Symantec Corporation)

R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\IPSDefs\20140715.001\IDSvia64.sys [525016 2014-04-11] (Symantec Corporation)

S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [17936 2011-12-12] (Windows ® Win 7 DDK provider)

R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [164720 2012-09-25] (Qualcomm Atheros, Inc.)

S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)

R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\VirusDefs\20140715.008\ENG64.SYS [126040 2014-06-04] (Symantec Corporation)

R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\VirusDefs\20140715.008\EX64.SYS [2099288 2014-06-04] (Symantec Corporation)

R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation)

R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1504000.00D\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1504000.00D\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\NISx64\1504000.00D\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\NISx64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)

S0 SymELAM; C:\Windows\System32\drivers\NISx64\1504000.00D\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-04-14] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NISx64\1504000.00D\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)

S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)

S3 WsAudio_Device(1); C:\Windows\system32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)

S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]

S3 MBfilt; \SystemRoot\system32\drivers\MBfilt64.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-07-16 15:37 - 2014-07-16 15:37 - 00028293 _____ () C:\Users\Daniel\Desktop\FRST.txt

2014-07-16 15:35 - 2014-07-16 15:35 - 02086912 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe

2014-07-16 02:00 - 2014-07-16 02:00 - 00000389 _____ () C:\Users\Daniel\Desktop\threats.txt

2014-07-15 23:27 - 2014-07-15 23:27 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-07-15 23:25 - 2014-07-15 23:27 - 02347384 _____ (ESET) C:\Users\Daniel\Desktop\esetsmartinstaller_enu.exe

2014-07-15 22:47 - 2014-07-15 22:47 - 00000000 ___RD () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2014-07-15 22:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll

2014-07-15 22:18 - 2014-07-15 22:32 - 00000000 ____D () C:\AdwCleaner

2014-07-15 22:15 - 2014-07-15 22:15 - 01348263 _____ () C:\Users\Daniel\Desktop\AdwCleaner.exe

2014-07-15 22:15 - 2014-07-15 22:15 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security

2014-07-15 22:13 - 2014-07-15 22:13 - 00001910 _____ () C:\Users\Daniel\Desktop\JRT.txt

2014-07-15 09:23 - 2014-07-15 09:23 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-07-15 09:22 - 2014-07-15 09:22 - 01016261 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe

2014-07-14 19:50 - 2014-07-14 20:03 - 00030312 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys

2014-07-14 19:50 - 2014-07-14 19:50 - 00000000 ____D () C:\ProgramData\RogueKiller

2014-07-14 19:48 - 2014-07-14 19:49 - 05336664 _____ () C:\Users\Daniel\Downloads\RogueKillerX64.exe

2014-07-14 19:26 - 2014-07-14 19:26 - 00000000 ____D () C:\WINDOWS\ERDNT

2014-07-14 19:25 - 2014-07-14 19:25 - 00000950 _____ () C:\Users\Daniel\Desktop\NTREGOPT.lnk

2014-07-14 19:25 - 2014-07-14 19:25 - 00000931 _____ () C:\Users\Daniel\Desktop\ERUNT.lnk

2014-07-14 19:25 - 2014-07-14 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT

2014-07-14 19:25 - 2014-07-14 19:25 - 00000000 ____D () C:\Program Files (x86)\ERUNT

2014-07-14 19:14 - 2014-07-14 19:14 - 00791393 _____ (Lars Hederer ) C:\Users\Daniel\Downloads\erunt-setup (1).exe

2014-07-14 18:08 - 2014-07-14 18:08 - 00791393 _____ (Lars Hederer ) C:\Users\Daniel\Downloads\erunt-setup.exe

2014-07-14 17:30 - 2014-07-14 17:31 - 00002624 _____ () C:\Users\Daniel\Desktop\Rkill.txt

2014-07-14 17:30 - 2014-07-14 17:30 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Daniel\Downloads\rkill.exe

2014-07-14 17:19 - 2014-07-14 17:19 - 00000299 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk

2014-07-12 23:33 - 2014-07-12 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

2014-07-12 23:33 - 2014-07-12 23:33 - 00000000 ____D () C:\Program Files (x86)\QuickTime

2014-07-12 23:22 - 2014-07-12 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-07-12 23:21 - 2014-07-12 23:21 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-07-12 23:21 - 2014-07-12 23:21 - 00000000 ____D () C:\Program Files\iTunes

2014-07-12 23:21 - 2014-07-12 23:21 - 00000000 ____D () C:\Program Files\iPod

2014-07-12 23:21 - 2014-07-12 23:21 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-07-12 21:07 - 2014-07-12 21:07 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Wolfram Research

2014-07-12 21:06 - 2014-07-12 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica

2014-07-12 21:06 - 2014-07-12 21:06 - 00000000 ____D () C:\Program Files\Common Files\Wolfram Research

2014-07-12 16:43 - 2014-07-12 16:57 - 1998657776 _____ (Wolfram Research, Inc. ) C:\Users\Daniel\Downloads\Mathematica_10.0.0_WIN.exe

2014-07-11 19:20 - 2014-07-11 19:20 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Adobe

2014-07-11 14:17 - 2014-07-11 14:17 - 00302528 _____ () C:\WINDOWS\Minidump\071114-53578-01.dmp

2014-07-10 16:10 - 2014-07-10 16:10 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-07-10 16:10 - 2014-07-10 16:10 - 00002049 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-07-10 14:07 - 2014-07-10 14:07 - 01096832 _____ () C:\WINDOWS\Minidump\071014-52593-01.dmp

2014-07-10 13:03 - 2014-07-10 13:03 - 04991400 _____ (Adobe Systems Inc.) C:\Users\Daniel\Downloads\Shockwave_Installer_Slim.exe

2014-07-10 13:03 - 2014-07-10 13:03 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe

2014-07-10 12:50 - 2014-07-10 12:50 - 00000000 ____D () C:\MATS

2014-07-10 12:38 - 2014-07-10 12:38 - 00347816 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.12326324065198395.2.1.Run.exe

2014-07-10 11:30 - 2014-07-10 12:01 - 00049767 _____ () C:\Users\Daniel\Downloads\Addition.txt

2014-07-10 11:29 - 2014-07-16 15:37 - 00000000 ____D () C:\FRST

2014-07-10 11:29 - 2014-07-10 11:30 - 00081755 _____ () C:\Users\Daniel\Downloads\FRST.txt

2014-07-10 11:26 - 2014-07-10 11:26 - 02084352 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe

2014-07-08 22:28 - 2014-04-13 22:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll

2014-07-08 22:27 - 2014-07-08 22:27 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2014-07-08 19:42 - 2014-06-16 17:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe

2014-07-08 19:42 - 2014-06-16 17:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe

2014-07-08 19:42 - 2014-06-06 09:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-07-08 19:42 - 2014-05-29 22:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys

2014-07-08 19:42 - 2014-05-29 07:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2014-07-08 19:42 - 2014-05-29 02:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll

2014-07-08 19:42 - 2014-05-29 01:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll

2014-07-08 19:42 - 2014-05-29 01:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll

2014-07-08 19:42 - 2014-05-29 00:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll

2014-07-08 19:42 - 2014-05-29 00:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2014-07-08 19:41 - 2014-06-30 17:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2014-07-08 19:41 - 2014-06-28 02:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2014-07-08 19:41 - 2014-06-28 02:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2014-07-08 19:41 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-07-08 19:41 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-07-08 19:41 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-07-08 19:41 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-07-08 19:41 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-07-08 19:41 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-07-08 19:41 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-07-08 19:41 - 2014-06-18 18:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-07-08 19:41 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-07-08 19:41 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-07-08 19:41 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-07-08 19:41 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-07-08 19:41 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2014-07-08 19:41 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2014-07-08 19:41 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-07-08 19:41 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2014-07-08 19:41 - 2014-06-18 17:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2014-07-08 19:41 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-07-08 19:41 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-07-08 19:41 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-07-08 19:41 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-07-08 19:41 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-07-08 19:41 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-07-08 19:41 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-07-08 19:41 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-07-08 19:41 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-07-08 19:41 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-07-08 19:41 - 2014-06-06 08:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll

2014-07-08 19:41 - 2014-06-06 07:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll

2014-07-08 19:41 - 2014-05-31 05:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2014-07-08 19:41 - 2014-05-31 05:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2014-07-08 19:41 - 2014-05-30 22:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-07-08 19:41 - 2014-05-30 22:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2014-07-08 19:41 - 2014-05-30 22:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-08 19:41 - 2014-05-30 22:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2014-07-08 19:41 - 2014-05-30 22:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2014-07-08 19:41 - 2014-05-30 22:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-08 19:41 - 2014-05-30 21:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2014-07-08 19:41 - 2014-05-30 21:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2014-07-08 19:41 - 2014-05-30 21:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2014-07-08 19:41 - 2014-05-30 21:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

2014-07-08 19:41 - 2014-05-30 21:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2014-07-08 19:41 - 2014-05-30 21:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll

2014-07-08 19:41 - 2014-05-30 21:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2014-07-08 19:31 - 2014-07-08 19:31 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe

2014-07-08 03:08 - 2014-07-10 11:45 - 00014460 _____ () C:\Users\Daniel\Documents\Jul 8 2014.kdb

2014-07-08 03:07 - 2014-07-08 03:08 - 00010862 _____ () C:\Users\Daniel\Documents\Jul 8 2014.kdbx

2014-07-08 03:00 - 2014-07-08 03:00 - 00001129 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass.lnk

2014-07-08 03:00 - 2014-07-08 03:00 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe

2014-07-08 02:59 - 2014-07-08 02:59 - 01891395 _____ (Dominik Reichl ) C:\Users\Daniel\Downloads\KeePass-1.27-Setup.exe

