Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help reoving Scorpion Saver, DDS.com not running.


  • This topic is locked This topic is locked
21 replies to this topic

#1 TatertotInvasion

TatertotInvasion

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 27 November 2013 - 10:22 PM

Hello, I recently became aware that I had been infected with Scorpion Saver, and found your forum while looking for a solution. I read your guide on prep before posting, and got stuck on the DDS part.

 

After downloading DDS, I open it, I allow it permissions, then it tells me "DDS is not meant to run in 'Compatibility Mode'. This program shall now exit." I'm fairly certain this is because I'm running Windows 8.1, but I'm not sure, so I guess that's where we could start.

 

Thanks a bunch,

Ted



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:12 PM

Posted 28 November 2013 - 01:13 AM





Hello TatertotInvasion

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

I would like you to run this program for me.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 TatertotInvasion

TatertotInvasion
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 28 November 2013 - 02:17 AM

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-11-2013 01
Ran by Tate (administrator) on GOLDENTATERTOT on 27-11-2013 23:10:54
Running from C:\Users\Tate\Desktop
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Adpeak, Inc.) C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conduit) C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe
() C:\ProgramData\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spigot, Inc.) C:\Users\Tate\AppData\Roaming\Search Protection\SearchProtection.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(MurGee.com) C:\ProgramData\Auto Typer by MurGee\AutoTyper.exe
(Conduit) C:\Users\Tate\AppData\Roaming\SearchProtect\bin\cltmng.exe
() C:\Users\Tate\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe
(Dropbox, Inc.) C:\Users\Tate\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Zhorn Software) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\caffeine.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13530184 2013-04-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-04-24] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKCU\...\Run: [SearchProtection] - C:\Users\Tate\AppData\Roaming\Search Protection\SearchProtection.exe [832360 2013-09-03] (Spigot, Inc.)
HKCU\...\Run: [AutoTyperMurGee] - C:\ProgramData\Auto Typer by MurGee\AutoTyper.exe [67856 2013-11-01] (MurGee.com)
HKCU\...\Run: [SearchProtect] - C:\Users\Tate\AppData\Roaming\SearchProtect\bin\cltmng.exe [3470624 2013-09-22] (Conduit)
HKCU\...\Run: [BackgroundContainer] - "C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Users\Tate\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKCU\...\Run: [AVG-Secure-Search-Update_1113a] - C:\Users\Tate\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe [2543128 2013-11-14] ()
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [MurGee.com Auto Clicker] - C:\Users\Tate\AppData\Local\Auto Clicker\AutoClicker.exe [98632 2013-11-23] (MurGee.com)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\aprp.exe [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-30] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\mcafee.com\agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2013-02-05] (CyberLink Corp.)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\mcafee.com\agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [StereoLinksInstall] - "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1
HKLM-x32\...\Run: [SearchProtectAll] - C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [3470624 2013-09-22] (Conduit)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2349392 2013-11-11] (LogMeIn Inc.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [168616 2013-10-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation)
Startup: C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Tate\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
URLSearchHook: HKLM-x32 - Connect DLC 5 Toolbar - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
URLSearchHook: HKCU - Connect DLC 5 Toolbar - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {7E4DAE7E-7353-49CA-B38F-DD5E7F9675CB} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKCU - DefaultScope {7E4DAE7E-7353-49CA-B38F-DD5E7F9675CB} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306061&CUI=UN32600986326657258&UM=2
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {D66738DC-8A7B-47B3-AF22-0F933D709ED8} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=293224&p={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ScorpionSaver - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\ScorpionSaver\IECore.dll ()
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Connect DLC 5 Toolbar - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Connect DLC 5 Toolbar - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
FireFox:
========
FF ProfilePath: C:\Users\Tate\AppData\Roaming\Mozilla\Firefox\Profiles\2ryul40b.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=293224&p=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK
 
Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3306061&SearchSource=48&CUI=UN37749241112658713&UM=2
CHR RestoreOnStartup: "hxxp://search.conduit.com/?ctid=CT3306061&SearchSource=48&CUI=UN37749241112658713&UM=2"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (         "name": "",) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (         "name": "",) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Extension: (Google Docs) - C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (PicMonkey) - C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm\1.5_0
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.3.1.2_0
CHR Extension: (Google Wallet) - C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1
CHR Extension: (Gmail) - C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Tate\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx
 
==================== Services (Whitelisted) =================
 
R2 AdpeakProxy; c:\Program Files\ScorpionSaver Services\AdpeakProxy.exe [3688448 2013-10-16] (Adpeak, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310400 2013-04-24] (Windows ® Win 7 DDK provider)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [220960 2013-09-22] (Conduit)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-04-11] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-04-11] (Intel Corporation)
R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe [511480 2013-10-31] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-09-24] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-09-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-09-24] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-09-24] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-04-24] (Atheros)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 AdpeakWFP; C:\WINDOWS\system32\Drivers\AdpeakWFP64.sys [41624 2013-09-26] (Adpeak, Inc.)
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-02-06] (ASUS Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-10-21] (AVG Technologies CZ, s.r.o.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-09-24] (McAfee, Inc.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-07-03] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-10-08] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-09-24] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-09-24] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-09-24] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519192 2013-09-24] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [781312 2013-09-24] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [390552 2013-09-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-09-24] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-11-27 23:10 - 2013-11-27 23:11 - 00031194 _____ C:\Users\Tate\Desktop\FRST.txt
2013-11-27 23:10 - 2013-11-27 23:10 - 00000000 ____D C:\FRST
2013-11-27 23:09 - 2013-11-27 23:09 - 01958850 _____ (Farbar) C:\Users\Tate\Downloads\FRST64.exe
2013-11-27 23:09 - 2013-11-27 23:09 - 01958850 _____ (Farbar) C:\Users\Tate\Desktop\FRST64.exe
2013-11-27 19:15 - 2013-11-27 19:15 - 00688992 _____ (Swearware) C:\Users\Tate\Desktop\dds.com
2013-11-27 15:29 - 2013-11-27 15:31 - 00000000 ____D C:\OBS Recording Test
2013-11-27 15:28 - 2013-11-27 15:28 - 00000000 ____D C:\Users\Tate\AppData\Roaming\OBS
2013-11-27 15:27 - 2013-11-27 15:28 - 00000000 ____D C:\Program Files (x86)\OBS
2013-11-27 15:27 - 2013-11-27 15:27 - 00000949 _____ C:\Users\Tate\Desktop\Open Broadcaster Software.lnk
2013-11-27 15:27 - 2013-11-27 15:27 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2013-11-27 15:27 - 2013-11-27 15:27 - 00000000 ____D C:\Program Files\OBS
2013-11-27 15:25 - 2013-11-27 15:26 - 07638340 _____ C:\Users\Tate\Downloads\OBS_0_584b_Installer.exe
2013-11-26 14:04 - 2013-11-27 14:06 - 00000000 ____D C:\Users\Tate\AppData\Local\LogMeIn Hamachi
2013-11-26 14:04 - 2013-11-26 14:04 - 00000000 ____D C:\Users\Tate\AppData\Local\LogMeIn
2013-11-26 14:04 - 2013-11-26 14:04 - 00000000 ____D C:\ProgramData\LogMeIn
2013-11-26 14:02 - 2013-11-26 14:02 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-11-26 13:57 - 2013-11-26 13:57 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-11-26 13:57 - 2013-11-26 13:57 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-11-26 13:35 - 2013-11-26 13:35 - 05877760 _____ C:\Users\Tate\Downloads\hamachi.msi
2013-11-24 22:30 - 2013-11-24 22:30 - 00000000 ____D C:\Users\Tate\AppData\Local\Auto Clicker
2013-11-24 22:29 - 2013-11-24 22:29 - 00692600 _____ (MurGee.com                                                  ) C:\Users\Tate\Downloads\setup (2).exe
2013-11-24 02:26 - 2013-11-24 02:26 - 00000000 ____D C:\Program Files (x86)\My Company Name
2013-11-24 02:26 - 2011-11-03 03:01 - 00056208 ____N (Rovi Corporation) C:\WINDOWS\system32\Drivers\PxHlpa64.sys
2013-11-24 02:26 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\cdralw2k.sys
2013-11-24 02:26 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\cdr4_xp.sys
2013-11-24 02:09 - 2013-11-24 02:28 - 00000000 ____D C:\Program Files\Adobe
2013-11-24 02:06 - 2013-11-24 02:28 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-11-24 01:40 - 2013-11-24 01:40 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-11-23 23:19 - 2013-11-24 01:57 - 00000000 ____D C:\Users\Tate\Downloads\Adobe CS6 Master Collection
2013-11-23 22:26 - 2013-11-23 22:37 - 155022611 _____ C:\Users\Tate\Desktop\test 2.wmv
2013-11-23 21:53 - 2013-11-23 21:53 - 00000076 _____ C:\Users\Tate\Desktop\test.mxf.mxf.sfl
2013-11-23 21:49 - 2013-11-23 22:10 - 00000000 ____D C:\Users\Tate\Downloads\Adobe Photoshop CS6 13.0.1 Final  Multilanguage (cracked dll) [ChingLiu]
2013-11-23 21:43 - 2013-11-23 21:53 - 635211016 _____ C:\Users\Tate\Desktop\test.mxf.mxf
2013-11-23 21:39 - 2013-11-23 21:39 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Publish Providers
2013-11-23 21:36 - 2013-11-23 21:39 - 00000000 ____D C:\Users\Tate\AppData\Local\Sony
2013-11-23 21:36 - 2013-11-23 21:36 - 00000000 ____D C:\ProgramData\Sony
2013-11-23 21:36 - 2013-11-23 21:36 - 00000000 ____D C:\Program Files\Sony
2013-11-23 21:36 - 2013-11-23 21:36 - 00000000 ____D C:\Program Files (x86)\Sony
2013-11-23 21:35 - 2013-11-23 21:43 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Sony
2013-11-23 21:31 - 2013-11-23 21:32 - 00000000 ____D C:\Users\Tate\Downloads\SONY Vegas PRO 12 Build 670 (64 bit)
2013-11-23 20:18 - 2013-11-23 20:23 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Audacity
2013-11-23 20:17 - 2013-11-23 20:17 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-11-23 20:14 - 2013-11-23 20:14 - 22180353 _____ (Audacity Team                                               ) C:\Users\Tate\Downloads\audacity-win-2.0.5.exe
2013-11-23 20:06 - 2013-11-23 20:06 - 00000000 ____D C:\Users\Tate\AppData\Roaming\NVIDIA
2013-11-23 19:54 - 2013-11-23 19:54 - 00007602 _____ C:\Users\Tate\AppData\Local\Resmon.ResmonCfg
2013-11-22 23:17 - 2013-11-22 23:17 - 00013445 _____ C:\Users\Tate\Downloads\Minecraft HD Font 64x.zip
2013-11-22 23:01 - 2013-11-22 23:02 - 12789989 _____ C:\Users\Tate\Downloads\Kab_s_Showcase_1.7.0_13w37a.zip
2013-11-21 20:16 - 2013-11-21 20:16 - 00012709 _____ C:\Users\Tate\Downloads\One-Million Subscribers.xlsx
2013-11-21 19:08 - 2013-11-21 19:09 - 07439568 _____ C:\Users\Tate\Downloads\Start8-cnet-setup (1).exe
2013-11-21 19:05 - 2013-11-21 19:05 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2013-11-21 19:05 - 2013-11-21 19:05 - 00000000 ____D C:\WINDOWS\system32\NV
2013-11-21 18:52 - 2013-11-21 18:52 - 00000000 ____D C:\Users\Tate\Downloads\Stardock
2013-11-21 18:52 - 2013-11-21 18:52 - 00000000 ____D C:\Users\Public\Documents\Stardock
2013-11-21 18:52 - 2013-11-21 18:52 - 00000000 ____D C:\ProgramData\Stardock
2013-11-21 18:52 - 2013-11-21 18:52 - 00000000 ____D C:\Program Files (x86)\Stardock
2013-11-21 18:51 - 2013-11-21 18:52 - 07439568 _____ C:\Users\Tate\Downloads\Start8-cnet-setup.exe
2013-11-21 18:41 - 2013-11-21 18:41 - 02683411 _____ C:\Users\Tate\Downloads\Start Menu.zip
2013-11-20 20:37 - 2013-11-27 23:12 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5E3EBFAB-5FD0-4338-8B4D-AB4CFCDD519E}
2013-11-20 20:18 - 2013-11-20 20:18 - 50107976 _____ (Adobe Systems Incorporated) C:\Users\Tate\Downloads\AdbeRdr11003_en_US.exe
2013-11-20 19:18 - 2013-11-20 19:18 - 00999827 _____ C:\Users\Tate\Downloads\Platform Power.zip
2013-11-20 18:15 - 2013-11-27 14:04 - 00000396 _____ C:\WINDOWS\Tasks\AVG_SYS_TASK.job
2013-11-20 18:15 - 2013-11-20 18:15 - 00002670 _____ C:\WINDOWS\System32\Tasks\AVG_SYS_TASK
2013-11-20 18:15 - 2013-11-20 18:15 - 00000000 ____D C:\Users\Tate\AppData\Roaming\AVG 1113a Campaign
2013-11-20 18:14 - 2013-11-27 14:04 - 00000424 _____ C:\WINDOWS\Tasks\AVG_SYS_TASK_DELETE.job
2013-11-20 18:14 - 2013-11-20 18:14 - 00002908 _____ C:\WINDOWS\System32\Tasks\AVG_SYS_TASK_DELETE
2013-11-20 18:14 - 2013-11-20 18:14 - 00000000 ____D C:\ProgramData\AVG 1113a Campaign
2013-11-19 19:08 - 2013-11-19 19:08 - 00000000 ____D C:\Users\Tate\AppData\Local\Macromedia
2013-11-19 19:07 - 2013-11-27 22:15 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-19 19:07 - 2013-11-19 19:07 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-11-19 19:03 - 2013-11-19 19:03 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Mozilla
2013-11-19 19:03 - 2013-11-19 19:03 - 00000000 ____D C:\Users\Tate\AppData\Local\Mozilla
2013-11-19 19:03 - 2013-11-19 19:03 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-19 19:03 - 2013-11-19 19:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-19 19:02 - 2013-11-19 19:02 - 00282904 _____ (Mozilla) C:\Users\Tate\Downloads\Firefox Setup Stub 25.0.1.exe
2013-11-19 16:12 - 2013-11-19 16:12 - 00984509 _____ C:\Users\Tate\Downloads\Nether3x3Bedrock.txt
2013-11-18 20:57 - 2013-11-18 20:57 - 00000000 ____D C:\ProgramData\EPSON
2013-11-18 20:51 - 2013-11-18 20:54 - 17139552 _____ C:\Users\Tate\Downloads\epson14986.exe
2013-11-18 20:20 - 2013-11-18 20:20 - 00000843 _____ C:\Users\Tate\AppData\Local\recently-used.xbel
2013-11-18 20:20 - 2013-11-18 20:20 - 00000000 ____D C:\Users\Tate\AppData\Local\gtk-2.0
2013-11-18 20:20 - 2013-11-18 20:20 - 00000000 ____D C:\Users\Tate\.thumbnails
2013-11-18 20:16 - 2013-11-18 20:21 - 00000000 ____D C:\Users\Tate\.gimp-2.8
2013-11-18 20:16 - 2013-11-18 20:16 - 00000000 ____D C:\Users\Tate\AppData\Local\gegl-0.2
2013-11-18 20:11 - 2013-11-18 20:14 - 00000000 ____D C:\Program Files\GIMP 2
2013-11-18 20:00 - 2013-11-18 20:06 - 90332288 _____ (The GIMP Team                                               ) C:\Users\Tate\Downloads\gimp-2.8.8-setup.exe
2013-11-17 23:58 - 2013-11-24 13:20 - 00092672 ___SH C:\Users\Tate\Desktop\Thumbs.db
2013-11-17 23:56 - 2013-11-17 23:56 - 00001613 _____ C:\Users\Tate\Desktop\Programs.lnk
2013-11-17 23:20 - 2013-11-17 23:20 - 00000000 ____D C:\Program Files\ScorpionSaver Services
2013-11-17 23:20 - 2013-09-26 09:50 - 00041624 _____ (Adpeak, Inc.) C:\WINDOWS\system32\Drivers\AdpeakWFP64.sys
2013-11-16 23:17 - 2013-11-16 23:17 - 00000000 ____D C:\Program Files (x86)\ScorpionSaver
2013-11-16 23:16 - 2013-11-16 23:16 - 00000000 ____D C:\Program Files\Level Quality Watcher
2013-11-16 23:11 - 2013-11-16 23:11 - 00000000 ____D C:\Users\Tate\Documents\Razer
2013-11-16 23:07 - 2013-11-16 23:07 - 00000000 ____D C:\Users\Tate\AppData\Local\Razer
2013-11-16 23:06 - 2013-11-16 23:11 - 00000000 ____D C:\Users\Tate\AppData\Roaming\SearchProtect
2013-11-16 23:06 - 2013-11-16 23:06 - 00894600 _____ (CNET Download.com) C:\Users\Tate\Downloads\cbsidlm-cbsi134-Razer_Game_Booster-SEO-10913645 (2).exe
2013-11-16 23:06 - 2013-11-16 23:06 - 00894600 _____ (CNET Download.com) C:\Users\Tate\Downloads\cbsidlm-cbsi134-Razer_Game_Booster-SEO-10913645 (1).exe
2013-11-16 23:06 - 2013-11-16 23:06 - 00003364 _____ C:\WINDOWS\System32\Tasks\BackgroundContainer Startup Task
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\Users\Tate\AppData\Local\WhiteListing
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\Users\Tate\AppData\Local\NativeMessaging
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\Users\Tate\AppData\Local\CRE
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\Users\Tate\AppData\Local\Conduit
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\ProgramData\Razer
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\ProgramData\Conduit
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\Program Files (x86)\Razer
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\Program Files (x86)\Connect_DLC_5
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-11-16 23:06 - 2012-11-20 16:13 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2013-11-16 23:05 - 2013-11-16 23:06 - 00000009 _____ C:\END
2013-11-16 23:05 - 2013-11-16 23:05 - 00894600 _____ (CNET Download.com) C:\Users\Tate\Downloads\cbsidlm-cbsi134-Razer_Game_Booster-SEO-10913645.exe
2013-11-16 22:57 - 2013-11-16 22:57 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-11-16 22:57 - 2013-11-16 22:57 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2013-11-16 21:44 - 2013-11-19 19:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 18:08 - 2013-10-22 21:09 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-11-16 18:08 - 2013-10-22 00:18 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2013-11-16 18:08 - 2013-10-21 23:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-11-16 18:08 - 2013-10-21 22:03 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2013-11-16 18:08 - 2013-10-21 18:07 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-11-16 18:08 - 2013-10-21 17:53 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2013-11-16 18:08 - 2013-10-21 17:47 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-11-16 18:08 - 2013-10-19 01:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-11-16 18:08 - 2013-10-19 00:51 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2013-11-16 18:08 - 2013-10-18 23:12 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2013-11-16 18:08 - 2013-10-18 22:24 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-11-16 18:08 - 2013-10-18 19:57 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-11-16 18:08 - 2013-10-18 19:28 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-11-16 18:08 - 2013-10-18 19:26 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2013-11-16 18:08 - 2013-10-18 19:14 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2013-11-16 18:08 - 2013-10-11 05:04 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-11-16 18:08 - 2013-10-10 08:23 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2013-11-16 18:08 - 2013-10-10 02:40 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-11-16 18:08 - 2013-10-08 02:13 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-11-16 18:08 - 2013-10-06 23:21 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-11-16 18:08 - 2013-10-06 18:13 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-11-16 18:08 - 2013-10-05 06:21 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2013-11-16 18:08 - 2013-10-05 00:56 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2013-11-16 18:08 - 2013-10-05 00:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2013-11-16 18:08 - 2013-10-04 23:43 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2013-11-16 18:08 - 2013-10-04 23:39 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2013-11-16 18:08 - 2013-10-04 23:32 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2013-11-16 18:08 - 2013-09-17 01:06 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-11-16 18:08 - 2013-09-16 22:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-11-16 18:08 - 2013-09-14 06:07 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2013-11-16 18:07 - 2013-10-23 03:29 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2013-11-16 18:07 - 2013-10-23 03:21 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-11-16 18:07 - 2013-10-23 03:13 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2013-11-16 18:07 - 2013-10-22 21:27 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-16 18:07 - 2013-10-22 21:04 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-16 18:07 - 2013-10-22 20:55 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-11-16 18:07 - 2013-10-22 20:46 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-11-16 18:07 - 2013-10-21 21:15 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2013-11-16 18:07 - 2013-10-21 20:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2013-11-16 18:07 - 2013-10-21 20:02 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2013-11-16 18:07 - 2013-10-21 19:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2013-11-16 18:07 - 2013-10-21 19:44 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2013-11-16 18:07 - 2013-10-21 18:38 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2013-11-16 18:07 - 2013-10-21 18:22 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-11-16 18:07 - 2013-10-21 18:13 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-11-16 18:07 - 2013-10-18 20:48 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2013-11-16 18:07 - 2013-10-18 20:03 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2013-11-16 18:07 - 2013-10-17 07:42 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2013-11-16 18:07 - 2013-10-17 07:42 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2013-11-16 18:07 - 2013-10-17 06:04 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2013-11-16 18:07 - 2013-10-16 01:34 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2013-11-16 18:07 - 2013-10-16 01:33 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2013-11-16 18:07 - 2013-10-12 19:06 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2013-11-16 18:07 - 2013-10-12 18:43 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2013-11-16 18:07 - 2013-10-11 07:11 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-11-16 18:07 - 2013-10-11 06:22 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-11-16 18:07 - 2013-10-11 05:24 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-11-16 18:07 - 2013-10-11 05:03 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-11-16 18:07 - 2013-10-10 08:44 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2013-11-16 18:07 - 2013-10-10 08:26 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-11-16 18:07 - 2013-10-10 08:26 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2013-11-16 18:07 - 2013-10-10 06:53 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-11-16 18:07 - 2013-10-10 06:53 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2013-11-16 18:07 - 2013-10-10 03:53 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2013-11-16 18:07 - 2013-10-10 03:38 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2013-11-16 18:07 - 2013-10-10 03:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2013-11-16 18:07 - 2013-10-10 02:19 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-11-16 18:07 - 2013-10-08 21:40 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-11-16 18:07 - 2013-10-08 03:07 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-11-16 18:07 - 2013-10-08 02:28 - 00523096 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2013-11-16 18:07 - 2013-10-07 22:46 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2013-11-16 18:07 - 2013-10-07 21:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2013-11-16 18:07 - 2013-10-07 21:50 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2013-11-16 18:07 - 2013-10-07 21:48 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2013-11-16 18:07 - 2013-10-07 21:15 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2013-11-16 18:07 - 2013-10-07 21:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2013-11-16 18:07 - 2013-10-07 20:50 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2013-11-16 18:07 - 2013-10-07 20:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2013-11-16 18:07 - 2013-10-06 23:21 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-11-16 18:07 - 2013-10-05 07:25 - 00371032 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-11-16 18:07 - 2013-10-05 07:25 - 00057176 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2013-11-16 18:07 - 2013-10-05 04:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2013-11-16 18:07 - 2013-10-05 03:01 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2013-11-16 18:07 - 2013-10-05 01:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2013-11-16 18:07 - 2013-10-05 01:18 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2013-11-16 18:07 - 2013-10-05 01:07 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-11-16 18:07 - 2013-10-05 00:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2013-11-16 18:07 - 2013-10-05 00:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2013-11-16 18:07 - 2013-10-05 00:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2013-11-16 18:07 - 2013-10-05 00:15 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2013-11-16 18:07 - 2013-10-04 23:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-11-16 18:07 - 2013-10-04 00:10 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2013-11-16 18:07 - 2013-09-18 21:04 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2013-11-16 18:07 - 2013-09-17 01:06 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2013-11-16 18:07 - 2013-09-16 22:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2013-11-16 18:07 - 2013-09-16 20:37 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2013-11-16 18:07 - 2013-09-14 06:00 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2013-11-16 18:07 - 2013-09-14 04:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2013-11-16 18:07 - 2013-09-14 04:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2013-11-16 18:07 - 2013-09-14 02:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2013-11-16 18:07 - 2013-09-14 01:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2013-11-16 18:07 - 2013-09-13 00:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2013-11-16 18:07 - 2013-09-12 23:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe
2013-11-16 18:07 - 2013-09-12 00:45 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2013-11-16 18:07 - 2013-09-12 00:08 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2013-11-16 18:07 - 2013-09-12 00:08 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2013-11-16 18:07 - 2013-09-12 00:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2013-11-16 18:07 - 2013-09-11 23:44 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2013-11-16 18:07 - 2013-09-11 23:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2013-11-16 18:07 - 2013-09-11 23:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2013-11-16 18:07 - 2013-09-11 23:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2013-11-16 18:07 - 2013-09-11 23:16 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2013-11-16 18:07 - 2013-09-11 23:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2013-11-16 18:07 - 2013-09-11 04:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-11-16 18:07 - 2013-09-09 21:26 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2013-11-16 18:07 - 2013-09-09 20:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2013-11-16 18:07 - 2013-09-09 20:34 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2013-11-16 18:06 - 2013-11-05 12:21 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-11-16 18:06 - 2013-11-05 10:51 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-11-16 18:06 - 2013-11-05 08:20 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-11-16 18:06 - 2013-11-05 08:11 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-11-16 18:06 - 2013-11-05 06:30 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-11-16 18:06 - 2013-11-05 06:29 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-11-16 18:05 - 2013-10-10 03:26 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2013-11-16 18:05 - 2013-10-10 03:05 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2013-11-16 18:05 - 2013-10-10 02:34 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2013-11-16 18:05 - 2013-10-10 02:27 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2013-11-16 00:08 - 2013-11-16 00:08 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-11-16 00:08 - 2013-11-16 00:08 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-11-13 22:29 - 2013-11-13 22:29 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-11-13 22:28 - 2013-11-13 22:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-11-13 22:26 - 2013-11-13 22:28 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-11-13 22:26 - 2013-11-13 22:26 - 00000000 ____D C:\WINDOWS\PCHEALTH
2013-11-13 22:24 - 2013-11-23 14:08 - 00000000 ____D C:\Users\Tate\AppData\Local\Microsoft Help
2013-11-13 22:24 - 2013-11-16 21:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-13 22:24 - 2013-11-13 22:26 - 00000000 ____D C:\Program Files\Microsoft Office
2013-11-13 22:24 - 2013-11-13 22:24 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-11-13 22:24 - 2013-11-13 22:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-11-13 22:23 - 2013-11-13 22:23 - 00000000 __RHD C:\MSOCache
2013-11-13 22:08 - 2013-11-13 22:11 - 00000000 ____D C:\Users\Tate\Downloads\Microsoft Office ProPlus 2013 VL x64 en-US Aug2013