2014-07-01 04:04 - 2014-07-01 04:04 - 00002782 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mbam.lnk

2014-06-30 09:22 - 2014-06-30 09:22 - 01034936 _____ () C:\WINDOWS\Minidump\063014-33875-01.dmp

2014-06-29 16:21 - 2014-07-15 23:09 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-06-29 16:20 - 2014-07-10 16:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-06-29 16:20 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2014-06-29 16:20 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2014-06-20 21:39 - 2014-06-20 21:39 - 00003118 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe

2014-06-20 21:39 - 2014-06-20 21:39 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe

2014-06-20 21:39 - 2014-06-20 21:39 - 00003090 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe

2014-06-20 21:39 - 2014-06-20 21:39 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe

2014-06-20 21:39 - 2014-06-20 21:39 - 00003060 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe

2014-06-20 21:39 - 2014-06-20 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center

2014-06-20 21:39 - 2014-06-20 21:39 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center

2014-06-20 15:14 - 2014-06-20 15:14 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf

2014-06-20 02:49 - 2014-06-20 02:49 - 00000000 ____D () C:\NVIDIA Corporation

2014-06-19 11:56 - 2014-06-19 11:56 - 00000874 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1154547124-2327209256-1540992038-1002Core1cf8bdf5a91e8ca.job

2014-06-19 11:51 - 2014-06-19 11:51 - 00302416 _____ () C:\WINDOWS\Minidump\061914-36031-01.dmp

2014-06-16 12:36 - 2014-06-16 12:36 - 00001167 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Speccy.lnk

2014-06-16 12:35 - 2014-06-16 12:35 - 00000000 ____D () C:\Program Files\Speccy

 

==================== One Month Modified Files and Folders =======

 

2014-07-16 15:37 - 2014-07-16 15:37 - 00028293 _____ () C:\Users\Daniel\Desktop\FRST.txt

2014-07-16 15:37 - 2014-07-10 11:29 - 00000000 ____D () C:\FRST

2014-07-16 15:35 - 2014-07-16 15:35 - 02086912 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe

2014-07-16 15:35 - 2013-04-29 19:41 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1154547124-2327209256-1540992038-1002

2014-07-16 15:33 - 2014-03-17 02:38 - 01052637 _____ () C:\WINDOWS\WindowsUpdate.log

2014-07-16 15:33 - 2014-02-11 03:33 - 00000933 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {916CA065-A97C-4543-9414-76866D10E65E}.job

2014-07-16 15:33 - 2014-02-11 03:33 - 00000747 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {916CA065-A97C-4543-9414-76866D10E65E}.job

2014-07-16 15:33 - 2013-04-29 20:43 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-07-16 15:32 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-07-16 02:00 - 2014-07-16 02:00 - 00000389 _____ () C:\Users\Daniel\Desktop\threats.txt

2014-07-16 01:59 - 2013-05-01 19:47 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Mumble

2014-07-15 23:27 - 2014-07-15 23:27 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-07-15 23:27 - 2014-07-15 23:25 - 02347384 _____ (ESET) C:\Users\Daniel\Desktop\esetsmartinstaller_enu.exe

2014-07-15 23:09 - 2014-06-29 16:21 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-07-15 23:06 - 2013-05-02 17:04 - 00004968 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DANIEL-Daniel Daniel

2014-07-15 22:47 - 2014-07-15 22:47 - 00000000 ___RD () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2014-07-15 22:47 - 2013-04-29 20:46 - 00002213 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-07-15 22:47 - 2013-04-29 20:14 - 00000000 ____D () C:\Users\Daniel\AppData\Local\CrashDumps

2014-07-15 22:47 - 2012-12-07 07:42 - 00000000 ____D () C:\temp

2014-07-15 22:46 - 2013-05-02 08:32 - 00000000 ___DO () C:\Users\Daniel\SkyDrive

2014-07-15 22:46 - 2013-04-29 20:43 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-07-15 22:33 - 2013-11-14 02:20 - 00016756 _____ () C:\WINDOWS\PFRO.log

2014-07-15 22:33 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-07-15 22:33 - 2012-07-26 03:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP

2014-07-15 22:32 - 2014-07-15 22:18 - 00000000 ____D () C:\AdwCleaner

2014-07-15 22:32 - 2013-08-22 08:25 - 01048576 ___SH () C:\WINDOWS\system32\config\BBI

2014-07-15 22:30 - 2014-05-29 18:49 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DDFE3C04-5C53-4F08-A36C-D3E82AAEA852}

2014-07-15 22:15 - 2014-07-15 22:15 - 01348263 _____ () C:\Users\Daniel\Desktop\AdwCleaner.exe

2014-07-15 22:15 - 2014-07-15 22:15 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security

2014-07-15 22:13 - 2014-07-15 22:13 - 00001910 _____ () C:\Users\Daniel\Desktop\JRT.txt

2014-07-15 22:10 - 2013-11-10 18:34 - 00000000 ____D () C:\ProgramData\Adobe

2014-07-15 22:10 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-07-15 22:09 - 2012-11-22 08:34 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration

2014-07-15 22:09 - 2012-11-22 08:33 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64

2014-07-15 22:08 - 2014-04-14 16:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security

2014-07-15 22:08 - 2013-06-30 14:34 - 00002531 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk

2014-07-15 20:56 - 2013-05-05 04:48 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-07-15 20:48 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-07-15 09:23 - 2014-07-15 09:23 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-07-15 09:22 - 2014-07-15 09:22 - 01016261 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe

2014-07-14 20:03 - 2014-07-14 19:50 - 00030312 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys

2014-07-14 19:50 - 2014-07-14 19:50 - 00000000 ____D () C:\ProgramData\RogueKiller

2014-07-14 19:49 - 2014-07-14 19:48 - 05336664 _____ () C:\Users\Daniel\Downloads\RogueKillerX64.exe

2014-07-14 19:26 - 2014-07-14 19:26 - 00000000 ____D () C:\WINDOWS\ERDNT

2014-07-14 19:25 - 2014-07-14 19:25 - 00000950 _____ () C:\Users\Daniel\Desktop\NTREGOPT.lnk

2014-07-14 19:25 - 2014-07-14 19:25 - 00000931 _____ () C:\Users\Daniel\Desktop\ERUNT.lnk

2014-07-14 19:25 - 2014-07-14 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT

2014-07-14 19:25 - 2014-07-14 19:25 - 00000000 ____D () C:\Program Files (x86)\ERUNT

2014-07-14 19:14 - 2014-07-14 19:14 - 00791393 _____ (Lars Hederer ) C:\Users\Daniel\Downloads\erunt-setup (1).exe

2014-07-14 18:54 - 2013-11-14 02:28 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-07-14 18:08 - 2014-07-14 18:08 - 00791393 _____ (Lars Hederer ) C:\Users\Daniel\Downloads\erunt-setup.exe

2014-07-14 17:31 - 2014-07-14 17:30 - 00002624 _____ () C:\Users\Daniel\Desktop\Rkill.txt

2014-07-14 17:30 - 2014-07-14 17:30 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Daniel\Downloads\rkill.exe

2014-07-14 17:19 - 2014-07-14 17:19 - 00000299 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk

2014-07-14 16:28 - 2013-04-29 19:31 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Packages

2014-07-14 16:28 - 2013-04-08 21:44 - 00000000 ____D () C:\Users\Daniel\Desktop\GAMES

2014-07-14 16:11 - 2013-07-02 21:09 - 00835072 ___SH () C:\Users\Daniel\Downloads\Thumbs.db

2014-07-14 14:33 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports

2014-07-14 05:08 - 2014-02-25 22:11 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Spotify

2014-07-13 20:03 - 2013-08-19 02:43 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\vlc

2014-07-13 14:59 - 2013-04-08 21:43 - 00000000 ____D () C:\Users\Daniel\Desktop\Stuff

2014-07-12 23:33 - 2014-07-12 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

2014-07-12 23:33 - 2014-07-12 23:33 - 00000000 ____D () C:\Program Files (x86)\QuickTime

2014-07-12 23:22 - 2014-07-12 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-07-12 23:21 - 2014-07-12 23:21 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-07-12 23:21 - 2014-07-12 23:21 - 00000000 ____D () C:\Program Files\iTunes

2014-07-12 23:21 - 2014-07-12 23:21 - 00000000 ____D () C:\Program Files\iPod

2014-07-12 23:21 - 2014-07-12 23:21 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-07-12 21:07 - 2014-07-12 21:07 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Wolfram Research

2014-07-12 21:06 - 2014-07-12 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica

2014-07-12 21:06 - 2014-07-12 21:06 - 00000000 ____D () C:\Program Files\Common Files\Wolfram Research

2014-07-12 21:06 - 2014-04-15 12:58 - 00000000 ____D () C:\Program Files\Extras

2014-07-12 21:06 - 2014-01-30 23:21 - 00000000 ____D () C:\ProgramData\Mathematica

2014-07-12 16:57 - 2014-07-12 16:43 - 1998657776 _____ (Wolfram Research, Inc. ) C:\Users\Daniel\Downloads\Mathematica_10.0.0_WIN.exe

2014-07-12 14:10 - 2013-08-22 09:46 - 00304559 _____ () C:\WINDOWS\setupact.log

2014-07-12 01:31 - 2014-02-25 22:11 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Spotify

2014-07-12 00:56 - 2014-04-21 19:26 - 00000000 ____D () C:\Users\Daniel\.VirtualBox

2014-07-11 23:46 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-07-11 19:20 - 2014-07-11 19:20 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Adobe

2014-07-11 14:26 - 2014-03-17 02:47 - 00000000 ____D () C:\Users\Daniel

2014-07-11 14:17 - 2014-07-11 14:17 - 00302528 _____ () C:\WINDOWS\Minidump\071114-53578-01.dmp

2014-07-11 14:17 - 2014-04-13 14:13 - 00000000 ____D () C:\WINDOWS\Minidump

2014-07-11 14:16 - 2013-09-02 13:13 - 2358350621 _____ () C:\WINDOWS\MEMORY.DMP

2014-07-10 18:29 - 2014-06-15 14:22 - 00000000 ____D () C:\Users\Daniel\Documents\Dolphin Emulator

2014-07-10 16:39 - 2014-06-29 16:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-10 16:10 - 2014-07-10 16:10 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-07-10 16:10 - 2014-07-10 16:10 - 00002049 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-07-10 16:10 - 2013-11-11 16:59 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-07-10 15:56 - 2013-04-29 19:33 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Adobe

2014-07-10 14:25 - 2013-05-02 08:17 - 00000000 ____D () C:\Program Files\Microsoft Office 15

2014-07-10 14:07 - 2014-07-10 14:07 - 01096832 _____ () C:\WINDOWS\Minidump\071014-52593-01.dmp

2014-07-10 13:03 - 2014-07-10 13:03 - 04991400 _____ (Adobe Systems Inc.) C:\Users\Daniel\Downloads\Shockwave_Installer_Slim.exe

2014-07-10 13:03 - 2014-07-10 13:03 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe

2014-07-10 12:50 - 2014-07-10 12:50 - 00000000 ____D () C:\MATS

2014-07-10 12:40 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-07-10 12:40 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore

2014-07-10 12:38 - 2014-07-10 12:38 - 00347816 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.12326324065198395.2.1.Run.exe

2014-07-10 12:01 - 2014-07-10 11:30 - 00049767 _____ () C:\Users\Daniel\Downloads\Addition.txt

2014-07-10 11:45 - 2014-07-08 03:08 - 00014460 _____ () C:\Users\Daniel\Documents\Jul 8 2014.kdb

2014-07-10 11:30 - 2014-07-10 11:29 - 00081755 _____ () C:\Users\Daniel\Downloads\FRST.txt

2014-07-10 11:26 - 2014-07-10 11:26 - 02084352 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe

2014-07-09 22:53 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2014-07-09 13:40 - 2013-08-22 09:44 - 05178544 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-07-09 13:37 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-09 13:37 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-08 22:29 - 2013-08-14 11:52 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-07-08 22:28 - 2013-11-14 02:17 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-08 22:28 - 2013-04-30 23:24 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-07-08 22:27 - 2014-07-08 22:27 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2014-07-08 19:31 - 2014-07-08 19:31 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe

2014-07-08 17:44 - 2014-02-11 03:33 - 00003964 _____ () C:\WINDOWS\System32\Tasks\EPSON XP-410 Series Update {916CA065-A97C-4543-9414-76866D10E65E}

2014-07-08 17:44 - 2014-02-11 03:33 - 00003778 _____ () C:\WINDOWS\System32\Tasks\EPSON XP-410 Series Invitation {916CA065-A97C-4543-9414-76866D10E65E}

2014-07-08 17:44 - 2013-04-29 20:43 - 00003884 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2014-07-08 15:54 - 2014-01-21 14:42 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\KeePass

2014-07-08 03:08 - 2014-07-08 03:07 - 00010862 _____ () C:\Users\Daniel\Documents\Jul 8 2014.kdbx

2014-07-08 03:00 - 2014-07-08 03:00 - 00001129 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass.lnk

2014-07-08 03:00 - 2014-07-08 03:00 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe

2014-07-08 02:59 - 2014-07-08 02:59 - 01891395 _____ (Dominik Reichl ) C:\Users\Daniel\Downloads\KeePass-1.27-Setup.exe

2014-07-02 00:58 - 2014-01-21 14:42 - 00010878 _____ () C:\Users\Daniel\Documents\jan 21 2014.kdbx

2014-07-01 04:04 - 2014-07-01 04:04 - 00002782 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mbam.lnk

2014-07-01 03:22 - 2014-05-29 17:08 - 00000000 ____D () C:\Users\Daniel\Desktop\College

2014-06-30 17:45 - 2014-07-08 19:41 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2014-06-30 09:22 - 2014-06-30 09:22 - 01034936 _____ () C:\WINDOWS\Minidump\063014-33875-01.dmp

2014-06-29 16:20 - 2014-02-09 03:21 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Malwarebytes

2014-06-29 16:20 - 2014-02-09 03:21 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-06-28 02:48 - 2014-07-08 19:41 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2014-06-28 02:07 - 2014-07-08 19:41 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2014-06-26 15:55 - 2013-08-22 10:38 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-06-26 15:55 - 2013-08-22 10:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-06-20 22:28 - 2013-04-29 20:43 - 00003648 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2014-06-20 21:39 - 2014-06-20 21:39 - 00003118 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe

2014-06-20 21:39 - 2014-06-20 21:39 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe

2014-06-20 21:39 - 2014-06-20 21:39 - 00003090 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe

2014-06-20 21:39 - 2014-06-20 21:39 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe

2014-06-20 21:39 - 2014-06-20 21:39 - 00003060 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe

2014-06-20 21:39 - 2014-06-20 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center

2014-06-20 21:39 - 2014-06-20 21:39 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center

2014-06-20 15:14 - 2014-06-20 15:14 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf

2014-06-20 02:49 - 2014-06-20 02:49 - 00000000 ____D () C:\NVIDIA Corporation

2014-06-20 02:49 - 2013-05-23 23:10 - 00000000 ____D () C:\NVIDIA

2014-06-19 22:33 - 2012-11-22 08:14 - 00369825 _____ () C:\WINDOWS\DirectX.log

2014-06-19 11:56 - 2014-06-19 11:56 - 00000874 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1154547124-2327209256-1540992038-1002Core1cf8bdf5a91e8ca.job

2014-06-19 11:51 - 2014-06-19 11:51 - 00302416 _____ () C:\WINDOWS\Minidump\061914-36031-01.dmp

2014-06-18 20:39 - 2014-07-08 19:41 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-06-18 19:48 - 2014-07-08 19:41 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-06-18 19:16 - 2014-07-08 19:41 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-06-18 19:09 - 2014-07-08 19:41 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-06-18 18:51 - 2014-07-08 19:41 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-06-18 18:50 - 2014-07-08 19:41 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-06-18 18:48 - 2014-07-08 19:41 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-06-18 18:46 - 2014-07-08 19:41 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-06-18 18:39 - 2014-07-08 19:41 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-06-18 18:33 - 2014-07-08 19:41 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-06-18 18:32 - 2014-07-08 19:41 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-06-18 18:27 - 2014-07-08 19:41 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-06-18 18:12 - 2014-07-08 19:41 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2014-06-18 17:59 - 2014-07-08 19:41 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2014-06-18 17:58 - 2014-07-08 19:41 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-06-18 17:58 - 2014-07-08 19:41 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2014-06-18 17:57 - 2014-07-08 19:41 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2014-06-18 17:52 - 2014-07-08 19:41 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-06-18 17:51 - 2014-07-08 19:41 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-06-18 17:49 - 2014-07-08 19:41 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-06-18 17:45 - 2014-07-08 19:41 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-06-18 17:35 - 2014-07-08 19:41 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-06-18 17:34 - 2014-07-08 19:41 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-06-18 17:15 - 2014-07-08 19:41 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-06-18 17:13 - 2014-07-08 19:41 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-06-18 17:09 - 2014-07-08 19:41 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-06-18 17:07 - 2014-07-08 19:41 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-06-18 16:44 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

2014-06-18 14:59 - 2014-04-21 21:27 - 00000000 ____D () C:\Users\Daniel\VirtualBox VMs

2014-06-18 13:54 - 2014-06-12 22:02 - 00018371 ____H () C:\Users\Daniel\Desktop\~WRL0745.tmp

2014-06-18 13:31 - 2013-05-09 22:39 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2014-06-17 16:39 - 2013-05-10 17:28 - 00007611 _____ () C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg

2014-06-16 17:26 - 2014-07-08 19:42 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe

2014-06-16 17:24 - 2014-07-08 19:42 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe

2014-06-16 12:36 - 2014-06-16 12:36 - 00001167 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Speccy.lnk

2014-06-16 12:35 - 2014-06-16 12:35 - 00000000 ____D () C:\Program Files\Speccy

2014-06-16 00:08 - 2014-03-28 20:21 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Battle.net

 

Some content of TEMP:

====================

C:\Users\Daniel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\Daniel\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\Daniel\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe

C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe

C:\Users\Daniel\AppData\Local\Temp\SpotifyUninstall.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-07-15 22:44

 

==================== End Of Log ============================

Link to post
Share on other sites
thebigd

thebigd

Posted
  • Author
Posted
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01

Ran by Daniel at 2014-07-16 15:37:51

Running from C:\Users\Daniel\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}

AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

 

==================== Installed Programs ======================

 

„Windows Live Essentials“ (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

„Windows Live Mail“ (x32 Version: 16.4.3503.0728 - „Microsoft Corporation“) Hidden

„Windows Live Messenger“ (x32 Version: 16.4.3503.0728 - „Microsoft Corporation“) Hidden

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)

Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - )

Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Batman: Arkham City™ GOTY (x32 Version: 1.0.0000.133 - WB Games) Hidden

Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1208.0301 - Micro-Star International Co., Ltd.)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 4.0.1211.2901 - Micro-Star International Co., Ltd.)

Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)

ComicRack v0.9.175 (HKLM\...\ComicRack) (Version: v0.9.175 - cYo Soft)

Corsair M95 Firmware Update Application (HKLM-x32\...\{4E44154D-0699-4D6C-996F-66D47B9A40D2}_is1) (Version:  - )

Corsair M95 Gaming Mouse Driver V1.0 (HKLM-x32\...\{9C9EA6B0-2138-4111-BF26-9D0D40D12C0F}_is1) (Version: 1.00.00.11 - )

Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)

CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5202.52 - CyberLink Corp.)

CyberLink PowerDVD 10 (x32 Version: 10.0.5202.52 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version:  - FromSoftware, Inc)

Deus Ex (HKLM-x32\...\Deus Ex) (Version:  - )

Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)

DmC Devil May Cry (HKLM-x32\...\Steam App 220440) (Version:  - Ninja Theory)

Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)

EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)

Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.3.0 - SEIKO EPSON CORPORATION)

Epson Event Manager (HKLM-x32\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)

EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)

EPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version:  - SEIKO EPSON Corporation)

Epson XP-410 User's Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-410 User's Guide_is1) (Version: 1.0 - )

EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)

ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version:  - Lars Hederer)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

Fallout (HKLM-x32\...\Steam App 38400) (Version:  - Interplay Inc.)

Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)

FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version:  - Square Enix)

Fotoattēlu galerija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Fotogaléria (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Fotogalerii (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Fotogalerija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Foto-galerija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Fotogalleri (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Fotogalleriet (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Fotoğraf Galerisi (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Fotótár (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Galeria de Fotografias (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Galeria de Fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Galería de fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Galeria fotografii (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Galerie foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Galerija fotografija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)

Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)

Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden

iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)

Junk Mail filter update (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

KB9X Radio Switch Driver (HKLM\...\B16388B2E5D3CBA8F0EE88A8C5459BADAF4DE251) (Version: 1.0.7112.20593 - ENE TECHNOLOGY INC.)

KeePass Password Safe 1.27 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.27 - Dominik Reichl)

Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)

KLM (HKLM-x32\...\InstallShield_{4DEA5B85-6C56-45F3-AE00-FED756B0D3B4}) (Version: 1.0.1112.1901 - Micro-Star International Co., Ltd.)

KLM (x32 Version: 1.0.1112.1901 - Micro-Star International Co., Ltd.) Hidden

League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)

League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Mathematica Extras 10.0 (5099479) (HKLM\...\A-WIN-Extras 10.0.0 5099479_is1) (Version: 10.0.0 - Wolfram Research, Inc.)

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Mathematics Add-In for Word and OneNote (HKLM-x32\...\{90150000-00D8-0409-0000-0000000FF1CE}) (Version: 15.0.4481.1002 - Microsoft Corporation)

Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)

Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden

Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4631.1002 - Microsoft Corporation)

Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4631.1002 - Microsoft Corporation)

Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1165.0612 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Minecraft1.7.9 (HKLM-x32\...\Minecraft1.7.9) (Version:  - )

Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)

Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden

Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)

Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

MSI Remind Manager (HKLM-x32\...\{7359585E-A828-4EFC-8177-7D1883DDA0B5}) (Version: 2.12.1003 - MSI)

MSI VGA Overclock Tool (HKLM-x32\...\{26C18D1A-CA42-4682-8CBA-98929848278A}) (Version: 12.06.0601 - MSI)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

Mumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig)

Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.4.0.13 - Symantec Corporation)

NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden

NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)

NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden

NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden

NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)

NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden

NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden

NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden

Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)

Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)

Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Poczta usługi Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Podstawowe programy Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)

Pošta Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Prince of Persia: The Sands of Time (HKLM-x32\...\Steam App 13600) (Version:  - Kudosoft)

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)

Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.437 - Qualcomm Atheros)

Qualcomm Atheros Killer Network Manager (Version: 6.1.0.437 - Qualcomm Atheros) Hidden

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.)

Respondus LockDown Browser (HKLM-x32\...\{C0E5147E-C9F3-4360-9ED0-2E875F11766C}) (Version: 1.02.0001 - Respondus, Inc.)

Sacrifice (HKLM-x32\...\{6231FDA0-7E6F-11D4-A671-006008D09831}) (Version:  - )

SCM (HKLM\...\{FA8AB91A-0B41-4797-9015-9B3FBC7834CC}) (Version: 10.012.09132 -  )

Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)

SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden

Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)

Software Updater (HKLM-x32\...\{129C5695-0C85-4D78-827B-6CF2B0155F05}) (Version: 4.2.0 - SEIKO EPSON CORPORATION)

Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)

Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)

Spotify (HKCU\...\Spotify) (Version: 0.9.10.22.gf87988f9 - Spotify AB)

StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

StepMania v5.0 beta 2a (remove only) (HKLM-x32\...\StepMania 5) (Version:  - StepMania Team)

Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.010 - MSI)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)

System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)

Thief Gold (HKLM-x32\...\Steam App 211600) (Version:  - Looking Glass Studios)

THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.04.02 - Creative Technology Limited)

Transistor (HKLM-x32\...\Transistor_is1) (Version:  - )

Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)

Valokuvavalikoima (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)

Windows Driver Package - Intel (NETwNe64) net  (09/12/2012 15.5.4.45) (HKLM\...\A007E57753F87B14A4737DA95057F173950A6A3D) (Version: 09/12/2012 15.5.4.45 - Intel)

Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 16.4.3503.0728 - společnost Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 16.4.3503.0728 - Корпорація Майкрософт) Hidden

Windows Live Messenger (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 16.4.3503.0728 - společnost Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 16.4.3503.0728 - Корпорация Майкрософт) Hidden

Windows Live Messenger (x32 Version: 16.4.3503.0728 - Корпорація Майкрософт) Hidden

Windows Live MIME IFilter (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live Pošta (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live Temel Parçalar (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live メール (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live 메일 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live 필수 패키지 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live 程式集 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Live 软件包 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Liven peruspaketti (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Windows Liven sähköposti (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Wolfram Mathematica 10 (M-WIN-L 10.0.0 5099521) (HKLM\...\M-WIN-L 10.0.0 5099521_is1) (Version: 10.0.0 - Wolfram Research, Inc.)

Συλλογή φωτογραφιών (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Основи Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Основные компоненты Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Почта Windows Live (x32 Version: 16.4.3503.0728 - Корпорация Майкрософт) Hidden

Фотоальбом (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Фотогалерия (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Фотографии (общедоступная версия) (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Фотоколекція (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

フォト ギャラリー (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

גלריית התמונות (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

بريد Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

معرض الصور (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

사진 갤러리 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

影像中心 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

照片库 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

 

==================== Restore Points  =========================

 

07-07-2014 08:01:36 Scheduled Checkpoint

10-07-2014 17:49:50 Restore Point before Batman: Arkham City™ GOTY was removed using Program Install and Uninstall troubleshooter

14-07-2014 22:39:08 Windows Backup

16-07-2014 07:02:09 Removed Java 7 Update 55

 

==================== Hosts content: ==========================

 

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {0419E610-C446-47A2-B3DE-9A9039BE3436} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload

Task: {05039F76-1F9D-4BFB-9ACE-154C10785311} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

Task: {11D412EB-103A-4B1E-8DD0-1F257DDDC028} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation

Task: {149AC67E-49DA-48FC-B00F-5C96A5BDA6C0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)

Task: {16A333E4-E076-427B-9D19-41CF6A97E0E2} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1154547124-2327209256-1540992038-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe

Task: {1EF0C895-8FC6-4B01-A6C4-41D25BF62227} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv

Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask

Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate

Task: {2E08C190-2CE5-483E-81E6-390D2E8E0A6C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)

Task: {3075E4CA-FA2F-42A1-987A-4A90786CC3EE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)

Task: {3A4C19CA-006C-4B80-B46E-DBED2FA10C49} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management

Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)

Task: {3CFF87AE-3118-42F4-81DB-30F2FD7A873C} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {4838B8BE-FF18-47A8-94C5-62280F3385A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-29] (Google Inc.)

Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance

Task: {49860BAB-7092-4CB4-9AA8-B9E8846E80FE} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)

Task: {4DCB7A9D-AC6D-4AC0-984D-920F7B8D5706} - System32\Tasks\EPSON XP-410 Series Invitation {916CA065-A97C-4543-9414-76866D10E65E} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)

Task: {4DD66F53-26CE-407F-A5FF-C7ABA1FAB241} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics

Task: {50E90160-F29C-4185-B57E-6FABD6FB6E53} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {537B0D8A-BC7D-44DB-9BAD-CA44F261F62E} - System32\Tasks\EPSON XP-410 Series Update {916CA065-A97C-4543-9414-76866D10E65E} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)

Task: {585BE10E-BE53-4CF0-B311-8B234D1AB070} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)

Task: {62339840-9E05-40BC-AF80-5951AEA5BDAD} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation)

Task: {63A49A9D-6DF3-4229-8E93-B4CCC76FAAF2} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {6681437B-9BBA-453C-8ED9-3616EF169A82} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task

Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

Task: {7472CF23-05E6-4DC6-854B-929156282E34} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-12-07] (Synaptics Incorporated)

Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

Task: {82E59406-FEEC-4668-862E-E60D667683AE} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task

Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask

Task: {8DC3CBFB-22B4-4A54-98AB-762A6C95D2DC} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()

Task: {9CACD137-ECA7-42C8-BFA5-FF7FE16F342B} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()

Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work

Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask

Task: {D24C8352-6D36-41F6-8B3A-162205EE0D5E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-08] (Microsoft Corporation)

Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing

Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization

Task: {DDC1992C-D46B-4F15-9360-B2E27D2453BD} - System32\Tasks\Shutdown => C:\WINDOWS\system32\Shutdown.exe [2013-08-22] (Microsoft Corporation)

Task: {E07DAADA-C649-4EEA-A1F0-2AEED877C2DB} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe [2014-06-26] (Symantec Corporation)

Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE

Task: {EF48056B-FBDB-4126-9046-C142D18BEA76} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DANIEL-Daniel Daniel => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-06-03] (Microsoft Corporation)

Task: {FAD38D29-AE35-4B35-AA7A-E049F208B800} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-29] (Google Inc.)

Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {916CA065-A97C-4543-9414-76866D10E65E}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE

Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {916CA065-A97C-4543-9414-76866D10E65E}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1154547124-2327209256-1540992038-1002Core1cf8bdf5a91e8ca.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

 

==================== Loaded Modules (whitelisted) =============

 

2014-03-10 18:32 - 2014-05-19 21:44 - 00014280 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll

2014-03-17 02:38 - 2014-05-19 20:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2014-04-20 17:31 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll

2012-09-25 01:08 - 2012-09-25 01:08 - 00490496 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe

2011-05-09 22:46 - 2011-05-09 22:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll

2011-05-09 22:56 - 2011-05-09 22:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll

2011-05-09 22:47 - 2011-05-09 22:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll

2012-09-25 01:08 - 2012-09-25 01:08 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll

2011-05-09 22:48 - 2011-05-09 22:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll

2011-05-10 14:32 - 2011-05-10 14:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll

2014-07-10 14:24 - 2014-05-20 11:19 - 08892072 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2012-12-07 08:00 - 2010-05-04 14:00 - 00237056 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL

2012-08-10 20:28 - 2012-08-10 20:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll

2012-06-06 18:18 - 2012-06-06 18:18 - 00089088 _____ () C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe

2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-10-31 10:05 - 2013-10-31 10:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll

2014-04-11 02:11 - 2014-04-11 02:11 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\f95a84be655dce46534e2570f3b8bef6\PSIClient.ni.dll

2012-12-07 07:51 - 2012-12-07 17:57 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

2014-06-12 19:28 - 2014-06-12 19:28 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll

2014-06-10 14:29 - 2014-06-05 08:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll

2014-06-10 14:29 - 2014-06-05 08:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll

2014-03-10 18:32 - 2014-05-19 21:44 - 00012120 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

2014-06-10 14:29 - 2014-06-05 08:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll

2014-06-10 14:29 - 2014-06-05 08:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll

2014-06-10 14:29 - 2014-06-05 08:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll

2014-06-12 19:26 - 2014-06-12 19:26 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll

2013-08-04 17:00 - 2012-05-14 12:43 - 00043008 _____ () C:\Program Files (x86)\corsair\M95 Mouse\hidGetKey.dll

2013-06-02 00:26 - 2013-06-02 00:26 - 00133640 _____ () C:\Program Files (x86)\Mumble\mumble_ol.dll

2014-07-13 19:42 - 2014-07-08 08:18 - 14663856 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade

AlternateDataStreams: C:\Users\Daniel\SkyDrive:ms-properties

 

==================== Safe Mode (whitelisted) ===================

 

 

==================== EXE Association (whitelisted) =============

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

HKLM\...\StartupApproved\Run32: => "APSDaemon"

HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"

HKLM\...\StartupApproved\Run32: => "iTunesHelper"

HKCU\...\StartupApproved\Run: => "Spotify"

HKCU\...\StartupApproved\Run: => "Steam"

HKCU\...\StartupApproved\Run: => "ooVoo.exe"

HKCU\...\StartupApproved\Run: => "uTorrent"

 

==================== Faulty Device Manager Devices =============

 

Name: Bluetooth Audio Device

Description: Bluetooth Audio Device

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: Qualcomm Atheros Communications

Service: BTATH_A2DP

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

 

Name: VirtualBox Host-Only Ethernet Adapter

Description: VirtualBox Host-Only Ethernet Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Oracle Corporation

Service: VBoxNetAdp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Virtual Bluetooth Support (Include Audio)

Description: Virtual Bluetooth Support (Include Audio)

Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}

Manufacturer: Qualcomm Atheros Communications

Service: AthBTPort

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

 

Name: Bluetooth LWFLT Device

Description: Bluetooth LWFLT Device

Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}

Manufacturer: Qualcomm Atheros Communications

Service: BTATH_LWFLT

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (07/16/2014 02:04:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 4640

 

Error: (07/16/2014 02:04:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 4640

 

Error: (07/16/2014 02:04:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/16/2014 02:04:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 3562

 

Error: (07/16/2014 02:04:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 3562

 

Error: (07/16/2014 02:04:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/16/2014 02:04:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2312

 

Error: (07/16/2014 02:04:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2312

 

Error: (07/16/2014 02:04:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/16/2014 02:04:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1156

 

 

System errors:

=============

Error: (07/16/2014 03:38:11 PM) (Source: bowser) (EventID: 8003) (User: )

Description: The master browser has received a server announcement from the computer ROUTER

that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A5EF661C-99EF-41AE-9628-FCE6B506B3FE}.

The master browser is stopping or an election is being forced.

 

Error: (07/15/2014 11:29:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Norton Internet Security service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

 

 

Microsoft Office Sessions:

=========================

Error: (07/16/2014 02:04:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 4640

 

Error: (07/16/2014 02:04:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 4640

 

Error: (07/16/2014 02:04:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/16/2014 02:04:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 3562

 

Error: (07/16/2014 02:04:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 3562

 

Error: (07/16/2014 02:04:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/16/2014 02:04:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2312

 

Error: (07/16/2014 02:04:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2312

 

Error: (07/16/2014 02:04:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/16/2014 02:04:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1156

 

 

CodeIntegrity Errors:

===================================

  Date: 2014-04-16 14:36:38.104

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-04-16 14:16:42.714

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-04-16 00:49:03.367

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-04-16 00:47:36.247

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-04-15 18:11:14.416

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-04-15 18:10:42.718

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-04-15 18:10:41.779

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-04-15 18:08:31.419

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-04-15 18:07:58.028

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-04-15 18:06:43.469

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 21%

Total physical RAM: 16275.58 MB

Available physical RAM: 12838.24 MB

Total Pagefile: 32659.58 MB

Available Pagefile: 28737.98 MB

Total Virtual: 131072 MB

Available Virtual: 131071.83 MB

 

==================== Drives ================================

 

Drive c: (OS_Install) (Fixed) (Total:676.43 GB) (Free:293.76 GB) NTFS

Drive d: (The Big ) (Fixed) (Total:698.51 GB) (Free:686.28 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 699 GB) (Disk ID: 8A440388)

 

Partition: GPT Partition Type.

 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 00000000)

 

Partition: GPT Partition Type.

 

==================== End Of Log ============================

Link to post
Share on other sites
thebigd

thebigd

Posted
  • Author
Posted
JavaRa 1.16 Removal Log.

 

Report follows after line.

 

------------------------------------

 

The JavaRa removal process was started on Wed Jul 16 15:50:59 2014

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124.

 

Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}

 

Found and removed: SOFTWARE\Classes\CLSID\{5852F5ED-8BF4-11D4-A245-0080C6F74284}

 

Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

 

Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}

 

Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284}

 

Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkit

 

Found and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284}

 

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled

 

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.7.0.0

 

Found and removed: SOFTWARE\JavaSoft

 

Found and removed: SOFTWARE\JreMetrics

 

Found and removed: SOFTWARE\MozillaPlugins

 

------------------------------------

 

Finished reporting.
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

The logs show that Chrome has some bad entries for startup.

 

CHR StartupUrls: "hxxp://search.fantastigames.com/453", "hxxp://www.google.com", "hxxp://www.msn.com/?pc=UP93&ocid=UP93DHP&dt=041413", "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={811B33B0-C824-11E2-BE97-8C89A5090DE5}", "hxxp://start.sweetpacks.com/?barid={811B33B0-C824-11E2-BE97-8C89A5090DE5}&src=10&crg=3.5000006.10042&st=23"

 

Please reset all your browser settings but first log onto Chrome and make sure you disable Oline Syncing so that when you use Chrome again it does not sync back the bad entries.

 

 

Please visit each of the following sites and lets reset all of your browsers back to defaults to prevent unexpected issues.
If you are not using one of the browsers but it is installed then you may want to consider uninstalling it as older versions of some software can pose an increase in the potential for an infection to get in.

Internet Explorer
How to reset Internet Explorer settings

Firefox
Click on Help / Troubleshooting Information then click on the Reset Firefox button.

Chrome
Chrome - Reset browser settings

Opera
How to Perform a (really) clean Reinstall of Opera
 
 
 

Then Restart the computer again and let me know if you're still seeing any malware related issues or not.

Link to post
Share on other sites
thebigd

thebigd

Posted
  • Author
Posted

should I still perform this step?

 

Next:
 
Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 
 

 

Then restart the computer again and run a new FRST scan and make sure you put a check mark in the ADDITIONS.TXT check box and post back both new logs when ready.