2013-11-13 15:15 - 2013-10-19 00:08 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-13 15:15 - 2013-10-18 22:37 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-13 15:15 - 2013-10-18 22:02 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-13 15:15 - 2013-10-18 21:37 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2013-11-13 15:15 - 2013-10-18 21:19 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-11-13 15:15 - 2013-10-18 21:10 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-11-13 15:15 - 2013-10-18 20:52 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-13 15:15 - 2013-10-18 20:44 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-11-13 15:15 - 2013-10-18 20:37 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-13 15:15 - 2013-10-18 20:31 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-11-13 15:15 - 2013-10-18 19:56 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-13 15:15 - 2013-10-18 19:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-11-13 15:15 - 2013-10-18 19:53 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-11-13 15:15 - 2013-10-18 19:23 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-11-13 15:15 - 2013-10-18 19:09 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-11-13 15:15 - 2013-10-18 19:02 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-11-13 15:15 - 2013-10-16 07:58 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-11-13 15:15 - 2013-10-16 05:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-11-13 15:15 - 2013-10-12 18:48 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2013-11-13 15:15 - 2013-10-12 13:48 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2013-11-13 15:15 - 2013-10-12 13:34 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2013-11-13 15:15 - 2013-10-05 06:21 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2013-11-13 15:15 - 2013-10-05 00:39 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2013-11-12 21:43 - 2013-11-12 21:43 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-11-12 21:41 - 2013-11-12 21:38 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6432683.dll
2013-11-12 21:41 - 2013-11-12 21:38 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6432683.dll
2013-11-12 21:38 - 2013-11-12 21:39 - 00000000 ____D C:\Users\Tate\Downloads\VGA_nVidia_Win81_64_VER918132683 (1)
2013-11-12 21:37 - 2013-11-12 21:37 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-11-12 21:37 - 2013-11-07 22:58 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
2013-11-12 21:37 - 2013-11-07 22:58 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2013-11-12 21:37 - 2013-10-23 00:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2013-11-12 21:37 - 2013-10-23 00:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2013-11-12 21:37 - 2013-10-23 00:20 - 03426956 _____ C:\WINDOWS\system32\nvcoproc.bin
2013-11-12 21:37 - 2013-10-23 00:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2013-11-12 21:37 - 2013-10-23 00:20 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2013-11-12 21:37 - 2013-10-23 00:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2013-11-12 21:37 - 2013-10-23 00:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2013-11-12 21:37 - 2013-10-23 00:20 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2013-11-12 21:37 - 2013-10-23 00:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2013-11-12 21:37 - 2013-08-22 07:36 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-12 21:37 - 2013-08-22 07:36 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-12 21:37 - 2013-08-22 07:36 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-12 21:37 - 2013-08-22 07:36 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-12 21:25 - 2013-11-12 21:29 - 316360307 _____ C:\Users\Tate\Downloads\VGA_nVidia_Win81_64_VER918132683 (1).zip
2013-11-12 20:45 - 2013-11-12 21:31 - 00000000 ____D C:\Users\Tate\AppData\Local\NVIDIA
2013-11-12 20:41 - 2013-11-12 20:41 - 00000000 ____D C:\Users\Tate\AppData\Local\AutoTyperMurGee
2013-11-12 20:32 - 2013-10-23 02:30 - 30344480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 22933792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 18286416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 18199872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 15855568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 15212336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 12572960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2013-11-12 20:32 - 2013-10-23 02:30 - 11426568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 11374520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 09524088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 09480328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 03131680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 03124512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 03067560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 02946848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 02747168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 02695200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433165.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433165.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 01435504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 01241376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 00696096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 00655136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 00560416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2013-11-12 20:32 - 2013-10-23 02:30 - 00023287 _____ C:\WINDOWS\system32\nvinfo.pb
2013-11-12 20:28 - 2013-11-12 20:28 - 00000000 ____D C:\NVIDIA
2013-11-12 20:25 - 2013-11-12 20:27 - 259454424 _____ (NVIDIA Corporation) C:\Users\Tate\Downloads\331.65-notebook-win8-win7-64bit-international-whql.exe
2013-11-12 18:43 - 2013-11-12 18:43 - 00000000 ____D C:\Users\Tate\AppData\Local\Evernote
2013-11-12 18:42 - 2013-11-12 18:42 - 00000000 ____D C:\Program Files (x86)\Evernote
2013-11-12 18:41 - 2013-11-12 18:42 - 58823520 _____ (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Users\Tate\Downloads\Evernote_5.0.3.1614.exe
2013-11-12 17:45 - 2013-11-12 17:45 - 01002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2013-11-12 17:44 - 2013-11-12 17:44 - 02056192 _____ C:\Users\Tate\Downloads\CMInstaller.msi
2013-11-12 17:21 - 2013-11-12 17:21 - 00000000 ____D C:\Users\Tate\AppData\Roaming\AVG2014
2013-11-12 17:20 - 2013-11-23 21:26 - 00000000 ____D C:\ProgramData\AVG2014
2013-11-12 17:20 - 2013-11-12 17:20 - 00000000 ___HD C:\$AVG
2013-11-12 17:20 - 2013-11-12 17:20 - 00000000 ____D C:\Users\Tate\AppData\Roaming\TuneUp Software
2013-11-12 17:19 - 2013-11-12 17:19 - 00000000 ____D C:\Program Files (x86)\AVG
2013-11-12 17:07 - 2013-11-27 18:56 - 00000000 ____D C:\ProgramData\MFAData
2013-11-12 17:07 - 2013-11-12 18:31 - 00000000 ____D C:\Users\Tate\AppData\Local\Avg2014
2013-11-12 17:07 - 2013-11-12 17:07 - 00000000 ____D C:\Users\Tate\AppData\Local\MFAData
2013-11-12 17:06 - 2013-11-12 17:06 - 04436568 _____ (AVG Technologies) C:\Users\Tate\Downloads\avg_free_stb_all_2014_4158_cnet.exe
2013-11-10 23:51 - 2013-11-10 23:51 - 00014637 _____ C:\Users\Tate\Downloads\caffeine.zip
2013-11-10 23:51 - 2013-11-10 23:51 - 00000000 ____D C:\Users\Tate\Downloads\caffeine
2013-11-10 22:45 - 2013-11-10 22:45 - 00000000 ____D C:\Users\Tate\AppData\Roaming\LolClient
2013-11-10 21:16 - 2013-11-10 21:16 - 00000000 ____D C:\Program Files (x86)\NBTExplorer
2013-11-10 21:15 - 2013-11-10 21:15 - 00749568 _____ C:\Users\Tate\Downloads\NBTExplorer-2.6.0.msi
2013-11-10 10:25 - 2013-11-25 08:26 - 00000000 ____D C:\Users\Tate\AppData\Roaming\TS3Client
2013-11-10 10:25 - 2013-11-10 10:25 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-11-10 10:22 - 2013-11-10 10:24 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\Tate\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2013-11-09 22:18 - 2013-11-09 22:18 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2013-11-09 22:18 - 2013-11-09 22:18 - 00000000 ____D C:\Riot Games
2013-11-09 22:18 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2013-11-09 22:18 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2013-11-09 22:18 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2013-11-09 22:18 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2013-11-09 22:18 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2013-11-09 22:17 - 2013-11-15 22:46 - 00000000 ____D C:\Users\Tate\AppData\Local\PMB Files
2013-11-09 22:17 - 2013-11-15 22:46 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-09 22:17 - 2013-11-09 22:17 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Riot Games
2013-11-09 22:17 - 2013-11-09 22:17 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-11-09 22:16 - 2013-11-09 22:17 - 32229024 _____ (Riot Games) C:\Users\Tate\Downloads\LeagueofLegends_NA_Installer_05_07_13.exe
2013-11-09 21:12 - 2013-11-09 21:12 - 00000000 ____D C:\Users\Tate\AppData\Local\Auto-Mouse-Clicker
2013-11-09 21:12 - 2013-11-09 21:12 - 00000000 ____D C:\Program Files (x86)\Auto Mouse Clicker v3.9
2013-11-09 21:11 - 2013-11-09 21:13 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Apple Computer
2013-11-09 21:11 - 2013-11-09 21:11 - 00839040 _____ (MurGee Softwares                                            ) C:\Users\Tate\Downloads\setup (1).exe
2013-11-09 21:11 - 2013-11-09 21:11 - 00334384 _____ (MurGee.com                                                  ) C:\Users\Tate\Downloads\setup.exe
2013-11-09 21:11 - 2013-11-09 21:11 - 00000000 ____D C:\Users\Tate\AppData\Local\Apple Computer
2013-11-09 21:11 - 2013-11-09 21:11 - 00000000 ____D C:\ProgramData\Auto Typer by MurGee
2013-11-09 21:11 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2013-11-09 21:10 - 2013-11-09 21:11 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-09 21:10 - 2013-11-09 21:11 - 00000000 ____D C:\Program Files\iTunes
2013-11-09 21:10 - 2013-11-09 21:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-09 21:10 - 2013-11-09 21:10 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-09 21:10 - 2013-11-09 21:10 - 00000000 ____D C:\Program Files\iPod
2013-11-09 21:09 - 2013-11-09 21:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2013-11-09 21:09 - 2013-11-09 21:09 - 00000000 ____D C:\Users\Tate\AppData\Local\Apple
2013-11-09 21:09 - 2013-11-09 21:09 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-11-09 21:08 - 2013-11-09 21:08 - 00000000 ____D C:\ProgramData\Apple
2013-11-09 21:08 - 2013-11-09 21:08 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-11-09 21:08 - 2013-11-09 21:08 - 00000000 ____D C:\Program Files\Bonjour
2013-11-09 21:08 - 2013-11-09 21:08 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-11-09 21:04 - 2013-11-12 22:16 - 00000000 ____D C:\Users\Tate\Downloads\C418 - Minecraft - Volume Alpha
2013-11-09 21:04 - 2013-11-12 20:07 - 00000000 ____D C:\Users\Tate\Downloads\C418 - Minecraft - Volume Beta
2013-11-09 21:04 - 2013-11-09 21:05 - 100400976 _____ (Apple Inc.) C:\Users\Tate\Downloads\iTunes64Setup.exe
2013-11-09 20:58 - 2013-11-09 21:01 - 111399921 _____ C:\Users\Tate\Downloads\C418 - Minecraft - Volume Alpha.zip
2013-11-09 20:58 - 2013-11-09 21:00 - 264013838 _____ C:\Users\Tate\Downloads\C418 - Minecraft - Volume Beta.zip
2013-11-08 18:58 - 2013-11-08 18:58 - 00000000 ____D C:\Users\Tate\Documents\SimCity
2013-11-08 18:48 - 2013-11-08 18:49 - 00000000 ____D C:\Fraps
2013-11-08 18:44 - 2013-11-08 18:44 - 00000886 _____ C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-11-08 18:44 - 2013-11-08 18:44 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Search Protection
2013-11-08 18:43 - 2013-11-26 13:42 - 00000000 ____D C:\Users\Tate\AppData\Roaming\uTorrent
2013-11-08 18:39 - 2013-11-27 14:07 - 00000000 ___RD C:\Users\Tate\Dropbox
2013-11-08 18:38 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2013-11-08 18:38 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2013-11-08 18:38 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2013-11-08 18:38 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2013-11-08 18:38 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2013-11-08 18:38 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2013-11-08 18:38 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2013-11-08 18:38 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2013-11-08 18:38 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2013-11-08 18:38 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2013-11-08 18:38 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2013-11-08 18:38 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2013-11-08 18:38 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2013-11-08 18:38 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2013-11-08 18:38 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2013-11-08 18:38 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2013-11-08 18:38 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2013-11-08 18:38 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2013-11-08 18:38 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2013-11-08 18:38 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2013-11-08 18:38 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2013-11-08 18:38 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2013-11-08 18:37 - 2013-11-08 18:37 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-08 18:36 - 2013-11-27 14:07 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Dropbox
2013-11-08 18:36 - 2013-11-08 18:37 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-11-08 18:31 - 2013-11-27 23:12 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Skype
2013-11-08 18:31 - 2013-11-08 18:31 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-08 18:31 - 2013-11-08 18:31 - 00000000 ____D C:\ProgramData\Skype
2013-11-08 18:28 - 2013-11-08 19:50 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Origin
2013-11-08 18:28 - 2013-11-08 18:36 - 00000000 ____D C:\Users\Tate\AppData\Local\Origin
2013-11-08 17:32 - 2013-11-08 18:58 - 00000000 ____D C:\ProgramData\Origin
2013-11-08 17:32 - 2013-11-08 18:58 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-11-08 17:31 - 2013-11-26 21:38 - 00000000 ____D C:\Program Files (x86)\Origin
2013-11-08 17:28 - 2013-11-08 17:28 - 00000000 ____D C:\Users\Tate\Documents\Rainmeter
2013-11-08 17:28 - 2013-11-08 17:28 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Rainmeter
2013-11-08 17:28 - 2013-11-08 17:28 - 00000000 ____D C:\Program Files\Rainmeter
2013-11-07 23:11 - 2013-11-27 14:07 - 00000000 __RDO C:\Users\Tate\SkyDrive
2013-11-07 23:09 - 2013-11-07 23:09 - 00001444 _____ C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-07 23:09 - 2013-11-07 23:09 - 00000020 ___SH C:\Users\Tate\ntuser.ini
2013-11-07 23:06 - 2013-11-07 23:06 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-11-07 22:58 - 2013-11-07 22:58 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
2013-11-07 22:58 - 2013-11-07 22:58 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-11-07 22:58 - 2013-11-07 22:58 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
2013-11-07 22:58 - 2013-11-07 22:58 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-11-07 22:55 - 2013-11-07 22:55 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-11-07 22:54 - 2013-11-21 19:06 - 00000000 ____D C:\Users\Tate
2013-11-07 22:54 - 2013-11-07 23:07 - 00028578 _____ C:\WINDOWS\diagwrn.xml
2013-11-07 22:54 - 2013-11-07 23:07 - 00028578 _____ C:\WINDOWS\diagerr.xml
2013-11-07 22:54 - 2013-11-07 22:55 - 00000000 ___RD C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-07 22:54 - 2013-08-22 07:36 - 00000000 ___RD C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-07 22:54 - 2013-08-22 07:36 - 00000000 ___RD C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-07 22:54 - 2013-08-22 07:36 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-07 22:51 - 2013-11-07 23:21 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2013-11-07 22:51 - 2013-11-07 23:21 - 00001164 _____ C:\WINDOWS\LkmdfCoInst.log
2013-11-07 22:50 - 2013-11-27 21:38 - 01870726 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-07 22:49 - 2013-11-12 21:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-07 22:49 - 2013-11-12 21:37 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-07 22:49 - 2013-11-12 21:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-11-07 22:49 - 2013-11-07 22:57 - 00000000 ____D C:\Program Files (x86)\Intel
2013-11-07 22:49 - 2013-10-01 13:02 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2013-11-07 22:49 - 2013-10-01 13:02 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2013-11-07 22:48 - 2013-11-07 22:48 - 00109543 _____ C:\WINDOWS\system32\Drivers\RTWAVES30.dat
2013-11-07 22:48 - 2013-11-07 22:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-11-07 22:48 - 2013-11-07 22:48 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-11-07 22:48 - 2013-11-07 22:48 - 00000000 ____D C:\Program Files\Realtek
2013-11-07 22:47 - 2013-11-07 23:09 - 00000000 ___DC C:\WINDOWS\Panther
2013-11-07 22:47 - 2013-11-07 22:47 - 00000000 __SHD C:\Recovery
2013-11-07 22:46 - 2013-11-07 22:46 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-11-07 22:46 - 2013-11-07 22:46 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-11-07 22:45 - 2013-11-07 22:45 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-11-07 22:45 - 2013-11-07 22:45 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2013-11-07 22:43 - 2013-11-07 22:43 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-11-07 22:43 - 2013-11-07 22:43 - 00000000 ____D C:\Program Files\MSBuild
2013-11-07 22:43 - 2013-11-07 22:43 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-11-07 22:43 - 2013-11-07 22:43 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-07 22:43 - 2013-08-02 20:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2013-11-07 22:43 - 2013-08-02 20:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-07 22:43 - 2013-08-02 20:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2013-11-07 22:43 - 2013-08-02 20:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2013-11-07 22:43 - 2013-08-02 20:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-11-07 22:43 - 2013-08-02 20:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2013-11-07 22:30 - 2013-11-07 22:30 - 00000000 ____D C:\sources
2013-11-07 21:51 - 2013-11-07 21:58 - 00000000 ____D C:\Users\Tate\Documents\Wallpapers
2013-11-07 21:49 - 2013-11-26 21:36 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-07 21:43 - 2013-11-07 23:07 - 00006602 _____ C:\WINDOWS\comsetup.log
2013-11-07 18:21 - 2013-05-02 07:29 - 00278800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-11-07 17:35 - 2013-11-07 17:35 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-11-07 17:35 - 2013-11-07 17:35 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-11-07 17:35 - 2013-11-07 17:35 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-11-07 17:35 - 2013-11-07 17:35 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-11-07 17:35 - 2013-11-07 17:35 - 00000000 ____D C:\Program Files\Java
2013-11-07 17:20 - 2013-11-07 17:20 - 00000000 ____D C:\Users\Tate\AppData\Local\TechSmith
2013-11-07 17:15 - 2013-11-14 16:19 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-07 17:15 - 2013-11-14 16:18 - 82896128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-07 17:06 - 2013-11-07 17:06 - 00000000 ____D C:\Users\Tate\AppData\Roaming\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1
2013-11-07 17:06 - 2013-11-07 17:06 - 00000000 ____D C:\Program Files (x86)\Pandora
2013-11-07 17:04 - 2013-11-26 13:50 - 00000000 ____D C:\Users\Tate\AppData\Local\Adobe
2013-11-07 16:54 - 2013-11-07 16:54 - 00000000 ____D C:\Users\Tate\AppData\Local\Logitech
2013-11-07 16:54 - 2013-11-07 16:54 - 00000000 ____D C:\ProgramData\LogiShrd
2013-11-07 16:53 - 2013-11-07 16:53 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-11-07 16:49 - 2013-11-07 16:49 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Logitech
2013-11-07 16:49 - 2013-11-07 16:49 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Logishrd
2013-11-07 16:37 - 2013-11-07 22:59 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-11-07 16:33 - 2013-11-07 16:33 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-11-07 16:26 - 2013-05-03 20:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2013-11-07 16:26 - 2013-05-03 20:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2013-11-07 16:22 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2013-11-07 16:19 - 2013-11-07 16:19 - 00000000 ____D C:\Users\Tate\Documents\CyberLink
2013-11-07 16:19 - 2013-11-07 16:19 - 00000000 ____D C:\Users\Tate\AppData\Roaming\CyberLink
2013-11-07 16:19 - 2013-11-07 16:19 - 00000000 ____D C:\Users\Tate\AppData\Local\Cyberlink
2013-11-07 16:19 - 2013-11-07 16:19 - 00000000 ____D C:\Users\Public\CyberLink
2013-11-07 16:06 - 2013-11-07 16:06 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-11-07 15:39 - 2013-11-27 21:49 - 00000000 ____D C:\Users\Tate\AppData\Roaming\.minecraft
2013-11-07 15:38 - 2013-11-07 17:36 - 00000000 ____D C:\ProgramData\Oracle
2013-11-07 15:37 - 2013-11-07 15:37 - 00000000 ____D C:\ProgramData\Sun
2013-11-07 15:34 - 2013-11-27 20:07 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2564788367-3890907632-807164078-1002
2013-11-07 15:33 - 2013-11-07 15:33 - 00000000 ____D C:\Users\Tate\AppData\Local\Intel_Corporation
2013-11-07 15:32 - 2013-11-27 22:42 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-07 15:32 - 2013-11-27 15:42 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-07 15:32 - 2013-11-07 15:37 - 00003896 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-07 15:32 - 2013-11-07 15:37 - 00003660 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-07 15:31 - 2013-11-07 15:32 - 00000000 ____D C:\Users\Tate\AppData\Local\Google
2013-11-07 15:31 - 2013-11-07 15:32 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-07 15:31 - 2013-11-07 15:31 - 00000000 ____D C:\Users\Tate\AppData\Local\Apps\2.0
2013-11-07 15:27 - 2013-11-07 15:53 - 00000000 ____D C:\Users\Tate\AppData\Roaming\ASUS
2013-11-07 15:27 - 2013-11-07 15:27 - 00000000 ____D C:\Users\Tate\Documents\Bluetooth Folder
2013-11-07 15:27 - 2013-11-07 15:27 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Atheros
2013-11-07 15:27 - 2013-11-07 15:27 - 00000000 ____D C:\Users\Tate\AppData\Roaming\ASUS WebStorage
2013-11-07 15:27 - 2013-11-07 15:27 - 00000000 ____D C:\Users\Tate\AppData\Local\BMExplorer
2013-11-07 15:26 - 2013-11-19 19:17 - 00000000 ___RD C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-07 15:26 - 2013-11-19 19:17 - 00000000 ___RD C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-07 15:26 - 2013-11-07 15:26 - 00000196 _____ C:\WINDOWS\FixPatch.log
2013-11-07 15:26 - 2013-11-07 15:26 - 00000134 _____ C:\WINDOWS\SysWOW64\mcmarkclean.log
2013-11-07 15:26 - 2013-11-07 15:26 - 00000000 ____D C:\ProgramData\FolderView
2013-11-07 15:24 - 2013-11-24 02:23 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Adobe
2013-11-07 15:24 - 2013-11-20 20:37 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Macromedia
2013-11-07 15:24 - 2013-11-07 15:24 - 00000000 ____D C:\ProgramData\USBChargerPlus
2013-11-07 15:23 - 2013-11-21 20:16 - 00000000 ____D C:\Users\Tate\AppData\Local\Packages
2013-11-07 15:23 - 2013-11-07 15:23 - 00000000 ____D C:\Users\Tate\AppData\Local\VirtualStore
2013-11-07 15:22 - 2013-11-07 22:59 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
2013-11-07 15:22 - 2013-11-07 15:24 - 00000000 ____D C:\Users\Tate\AppData\Local\ASUS
2013-11-06 15:42 - 2013-11-17 23:20 - 00005360 _____ C:\WINDOWS\SysWOW64\AdpeakProxy.ini
2013-11-06 15:42 - 2013-11-06 15:42 - 00005360 _____ C:\WINDOWS\system32\AdpeakProxy.ini
2013-11-06 15:32 - 2013-11-17 23:20 - 00002312 _____ C:\WINDOWS\SysWOW64\AdpeakProxyOff.ini
2013-11-06 15:32 - 2013-11-17 23:20 - 00002312 _____ C:\WINDOWS\system32\AdpeakProxyOff.ini
2013-11-05 21:55 - 2013-11-05 21:55 - 00150808 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiska.sys
2013-11-04 21:52 - 2013-11-04 21:52 - 00240920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
2013-10-31 23:00 - 2013-10-31 23:00 - 00212280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx64.sys
2013-10-31 22:49 - 2013-10-31 22:49 - 00294712 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgloga.sys
 