Link to post
Share on other sites
thebigd

thebigd

Posted
  • Author
Posted

 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01

Ran by Daniel (administrator) on DANIEL on 16-07-2014 16:28:45
Running from C:\Users\Daniel\Desktop
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILAE.EXE
(Spotify Ltd) C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
() C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\KLM\KLM.exe
(Corsair Components  Inc) C:\Program Files (x86)\corsair\M95 Mouse\M95Hid.exe
(Corsair Components  Inc) C:\Program Files (x86)\corsair\M95 Mouse\CorsTra.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [bTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [403848 2012-09-13] (MSI)
HKLM\...\Run: [sCM] => C:\Program Files (x86)\SCM\SCM.exe [399776 2012-09-13] (MSI)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\THXCfg64.dll [25600 2010-09-14] (Creative Technology Ltd.)
HKLM\...\Run: [btTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [btvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Qualcomm Atheros Commnucations)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [shadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1279480 2014-05-29] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-29] (NVIDIA Corporation)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-12-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1517056 2011-08-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [updReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502328 2012-05-22] (MSI)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [bDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-04-02] (cyberlink)
HKLM-x32\...\Run: [VGAOCAP] => C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe [89088 2012-06-06] ()
HKLM-x32\...\Run: [KLM] => C:\Program Files (x86)\MSI\KLM\KLM.exe [1522376 2011-12-19] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Corsair Duke] => C:\Program Files (x86)\Corsair\M95 Mouse\M95Hid.exe [1769984 2013-05-27] (Corsair Components  Inc)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [skyDrive] => C:\Users\Daniel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251080 2014-06-20] (Microsoft Corporation)
HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-07-11] (Valve Corporation)
HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [Google Update] => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-23] (Google Inc.)
HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [spotify Web Helper] => C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-29] (Spotify Ltd)
HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Run: [spotify] => C:\Users\Daniel\AppData\Roaming\Spotify\spotify.exe [6189624 2014-06-29] (Spotify Ltd)
HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1154547124-2327209256-1540992038-1002\...\Policies\Explorer: [NoLogOff] 0
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-19] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-05-19] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-05-19] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi13.msn.com
SearchScopes: HKLM - DefaultScope {F1DED5B2-8519-4E87-935E-D46700481619} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM - {F1DED5B2-8519-4E87-935E-D46700481619} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {F1DED5B2-8519-4E87-935E-D46700481619} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKCU - {F1DED5B2-8519-4E87-935E-D46700481619} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 209.18.47.62 208.67.220.220
 
FireFox:
========
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Daniel\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Daniel\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\coFFPlgn [2014-07-16]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\IPSFF [2014-04-14]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://search.fantastigames.com/453", "hxxp://www.google.com", "hxxp://www.msn.com/?pc=UP93&ocid=UP93DHP&dt=041413", "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={811B33B0-C824-11E2-BE97-8C89A5090DE5}", "hxxp://start.sweetpacks.com/?barid={811B33B0-C824-11E2-BE97-8C89A5090DE5}&src=10&crg=3.5000006.10042&st=23"
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-29]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (James White) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-06-14]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-29]
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-14]
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-29]
CHR Extension: (Norton Identity Protection) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-06-13]
CHR Extension: (Hangouts) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-06-14]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-29]
CHR HKLM-x32\...\Chrome\Extension: [koalekbhpbggkcfhkkbolikjoaobbppi] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx [2013-04-29]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\Exts\Chrome.crx [2014-07-15]
 
==================== Services (Whitelisted) =================
 
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [247768 2013-04-02] (CyberLink)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-12-07] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2012-09-13] (Micro-Star International Co., Ltd.) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [142904 2012-05-22] (MSI)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe [276376 2014-06-27] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [490496 2012-09-25] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R3 akw8x64; C:\Windows\system32\DRIVERS\akw8x64.sys [3203440 2012-09-25] (Qualcomm Atheros, Inc.)
S1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2012-09-25] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1504000.00D\ccSetx64.sys [162392 2014-02-24] (Symantec Corporation)
S3 DUKEMS; C:\Windows\system32\drivers\DUKEMS.sys [25600 2012-08-16] ( )
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-10] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\IPSDefs\20140715.001\IDSvia64.sys [525016 2014-04-11] (Symantec Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [17936 2011-12-12] (Windows ® Win 7 DDK provider)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [164720 2012-09-25] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\VirusDefs\20140716.003\ENG64.SYS [126040 2014-06-04] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\VirusDefs\20140716.003\EX64.SYS [2099288 2014-06-04] (Symantec Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1504000.00D\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1504000.00D\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1504000.00D\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1504000.00D\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-04-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1504000.00D\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 WsAudio_Device(1); C:\Windows\system32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
S3 MBfilt; \SystemRoot\system32\drivers\MBfilt64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-16 16:27 - 2014-07-16 16:28 - 00012967 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-16 16:06 - 2014-07-16 16:07 - 00001019 _____ () C:\Users\Daniel\Desktop\Temp File Cleaner.lnk
2014-07-16 16:06 - 2014-07-16 16:06 - 00000892 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Temp File Cleaner.lnk
2014-07-16 16:06 - 2014-07-16 16:06 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\addpcs
2014-07-16 16:06 - 2014-07-16 16:06 - 00000000 ____D () C:\Program Files\Temp File Cleaner
2014-07-16 16:05 - 2014-07-16 16:05 - 02093228 _____ () C:\Users\Daniel\Desktop\TempFileCleaner_4.2.2_Setup.exe
2014-07-16 15:50 - 2014-07-16 15:51 - 00004359 _____ () C:\JavaRa.log
2014-07-16 15:47 - 2014-07-16 15:52 - 00000000 ____D () C:\Users\Daniel\Desktop\RemoveJava
2014-07-16 15:46 - 2014-07-16 15:46 - 00165483 _____ () C:\Users\Daniel\Desktop\JavaRa-1.16-28-5-13.zip
2014-07-16 15:37 - 2014-07-16 16:28 - 00025700 _____ () C:\Users\Daniel\Desktop\FRST.txt
2014-07-16 15:37 - 2014-07-16 15:38 - 00045849 _____ () C:\Users\Daniel\Desktop\Addition.txt
2014-07-16 15:35 - 2014-07-16 15:35 - 02086912 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-07-16 02:00 - 2014-07-16 02:00 - 00000389 _____ () C:\Users\Daniel\Desktop\threats.txt
2014-07-15 23:27 - 2014-07-15 23:27 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-15 23:25 - 2014-07-15 23:27 - 02347384 _____ (ESET) C:\Users\Daniel\Desktop\esetsmartinstaller_enu.exe
2014-07-15 22:47 - 2014-07-15 22:47 - 00000000 ___RD () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-15 22:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-15 22:18 - 2014-07-15 22:32 - 00000000 ____D () C:\AdwCleaner
2014-07-15 22:15 - 2014-07-15 22:15 - 01348263 _____ () C:\Users\Daniel\Desktop\AdwCleaner.exe
2014-07-15 22:15 - 2014-07-15 22:15 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-07-15 22:13 - 2014-07-15 22:13 - 00001910 _____ () C:\Users\Daniel\Desktop\JRT.txt
2014-07-15 09:23 - 2014-07-15 09:23 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-15 09:22 - 2014-07-15 09:22 - 01016261 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
2014-07-14 19:50 - 2014-07-14 20:03 - 00030312 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-07-14 19:50 - 2014-07-14 19:50 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-14 19:48 - 2014-07-14 19:49 - 05336664 _____ () C:\Users\Daniel\Downloads\RogueKillerX64.exe
2014-07-14 19:26 - 2014-07-14 19:26 - 00000000 ____D () C:\WINDOWS\ERDNT
2014-07-14 19:25 - 2014-07-14 19:25 - 00000950 _____ () C:\Users\Daniel\Desktop\NTREGOPT.lnk
2014-07-14 19:25 - 2014-07-14 19:25 - 00000931 _____ () C:\Users\Daniel\Desktop\ERUNT.lnk
2014-07-14 19:25 - 2014-07-14 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-07-14 19:25 - 2014-07-14 19:25 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-07-14 19:14 - 2014-07-14 19:14 - 00791393 _____ (Lars Hederer ) C:\Users\Daniel\Downloads\erunt-setup (1).exe
2014-07-14 18:08 - 2014-07-14 18:08 - 00791393 _____ (Lars Hederer ) C:\Users\Daniel\Downloads\erunt-setup.exe
2014-07-14 17:30 - 2014-07-14 17:31 - 00002624 _____ () C:\Users\Daniel\Desktop\Rkill.txt
2014-07-14 17:30 - 2014-07-14 17:30 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Daniel\Downloads\rkill.exe
2014-07-14 17:19 - 2014-07-14 17:19 - 00000299 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2014-07-12 23:33 - 2014-07-12 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-12 23:33 - 2014-07-12 23:33 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-12 23:22 - 2014-07-12 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-12 23:21 - 2014-07-12 23:21 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-12 23:21 - 2014-07-12 23:21 - 00000000 ____D () C:\Program Files\iTunes
2014-07-12 23:21 - 2014-07-12 23:21 - 00000000 ____D () C:\Program Files\iPod
2014-07-12 23:21 - 2014-07-12 23:21 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-12 21:07 - 2014-07-12 21:07 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Wolfram Research
2014-07-12 21:06 - 2014-07-12 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica
2014-07-12 21:06 - 2014-07-12 21:06 - 00000000 ____D () C:\Program Files\Common Files\Wolfram Research
2014-07-12 16:43 - 2014-07-12 16:57 - 1998657776 _____ (Wolfram Research, Inc. ) C:\Users\Daniel\Downloads\Mathematica_10.0.0_WIN.exe
2014-07-11 19:20 - 2014-07-11 19:20 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Adobe
2014-07-10 16:10 - 2014-07-10 16:10 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-10 16:10 - 2014-07-10 16:10 - 00002049 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-07-10 13:03 - 2014-07-10 13:03 - 04991400 _____ (Adobe Systems Inc.) C:\Users\Daniel\Downloads\Shockwave_Installer_Slim.exe
2014-07-10 13:03 - 2014-07-10 13:03 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-07-10 12:50 - 2014-07-10 12:50 - 00000000 ____D () C:\MATS
2014-07-10 12:38 - 2014-07-10 12:38 - 00347816 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.12326324065198395.2.1.Run.exe
2014-07-10 11:30 - 2014-07-10 12:01 - 00049767 _____ () C:\Users\Daniel\Downloads\Addition.txt
2014-07-10 11:29 - 2014-07-16 16:28 - 00000000 ____D () C:\FRST
2014-07-10 11:29 - 2014-07-10 11:30 - 00081755 _____ () C:\Users\Daniel\Downloads\FRST.txt
2014-07-10 11:26 - 2014-07-10 11:26 - 02084352 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2014-07-08 22:28 - 2014-04-13 22:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-08 22:27 - 2014-07-08 22:27 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-08 19:42 - 2014-06-16 17:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-08 19:42 - 2014-06-16 17:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-08 19:42 - 2014-06-06 09:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-08 19:42 - 2014-05-29 22:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-08 19:42 - 2014-05-29 07:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-08 19:42 - 2014-05-29 02:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-08 19:42 - 2014-05-29 01:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-08 19:42 - 2014-05-29 01:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-08 19:42 - 2014-05-29 00:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-08 19:42 - 2014-05-29 00:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-08 19:41 - 2014-06-30 17:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-08 19:41 - 2014-06-28 02:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-08 19:41 - 2014-06-28 02:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-08 19:41 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-08 19:41 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-08 19:41 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-08 19:41 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-08 19:41 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-08 19:41 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-08 19:41 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-08 19:41 - 2014-06-18 18:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-08 19:41 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-08 19:41 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-08 19:41 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-08 19:41 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-08 19:41 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-08 19:41 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-08 19:41 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-08 19:41 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-08 19:41 - 2014-06-18 17:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-08 19:41 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-08 19:41 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-08 19:41 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-08 19:41 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-08 19:41 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-08 19:41 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-08 19:41 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-08 19:41 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-08 19:41 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-08 19:41 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-08 19:41 - 2014-06-06 08:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-08 19:41 - 2014-06-06 07:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-08 19:41 - 2014-05-31 05:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-08 19:41 - 2014-05-31 05:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-08 19:41 - 2014-05-30 22:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-08 19:41 - 2014-05-30 22:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-08 19:41 - 2014-05-30 22:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-08 19:41 - 2014-05-30 22:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-08 19:41 - 2014-05-30 22:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-08 19:41 - 2014-05-30 22:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-08 19:41 - 2014-05-30 21:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-08 19:41 - 2014-05-30 21:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-08 19:41 - 2014-05-30 21:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-08 19:41 - 2014-05-30 21:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-08 19:41 - 2014-05-30 21:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-08 19:41 - 2014-05-30 21:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-08 19:41 - 2014-05-30 21:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-08 19:31 - 2014-07-08 19:31 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-08 03:08 - 2014-07-10 11:45 - 00014460 _____ () C:\Users\Daniel\Documents\Jul 8 2014.kdb
2014-07-08 03:07 - 2014-07-08 03:08 - 00010862 _____ () C:\Users\Daniel\Documents\Jul 8 2014.kdbx
2014-07-08 03:00 - 2014-07-08 03:00 - 00001129 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass.lnk
2014-07-08 03:00 - 2014-07-08 03:00 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe
2014-07-08 02:59 - 2014-07-08 02:59 - 01891395 _____ (Dominik Reichl ) C:\Users\Daniel\Downloads\KeePass-1.27-Setup.exe
2014-07-01 04:04 - 2014-07-01 04:04 - 00002782 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mbam.lnk
2014-06-29 16:21 - 2014-07-16 16:27 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-29 16:20 - 2014-07-10 16:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-29 16:20 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-06-29 16:20 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-06-20 21:39 - 2014-06-20 21:39 - 00003118 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00003090 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00003060 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-06-20 21:39 - 2014-06-20 21:39 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-06-20 15:14 - 2014-06-20 15:14 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-06-20 02:49 - 2014-06-20 02:49 - 00000000 ____D () C:\NVIDIA Corporation
2014-06-19 11:56 - 2014-06-19 11:56 - 00000874 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1154547124-2327209256-1540992038-1002Core1cf8bdf5a91e8ca.job
2014-06-16 12:36 - 2014-06-16 12:36 - 00001167 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Speccy.lnk
2014-06-16 12:35 - 2014-06-16 12:35 - 00000000 ____D () C:\Program Files\Speccy
 
==================== One Month Modified Files and Folders =======
 
2014-07-16 16:28 - 2014-07-16 16:27 - 00012967 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-16 16:28 - 2014-07-16 15:37 - 00025700 _____ () C:\Users\Daniel\Desktop\FRST.txt
2014-07-16 16:28 - 2014-07-10 11:29 - 00000000 ____D () C:\FRST
2014-07-16 16:28 - 2013-05-02 17:04 - 00004970 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DANIEL-Daniel Daniel
2014-07-16 16:28 - 2013-05-02 08:32 - 00000000 ___DO () C:\Users\Daniel\SkyDrive
2014-07-16 16:28 - 2013-04-29 20:46 - 00002213 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-16 16:28 - 2013-04-29 20:43 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-16 16:28 - 2013-04-29 20:14 - 00000000 ____D () C:\Users\Daniel\AppData\Local\CrashDumps
2014-07-16 16:27 - 2014-06-29 16:21 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-16 16:27 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-16 16:27 - 2012-12-07 07:42 - 00000000 ____D () C:\temp
2014-07-16 16:26 - 2013-08-22 08:25 - 01048576 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-16 16:23 - 2014-04-13 14:13 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-16 16:23 - 2012-12-07 08:57 - 00000000 ____D () C:\ProgramData\Temp
2014-07-16 16:14 - 2013-04-29 19:41 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1154547124-2327209256-1540992038-1002
2014-07-16 16:07 - 2014-07-16 16:06 - 00001019 _____ () C:\Users\Daniel\Desktop\Temp File Cleaner.lnk
2014-07-16 16:06 - 2014-07-16 16:06 - 00000892 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Temp File Cleaner.lnk
2014-07-16 16:06 - 2014-07-16 16:06 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\addpcs
2014-07-16 16:06 - 2014-07-16 16:06 - 00000000 ____D () C:\Program Files\Temp File Cleaner
2014-07-16 16:05 - 2014-07-16 16:05 - 02093228 _____ () C:\Users\Daniel\Desktop\TempFileCleaner_4.2.2_Setup.exe
2014-07-16 16:02 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-16 15:52 - 2014-07-16 15:47 - 00000000 ____D () C:\Users\Daniel\Desktop\RemoveJava
2014-07-16 15:51 - 2014-07-16 15:50 - 00004359 _____ () C:\JavaRa.log
2014-07-16 15:46 - 2014-07-16 15:46 - 00165483 _____ () C:\Users\Daniel\Desktop\JavaRa-1.16-28-5-13.zip
2014-07-16 15:38 - 2014-07-16 15:37 - 00045849 _____ () C:\Users\Daniel\Desktop\Addition.txt
2014-07-16 15:35 - 2014-07-16 15:35 - 02086912 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-07-16 15:33 - 2014-02-11 03:33 - 00000933 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {916CA065-A97C-4543-9414-76866D10E65E}.job
2014-07-16 15:33 - 2014-02-11 03:33 - 00000747 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {916CA065-A97C-4543-9414-76866D10E65E}.job
2014-07-16 15:33 - 2013-04-29 20:43 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-16 02:00 - 2014-07-16 02:00 - 00000389 _____ () C:\Users\Daniel\Desktop\threats.txt
2014-07-16 01:59 - 2013-05-01 19:47 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Mumble
2014-07-15 23:27 - 2014-07-15 23:27 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-15 23:27 - 2014-07-15 23:25 - 02347384 _____ (ESET) C:\Users\Daniel\Desktop\esetsmartinstaller_enu.exe
2014-07-15 22:47 - 2014-07-15 22:47 - 00000000 ___RD () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-15 22:33 - 2012-07-26 03:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-15 22:32 - 2014-07-15 22:18 - 00000000 ____D () C:\AdwCleaner
2014-07-15 22:30 - 2014-05-29 18:49 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DDFE3C04-5C53-4F08-A36C-D3E82AAEA852}
2014-07-15 22:15 - 2014-07-15 22:15 - 01348263 _____ () C:\Users\Daniel\Desktop\AdwCleaner.exe
2014-07-15 22:15 - 2014-07-15 22:15 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-07-15 22:13 - 2014-07-15 22:13 - 00001910 _____ () C:\Users\Daniel\Desktop\JRT.txt
2014-07-15 22:10 - 2013-11-10 18:34 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-15 22:10 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-15 22:09 - 2012-11-22 08:34 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-07-15 22:09 - 2012-11-22 08:33 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-07-15 22:08 - 2014-04-14 16:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-07-15 22:08 - 2013-06-30 14:34 - 00002531 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-07-15 20:56 - 2013-05-05 04:48 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-15 20:48 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-15 09:23 - 2014-07-15 09:23 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-15 09:22 - 2014-07-15 09:22 - 01016261 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
2014-07-14 20:03 - 2014-07-14 19:50 - 00030312 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-07-14 19:50 - 2014-07-14 19:50 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-14 19:49 - 2014-07-14 19:48 - 05336664 _____ () C:\Users\Daniel\Downloads\RogueKillerX64.exe
2014-07-14 19:26 - 2014-07-14 19:26 - 00000000 ____D () C:\WINDOWS\ERDNT
2014-07-14 19:25 - 2014-07-14 19:25 - 00000950 _____ () C:\Users\Daniel\Desktop\NTREGOPT.lnk
2014-07-14 19:25 - 2014-07-14 19:25 - 00000931 _____ () C:\Users\Daniel\Desktop\ERUNT.lnk
2014-07-14 19:25 - 2014-07-14 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-07-14 19:25 - 2014-07-14 19:25 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-07-14 19:14 - 2014-07-14 19:14 - 00791393 _____ (Lars Hederer ) C:\Users\Daniel\Downloads\erunt-setup (1).exe
2014-07-14 18:54 - 2013-11-14 02:28 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-14 18:08 - 2014-07-14 18:08 - 00791393 _____ (Lars Hederer ) C:\Users\Daniel\Downloads\erunt-setup.exe
2014-07-14 17:31 - 2014-07-14 17:30 - 00002624 _____ () C:\Users\Daniel\Desktop\Rkill.txt
2014-07-14 17:30 - 2014-07-14 17:30 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Daniel\Downloads\rkill.exe
2014-07-14 17:19 - 2014-07-14 17:19 - 00000299 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2014-07-14 16:28 - 2013-04-29 19:31 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Packages
2014-07-14 16:28 - 2013-04-08 21:44 - 00000000 ____D () C:\Users\Daniel\Desktop\GAMES
2014-07-14 16:11 - 2013-07-02 21:09 - 00835072 ___SH () C:\Users\Daniel\Downloads\Thumbs.db
2014-07-14 14:33 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-07-14 05:08 - 2014-02-25 22:11 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Spotify
2014-07-13 20:03 - 2013-08-19 02:43 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\vlc
2014-07-13 14:59 - 2013-04-08 21:43 - 00000000 ____D () C:\Users\Daniel\Desktop\Stuff
2014-07-12 23:33 - 2014-07-12 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-12 23:33 - 2014-07-12 23:33 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-12 23:22 - 2014-07-12 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-12 23:21 - 2014-07-12 23:21 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-12 23:21 - 2014-07-12 23:21 - 00000000 ____D () C:\Program Files\iTunes
2014-07-12 23:21 - 2014-07-12 23:21 - 00000000 ____D () C:\Program Files\iPod
2014-07-12 23:21 - 2014-07-12 23:21 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-12 21:07 - 2014-07-12 21:07 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Wolfram Research
2014-07-12 21:06 - 2014-07-12 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica
2014-07-12 21:06 - 2014-07-12 21:06 - 00000000 ____D () C:\Program Files\Common Files\Wolfram Research
2014-07-12 21:06 - 2014-04-15 12:58 - 00000000 ____D () C:\Program Files\Extras
2014-07-12 21:06 - 2014-01-30 23:21 - 00000000 ____D () C:\ProgramData\Mathematica
2014-07-12 16:57 - 2014-07-12 16:43 - 1998657776 _____ (Wolfram Research, Inc. ) C:\Users\Daniel\Downloads\Mathematica_10.0.0_WIN.exe
2014-07-12 01:31 - 2014-02-25 22:11 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Spotify
2014-07-12 00:56 - 2014-04-21 19:26 - 00000000 ____D () C:\Users\Daniel\.VirtualBox
2014-07-11 23:46 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-11 19:20 - 2014-07-11 19:20 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Adobe
2014-07-11 14:26 - 2014-03-17 02:47 - 00000000 ____D () C:\Users\Daniel