==================== One Month Modified Files and Folders =======
 
2013-11-27 23:12 - 2013-11-20 20:37 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5E3EBFAB-5FD0-4338-8B4D-AB4CFCDD519E}
2013-11-27 23:12 - 2013-11-08 18:31 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Skype
2013-11-27 23:11 - 2013-11-27 23:10 - 00031194 _____ C:\Users\Tate\Desktop\FRST.txt
2013-11-27 23:10 - 2013-11-27 23:10 - 00000000 ____D C:\FRST
2013-11-27 23:09 - 2013-11-27 23:09 - 01958850 _____ (Farbar) C:\Users\Tate\Downloads\FRST64.exe
2013-11-27 23:09 - 2013-11-27 23:09 - 01958850 _____ (Farbar) C:\Users\Tate\Desktop\FRST64.exe
2013-11-27 23:00 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-11-27 22:42 - 2013-11-07 15:32 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-27 22:15 - 2013-11-19 19:07 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-27 21:49 - 2013-11-07 15:39 - 00000000 ____D C:\Users\Tate\AppData\Roaming\.minecraft
2013-11-27 21:38 - 2013-11-07 22:50 - 01870726 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-27 20:07 - 2013-11-07 15:34 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2564788367-3890907632-807164078-1002
2013-11-27 19:15 - 2013-11-27 19:15 - 00688992 _____ (Swearware) C:\Users\Tate\Desktop\dds.com
2013-11-27 18:56 - 2013-11-12 17:07 - 00000000 ____D C:\ProgramData\MFAData
2013-11-27 15:42 - 2013-11-07 15:32 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-27 15:31 - 2013-11-27 15:29 - 00000000 ____D C:\OBS Recording Test
2013-11-27 15:28 - 2013-11-27 15:28 - 00000000 ____D C:\Users\Tate\AppData\Roaming\OBS
2013-11-27 15:28 - 2013-11-27 15:27 - 00000000 ____D C:\Program Files (x86)\OBS
2013-11-27 15:27 - 2013-11-27 15:27 - 00000949 _____ C:\Users\Tate\Desktop\Open Broadcaster Software.lnk
2013-11-27 15:27 - 2013-11-27 15:27 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2013-11-27 15:27 - 2013-11-27 15:27 - 00000000 ____D C:\Program Files\OBS
2013-11-27 15:26 - 2013-11-27 15:25 - 07638340 _____ C:\Users\Tate\Downloads\OBS_0_584b_Installer.exe
2013-11-27 14:19 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-11-27 14:07 - 2013-11-08 18:39 - 00000000 ___RD C:\Users\Tate\Dropbox
2013-11-27 14:07 - 2013-11-08 18:36 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Dropbox
2013-11-27 14:07 - 2013-11-07 23:11 - 00000000 __RDO C:\Users\Tate\SkyDrive
2013-11-27 14:06 - 2013-11-26 14:04 - 00000000 ____D C:\Users\Tate\AppData\Local\LogMeIn Hamachi
2013-11-27 14:04 - 2013-11-20 18:15 - 00000396 _____ C:\WINDOWS\Tasks\AVG_SYS_TASK.job
2013-11-27 14:04 - 2013-11-20 18:14 - 00000424 _____ C:\WINDOWS\Tasks\AVG_SYS_TASK_DELETE.job
2013-11-27 14:04 - 2013-09-29 19:55 - 00010468 _____ C:\WINDOWS\PFRO.log
2013-11-27 14:04 - 2013-08-22 06:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-27 14:04 - 2012-11-27 10:28 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-11-27 14:03 - 2013-08-22 05:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-11-26 21:38 - 2013-11-08 17:31 - 00000000 ____D C:\Program Files (x86)\Origin
2013-11-26 21:36 - 2013-11-07 21:49 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-26 20:28 - 2012-11-27 10:28 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-11-26 14:04 - 2013-11-26 14:04 - 00000000 ____D C:\Users\Tate\AppData\Local\LogMeIn
2013-11-26 14:04 - 2013-11-26 14:04 - 00000000 ____D C:\ProgramData\LogMeIn
2013-11-26 14:02 - 2013-11-26 14:02 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-11-26 13:57 - 2013-11-26 13:57 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-11-26 13:57 - 2013-11-26 13:57 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-11-26 13:50 - 2013-11-07 17:04 - 00000000 ____D C:\Users\Tate\AppData\Local\Adobe
2013-11-26 13:46 - 2013-08-22 06:44 - 05107936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-11-26 13:42 - 2013-11-08 18:43 - 00000000 ____D C:\Users\Tate\AppData\Roaming\uTorrent
2013-11-26 13:35 - 2013-11-26 13:35 - 05877760 _____ C:\Users\Tate\Downloads\hamachi.msi
2013-11-25 09:55 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\rescache
2013-11-25 08:26 - 2013-11-10 10:25 - 00000000 ____D C:\Users\Tate\AppData\Roaming\TS3Client
2013-11-24 22:30 - 2013-11-24 22:30 - 00000000 ____D C:\Users\Tate\AppData\Local\Auto Clicker
2013-11-24 22:29 - 2013-11-24 22:29 - 00692600 _____ (MurGee.com                                                  ) C:\Users\Tate\Downloads\setup (2).exe
2013-11-24 13:20 - 2013-11-17 23:58 - 00092672 ___SH C:\Users\Tate\Desktop\Thumbs.db
2013-11-24 02:33 - 2012-11-27 10:26 - 00000000 ____D C:\ProgramData\Adobe
2013-11-24 02:29 - 2012-11-27 10:26 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-24 02:28 - 2013-11-24 02:09 - 00000000 ____D C:\Program Files\Adobe
2013-11-24 02:28 - 2013-11-24 02:06 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-11-24 02:26 - 2013-11-24 02:26 - 00000000 ____D C:\Program Files (x86)\My Company Name
2013-11-24 02:23 - 2013-11-07 15:24 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Adobe
2013-11-24 01:57 - 2013-11-23 23:19 - 00000000 ____D C:\Users\Tate\Downloads\Adobe CS6 Master Collection
2013-11-24 01:40 - 2013-11-24 01:40 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-11-23 22:37 - 2013-11-23 22:26 - 155022611 _____ C:\Users\Tate\Desktop\test 2.wmv
2013-11-23 22:10 - 2013-11-23 21:49 - 00000000 ____D C:\Users\Tate\Downloads\Adobe Photoshop CS6 13.0.1 Final  Multilanguage (cracked dll) [ChingLiu]
2013-11-23 21:53 - 2013-11-23 21:53 - 00000076 _____ C:\Users\Tate\Desktop\test.mxf.mxf.sfl
2013-11-23 21:53 - 2013-11-23 21:43 - 635211016 _____ C:\Users\Tate\Desktop\test.mxf.mxf
2013-11-23 21:43 - 2013-11-23 21:35 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Sony
2013-11-23 21:39 - 2013-11-23 21:39 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Publish Providers
2013-11-23 21:39 - 2013-11-23 21:36 - 00000000 ____D C:\Users\Tate\AppData\Local\Sony
2013-11-23 21:36 - 2013-11-23 21:36 - 00000000 ____D C:\ProgramData\Sony
2013-11-23 21:36 - 2013-11-23 21:36 - 00000000 ____D C:\Program Files\Sony
2013-11-23 21:36 - 2013-11-23 21:36 - 00000000 ____D C:\Program Files (x86)\Sony
2013-11-23 21:32 - 2013-11-23 21:31 - 00000000 ____D C:\Users\Tate\Downloads\SONY Vegas PRO 12 Build 670 (64 bit)
2013-11-23 21:32 - 2013-09-29 20:04 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-23 21:26 - 2013-11-12 17:20 - 00000000 ____D C:\ProgramData\AVG2014
2013-11-23 20:23 - 2013-11-23 20:18 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Audacity
2013-11-23 20:17 - 2013-11-23 20:17 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-11-23 20:14 - 2013-11-23 20:14 - 22180353 _____ (Audacity Team                                               ) C:\Users\Tate\Downloads\audacity-win-2.0.5.exe
2013-11-23 20:06 - 2013-11-23 20:06 - 00000000 ____D C:\Users\Tate\AppData\Roaming\NVIDIA
2013-11-23 19:54 - 2013-11-23 19:54 - 00007602 _____ C:\Users\Tate\AppData\Local\Resmon.ResmonCfg
2013-11-23 14:08 - 2013-11-13 22:24 - 00000000 ____D C:\Users\Tate\AppData\Local\Microsoft Help
2013-11-22 23:38 - 2013-08-22 05:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-11-22 23:17 - 2013-11-22 23:17 - 00013445 _____ C:\Users\Tate\Downloads\Minecraft HD Font 64x.zip
2013-11-22 23:02 - 2013-11-22 23:01 - 12789989 _____ C:\Users\Tate\Downloads\Kab_s_Showcase_1.7.0_13w37a.zip
2013-11-21 20:16 - 2013-11-21 20:16 - 00012709 _____ C:\Users\Tate\Downloads\One-Million Subscribers.xlsx
2013-11-21 20:16 - 2013-11-07 15:23 - 00000000 ____D C:\Users\Tate\AppData\Local\Packages
2013-11-21 19:09 - 2013-11-21 19:08 - 07439568 _____ C:\Users\Tate\Downloads\Start8-cnet-setup (1).exe
2013-11-21 19:06 - 2013-11-07 22:54 - 00000000 ____D C:\Users\Tate
2013-11-21 19:05 - 2013-11-21 19:05 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2013-11-21 19:05 - 2013-11-21 19:05 - 00000000 ____D C:\WINDOWS\system32\NV
2013-11-21 19:05 - 2013-06-20 20:39 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-21 18:52 - 2013-11-21 18:52 - 00000000 ____D C:\Users\Tate\Downloads\Stardock
2013-11-21 18:52 - 2013-11-21 18:52 - 00000000 ____D C:\Users\Public\Documents\Stardock
2013-11-21 18:52 - 2013-11-21 18:52 - 00000000 ____D C:\ProgramData\Stardock
2013-11-21 18:52 - 2013-11-21 18:52 - 00000000 ____D C:\Program Files (x86)\Stardock
2013-11-21 18:52 - 2013-11-21 18:51 - 07439568 _____ C:\Users\Tate\Downloads\Start8-cnet-setup.exe
2013-11-21 18:41 - 2013-11-21 18:41 - 02683411 _____ C:\Users\Tate\Downloads\Start Menu.zip
2013-11-20 20:37 - 2013-11-07 15:24 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Macromedia
2013-11-20 20:18 - 2013-11-20 20:18 - 50107976 _____ (Adobe Systems Incorporated) C:\Users\Tate\Downloads\AdbeRdr11003_en_US.exe
2013-11-20 19:18 - 2013-11-20 19:18 - 00999827 _____ C:\Users\Tate\Downloads\Platform Power.zip
2013-11-20 18:15 - 2013-11-20 18:15 - 00002670 _____ C:\WINDOWS\System32\Tasks\AVG_SYS_TASK
2013-11-20 18:15 - 2013-11-20 18:15 - 00000000 ____D C:\Users\Tate\AppData\Roaming\AVG 1113a Campaign
2013-11-20 18:14 - 2013-11-20 18:14 - 00002908 _____ C:\WINDOWS\System32\Tasks\AVG_SYS_TASK_DELETE
2013-11-20 18:14 - 2013-11-20 18:14 - 00000000 ____D C:\ProgramData\AVG 1113a Campaign
2013-11-19 19:17 - 2013-11-07 15:26 - 00000000 ___RD C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-19 19:17 - 2013-11-07 15:26 - 00000000 ___RD C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-19 19:14 - 2013-08-22 07:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-11-19 19:08 - 2013-11-19 19:08 - 00000000 ____D C:\Users\Tate\AppData\Local\Macromedia
2013-11-19 19:07 - 2013-11-19 19:07 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-11-19 19:03 - 2013-11-19 19:03 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Mozilla
2013-11-19 19:03 - 2013-11-19 19:03 - 00000000 ____D C:\Users\Tate\AppData\Local\Mozilla
2013-11-19 19:03 - 2013-11-19 19:03 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-19 19:03 - 2013-11-19 19:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-19 19:03 - 2013-11-16 21:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-19 19:02 - 2013-11-19 19:02 - 00282904 _____ (Mozilla) C:\Users\Tate\Downloads\Firefox Setup Stub 25.0.1.exe
2013-11-19 16:12 - 2013-11-19 16:12 - 00984509 _____ C:\Users\Tate\Downloads\Nether3x3Bedrock.txt
2013-11-18 21:18 - 2013-08-22 06:46 - 00332557 _____ C:\WINDOWS\setupact.log
2013-11-18 20:57 - 2013-11-18 20:57 - 00000000 ____D C:\ProgramData\EPSON
2013-11-18 20:54 - 2013-11-18 20:51 - 17139552 _____ C:\Users\Tate\Downloads\epson14986.exe
2013-11-18 20:21 - 2013-11-18 20:16 - 00000000 ____D C:\Users\Tate\.gimp-2.8
2013-11-18 20:20 - 2013-11-18 20:20 - 00000843 _____ C:\Users\Tate\AppData\Local\recently-used.xbel
2013-11-18 20:20 - 2013-11-18 20:20 - 00000000 ____D C:\Users\Tate\AppData\Local\gtk-2.0
2013-11-18 20:20 - 2013-11-18 20:20 - 00000000 ____D C:\Users\Tate\.thumbnails
2013-11-18 20:16 - 2013-11-18 20:16 - 00000000 ____D C:\Users\Tate\AppData\Local\gegl-0.2
2013-11-18 20:14 - 2013-11-18 20:11 - 00000000 ____D C:\Program Files\GIMP 2
2013-11-18 20:06 - 2013-11-18 20:00 - 90332288 _____ (The GIMP Team                                               ) C:\Users\Tate\Downloads\gimp-2.8.8-setup.exe
2013-11-17 23:56 - 2013-11-17 23:56 - 00001613 _____ C:\Users\Tate\Desktop\Programs.lnk
2013-11-17 23:20 - 2013-11-17 23:20 - 00000000 ____D C:\Program Files\ScorpionSaver Services
2013-11-17 23:20 - 2013-11-06 15:42 - 00005360 _____ C:\WINDOWS\SysWOW64\AdpeakProxy.ini
2013-11-17 23:20 - 2013-11-06 15:32 - 00002312 _____ C:\WINDOWS\SysWOW64\AdpeakProxyOff.ini
2013-11-17 23:20 - 2013-11-06 15:32 - 00002312 _____ C:\WINDOWS\system32\AdpeakProxyOff.ini
2013-11-17 11:39 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-11-16 23:32 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2013-11-16 23:32 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-11-16 23:17 - 2013-11-16 23:17 - 00000000 ____D C:\Program Files (x86)\ScorpionSaver
2013-11-16 23:16 - 2013-11-16 23:16 - 00000000 ____D C:\Program Files\Level Quality Watcher
2013-11-16 23:11 - 2013-11-16 23:11 - 00000000 ____D C:\Users\Tate\Documents\Razer
2013-11-16 23:11 - 2013-11-16 23:06 - 00000000 ____D C:\Users\Tate\AppData\Roaming\SearchProtect
2013-11-16 23:07 - 2013-11-16 23:07 - 00000000 ____D C:\Users\Tate\AppData\Local\Razer
2013-11-16 23:06 - 2013-11-16 23:06 - 00894600 _____ (CNET Download.com) C:\Users\Tate\Downloads\cbsidlm-cbsi134-Razer_Game_Booster-SEO-10913645 (2).exe
2013-11-16 23:06 - 2013-11-16 23:06 - 00894600 _____ (CNET Download.com) C:\Users\Tate\Downloads\cbsidlm-cbsi134-Razer_Game_Booster-SEO-10913645 (1).exe
2013-11-16 23:06 - 2013-11-16 23:06 - 00003364 _____ C:\WINDOWS\System32\Tasks\BackgroundContainer Startup Task
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\Users\Tate\AppData\Local\WhiteListing
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\Users\Tate\AppData\Local\NativeMessaging
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\Users\Tate\AppData\Local\CRE
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\Users\Tate\AppData\Local\Conduit
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\ProgramData\Razer
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\ProgramData\Conduit
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\Program Files (x86)\Razer
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\Program Files (x86)\Connect_DLC_5
2013-11-16 23:06 - 2013-11-16 23:06 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-11-16 23:06 - 2013-11-16 23:05 - 00000009 _____ C:\END
2013-11-16 23:05 - 2013-11-16 23:05 - 00894600 _____ (CNET Download.com) C:\Users\Tate\Downloads\cbsidlm-cbsi134-Razer_Game_Booster-SEO-10913645.exe
2013-11-16 22:57 - 2013-11-16 22:57 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-11-16 22:57 - 2013-11-16 22:57 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2013-11-16 21:43 - 2013-11-13 22:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-16 00:13 - 2012-07-25 21:26 - 00000199 _____ C:\WINDOWS\win.ini
2013-11-16 00:08 - 2013-11-16 00:08 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-11-16 00:08 - 2013-11-16 00:08 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-11-15 22:46 - 2013-11-09 22:17 - 00000000 ____D C:\Users\Tate\AppData\Local\PMB Files
2013-11-15 22:46 - 2013-11-09 22:17 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-14 16:19 - 2013-11-07 17:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-14 16:18 - 2013-11-07 17:15 - 82896128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-13 22:29 - 2013-11-13 22:29 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-11-13 22:29 - 2013-09-29 19:51 - 00000000 ____D C:\WINDOWS\ShellNew
2013-11-13 22:29 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-11-13 22:28 - 2013-11-13 22:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-11-13 22:28 - 2013-11-13 22:26 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-11-13 22:26 - 2013-11-13 22:26 - 00000000 ____D C:\WINDOWS\PCHEALTH
2013-11-13 22:26 - 2013-11-13 22:24 - 00000000 ____D C:\Program Files\Microsoft Office
2013-11-13 22:25 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Common Files\System
2013-11-13 22:24 - 2013-11-13 22:24 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-11-13 22:24 - 2013-11-13 22:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-11-13 22:23 - 2013-11-13 22:23 - 00000000 __RHD C:\MSOCache
2013-11-13 22:11 - 2013-11-13 22:08 - 00000000 ____D C:\Users\Tate\Downloads\Microsoft Office ProPlus 2013 VL x64 en-US Aug2013
2013-11-12 22:16 - 2013-11-09 21:04 - 00000000 ____D C:\Users\Tate\Downloads\C418 - Minecraft - Volume Alpha
2013-11-12 21:44 - 2013-11-07 22:49 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-12 21:43 - 2013-11-12 21:43 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-11-12 21:39 - 2013-11-12 21:38 - 00000000 ____D C:\Users\Tate\Downloads\VGA_nVidia_Win81_64_VER918132683 (1)
2013-11-12 21:38 - 2013-11-12 21:41 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6432683.dll
2013-11-12 21:38 - 2013-11-12 21:41 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6432683.dll
2013-11-12 21:37 - 2013-11-12 21:37 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-11-12 21:37 - 2013-11-07 22:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-12 21:37 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\Help
2013-11-12 21:35 - 2013-11-07 22:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-11-12 21:31 - 2013-11-12 20:45 - 00000000 ____D C:\Users\Tate\AppData\Local\NVIDIA
2013-11-12 21:29 - 2013-11-12 21:25 - 316360307 _____ C:\Users\Tate\Downloads\VGA_nVidia_Win81_64_VER918132683 (1).zip
2013-11-12 20:41 - 2013-11-12 20:41 - 00000000 ____D C:\Users\Tate\AppData\Local\AutoTyperMurGee
2013-11-12 20:28 - 2013-11-12 20:28 - 00000000 ____D C:\NVIDIA
2013-11-12 20:27 - 2013-11-12 20:25 - 259454424 _____ (NVIDIA Corporation) C:\Users\Tate\Downloads\331.65-notebook-win8-win7-64bit-international-whql.exe
2013-11-12 20:07 - 2013-11-09 21:04 - 00000000 ____D C:\Users\Tate\Downloads\C418 - Minecraft - Volume Beta
2013-11-12 18:43 - 2013-11-12 18:43 - 00000000 ____D C:\Users\Tate\AppData\Local\Evernote
2013-11-12 18:42 - 2013-11-12 18:42 - 00000000 ____D C:\Program Files (x86)\Evernote
2013-11-12 18:42 - 2013-11-12 18:41 - 58823520 _____ (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Users\Tate\Downloads\Evernote_5.0.3.1614.exe
2013-11-12 18:31 - 2013-11-12 17:07 - 00000000 ____D C:\Users\Tate\AppData\Local\Avg2014
2013-11-12 17:45 - 2013-11-12 17:45 - 01002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2013-11-12 17:44 - 2013-11-12 17:44 - 02056192 _____ C:\Users\Tate\Downloads\CMInstaller.msi
2013-11-12 17:21 - 2013-11-12 17:21 - 00000000 ____D C:\Users\Tate\AppData\Roaming\AVG2014
2013-11-12 17:20 - 2013-11-12 17:20 - 00000000 ___HD C:\$AVG
2013-11-12 17:20 - 2013-11-12 17:20 - 00000000 ____D C:\Users\Tate\AppData\Roaming\TuneUp Software
2013-11-12 17:20 - 2012-07-26 00:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2013-11-12 17:19 - 2013-11-12 17:19 - 00000000 ____D C:\Program Files (x86)\AVG
2013-11-12 17:07 - 2013-11-12 17:07 - 00000000 ____D C:\Users\Tate\AppData\Local\MFAData
2013-11-12 17:06 - 2013-11-12 17:06 - 04436568 _____ (AVG Technologies) C:\Users\Tate\Downloads\avg_free_stb_all_2014_4158_cnet.exe
2013-11-10 23:51 - 2013-11-10 23:51 - 00014637 _____ C:\Users\Tate\Downloads\caffeine.zip
2013-11-10 23:51 - 2013-11-10 23:51 - 00000000 ____D C:\Users\Tate\Downloads\caffeine
2013-11-10 22:45 - 2013-11-10 22:45 - 00000000 ____D C:\Users\Tate\AppData\Roaming\LolClient
2013-11-10 21:16 - 2013-11-10 21:16 - 00000000 ____D C:\Program Files (x86)\NBTExplorer
2013-11-10 21:15 - 2013-11-10 21:15 - 00749568 _____ C:\Users\Tate\Downloads\NBTExplorer-2.6.0.msi
2013-11-10 10:25 - 2013-11-10 10:25 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-11-10 10:24 - 2013-11-10 10:22 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\Tate\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2013-11-09 22:18 - 2013-11-09 22:18 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2013-11-09 22:18 - 2013-11-09 22:18 - 00000000 ____D C:\Riot Games
2013-11-09 22:17 - 2013-11-09 22:17 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Riot Games
2013-11-09 22:17 - 2013-11-09 22:17 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-11-09 22:17 - 2013-11-09 22:16 - 32229024 _____ (Riot Games) C:\Users\Tate\Downloads\LeagueofLegends_NA_Installer_05_07_13.exe
2013-11-09 21:13 - 2013-11-09 21:11 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Apple Computer
2013-11-09 21:12 - 2013-11-09 21:12 - 00000000 ____D C:\Users\Tate\AppData\Local\Auto-Mouse-Clicker
2013-11-09 21:12 - 2013-11-09 21:12 - 00000000 ____D C:\Program Files (x86)\Auto Mouse Clicker v3.9
2013-11-09 21:11 - 2013-11-09 21:11 - 00839040 _____ (MurGee Softwares                                            ) C:\Users\Tate\Downloads\setup (1).exe
2013-11-09 21:11 - 2013-11-09 21:11 - 00334384 _____ (MurGee.com                                                  ) C:\Users\Tate\Downloads\setup.exe
2013-11-09 21:11 - 2013-11-09 21:11 - 00000000 ____D C:\Users\Tate\AppData\Local\Apple Computer
2013-11-09 21:11 - 2013-11-09 21:11 - 00000000 ____D C:\ProgramData\Auto Typer by MurGee
2013-11-09 21:11 - 2013-11-09 21:10 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-09 21:11 - 2013-11-09 21:10 - 00000000 ____D C:\Program Files\iTunes
2013-11-09 21:11 - 2013-11-09 21:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-09 21:10 - 2013-11-09 21:10 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-09 21:10 - 2013-11-09 21:10 - 00000000 ____D C:\Program Files\iPod
2013-11-09 21:09 - 2013-11-09 21:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2013-11-09 21:09 - 2013-11-09 21:09 - 00000000 ____D C:\Users\Tate\AppData\Local\Apple
2013-11-09 21:09 - 2013-11-09 21:09 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-11-09 21:08 - 2013-11-09 21:08 - 00000000 ____D C:\ProgramData\Apple
2013-11-09 21:08 - 2013-11-09 21:08 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-11-09 21:08 - 2013-11-09 21:08 - 00000000 ____D C:\Program Files\Bonjour
2013-11-09 21:08 - 2013-11-09 21:08 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-11-09 21:05 - 2013-11-09 21:04 - 100400976 _____ (Apple Inc.) C:\Users\Tate\Downloads\iTunes64Setup.exe
2013-11-09 21:01 - 2013-11-09 20:58 - 111399921 _____ C:\Users\Tate\Downloads\C418 - Minecraft - Volume Alpha.zip
2013-11-09 21:00 - 2013-11-09 20:58 - 264013838 _____ C:\Users\Tate\Downloads\C418 - Minecraft - Volume Beta.zip
2013-11-08 19:50 - 2013-11-08 18:28 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Origin
2013-11-08 18:58 - 2013-11-08 18:58 - 00000000 ____D C:\Users\Tate\Documents\SimCity
2013-11-08 18:58 - 2013-11-08 17:32 - 00000000 ____D C:\ProgramData\Origin
2013-11-08 18:58 - 2013-11-08 17:32 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-11-08 18:49 - 2013-11-08 18:48 - 00000000 ____D C:\Fraps
2013-11-08 18:44 - 2013-11-08 18:44 - 00000886 _____ C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-11-08 18:44 - 2013-11-08 18:44 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Search Protection
2013-11-08 18:37 - 2013-11-08 18:37 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-08 18:37 - 2013-11-08 18:36 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-11-08 18:36 - 2013-11-08 18:28 - 00000000 ____D C:\Users\Tate\AppData\Local\Origin
2013-11-08 18:31 - 2013-11-08 18:31 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-08 18:31 - 2013-11-08 18:31 - 00000000 ____D C:\ProgramData\Skype
2013-11-08 17:29 - 2012-11-27 10:28 - 00000000 ____D C:\ProgramData\McAfee
2013-11-08 17:28 - 2013-11-08 17:28 - 00000000 ____D C:\Users\Tate\Documents\Rainmeter
2013-11-08 17:28 - 2013-11-08 17:28 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Rainmeter
2013-11-08 17:28 - 2013-11-08 17:28 - 00000000 ____D C:\Program Files\Rainmeter
2013-11-08 17:22 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\restore
2013-11-07 23:21 - 2013-11-07 22:51 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2013-11-07 23:21 - 2013-11-07 22:51 - 00001164 _____ C:\WINDOWS\LkmdfCoInst.log
2013-11-07 23:09 - 2013-11-07 23:09 - 00001444 _____ C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-07 23:09 - 2013-11-07 23:09 - 00000020 ___SH C:\Users\Tate\ntuser.ini
2013-11-07 23:09 - 2013-11-07 22:47 - 00000000 ___DC C:\WINDOWS\Panther
2013-11-07 23:07 - 2013-11-07 22:54 - 00028578 _____ C:\WINDOWS\diagwrn.xml
2013-11-07 23:07 - 2013-11-07 22:54 - 00028578 _____ C:\WINDOWS\diagerr.xml
2013-11-07 23:07 - 2013-11-07 21:43 - 00006602 _____ C:\WINDOWS\comsetup.log
2013-11-07 23:07 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\Registration
2013-11-07 23:06 - 2013-11-07 23:06 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-11-07 23:03 - 2013-08-22 07:36 - 00000000 __RSD C:\WINDOWS\Media
2013-11-07 23:03 - 2013-08-22 07:36 - 00000000 __RHD C:\Users\Public\Libraries
2013-11-07 22:59 - 2013-11-07 16:37 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-11-07 22:59 - 2013-11-07 15:22 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
2013-11-07 22:59 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-11-07 22:59 - 2012-11-27 10:28 - 00000000 ____D C:\WINDOWS\fr
2013-11-07 22:59 - 2012-11-27 10:28 - 00000000 ____D C:\WINDOWS\es
2013-11-07 22:59 - 2012-11-27 10:28 - 00000000 ____D C:\WINDOWS\en
2013-11-07 22:58 - 2013-11-12 21:37 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
2013-11-07 22:58 - 2013-11-12 21:37 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2013-11-07 22:58 - 2013-11-07 22:58 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
2013-11-07 22:58 - 2013-11-07 22:58 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-11-07 22:58 - 2013-11-07 22:58 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
2013-11-07 22:58 - 2013-11-07 22:58 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-11-07 22:58 - 2013-09-29 19:48 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2013-11-07 22:58 - 2013-09-29 19:48 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2013-11-07 22:58 - 2013-09-29 19:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2013-11-07 22:58 - 2013-09-29 19:48 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2013-11-07 22:58 - 2013-09-29 19:48 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2013-11-07 22:58 - 2013-09-29 19:48 - 00000000 ____D C:\WINDOWS\system32\winrm
2013-11-07 22:58 - 2013-09-29 19:48 - 00000000 ____D C:\WINDOWS\system32\WCN
2013-11-07 22:58 - 2013-09-29 19:48 - 00000000 ____D C:\WINDOWS\system32\slmgr
2013-11-07 22:58 - 2013-09-29 19:48 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2013-11-07 22:58 - 2013-08-22 07:37 - 00004893 _____ C:\WINDOWS\DtcInstall.log
2013-11-07 22:58 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-11-07 22:58 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2013-11-07 22:58 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2013-11-07 22:58 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2013-11-07 22:58 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2013-11-07 22:58 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\spool
2013-11-07 22:58 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-11-07 22:58 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\IME
2013-11-07 22:58 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2013-11-07 22:58 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2013-11-07 22:58 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2013-11-07 22:58 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-11-07 22:58 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\system32\Dism
2013-11-07 22:58 - 2013-06-20 20:42 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2013-11-07 22:58 - 2012-08-02 00:30 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-11-07 22:58 - 2012-07-25 21:37 - 00000000 ____D C:\Users\Default.migrated
2013-11-07 22:57 - 2013-11-07 22:49 - 00000000 ____D C:\Program Files (x86)\Intel
2013-11-07 22:57 - 2013-09-29 19:51 - 00000000 ____D C:\Program Files\Windows Journal
2013-11-07 22:57 - 2013-08-22 07:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2013-11-07 22:57 - 2013-08-22 07:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-11-07 22:57 - 2013-08-22 07:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2013-11-07 22:57 - 2013-08-22 07:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2013-11-07 22:57 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\IME
2013-11-07 22:57 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-11-07 22:57 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-11-07 22:57 - 2012-08-01 17:24 - 00000000 ____D C:\ProgramData\PRICache
2013-11-07 22:55 - 2013-11-07 22:55 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-11-07 22:55 - 2013-11-07 22:54 - 00000000 ___RD C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-07 22:55 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-11-07 22:48 - 2013-11-07 22:48 - 00109543 _____ C:\WINDOWS\system32\Drivers\RTWAVES30.dat
2013-11-07 22:48 - 2013-11-07 22:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-11-07 22:48 - 2013-11-07 22:48 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-11-07 22:48 - 2013-11-07 22:48 - 00000000 ____D C:\Program Files\Realtek
2013-11-07 22:48 - 2013-08-22 06:46 - 00000084 _____ C:\WINDOWS\setuperr.log
2013-11-07 22:47 - 2013-11-07 22:47 - 00000000 __SHD C:\Recovery
2013-11-07 22:47 - 2013-08-22 05:36 - 00000000 __RHD C:\Users\Default
2013-11-07 22:46 - 2013-11-07 22:46 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-11-07 22:46 - 2013-11-07 22:46 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-11-07 22:46 - 2013-08-22 07:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-11-07 22:45 - 2013-11-07 22:45 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-11-07 22:45 - 2013-11-07 22:45 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2013-11-07 22:45 - 2013-11-07 22:45 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-11-07 22:45 - 2013-11-07 22:45 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2013-11-07 22:45 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\Camera
2013-11-07 22:43 - 2013-11-07 22:43 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-11-07 22:43 - 2013-11-07 22:43 - 00000000 ____D C:\Program Files\MSBuild
2013-11-07 22:43 - 2013-11-07 22:43 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-11-07 22:43 - 2013-11-07 22:43 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-07 22:30 - 2013-11-07 22:30 - 00000000 ____D C:\sources
2013-11-07 22:26 - 2013-06-20 20:39 - 01280130 _____ C:\WINDOWS\WindowsUpdate (1).log
2013-11-07 21:58 - 2013-11-07 21:51 - 00000000 ____D C:\Users\Tate\Documents\Wallpapers
2013-11-07 21:24 - 2012-07-26 00:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-11-07 18:59 - 2012-08-02 00:45 - 00446336 _____ C:\WINDOWS\system32\prfh0404.dat
2013-11-07 18:59 - 2012-08-02 00:45 - 00132686 _____ C:\WINDOWS\system32\prfc0404.dat
2013-11-07 18:59 - 2012-08-02 00:40 - 00432016 _____ C:\WINDOWS\system32\prfh0804.dat
2013-11-07 18:59 - 2012-08-02 00:40 - 00132686 _____ C:\WINDOWS\system32\prfc0804.dat
2013-11-07 18:59 - 2012-08-02 00:35 - 00797120 _____ C:\WINDOWS\system32\perfh00A.dat
2013-11-07 18:59 - 2012-08-02 00:35 - 00162488 _____ C:\WINDOWS\system32\perfc00A.dat
2013-11-07 18:59 - 2012-08-02 00:31 - 00799196 _____ C:\WINDOWS\system32\perfh00C.dat
2013-11-07 18:59 - 2012-08-02 00:31 - 00155218 _____ C:\WINDOWS\system32\perfc00C.dat
2013-11-07 17:36 - 2013-11-07 15:38 - 00000000 ____D C:\ProgramData\Oracle
2013-11-07 17:35 - 2013-11-07 17:35 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-11-07 17:35 - 2013-11-07 17:35 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-11-07 17:35 - 2013-11-07 17:35 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-11-07 17:35 - 2013-11-07 17:35 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-11-07 17:35 - 2013-11-07 17:35 - 00000000 ____D C:\Program Files\Java
2013-11-07 17:20 - 2013-11-07 17:20 - 00000000 ____D C:\Users\Tate\AppData\Local\TechSmith
2013-11-07 17:06 - 2013-11-07 17:06 - 00000000 ____D C:\Users\Tate\AppData\Roaming\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1
2013-11-07 17:06 - 2013-11-07 17:06 - 00000000 ____D C:\Program Files (x86)\Pandora
2013-11-07 16:54 - 2013-11-07 16:54 - 00000000 ____D C:\Users\Tate\AppData\Local\Logitech
2013-11-07 16:54 - 2013-11-07 16:54 - 00000000 ____D C:\ProgramData\LogiShrd
2013-11-07 16:53 - 2013-11-07 16:53 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-11-07 16:49 - 2013-11-07 16:49 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Logitech
2013-11-07 16:49 - 2013-11-07 16:49 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Logishrd
2013-11-07 16:33 - 2013-11-07 16:33 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-11-07 16:26 - 2012-11-27 10:26 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-11-07 16:25 - 2013-06-20 20:50 - 00000000 ____D C:\Program Files\ASUS
2013-11-07 16:25 - 2013-06-20 20:42 - 00008142 _____ C:\WINDOWS\DPINST.LOG
2013-11-07 16:19 - 2013-11-07 16:19 - 00000000 ____D C:\Users\Tate\Documents\CyberLink
2013-11-07 16:19 - 2013-11-07 16:19 - 00000000 ____D C:\Users\Tate\AppData\Roaming\CyberLink
2013-11-07 16:19 - 2013-11-07 16:19 - 00000000 ____D C:\Users\Tate\AppData\Local\Cyberlink
2013-11-07 16:19 - 2013-11-07 16:19 - 00000000 ____D C:\Users\Public\CyberLink
2013-11-07 16:19 - 2013-06-20 20:51 - 00000000 ____D C:\ProgramData\CyberLink
2013-11-07 16:06 - 2013-11-07 16:06 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-11-07 15:53 - 2013-11-07 15:27 - 00000000 ____D C:\Users\Tate\AppData\Roaming\ASUS
2013-11-07 15:37 - 2013-11-07 15:37 - 00000000 ____D C:\ProgramData\Sun
2013-11-07 15:37 - 2013-11-07 15:32 - 00003896 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-07 15:37 - 2013-11-07 15:32 - 00003660 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-07 15:33 - 2013-11-07 15:33 - 00000000 ____D C:\Users\Tate\AppData\Local\Intel_Corporation
2013-11-07 15:32 - 2013-11-07 15:31 - 00000000 ____D C:\Users\Tate\AppData\Local\Google
2013-11-07 15:32 - 2013-11-07 15:31 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-07 15:31 - 2013-11-07 15:31 - 00000000 ____D C:\Users\Tate\AppData\Local\Apps\2.0
2013-11-07 15:27 - 2013-11-07 15:27 - 00000000 ____D C:\Users\Tate\Documents\Bluetooth Folder
2013-11-07 15:27 - 2013-11-07 15:27 - 00000000 ____D C:\Users\Tate\AppData\Roaming\Atheros
2013-11-07 15:27 - 2013-11-07 15:27 - 00000000 ____D C:\Users\Tate\AppData\Roaming\ASUS WebStorage
2013-11-07 15:27 - 2013-11-07 15:27 - 00000000 ____D C:\Users\Tate\AppData\Local\BMExplorer
2013-11-07 15:27 - 2013-06-20 20:50 - 00000000 ____D C:\ProgramData\Atheros
2013-11-07 15:26 - 2013-11-07 15:26 - 00000196 _____ C:\WINDOWS\FixPatch.log
2013-11-07 15:26 - 2013-11-07 15:26 - 00000134 _____ C:\WINDOWS\SysWOW64\mcmarkclean.log
2013-11-07 15:26 - 2013-11-07 15:26 - 00000000 ____D C:\ProgramData\FolderView
2013-11-07 15:26 - 2012-11-27 10:26 - 07758828 _____ C:\WINDOWS\AsDebug.log
2013-11-07 15:26 - 2012-11-27 10:26 - 01517340 _____ C:\WINDOWS\AsCDProc.log
2013-11-07 15:26 - 2012-08-01 17:36 - 00000000 ____D C:\WINDOWS\Log
2013-11-07 15:24 - 2013-11-07 15:24 - 00000000 ____D C:\ProgramData\USBChargerPlus
2013-11-07 15:24 - 2013-11-07 15:22 - 00000000 ____D C:\Users\Tate\AppData\Local\ASUS
2013-11-07 15:23 - 2013-11-07 15:23 - 00000000 ____D C:\Users\Tate\AppData\Local\VirtualStore
2013-11-06 15:42 - 2013-11-06 15:42 - 00005360 _____ C:\WINDOWS\system32\AdpeakProxy.ini
2013-11-05 21:55 - 2013-11-05 21:55 - 00150808 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiska.sys
2013-11-05 15:31 - 2013-08-22 07:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-11-05 15:31 - 2013-08-22 07:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-05 12:21 - 2013-11-16 18:06 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-11-05 10:51 - 2013-11-16 18:06 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-11-05 08:20 - 2013-11-16 18:06 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-11-05 08:11 - 2013-11-16 18:06 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-11-05 06:30 - 2013-11-16 18:06 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-11-05 06:29 - 2013-11-16 18:06 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-11-04 21:52 - 2013-11-04 21:52 - 00240920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
2013-10-31 23:00 - 2013-10-31 23:00 - 00212280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx64.sys
2013-10-31 22:49 - 2013-10-31 22:49 - 00294712 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgloga.sys
 
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
 
 
Some content of TEMP:
====================
C:\Users\Tate\AppData\Local\Temp\CMInstaller.exe
C:\Users\Tate\AppData\Local\Temp\install_flashplayer11x32_mssa_aaa_aih.exe
C:\Users\Tate\AppData\Local\Temp\nsdB8D6.exe
C:\Users\Tate\AppData\Local\Temp\nsp71CD.exe
C:\Users\Tate\AppData\Local\Temp\nsq599F.exe
C:\Users\Tate\AppData\Local\Temp\nssC4FE.exe
C:\Users\Tate\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Tate\AppData\Local\Temp\nvStInst.exe
C:\Users\Tate\AppData\Local\Temp\ose00000.exe
C:\Users\Tate\AppData\Local\Temp\SPStub.exe
C:\Users\Tate\AppData\Local\Temp\swt-win32-3349.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-11-23 20:44
 
==================== End Of Log ============================
 
 
 
 
 
 
 
Addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2013 01
Ran by Tate at 2013-11-27 23:13:05
Running from C:\Users\Tate\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
 
==================== Installed Programs ======================
 
 ASUS Console (Version: 1.0.0)
µTorrent (HKCU Version: 3.3.2.30303)
7-Zip 9.20 (x32)
Adobe AIR (x32 Version: 3.9.0.1210)
Adobe Creative Suite 6 Master Collection (x32 Version: 6)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Reader X MUI (x32 Version: 10.0.0)
Adobe Widget Browser (x32 Version: 2.0 Build 348)
Adobe Widget Browser (x32 Version: 2.0.348)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
ASUS FaceKey (x32 Version: 4.1.0.0)
ASUS USB Charger Plus (x32 Version: 3.1.0)
ASUS Video DSP (x32 Version: 1.0.000)
ASUS Video Magic (x32 Version: 6.0.5005)
ASUS WebStorage Sync Agent (x32 Version: 1.1.10.123)
ASUSDVD (x32 Version: 10.0.4924.52)
AsusVibe2.0 (x32 Version: 2.0.12.309)
ATK Package (x32 Version: 1.0.0028)
Audacity 2.0.5 (x32 Version: 2.0.5)
Auto Clicker v1.5 (x32 Version: 1.5)
Auto Mouse Clicker v3.9 (x32)
Auto Typer by MurGee v1.4 (x32 Version: 1.4)
AVG 2014 (Version: 14.0.3629)
AVG 2014 (Version: 14.0.4259)
AVG 2014 (Version: 2014.0.4259)
bl (x32 Version: 1.0.0)
Bonjour (Version: 3.0.0.10)
CM Installer (x32 Version: 1.0.0.0)
Connect DLC 5 Toolbar for IE (x32 Version: 6.17.2.8)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3718_45957)
CyberLink PowerDirector (x32 Version: 8.0.5817a)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Dropbox (HKCU Version: 2.4.6)
Evernote v. 5.0.3 (x32 Version: 5.0.3.1614)
Fraps (remove only) (x32)
Galería de fotos (x32 Version: 16.4.3505.0912)
Galerie de photos (x32 Version: 16.4.3505.0912)
GIMP 2.8.8 (Version: 2.8.8)
Google Chrome (x32 Version: 31.0.1650.57)
Google Update Helper (x32 Version: 1.3.21.165)
Intel® Management Engine Components (x32 Version: 9.0.0.1323)
Intel® Processor Graphics (x32 Version: 10.18.10.3308)
Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.63463)
Intel® Trusted Connect Service Client (Version: 1.27.798.1)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
League of Legends (x32 Version: 3.0.0)
Logitech Gaming Software (Version: 8.45.88)
Logitech Gaming Software 8.50 (Version: 8.50.281)
LogMeIn Hamachi (x32 Version: 2.2.0.105)
McAfee Internet Security (x32 Version: 12.8.856)
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017)
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 25.0.1 (x86 en-US) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MyBitCast 2.0 (x32 Version: 2.0)
NBTExplorer (x32 Version: 2.6.0.0)
NVIDIA Control Panel 331.65 (Version: 331.65)
NVIDIA Graphics Driver 331.65 (Version: 331.65)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA Optimus 9.3.16 (Version: 9.3.16)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)
NVIDIA Update Components (Version: 9.3.16)
Open Broadcaster Software (x32)
Origin (x32 Version: 9.3.10.4710)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017)
Pando Media Booster (x32 Version: 2.6.0.7)
Pandora (x32 Version: 2.0.8)
PDF Settings CS6 (x32 Version: 11.0)
ph (x32 Version: 1.0.0)
Photo Common (x32 Version: 16.4.3505.0912)
Photo Gallery (x32 Version: 16.4.3505.0912)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.226)
Qualcomm Atheros Client Installation Program (x32 Version: 10.0)
Rainmeter (x32 Version: 3.0.2 r2161)
Razer Game Booster (x32 Version: 4.0.68.0)
Realtek Ethernet Controller Driver (x32 Version: 8.11.201.2013)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6890)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.39030)
ScorpionSaver (x32 Version: 1.0.0.0) <==== ATTENTION
ScorpionSaver Services (Version: 1.0.0.0) <==== ATTENTION
Search Protect by conduit (x32 Version: 1.7.0.72) <==== ATTENTION
Search Protection (HKCU Version: 7.5.0.1)
Shared C Run-time for x64 (Version: 10.0.0)
SimCity™ (x32 Version: 1.0.0.0)
Skype Click to Call (x32 Version: 6.13.13771)
Skype™ 6.10 (x32 Version: 6.10.104)
Stardock Start8 (x32 Version: 1.30.1)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (x32 Version: 3.0.13)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition
Update for Microsoft InfoPath 2013 (KB2752078) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2825630) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760257) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817309) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817311) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817640) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837643) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837649) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2837642) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2817625) 64-Bit Edition
Update for Microsoft Project 2013 (KB2767859) 64-Bit Edition
Update for Microsoft Publisher 2013 (KB2752097) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2752018) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2013 (KB2817631) 64-Bit Edition
Update for Microsoft Word 2013 (KB2837630) 64-Bit Edition
Vegas Pro 12.0 (64-bit) (Version: 12.0.670)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1)
Windows Live (x32 Version: 16.4.3505.0912)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live 程式集 (x32 Version: 16.4.3505.0912)
Windows Live 软件包 (x32 Version: 16.4.3505.0912)
WinFlash (x32 Version: 2.42.0)
影像中心 (x32 Version: 16.4.3505.0912)
照片库 (x32 Version: 16.4.3505.0912)
 
==================== Restore Points  =========================
 
19-11-2013 23:50:57 Windows Update
23-11-2013 22:20:30 Removed Java 7 Update 45
26-11-2013 22:01:26 Installed LogMeIn Hamachi
 