2014-07-10 18:29 - 2014-06-15 14:22 - 00000000 ____D () C:\Users\Daniel\Documents\Dolphin Emulator
2014-07-10 16:39 - 2014-06-29 16:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-10 16:10 - 2014-07-10 16:10 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-10 16:10 - 2014-07-10 16:10 - 00002049 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-07-10 16:10 - 2013-11-11 16:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-10 15:56 - 2013-04-29 19:33 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Adobe
2014-07-10 14:25 - 2013-05-02 08:17 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-07-10 13:03 - 2014-07-10 13:03 - 04991400 _____ (Adobe Systems Inc.) C:\Users\Daniel\Downloads\Shockwave_Installer_Slim.exe
2014-07-10 13:03 - 2014-07-10 13:03 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-07-10 12:50 - 2014-07-10 12:50 - 00000000 ____D () C:\MATS
2014-07-10 12:40 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-10 12:40 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-10 12:38 - 2014-07-10 12:38 - 00347816 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.12326324065198395.2.1.Run.exe
2014-07-10 12:01 - 2014-07-10 11:30 - 00049767 _____ () C:\Users\Daniel\Downloads\Addition.txt
2014-07-10 11:45 - 2014-07-08 03:08 - 00014460 _____ () C:\Users\Daniel\Documents\Jul 8 2014.kdb
2014-07-10 11:30 - 2014-07-10 11:29 - 00081755 _____ () C:\Users\Daniel\Downloads\FRST.txt
2014-07-10 11:26 - 2014-07-10 11:26 - 02084352 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2014-07-09 22:53 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-09 13:40 - 2013-08-22 09:44 - 05178544 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-09 13:37 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 13:37 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-08 22:29 - 2013-08-14 11:52 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-08 22:28 - 2013-11-14 02:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-08 22:28 - 2013-04-30 23:24 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-08 22:27 - 2014-07-08 22:27 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-08 19:31 - 2014-07-08 19:31 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-08 17:44 - 2014-02-11 03:33 - 00003964 _____ () C:\WINDOWS\System32\Tasks\EPSON XP-410 Series Update {916CA065-A97C-4543-9414-76866D10E65E}
2014-07-08 17:44 - 2014-02-11 03:33 - 00003778 _____ () C:\WINDOWS\System32\Tasks\EPSON XP-410 Series Invitation {916CA065-A97C-4543-9414-76866D10E65E}
2014-07-08 17:44 - 2013-04-29 20:43 - 00003884 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-08 15:54 - 2014-01-21 14:42 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\KeePass
2014-07-08 03:08 - 2014-07-08 03:07 - 00010862 _____ () C:\Users\Daniel\Documents\Jul 8 2014.kdbx
2014-07-08 03:00 - 2014-07-08 03:00 - 00001129 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass.lnk
2014-07-08 03:00 - 2014-07-08 03:00 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe
2014-07-08 02:59 - 2014-07-08 02:59 - 01891395 _____ (Dominik Reichl ) C:\Users\Daniel\Downloads\KeePass-1.27-Setup.exe
2014-07-02 00:58 - 2014-01-21 14:42 - 00010878 _____ () C:\Users\Daniel\Documents\jan 21 2014.kdbx
2014-07-01 04:04 - 2014-07-01 04:04 - 00002782 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mbam.lnk
2014-07-01 03:22 - 2014-05-29 17:08 - 00000000 ____D () C:\Users\Daniel\Desktop\College
2014-06-30 17:45 - 2014-07-08 19:41 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-29 16:20 - 2014-02-09 03:21 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Malwarebytes
2014-06-29 16:20 - 2014-02-09 03:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-28 02:48 - 2014-07-08 19:41 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-28 02:07 - 2014-07-08 19:41 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-06-26 15:55 - 2013-08-22 10:38 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 15:55 - 2013-08-22 10:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-20 22:28 - 2013-04-29 20:43 - 00003648 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 21:39 - 2014-06-20 21:39 - 00003118 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00003090 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00003060 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-06-20 21:39 - 2014-06-20 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-06-20 21:39 - 2014-06-20 21:39 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-06-20 15:14 - 2014-06-20 15:14 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-06-20 02:49 - 2014-06-20 02:49 - 00000000 ____D () C:\NVIDIA Corporation
2014-06-20 02:49 - 2013-05-23 23:10 - 00000000 ____D () C:\NVIDIA
2014-06-19 11:56 - 2014-06-19 11:56 - 00000874 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1154547124-2327209256-1540992038-1002Core1cf8bdf5a91e8ca.job
2014-06-18 20:39 - 2014-07-08 19:41 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-18 19:48 - 2014-07-08 19:41 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-18 19:16 - 2014-07-08 19:41 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-18 19:09 - 2014-07-08 19:41 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-18 18:51 - 2014-07-08 19:41 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-18 18:50 - 2014-07-08 19:41 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-18 18:48 - 2014-07-08 19:41 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-18 18:46 - 2014-07-08 19:41 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-06-18 18:39 - 2014-07-08 19:41 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-18 18:33 - 2014-07-08 19:41 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-18 18:32 - 2014-07-08 19:41 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-18 18:27 - 2014-07-08 19:41 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-18 18:12 - 2014-07-08 19:41 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-18 17:59 - 2014-07-08 19:41 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-18 17:58 - 2014-07-08 19:41 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-18 17:58 - 2014-07-08 19:41 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-18 17:57 - 2014-07-08 19:41 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-06-18 17:52 - 2014-07-08 19:41 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-18 17:51 - 2014-07-08 19:41 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-18 17:49 - 2014-07-08 19:41 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-18 17:45 - 2014-07-08 19:41 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-18 17:35 - 2014-07-08 19:41 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-18 17:34 - 2014-07-08 19:41 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-18 17:15 - 2014-07-08 19:41 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-18 17:13 - 2014-07-08 19:41 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-18 17:09 - 2014-07-08 19:41 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-18 17:07 - 2014-07-08 19:41 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-18 16:44 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-06-18 14:59 - 2014-04-21 21:27 - 00000000 ____D () C:\Users\Daniel\VirtualBox VMs
2014-06-18 13:54 - 2014-06-12 22:02 - 00018371 ____H () C:\Users\Daniel\Desktop\~WRL0745.tmp
2014-06-18 13:31 - 2013-05-09 22:39 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-17 16:39 - 2013-05-10 17:28 - 00007611 _____ () C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg
2014-06-16 17:26 - 2014-07-08 19:42 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-06-16 17:24 - 2014-07-08 19:42 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-06-16 12:36 - 2014-06-16 12:36 - 00001167 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Speccy.lnk
2014-06-16 12:35 - 2014-06-16 12:35 - 00000000 ____D () C:\Program Files\Speccy
2014-06-16 00:08 - 2014-03-28 20:21 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Battle.net
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-15 22:44
 
==================== End Of Log ============================
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.