==================== Hosts content: ==========================
 
2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {1B891B26-1F8E-4AA2-A02D-BD79BFE9C4D8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\microsoft shared\OFFICE15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2D9779D6-C8A4-4A7D-88E6-DD874686FC4F} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
Task: {2FD75E7B-6B6B-4D13-87F5-3ED6D9D8C85F} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-03-26] (ASUSTek Computer Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {41E11324-C367-4A70-B294-FADC07AEE32A} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4DAB518F-043D-4411-9E71-2EA729574486} - System32\Tasks\BackgroundContainer Startup Task => C:\Users\Tate\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll [2013-11-06] (Conduit Ltd.)
Task: {537177FE-8B37-4D5A-B86B-EFAE3274A2DB} - System32\Tasks\ASUS Console => C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe [2013-04-12] (ASUSTek Computer Inc.)
Task: {5CABC4F6-A63A-4951-9D04-6D4055D2A3E9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5EB76EA4-AA83-4A71-90F3-8079011924C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {71D671F0-F33B-4D52-A1D0-CB05FAAA6A94} - System32\Tasks\AVG_SYS_TASK => C:\ProgramData\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe [2013-11-14] ()
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {82F8E5C8-0E0D-4BB0-B943-943979A48429} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2013-08-22] (Microsoft Corporation)
Task: {86633EFE-645D-4CE6-9DA5-D14A03BB415A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\System32\MRT.exe [2013-11-14] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\System32\AppXDeploymentClient.dll [2013-09-29] (Microsoft Corporation)
Task: {8F233C25-AA29-4FBE-A91E-FCF74F6CD7F8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A0C4E7B7-2D45-4484-9EA4-EA326A497D5B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07] (Google Inc.)
Task: {CBB88401-0F79-4BE9-9A66-4C3380F5D4A8} - System32\Tasks\AVG_SYS_TASK_DELETE => C:\ProgramData\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe [2013-11-14] ()
Task: {CE5ABE0D-A721-4E8F-AB69-C2E9EA28BEEB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-19] (Adobe Systems Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FC8C7E68-0643-4562-AA05-4D14FF8DD580} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AVG_SYS_TASK.job => C:\ProgramData\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe
Task: C:\WINDOWS\Tasks\AVG_SYS_TASK_DELETE.job => C:\ProgramData\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-10-17 11:25 - 2013-10-17 11:25 - 08866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-04-24 15:09 - 2013-04-24 15:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-04-24 15:07 - 2013-04-24 15:07 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-10-29 12:45 - 2013-10-29 12:45 - 00798392 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2013-11-27 16:25 - 2013-11-27 16:25 - 00306176 _____ () C:\Users\Tate\AppData\Roaming\.minecraft\versions\1.7.2\1.7.2-natives-8539286696114\lwjgl64.dll
2013-11-27 16:25 - 2013-11-27 16:25 - 00382464 _____ () C:\Users\Tate\AppData\Roaming\.minecraft\versions\1.7.2\1.7.2-natives-8539286696114\OpenAL64.dll
2013-11-06 15:44 - 2013-11-06 15:44 - 00059904 _____ () c:\program files\scorpionsaver services\pcproxydll.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-12 20:32 - 2013-10-23 02:30 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-11-14 16:45 - 2013-11-14 03:28 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-14 16:45 - 2013-11-14 03:28 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-14 16:45 - 2013-11-14 03:29 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-14 16:45 - 2013-11-14 03:29 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-14 16:45 - 2013-11-14 03:28 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
2013-08-23 11:01 - 2013-08-23 11:01 - 25100288 _____ () C:\Users\Tate\AppData\Roaming\Dropbox\bin\libcef.dll
2013-09-26 13:50 - 2013-09-26 13:50 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2013-09-26 13:49 - 2013-09-26 13:49 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2013-11-14 16:45 - 2013-11-14 03:29 - 13582800 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll
2013-06-20 20:35 - 2013-04-11 14:30 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\Tate\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakProxy => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== Faulty Device Manager Devices =============
 
Name: HID-compliant touch screen
Description: HID-compliant touch screen
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/27/2013 02:04:33 PM) (Source: CltMngSvc) (User: )
Description: CltMngSvcServiceMain Version 2. (Error: 87)
 
Error: (11/26/2013 11:29:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1218
 
Error: (11/26/2013 11:29:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1218
 
Error: (11/26/2013 11:29:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/26/2013 01:57:16 PM) (Source: MsiInstaller) (User: GOLDENTATERTOT)
Description: Product: LogMeIn Hamachi -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.
 
Error: (11/26/2013 01:53:40 PM) (Source: MsiInstaller) (User: GOLDENTATERTOT)
Description: Product: LogMeIn Hamachi -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.
 
Error: (11/26/2013 01:53:40 PM) (Source: MsiInstaller) (User: GOLDENTATERTOT)
Description: Product: LogMeIn Hamachi -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.
 
Error: (11/26/2013 01:53:40 PM) (Source: MsiInstaller) (User: GOLDENTATERTOT)
Description: Product: LogMeIn Hamachi -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.
 
Error: (11/26/2013 01:53:39 PM) (Source: MsiInstaller) (User: GOLDENTATERTOT)
Description: Product: LogMeIn Hamachi -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.
 
Error: (11/26/2013 01:53:39 PM) (Source: MsiInstaller) (User: GOLDENTATERTOT)
Description: Product: LogMeIn Hamachi -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.
 
 
System errors:
=============
Error: (11/27/2013 11:05:01 PM) (Source: DCOM) (User: GOLDENTATERTOT)
Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
 
Error: (11/27/2013 08:05:00 PM) (Source: DCOM) (User: GOLDENTATERTOT)
Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
 
Error: (11/27/2013 05:01:36 PM) (Source: DCOM) (User: GOLDENTATERTOT)
Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
 
Error: (11/27/2013 02:08:45 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (11/27/2013 02:05:30 PM) (Source: DCOM) (User: GOLDENTATERTOT)
Description: 1053WSearchUnavailable{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (11/27/2013 02:05:30 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1053
 
Error: (11/27/2013 02:05:30 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
 
Error: (11/27/2013 02:03:03 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
 
Error: (11/27/2013 02:01:35 PM) (Source: DCOM) (User: GOLDENTATERTOT)
Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
 
Error: (11/27/2013 01:59:32 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
Error: (11/27/2013 02:04:33 PM) (Source: CltMngSvc)(User: )
Description: CltMngSvcServiceMain Version 2. (Error: 87)
 
Error: (11/26/2013 11:29:43 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1218
 
Error: (11/26/2013 11:29:43 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1218
 
Error: (11/26/2013 11:29:43 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/26/2013 01:57:16 PM) (Source: MsiInstaller)(User: GOLDENTATERTOT)
Description: Product: LogMeIn Hamachi -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (11/26/2013 01:53:40 PM) (Source: MsiInstaller)(User: GOLDENTATERTOT)
Description: Product: LogMeIn Hamachi -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (11/26/2013 01:53:40 PM) (Source: MsiInstaller)(User: GOLDENTATERTOT)
Description: Product: LogMeIn Hamachi -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (11/26/2013 01:53:40 PM) (Source: MsiInstaller)(User: GOLDENTATERTOT)
Description: Product: LogMeIn Hamachi -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (11/26/2013 01:53:39 PM) (Source: MsiInstaller)(User: GOLDENTATERTOT)
Description: Product: LogMeIn Hamachi -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (11/26/2013 01:53:39 PM) (Source: MsiInstaller)(User: GOLDENTATERTOT)
Description: Product: LogMeIn Hamachi -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 78%
Total physical RAM: 8075.25 MB
Available physical RAM: 1770.02 MB
Total Pagefile: 10728.42 MB
Available Pagefile: 2658.21 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:372.26 GB) (Free:69.73 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:537.6 GB) (Free:537.4 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 115DA0F7)
 
Partition: GPT Partition Type
==================== End Of Log ============================


#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:12 PM

Posted 28 November 2013 - 03:41 AM



Hello Ted

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 TatertotInvasion

TatertotInvasion
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 28 November 2013 - 07:43 PM

AdwCleaner[R0]:

 

# AdwCleaner v3.013 - Report created 28/11/2013 at 16:08:28

# Updated 24/11/2013 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Tate - GOLDENTATERTOT
# Running from : C:\Users\Tate\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : CltMngSvc
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
File Found : C:\WINDOWS\System32\Tasks\BackgroundContainer Startup Task
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\Connect_DLC_5
Folder Found C:\Program Files (x86)\Searchprotect
Folder Found C:\ProgramData\Conduit
Folder Found C:\Users\Tate\AppData\Local\Conduit
Folder Found C:\Users\Tate\AppData\LocalLow\Conduit
Folder Found C:\Users\Tate\AppData\LocalLow\Connect_DLC_5
Folder Found C:\Users\Tate\AppData\Roaming\Search Protection
Folder Found C:\Users\Tate\AppData\Roaming\Searchprotect
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Connect_DLC_5
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Found : HKCU\Software\SearchProtect
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\SearchProtect
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{24C1F23B-0796-4C3A-8E00-BAB4D876D4A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3306061
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Connect_DLC_5
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C482D211-47FC-48C4-A87F-5FC4EF350B5B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7B31A56-ED1A-4157-AA7E-15B45C0E085B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{24C1F23B-0796-4C3A-8E00-BAB4D876D4A9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\Software\SearchProtect
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SearchProtect]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16384
 
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.conduit.com/?ctid=CT3306061&octid=CT3306061&SearchSource=61&CUI=UN32600986326657258&UM=2&UP=SPB3468003-BCD0-4578-B1BA-F6771DF1745E
 
-\\ Mozilla Firefox v25.0.1 (en-US)
 
[ File : C:\Users\Tate\AppData\Roaming\Mozilla\Firefox\Profiles\2ryul40b.default\prefs.js ]
 
 
-\\ Google Chrome v31.0.1650.57
 
[ File : C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found : homepage
Found : urls_to_restore_on_startup
Found : homepage
Found : urls_to_restore_on_startup
Found : homepage
Found : urls_to_restore_on_startup
 
*************************
 
AdwCleaner[R0].txt - [5055 octets] - [28/11/2013 16:08:28]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5115 octets] ##########
 
 
 
 
 
 
 
 
 
 
AdwCleaner[S0]:
 
# AdwCleaner v3.013 - Report created 28/11/2013 at 16:10:03
# Updated 24/11/2013 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Tate - GOLDENTATERTOT
# Running from : C:\Users\Tate\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : CltMngSvc
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files (x86)\Connect_DLC_5
Folder Deleted : C:\Users\Tate\AppData\Local\Conduit
Folder Deleted : C:\Users\Tate\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Tate\AppData\LocalLow\Connect_DLC_5
Folder Deleted : C:\Users\Tate\AppData\Roaming\Search Protection
Folder Deleted : C:\Users\Tate\AppData\Roaming\Searchprotect
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
File Deleted : C:\WINDOWS\System32\Tasks\BackgroundContainer Startup Task
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SearchProtect]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3306061
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{24C1F23B-0796-4C3A-8E00-BAB4D876D4A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{24C1F23B-0796-4C3A-8E00-BAB4D876D4A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7B31A56-ED1A-4157-AA7E-15B45C0E085B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C482D211-47FC-48C4-A87F-5FC4EF350B5B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Connect_DLC_5
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Connect_DLC_5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16384
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Mozilla Firefox v25.0.1 (en-US)
 
[ File : C:\Users\Tate\AppData\Roaming\Mozilla\Firefox\Profiles\2ryul40b.default\prefs.js ]
 
 
-\\ Google Chrome v31.0.1650.57
 
[ File : C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : homepage
Deleted : urls_to_restore_on_startup
 
*************************
 
AdwCleaner[R0].txt - [5211 octets] - [28/11/2013 16:08:28]
AdwCleaner[S0].txt - [4908 octets] - [28/11/2013 16:10:03]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4968 octets] ##########
 
 
 
 
 
JRT:
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8.1 x64
Ran by Tate on Thu 11/28/2013 at 16:34:55.00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7E4DAE7E-7353-49CA-B38F-DD5E7F9675CB}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Tate\appdata\local\cre"
Failed to delete: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 11/28/2013 at 16:39:41.43
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Edited by TatertotInvasion, 28 November 2013 - 07:43 PM.


#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:12 PM

Posted 29 November 2013 - 09:00 AM


Hello TatertotInvasion

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 TatertotInvasion

TatertotInvasion
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 29 November 2013 - 06:43 PM

Once again, I got the "ComboFix is not meant to run in 'Compatibility Mode'. This program shall now exit" error.



#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:12 PM

Posted 29 November 2013 - 10:48 PM



Hello TatertotInvasion

Lets get a deeper look into the system and lets see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 TatertotInvasion

TatertotInvasion
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 29 November 2013 - 11:43 PM

OTL:

 

 

OTL logfile created on: 11/29/2013 8:19:35 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tate\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16438)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.89 Gb Total Physical Memory | 2.10 Gb Available Physical Memory | 26.58% Memory free
9.57 Gb Paging File | 2.95 Gb Available in Paging File | 30.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 372.26 Gb Total Space | 70.66 Gb Free Space | 18.98% Space Free | Partition Type: NTFS
Drive D: | 537.60 Gb Total Space | 537.40 Gb Free Space | 99.96% Space Free | Partition Type: NTFS
 
Computer Name: GOLDENTATERTOT | User Name: Tate | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Tate\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Tate\AppData\Local\Auto Clicker\AutoClicker.exe (MurGee.com)
PRC - C:\Users\Tate\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe ()
PRC - C:\ProgramData\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe ()
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\ProgramData\Auto Typer by MurGee\AutoTyper.exe (MurGee.com)
PRC - C:\Users\Tate\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - c:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Adpeak, Inc.)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe (Stardock Software, Inc)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Tate\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll ()
MOD - C:\Users\Tate\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()
MOD - C:\Program Files (x86)\Evernote\Evernote\libxml2.dll ()
MOD - C:\Program Files (x86)\Evernote\Evernote\libtidy.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Users\Tate\AppData\Roaming\Dropbox\bin\libcef.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (Level Quality Watcher) -- C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe ()
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (AdpeakProxy) -- c:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Adpeak, Inc.)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McAPExe) -- C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.)
SRV:64bit: - (mfecore) -- C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (McAfee, Inc.)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcpltsvc) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (HomeNetSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel® Corporation)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McAWFwk) -- C:\Program Files\mcafee\msc\McAWFwk.exe (McAfee, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (LMIGuardianSvc) -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (RzKLService) -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Windows ® Win 7 DDK provider)
SRV - (ZAtheros Bt and Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (Start8) -- C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe (Stardock Software, Inc)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTek Computer Inc.)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (Avgdiska) -- C:\Windows\SysNative\drivers\avgdiska.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (Avgwfpa) -- C:\Windows\SysNative\drivers\avgwfpa.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (AdpeakWFP) -- C:\Windows\SysNative\drivers\AdpeakWFP64.sys (Adpeak, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeelamk) -- C:\Windows\SysNative\drivers\mfeelamk.sys (McAfee, Inc.)
DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.)
DRV:64bit: - (mfencrk) -- C:\Windows\SysNative\drivers\mfencrk.sys (McAfee, Inc.)
DRV:64bit: - (mfencbdc) -- C:\Windows\SysNative\drivers\mfencbdc.sys (McAfee, Inc.)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgboota) -- C:\Windows\SysNative\drivers\avgboota.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (Hamachi) -- C:\Windows\SysNative\drivers\Hamdrv.sys (LogMeIn Inc.)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek                                            )
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (LGSHidFilt) -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys (Logitech Inc.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:64bit: - (ATP) -- C:\Windows\SysNative\drivers\AsusTP.sys (ASUS Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (HIDSwitch) -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys (ASUS)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Rovi Corporation)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2564788367-3890907632-807164078-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
IE - HKU\S-1-5-21-2564788367-3890907632-807164078-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2564788367-3890907632-807164078-1002\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2564788367-3890907632-807164078-1002\..\SearchScopes\{D66738DC-8A7B-47B3-AF22-0F933D709ED8}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=293224&p={searchTerms}
IE - HKU\S-1-5-21-2564788367-3890907632-807164078-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2564788367-3890907632-807164078-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-21-2564788367-3890907632-807164078-1007\..\SearchScopes,DefaultScope = 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=293224"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/16 21:44:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013/11/07 18:33:12 | 000,000,000 | ---D | M]
 
[2013/11/19 19:03:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tate\AppData\Roaming\mozilla\Extensions
[2013/11/19 19:17:38 | 000,000,915 | ---- | M] () -- C:\Users\Tate\AppData\Roaming\mozilla\firefox\profiles\2ryul40b.default\searchplugins\yahoo.xml
[2013/11/19 19:03:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/19 19:03:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/10/17 11:25:52 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
CHR - plugin:  (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin:  (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java Deployment Toolkit 7.0.450.18 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java™ Platform SE 7 U45 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL
CHR - Extension: Google Docs = C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1\
CHR - Extension: Google Drive = C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: YouTube = C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Google Search = C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: PicMonkey = C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm\1.5_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.3.1.2_0\
CHR - Extension: Google Wallet = C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1\
CHR - Extension: Gmail = C:\Users\Tate\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/08/22 05:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ScorpionSaver) - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\ScorpionSaver\IECore.dll ()
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe (ASUS Cloud Corporation)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StereoLinksInstall] "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1 File not found
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-2564788367-3890907632-807164078-1002..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-21-2564788367-3890907632-807164078-1002..\Run: [AutoTyperMurGee] C:\ProgramData\Auto Typer by MurGee\AutoTyper.exe  (MurGee.com)
O4 - HKU\S-1-5-21-2564788367-3890907632-807164078-1002..\Run: [AVG-Secure-Search-Update_1113a] C:\Users\Tate\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe ()
O4 - HKU\S-1-5-21-2564788367-3890907632-807164078-1002..\Run: [MurGee.com Auto Clicker] C:\Users\Tate\AppData\Local\Auto Clicker\AutoClicker.exe  (MurGee.com)
O4 - HKU\S-1-5-21-2564788367-3890907632-807164078-1002..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tate\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O4 - Startup: C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8:64bit: - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8:64bit: - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6914DD36-6E58-4511-B5C8-F4E50E49A969}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/11/29 20:18:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tate\Desktop\OTL.exe
[2013/11/29 20:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/11/29 15:40:02 | 005,150,163 | ---- | C] (Swearware) -- C:\Users\Tate\Desktop\ComboFix.exe
[2013/11/28 16:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/11/28 16:07:47 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/28 16:07:42 | 001,034,531 | ---- | C] (Thisisu) -- C:\Users\Tate\Desktop\JRT.exe
[2013/11/27 23:10:21 | 000,000,000 | ---D | C] -- C:\FRST
[2013/11/27 23:09:52 | 001,958,850 | ---- | C] (Farbar) -- C:\Users\Tate\Desktop\FRST64.exe
[2013/11/27 19:15:48 | 000,688,992 | ---- | C] (Swearware) -- C:\Users\Tate\Desktop\dds.com
[2013/11/27 15:29:28 | 000,000,000 | ---D | C] -- C:\OBS Recording Test
[2013/11/27 15:28:00 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\OBS
[2013/11/27 15:27:54 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
[2013/11/27 15:27:46 | 000,000,000 | ---D | C] -- C:\Program Files\OBS
[2013/11/27 15:27:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OBS
[2013/11/26 14:04:06 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\LogMeIn Hamachi
[2013/11/26 14:04:06 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\LogMeIn
[2013/11/26 14:04:06 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2013/11/26 14:02:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013/11/26 14:02:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013/11/26 13:57:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/11/24 22:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker
[2013/11/24 22:30:00 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Auto Clicker
[2013/11/24 02:29:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/11/24 02:26:24 | 000,056,208 | ---- | C] (Rovi Corporation) -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys
[2013/11/24 02:26:24 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\SysNative\drivers\cdralw2k.sys
[2013/11/24 02:26:24 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\SysNative\drivers\cdr4_xp.sys
[2013/11/24 02:26:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2013/11/24 02:26:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013/11/24 02:26:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2013/11/24 02:09:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
[2013/11/24 02:09:21 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/11/24 02:06:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/11/24 01:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/11/24 01:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2013/11/23 21:39:15 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Publish Providers
[2013/11/23 21:37:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2013/11/23 21:36:54 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Sony
[2013/11/23 21:36:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2013/11/23 21:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2013/11/23 21:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2013/11/23 21:35:46 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Sony
[2013/11/23 20:18:40 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Audacity
[2013/11/23 20:17:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2013/11/23 20:06:18 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\NVIDIA
[2013/11/23 14:31:31 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Diagnostics
[2013/11/21 19:05:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\NV
[2013/11/21 19:05:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\NV
[2013/11/21 18:52:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Stardock
[2013/11/21 18:52:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
[2013/11/21 18:52:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Stardock
[2013/11/21 18:52:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stardock
[2013/11/20 18:15:02 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\AVG 1113a Campaign
[2013/11/20 18:14:57 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG 1113a Campaign
[2013/11/19 19:08:12 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Macromedia
[2013/11/19 19:03:28 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Mozilla
[2013/11/19 19:03:28 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Mozilla
[2013/11/19 19:03:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/11/19 19:03:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/11/18 20:57:43 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2013/11/18 20:20:37 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\gtk-2.0
[2013/11/18 20:20:37 | 000,000,000 | ---D | C] -- C:\Users\Tate\.thumbnails
[2013/11/18 20:16:25 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\fontconfig
[2013/11/18 20:16:23 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\gegl-0.2
[2013/11/18 20:16:23 | 000,000,000 | ---D | C] -- C:\Users\Tate\.gimp-2.8
[2013/11/18 20:11:28 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013/11/17 23:20:31 | 000,041,624 | ---- | C] (Adpeak, Inc.) -- C:\WINDOWS\SysNative\drivers\AdpeakWFP64.sys
[2013/11/17 23:20:27 | 000,000,000 | ---D | C] -- C:\Program Files\ScorpionSaver Services
[2013/11/16 23:17:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScorpionSaver
[2013/11/16 23:16:51 | 000,000,000 | ---D | C] -- C:\temp
[2013/11/16 23:16:48 | 000,000,000 | ---D | C] -- C:\Program Files\Level Quality Watcher
[2013/11/16 23:11:23 | 000,000,000 | ---D | C] -- C:\Users\Tate\Documents\Razer
[2013/11/16 23:07:22 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Razer
[2013/11/16 23:06:50 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_43.dll
[2013/11/16 23:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2013/11/16 23:06:48 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\WhiteListing
[2013/11/16 23:06:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
[2013/11/16 23:06:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2013/11/16 23:06:10 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\NativeMessaging
[2013/11/16 21:47:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013/11/16 21:44:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/16 18:08:25 | 003,395,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2013/11/16 18:08:17 | 006,639,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2013/11/16 18:08:15 | 007,399,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2013/11/16 18:08:14 | 005,769,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2013/11/16 18:08:12 | 002,570,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2013/11/16 18:08:10 | 004,104,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2013/11/16 18:08:09 | 002,617,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2013/11/16 18:08:09 | 002,143,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013/11/16 18:08:08 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2013/11/16 18:08:07 | 001,231,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2013/11/16 18:08:06 | 002,295,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2013/11/16 18:08:06 | 001,147,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2013/11/16 18:08:05 | 002,328,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2013/11/16 18:08:05 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2013/11/16 18:08:04 | 002,065,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2013/11/16 18:08:03 | 001,067,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2013/11/16 18:08:03 | 000,920,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2013/11/16 18:08:03 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2013/11/16 18:08:02 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013/11/16 18:08:02 | 000,883,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2013/11/16 18:08:01 | 001,287,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2013/11/16 18:08:01 | 000,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013/11/16 18:08:01 | 000,481,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2013/11/16 18:08:00 | 002,134,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2013/11/16 18:08:00 | 000,699,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10level9.dll
[2013/11/16 18:08:00 | 000,380,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2013/11/16 18:07:59 | 004,599,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2013/11/16 18:07:59 | 001,399,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2013/11/16 18:07:59 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Http.dll
[2013/11/16 18:07:58 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.Http.dll
[2013/11/16 18:07:58 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013/11/16 18:07:57 | 001,373,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2013/11/16 18:07:57 | 001,011,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWorkspace.dll
[2013/11/16 18:07:57 | 000,708,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2013/11/16 18:07:56 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2013/11/16 18:07:56 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2013/11/16 18:07:56 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2013/11/16 18:07:55 | 000,839,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013/11/16 18:07:55 | 000,700,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013/11/16 18:07:55 | 000,631,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2013/11/16 18:07:54 | 001,204,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2013/11/16 18:07:54 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eapphost.dll
[2013/11/16 18:07:53 | 000,518,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2013/11/16 18:07:53 | 000,171,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kd_02_8086.dll
[2013/11/16 18:07:53 | 000,031,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2013/11/16 18:07:52 | 000,465,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2013/11/16 18:07:52 | 000,391,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsmf.dll
[2013/11/16 18:07:51 | 000,795,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSWorkspace.dll
[2013/11/16 18:07:51 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2013/11/16 18:07:51 | 000,558,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll
[2013/11/16 18:07:51 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eapp3hst.dll
[2013/11/16 18:07:50 | 000,345,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsmf.dll
[2013/11/16 18:07:50 | 000,317,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2013/11/16 18:07:50 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2013/11/16 18:07:49 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcsvDevice.dll
[2013/11/16 18:07:49 | 000,104,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2013/11/16 18:07:49 | 000,088,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2013/11/16 18:07:48 | 000,371,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2013/11/16 18:07:48 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eapphost.dll
[2013/11/16 18:07:48 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msched.dll
[2013/11/16 18:07:47 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2013/11/16 18:07:45 | 000,057,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2013/11/16 18:07:45 | 000,044,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll
[2013/11/16 18:07:44 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2013/11/16 18:07:44 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2013/11/16 18:07:44 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafBth.dll
[2013/11/16 18:07:44 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWbPrxy.exe
[2013/11/16 18:07:44 | 000,054,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2013/11/16 18:07:44 | 000,039,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2013/11/16 18:07:43 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2013/11/16 18:07:43 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWfdProvider.dll
[2013/11/16 18:07:43 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shsetup.dll
[2013/11/16 18:07:42 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2013/11/16 18:07:42 | 000,922,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2013/11/16 18:07:42 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eappcfg.dll
[2013/11/16 18:07:42 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2013/11/16 18:07:42 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shsetup.dll
[2013/11/16 18:07:41 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eappcfg.dll
[2013/11/16 18:07:41 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eapp3hst.dll
[2013/11/16 18:07:41 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eappgnui.dll
[2013/11/16 18:07:41 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eappgnui.dll
[2013/11/16 18:07:40 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ftp.exe
[2013/11/16 18:07:39 | 001,704,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2013/11/16 18:07:39 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/11/16 18:07:39 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/11/16 18:07:39 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2013/11/16 18:07:38 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2013/11/16 18:07:38 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2013/11/16 18:07:38 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpclip.exe
[2013/11/16 18:07:38 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\miutils.dll
[2013/11/16 18:07:38 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\miutils.dll
[2013/11/16 18:07:38 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ftp.exe
[2013/11/16 18:07:37 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2013/11/16 18:07:37 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2013/11/16 18:06:12 | 018,577,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2013/11/16 18:06:09 | 013,925,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2013/11/16 18:06:08 | 013,176,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2013/11/16 18:06:05 | 011,674,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2013/11/16 18:05:57 | 002,801,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2013/11/16 18:05:56 | 001,085,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2013/11/16 18:05:56 | 000,869,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2013/11/13 22:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2013/11/13 22:29:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013/11/13 22:28:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2013/11/13 22:26:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2013/11/13 22:26:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2013/11/13 22:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013/11/13 22:24:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/11/13 22:24:27 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Microsoft Help
[2013/11/13 22:24:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/11/13 22:24:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/11/13 22:23:10 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/11/13 15:15:30 | 001,341,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2013/11/13 15:15:28 | 000,136,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2013/11/13 15:15:19 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2013/11/13 15:15:19 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2013/11/13 15:15:19 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2013/11/13 15:15:18 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2013/11/13 15:15:17 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2013/11/13 15:15:13 | 001,943,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2013/11/12 21:43:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013/11/12 21:41:07 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6432683.dll
[2013/11/12 21:41:07 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6432683.dll
[2013/11/12 21:37:07 | 006,669,600 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2013/11/12 21:37:07 | 003,489,568 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2013/11/12 21:37:07 | 002,559,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2013/11/12 21:37:07 | 001,064,224 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshext.dll
[2013/11/12 21:37:07 | 000,219,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2013/11/12 21:37:07 | 000,067,072 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshextr.dll
[2013/11/12 21:37:07 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2013/11/12 20:45:54 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\NVIDIA
[2013/11/12 20:41:35 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\AutoTyperMurGee
[2013/11/12 20:32:54 | 030,344,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2013/11/12 20:32:54 | 022,933,792 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2013/11/12 20:32:54 | 018,286,416 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2013/11/12 20:32:54 | 018,199,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2013/11/12 20:32:54 | 015,855,568 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2013/11/12 20:32:54 | 015,212,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2013/11/12 20:32:54 | 011,374,520 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2013/11/12 20:32:54 | 009,480,328 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2013/11/12 20:32:54 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6433165.dll
[2013/11/12 20:32:54 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6433165.dll
[2013/11/12 20:32:54 | 001,435,504 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvumdshimx.dll
[2013/11/12 20:32:54 | 001,241,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvumdshim.dll
[2013/11/12 20:32:54 | 000,696,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2013/11/12 20:32:54 | 000,655,136 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2013/11/12 20:32:54 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2013/11/12 20:32:54 | 000,560,416 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2013/11/12 20:32:54 | 000,479,520 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2013/11/12 20:32:54 | 000,405,280 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2013/11/12 20:32:54 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglshim64.dll
[2013/11/12 20:32:54 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglshim32.dll
[2013/11/12 20:32:54 | 000,168,616 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvinitx.dll
[2013/11/12 20:32:54 | 000,141,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvinit.dll
[2013/11/12 20:32:54 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys
[2013/11/12 20:32:53 | 025,257,248 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2013/11/12 20:32:53 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2013/11/12 20:32:53 | 011,426,568 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2013/11/12 20:32:53 | 009,524,088 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2013/11/12 20:32:53 | 003,131,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2013/11/12 20:32:53 | 003,124,512 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2013/11/12 20:32:53 | 003,067,560 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2013/11/12 20:32:53 | 002,946,848 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2013/11/12 20:32:53 | 002,747,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2013/11/12 20:32:53 | 002,695,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2013/11/12 20:28:16 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013/11/12 18:43:18 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Evernote
[2013/11/12 18:43:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2013/11/12 18:42:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Evernote
[2013/11/12 17:45:03 | 001,002,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinUSBCoInstaller2.dll
[2013/11/12 17:44:42 | 000,000,000 | ---D | C] -- C:\Users\Tate\cminstaller
[2013/11/12 17:21:26 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\AVG2014
[2013/11/12 17:20:40 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\TuneUp Software
[2013/11/12 17:20:16 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/11/12 17:20:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2013/11/12 17:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/11/12 17:07:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/11/12 17:07:42 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\MFAData
[2013/11/12 17:07:42 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/11/12 17:07:42 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Avg2014
[2013/11/10 22:45:33 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\LolClient
[2013/11/10 21:16:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBTExplorer
[2013/11/10 21:16:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NBTExplorer
[2013/11/10 10:25:08 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\TS3Client
[2013/11/10 10:25:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2013/11/10 10:25:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2013/11/09 22:18:16 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_39.dll
[2013/11/09 22:18:16 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_2.dll
[2013/11/09 22:18:16 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_39.dll
[2013/11/09 22:18:16 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_1.dll
[2013/11/09 22:18:15 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_39.dll
[2013/11/09 22:18:12 | 000,000,000 | -HSD | C] -- C:\WINDOWS\SysWow64\AI_RecycleBin
[2013/11/09 22:18:11 | 000,000,000 | ---D | C] -- C:\Riot Games
[2013/11/09 22:18:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
[2013/11/09 22:17:45 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\PMB Files
[2013/11/09 22:17:43 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013/11/09 22:17:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2013/11/09 22:17:25 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Riot Games
[2013/11/09 21:12:37 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Auto-Mouse-Clicker
[2013/11/09 21:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Mouse Clicker v3.9
[2013/11/09 21:12:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auto Mouse Clicker v3.9
[2013/11/09 21:11:45 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Apple Computer
[2013/11/09 21:11:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/11/09 21:11:44 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Apple Computer
[2013/11/09 21:11:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Auto Typer by MurGee
[2013/11/09 21:11:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Typer
[2013/11/09 21:11:22 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Programs
[2013/11/09 21:11:21 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys
[2013/11/09 21:11:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\DRVSTORE
[2013/11/09 21:10:57 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/11/09 21:10:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/11/09 21:10:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/11/09 21:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/11/09 21:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/11/09 21:09:04 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Apple
[2013/11/09 21:09:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/11/09 21:08:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/11/09 21:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/11/09 21:08:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/11/09 21:08:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/11/09 21:08:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013/11/08 18:58:20 | 000,000,000 | ---D | C] -- C:\Users\Tate\Documents\SimCity
[2013/11/08 18:48:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2013/11/08 18:48:43 | 000,000,000 | ---D | C] -- C:\Fraps
[2013/11/08 18:43:58 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\uTorrent
[2013/11/08 18:39:08 | 000,000,000 | R--D | C] -- C:\Users\Tate\Dropbox
[2013/11/08 18:38:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
[2013/11/08 18:38:45 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2013/11/08 18:38:44 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_40.dll
[2013/11/08 18:38:44 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_41.dll
[2013/11/08 18:38:44 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_38.dll
[2013/11/08 18:38:44 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_43.dll
[2013/11/08 18:38:44 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_42.dll
[2013/11/08 18:38:44 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_42.dll
[2013/11/08 18:38:43 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_37.dll
[2013/11/08 18:38:43 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_36.dll
[2013/11/08 18:38:43 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_35.dll
[2013/11/08 18:38:43 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_34.dll
[2013/11/08 18:38:43 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_33.dll
[2013/11/08 18:38:43 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_31.dll
[2013/11/08 18:38:43 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_3.dll
[2013/11/08 18:38:43 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_2.dll
[2013/11/08 18:38:43 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_1.dll
[2013/11/08 18:38:42 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_30.dll
[2013/11/08 18:38:42 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_25.dll
[2013/11/08 18:38:42 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_29.dll
[2013/11/08 18:38:42 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_28.dll
[2013/11/08 18:38:42 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_27.dll
[2013/11/08 18:38:42 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_26.dll
[2013/11/08 18:38:42 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_24.dll
[2013/11/08 18:37:56 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013/11/08 18:36:44 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Dropbox
[2013/11/08 18:36:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2013/11/08 18:31:22 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Skype
[2013/11/08 18:31:20 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013/11/08 18:31:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/11/08 18:31:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/11/08 18:31:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013/11/08 18:28:41 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Origin
[2013/11/08 18:28:40 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Origin
[2013/11/08 17:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2013/11/08 17:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2013/11/08 17:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2013/11/08 17:31:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2013/11/08 17:28:58 | 000,000,000 | ---D | C] -- C:\Users\Tate\Documents\Rainmeter
[2013/11/08 17:28:58 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Rainmeter
[2013/11/08 17:28:51 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter
[2013/11/07 23:11:25 | 000,000,000 | R--D | C] -- C:\Users\Tate\SkyDrive
[2013/11/07 23:09:23 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Identities
[2013/11/07 22:54:55 | 000,000,000 | -HSD | C] -- C:\Users\Tate\AppData\Local\Temporary Internet Files
[2013/11/07 22:54:55 | 000,000,000 | -HSD | C] -- C:\Users\Tate\Templates
[2013/11/07 22:54:55 | 000,000,000 | -HSD | C] -- C:\Users\Tate\Start Menu
[2013/11/07 22:54:55 | 000,000,000 | -HSD | C] -- C:\Users\Tate\SendTo
[2013/11/07 22:54:55 | 000,000,000 | -HSD | C] -- C:\Users\Tate\Recent
[2013/11/07 22:54:55 | 000,000,000 | -HSD | C] -- C:\Users\Tate\PrintHood
[2013/11/07 22:54:55 | 000,000,000 | -HSD | C] -- C:\Users\Tate\NetHood
[2013/11/07 22:54:55 | 000,000,000 | -HSD | C] -- C:\Users\Tate\Documents\My Videos
[2013/11/07 22:54:55 | 000,000,000 | -HSD | C] -- C:\Users\Tate\Documents\My Pictures
[2013/11/07 22:54:55 | 000,000,000 | -HSD | C] -- C:\Users\Tate\Documents\My Music
[2013/11/07 22:54:55 | 000,000,000 | -HSD | C] -- C:\Users\Tate\My Documents
[2013/11/07 22:54:55 | 000,000,000 | -HSD | C] -- C:\Users\Tate\Local Settings
[2013/11/07 22:54:55 | 000,000,000 | -HSD | C] -- C:\Users\Tate\AppData\Local\History
[2013/11/07 22:54:55 | 000,000,000 | -HSD | C] -- C:\Users\Tate\Cookies
[2013/11/07 22:54:55 | 000,000,000 | -HSD | C] -- C:\Users\Tate\Application Data
[2013/11/07 22:54:55 | 000,000,000 | -HSD | C] -- C:\Users\Tate\AppData\Local\Application Data
[2013/11/07 22:54:54 | 000,000,000 | --SD | C] -- C:\Users\Tate\AppData\Roaming\Microsoft
[2013/11/07 22:54:54 | 000,000,000 | R--D | C] -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/11/07 22:54:54 | 000,000,000 | R--D | C] -- C:\Users\Tate\Favorites
[2013/11/07 22:54:54 | 000,000,000 | R--D | C] -- C:\Users\Tate\Documents
[2013/11/07 22:54:54 | 000,000,000 | R--D | C] -- C:\Users\Tate\Desktop
[2013/11/07 22:54:54 | 000,000,000 | R--D | C] -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/11/07 22:54:54 | 000,000,000 | R--D | C] -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/11/07 22:54:54 | 000,000,000 | -H-D | C] -- C:\Users\Tate\AppData
[2013/11/07 22:54:54 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Temp
[2013/11/07 22:54:54 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Microsoft
[2013/11/07 22:54:54 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/11/07 22:51:39 | 000,018,960 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\SysNative\drivers\LNonPnP.sys
[2013/11/07 22:49:40 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013/11/07 22:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/11/07 22:49:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/11/07 22:49:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013/11/07 22:49:18 | 000,064,000 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.DLL
[2013/11/07 22:49:18 | 000,060,416 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.DLL
[2013/11/07 22:49:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2013/11/07 22:48:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2013/11/07 22:48:46 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/11/07 22:48:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/11/07 22:47:16 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013/11/07 22:47:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2013/11/07 22:46:03 | 000,872,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2013/11/07 22:46:03 | 000,698,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2013/11/07 22:45:53 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2013/11/07 22:45:53 | 001,765,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2013/11/07 22:45:53 | 001,286,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2013/11/07 22:45:53 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2013/11/07 22:45:53 | 000,977,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2013/11/07 22:45:53 | 000,516,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2013/11/07 22:45:53 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2013/11/07 22:45:53 | 000,294,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2013/11/07 22:45:53 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2013/11/07 22:43:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2013/11/07 22:43:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2013/11/07 22:43:53 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/11/07 22:43:53 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/11/07 22:43:26 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2013/11/07 22:43:26 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/11/07 22:43:26 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2013/11/07 22:43:25 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/11/07 22:43:25 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2013/11/07 22:43:24 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2013/11/07 22:30:19 | 000,000,000 | ---D | C] -- C:\sources
[2013/11/07 21:51:31 | 000,000,000 | ---D | C] -- C:\Users\Tate\Documents\Wallpapers
[2013/11/07 21:49:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013/11/07 21:49:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2013/11/07 21:49:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013/11/07 17:35:12 | 000,312,744 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaws.exe
[2013/11/07 17:35:10 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaw.exe
[2013/11/07 17:35:10 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\java.exe
[2013/11/07 17:35:10 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll
[2013/11/07 17:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/11/07 17:35:05 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/11/07 17:20:36 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\TechSmith
[2013/11/07 17:15:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MRT
[2013/11/07 17:06:24 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\com.pandora.desktop
[2013/11/07 17:06:23 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1
[2013/11/07 17:06:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pandora
[2013/11/07 17:05:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013/11/07 17:04:35 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Adobe
[2013/11/07 16:54:05 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2013/11/07 16:54:02 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Logitech
[2013/11/07 16:53:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2013/11/07 16:53:16 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech Gaming Software
[2013/11/07 16:49:25 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Logitech
[2013/11/07 16:49:25 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Logishrd
[2013/11/07 16:37:19 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/11/07 16:33:33 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/11/07 16:26:17 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysWow64\rars.rs
[2013/11/07 16:26:17 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysNative\rars.rs
[2013/11/07 16:22:54 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\SysNative\drivers\HipShieldK.sys
[2013/11/07 16:19:35 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Cyberlink
[2013/11/07 16:19:30 | 000,000,000 | ---D | C] -- C:\Users\Tate\Documents\CyberLink
[2013/11/07 16:19:30 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\CyberLink
[2013/11/07 15:39:08 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\.minecraft
[2013/11/07 15:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/11/07 15:37:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/11/07 15:33:23 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Intel_Corporation
[2013/11/07 15:32:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/11/07 15:31:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/11/07 15:31:56 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Google
[2013/11/07 15:31:34 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Apps
[2013/11/07 15:27:31 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\BMExplorer
[2013/11/07 15:27:31 | 000,000,000 | ---D | C] -- C:\Users\Tate\Documents\Bluetooth Folder
[2013/11/07 15:27:26 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\ASUS WebStorage
[2013/11/07 15:27:24 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\ASUS
[2013/11/07 15:27:19 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Atheros
[2013/11/07 15:26:58 | 000,000,000 | R--D | C] -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/11/07 15:26:58 | 000,000,000 | R--D | C] -- C:\Users\Tate\Searches
[2013/11/07 15:26:58 | 000,000,000 | R--D | C] -- C:\Users\Tate\Contacts
[2013/11/07 15:26:58 | 000,000,000 | R--D | C] -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/11/07 15:26:58 | 000,000,000 | -H-D | C] -- C:\Users\Tate\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/11/07 15:26:11 | 000,000,000 | ---D | C] -- C:\ProgramData\FolderView
[2013/11/07 15:24:44 | 000,000,000 | ---D | C] -- C:\ProgramData\USBChargerPlus
[2013/11/07 15:24:12 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Macromedia
[2013/11/07 15:24:11 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Adobe
[2013/11/07 15:23:12 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\VirtualStore
[2013/11/07 15:23:03 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\Packages
[2013/11/07 15:22:53 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Local\ASUS
[2013/11/07 15:22:39 | 000,000,000 | R--D | C] -- C:\Users\Tate\Videos
[2013/11/07 15:22:39 | 000,000,000 | R--D | C] -- C:\Users\Tate\Saved Games
[2013/11/07 15:22:39 | 000,000,000 | R--D | C] -- C:\Users\Tate\Pictures
[2013/11/07 15:22:39 | 000,000,000 | R--D | C] -- C:\Users\Tate\Music
[2013/11/07 15:22:39 | 000,000,000 | R--D | C] -- C:\Users\Tate\Links
[2013/11/07 15:22:39 | 000,000,000 | R--D | C] -- C:\Users\Tate\Downloads
[2013/11/07 15:22:39 | 000,000,000 | ---D | C] -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
[2013/11/05 21:55:48 | 000,150,808 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgdiska.sys
[2013/11/04 21:52:42 | 000,240,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgidsdrivera.sys
[2013/10/31 23:00:18 | 000,212,280 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgldx64.sys
[2013/10/31 22:49:46 | 000,294,712 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgloga.sys
 
========== Files - Modified Within 30 Days ==========
 
[2013/11/29 20:18:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tate\Desktop\OTL.exe
[2013/11/29 20:16:07 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/11/29 19:42:00 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/29 15:42:03 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/29 15:39:56 | 000,141,833 | ---- | M] () -- C:\Users\Tate\Desktop\Help reoving Scorpion Saver, DDS.com not running.pdf
[2013/11/29 15:39:38 | 005,150,163 | ---- | M] (Swearware) -- C:\Users\Tate\Desktop\ComboFix.exe
[2013/11/29 14:44:29 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/28 16:34:15 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\AVG_SYS_TASK_DELETE.job
[2013/11/28 16:34:04 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\AVG_SYS_TASK.job
[2013/11/28 16:32:46 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/11/28 16:32:45 | 2479,042,559 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/28 16:17:27 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013/11/28 16:17:27 | 000,731,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013/11/28 16:17:27 | 000,135,726 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013/11/28 16:07:23 | 001,034,531 | ---- | M] (Thisisu) -- C:\Users\Tate\Desktop\JRT.exe
[2013/11/28 16:07:03 | 001,091,882 | ---- | M] () -- C:\Users\Tate\Desktop\AdwCleaner.exe
[2013/11/27 23:09:42 | 001,958,850 | ---- | M] (Farbar) -- C:\Users\Tate\Desktop\FRST64.exe
[2013/11/27 19:15:52 | 000,688,992 | ---- | M] (Swearware) -- C:\Users\Tate\Desktop\dds.com
[2013/11/26 13:46:31 | 005,107,936 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013/11/23 19:54:47 | 000,007,602 | ---- | M] () -- C:\Users\Tate\AppData\Local\Resmon.ResmonCfg
[2013/11/18 20:20:37 | 000,000,843 | ---- | M] () -- C:\Users\Tate\AppData\Local\recently-used.xbel
[2013/11/17 23:56:52 | 000,001,613 | ---- | M] () -- C:\Users\Tate\Desktop\Programs.lnk
[2013/11/17 23:20:36 | 000,005,360 | ---- | M] () -- C:\WINDOWS\SysWow64\AdpeakProxy.ini
[2013/11/17 23:20:36 | 000,002,312 | ---- | M] () -- C:\WINDOWS\SysWow64\AdpeakProxyOff.ini
[2013/11/17 23:20:36 | 000,002,312 | ---- | M] () -- C:\WINDOWS\SysNative\AdpeakProxyOff.ini
[2013/11/16 22:57:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013/11/16 22:57:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2013/11/16 11:38:58 | 000,002,301 | ---- | M] () -- C:\Users\Tate\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/11/12 21:38:52 | 001,884,448 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6432683.dll
[2013/11/12 21:38:52 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6432683.dll
[2013/11/12 18:44:40 | 000,001,145 | ---- | M] () -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
[2013/11/12 17:45:03 | 001,002,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinUSBCoInstaller2.dll
[2013/11/08 18:38:25 | 000,001,108 | ---- | M] () -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/11/08 17:28:53 | 000,001,744 | ---- | M] () -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2013/11/07 23:21:04 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\SysNative\drivers\LNonPnP.sys
[2013/11/07 23:07:12 | 000,028,578 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2013/11/07 23:07:11 | 000,028,578 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2013/11/07 23:06:58 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013/11/07 22:48:54 | 000,109,543 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\RTWAVES30.dat
[2013/11/07 22:48:43 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013/11/07 22:46:03 | 000,872,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2013/11/07 22:46:03 | 000,698,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2013/11/07 22:45:53 | 002,140,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2013/11/07 22:45:53 | 001,765,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2013/11/07 22:45:53 | 001,286,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2013/11/07 22:45:53 | 001,217,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2013/11/07 22:45:53 | 000,977,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2013/11/07 22:45:53 | 000,516,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2013/11/07 22:45:53 | 000,382,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2013/11/07 22:45:53 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2013/11/07 22:45:53 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2013/11/07 18:59:45 | 000,799,196 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00C.dat
[2013/11/07 18:59:45 | 000,797,120 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00A.dat
[2013/11/07 18:59:45 | 000,446,336 | ---- | M] () -- C:\WINDOWS\SysNative\prfh0404.dat
[2013/11/07 18:59:45 | 000,432,016 | ---- | M] () -- C:\WINDOWS\SysNative\prfh0804.dat
[2013/11/07 18:59:45 | 000,162,488 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00A.dat
[2013/11/07 18:59:45 | 000,155,218 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00C.dat
[2013/11/07 18:59:45 | 000,132,686 | ---- | M] () -- C:\WINDOWS\SysNative\prfc0804.dat
[2013/11/07 18:59:45 | 000,132,686 | ---- | M] () -- C:\WINDOWS\SysNative\prfc0404.dat
[2013/11/07 17:35:07 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll
[2013/11/07 17:35:06 | 000,312,744 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaws.exe
[2013/11/07 17:35:06 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaw.exe
[2013/11/07 17:35:06 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\java.exe
[2013/11/07 16:06:34 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/11/07 15:31:08 | 000,001,426 | ---- | M] () -- C:\Users\Tate\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/07 15:31:08 | 000,000,223 | -HS- | M] () -- C:\Users\Tate\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2013/11/06 15:42:12 | 000,005,360 | ---- | M] () -- C:\WINDOWS\SysNative\AdpeakProxy.ini
[2013/11/05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgdiska.sys
[2013/11/05 15:31:26 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013/11/05 15:31:26 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013/11/05 08:20:05 | 013,925,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2013/11/05 08:11:46 | 018,577,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2013/11/05 06:30:00 | 011,674,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2013/11/05 06:29:00 | 013,176,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2013/11/04 21:52:42 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgidsdrivera.sys
[2013/10/31 23:00:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgldx64.sys
[2013/10/31 22:49:46 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgloga.sys
 
========== Files Created - No Company Name ==========
 
[2013/11/29 15:39:56 | 000,141,833 | ---- | C] () -- C:\Users\Tate\Desktop\Help reoving Scorpion Saver, DDS.com not running.pdf
[2013/11/28 16:07:36 | 001,091,882 | ---- | C] () -- C:\Users\Tate\Desktop\AdwCleaner.exe
[2013/11/24 02:27:20 | 000,001,115 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
[2013/11/24 02:20:14 | 000,001,015 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2013/11/23 20:17:39 | 000,001,033 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2013/11/23 19:54:47 | 000,007,602 | ---- | C] () -- C:\Users\Tate\AppData\Local\Resmon.ResmonCfg
[2013/11/20 18:15:00 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\AVG_SYS_TASK.job
[2013/11/20 18:14:59 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\AVG_SYS_TASK_DELETE.job
[2013/11/19 19:07:06 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/11/19 19:03:22 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/11/18 20:20:37 | 000,000,843 | ---- | C] () -- C:\Users\Tate\AppData\Local\recently-used.xbel
[2013/11/18 20:15:35 | 000,000,910 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2013/11/17 23:56:21 | 000,001,613 | ---- | C] () -- C:\Users\Tate\Desktop\Programs.lnk
[2013/11/16 22:57:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013/11/16 22:57:19 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2013/11/16 18:07:43 | 000,385,528 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2013/11/12 21:37:07 | 003,426,956 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2013/11/12 20:32:54 | 000,023,287 | ---- | C] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2013/11/12 18:44:40 | 000,001,145 | ---- | C] () -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
[2013/11/12 16:55:36 | 000,975,932 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMIDST-3.4.exe
[2013/11/09 21:09:03 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/11/08 18:38:25 | 000,001,108 | ---- | C] () -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/11/08 17:28:53 | 000,001,744 | ---- | C] () -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2013/11/08 17:28:53 | 000,001,720 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
[2013/11/07 23:09:27 | 000,001,444 | ---- | C] () -- C:\Users\Tate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/11/07 23:06:58 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013/11/07 22:58:16 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/11/07 22:54:55 | 000,000,352 | ---- | C] () -- C:\Users\Tate\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/11/07 22:54:54 | 000,000,334 | ---- | C] () -- C:\Users\Tate\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/11/07 22:54:47 | 000,028,578 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2013/11/07 22:54:47 | 000,028,578 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2013/11/07 22:48:52 | 000,109,543 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTWAVES30.dat
[2013/11/07 22:48:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013/11/07 17:06:22 | 000,000,871 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pandora.lnk
[2013/11/07 16:22:28 | 000,002,951 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\mfencbdc.inf
[2013/11/07 16:22:28 | 000,002,641 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\mfencrk.inf
[2013/11/07 16:06:34 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/11/07 15:35:49 | 000,675,988 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft.exe
[2013/11/07 15:32:23 | 000,002,301 | ---- | C] () -- C:\Users\Tate\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/11/07 15:32:02 | 000,000,924 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/07 15:32:01 | 000,000,920 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/07 15:31:08 | 000,001,426 | ---- | C] () -- C:\Users\Tate\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/07 15:22:39 | 000,000,223 | -HS- | C] () -- C:\Users\Tate\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2013/11/06 15:42:12 | 000,005,360 | ---- | C] () -- C:\WINDOWS\SysWow64\AdpeakProxy.ini
[2013/11/06 15:42:12 | 000,005,360 | ---- | C] () -- C:\WINDOWS\SysNative\AdpeakProxy.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | C] () -- C:\WINDOWS\SysWow64\AdpeakProxyOff.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | C] () -- C:\WINDOWS\SysNative\AdpeakProxyOff.ini
[2013/10/01 13:02:30 | 000,303,104 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/10/01 13:02:26 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/10/01 13:02:26 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/22 07:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 07:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 06:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/21 23:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 19:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:17:46 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/08/21 15:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 15:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/02/13 11:27:54 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
[2012/11/27 10:26:00 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe
[2012/11/27 10:26:00 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2012/11/27 10:26:00 | 000,000,103 | ---- | C] () -- C:\ProgramData\SetStretch.VBS
[2012/07/25 12:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012/07/25 12:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
 
========== ZeroAccess Check ==========
 
[2013/11/12 17:44:39 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/11/05 12:21:27 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/11/05 10:51:37 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 01:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 18:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 01:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 183 bytes -> C:\Users\Tate\SkyDrive:ms-properties
 
< End of report >


#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:12 PM

Posted 30 November 2013 - 10:14 AM


Hello TatertotInvasion

I would like you to run this custom script for me now and when it is complete please give me the report and a status update for the computer.

Run OTL Script
  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the customFix.png text box.
    :OTL
    FF - user.js - File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
    O4 - HKLM..\Run: [StereoLinksInstall] "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1 File not found
    O4 - HKU\S-1-5-21-2564788367-3890907632-807164078-1002..\Run: [AdobeBridge]  File not found
    O8:64bit: - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
    O8:64bit: - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
    O8:64bit: - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
    O8:64bit: - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
    O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
    O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
    O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
    O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\ms-help - No CLSID value found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    PRC - c:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Adpeak, Inc.)
    SRV:64bit: - (Level Quality Watcher) -- C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe ()
    SRV:64bit: - (AdpeakProxy) -- c:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Adpeak, Inc.)
    O2 - BHO: (ScorpionSaver) - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\ScorpionSaver\IECore.dll ()
    [2013/11/17 23:20:27 | 000,000,000 | ---D | C] -- C:\Program Files\ScorpionSaver Services
    [2013/11/16 23:17:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScorpionSaver
    [2013/11/16 23:16:51 | 000,000,000 | ---D | C] -- C:\temp
    [2013/11/16 23:16:48 | 000,000,000 | ---D | C] -- C:\Program Files\Level Quality Watcher
    [2013/11/17 23:20:36 | 000,005,360 | ---- | M] () -- C:\WINDOWS\SysWow64\AdpeakProxy.ini
    [2013/11/17 23:20:36 | 000,002,312 | ---- | M] () -- C:\WINDOWS\SysWow64\AdpeakProxyOff.ini
    [2013/11/17 23:20:36 | 000,002,312 | ---- | M] () -- C:\WINDOWS\SysNative\AdpeakProxyOff.ini
    [2013/11/06 15:42:12 | 000,005,360 | ---- | M] () -- C:\WINDOWS\SysNative\AdpeakProxy.ini
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [PURITY]
    [emptyjava]
    [EMPTYFLASH]
    [reboot]
    
  • Then click the Run Fix button at the top.
  • Click btnOK.png.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

    Note** if the report does not popup after the computer reboots you can find it here in this folder - C:\_OTL\MovedFiles

    It will be named - mmddyyyy_hhmmss.log

    Where mmddyyyy_hhmmss - are numbers representing the date and time the fix was run.


Let me know How things are doing

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 TatertotInvasion

TatertotInvasion
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 30 November 2013 - 05:55 PM

I see no signs of Scorpion Saver while browsing, although I went to look in the "uninstall or change a program", and it was still listed there.

 

Here's the log from OTL::

 

========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\StereoLinksInstall deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2564788367-3890907632-807164078-1002\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Clip Image\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Clip selection\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Clip this page\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Clip URL\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Clip Image\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Clip selection\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Clip this page\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Clip URL\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Process AdpeakProxy.exe killed successfully!
Service Level Quality Watcher stopped successfully!
Service Level Quality Watcher deleted successfully!
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe moved successfully.
Service AdpeakProxy stopped successfully!
Service AdpeakProxy deleted successfully!
c:\Program Files\ScorpionSaver Services\AdpeakProxy.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}\ deleted successfully.
C:\Program Files (x86)\ScorpionSaver\IECore.dll moved successfully.
C:\Program Files\ScorpionSaver Services folder moved successfully.
C:\Program Files (x86)\ScorpionSaver folder moved successfully.
C:\temp folder moved successfully.
C:\Program Files\Level Quality Watcher\v1.01 folder moved successfully.
C:\Program Files\Level Quality Watcher folder moved successfully.
C:\Windows\SysWOW64\AdpeakProxy.ini moved successfully.
C:\Windows\SysWOW64\AdpeakProxyOff.ini moved successfully.
C:\Windows\SysNative\AdpeakProxyOff.ini moved successfully.
C:\Windows\SysNative\AdpeakProxy.ini moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Tate\Desktop\cmd.bat deleted successfully.
C:\Users\Tate\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYJAVA]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Default.migrated
 
User: Public
 
User: Tate
->Java cache emptied: 437686 bytes
 
User: UpdatusUser
 
Total Java Files Cleaned = 0.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 57472 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Default.migrated
 
User: Public
 
User: Tate
->Flash cache emptied: 2553 bytes
 
User: UpdatusUser
->Flash cache emptied: 57472 bytes
 
Total Flash Files Cleaned = 0.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 11302013_144402


#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:12 PM

Posted 30 November 2013 - 08:26 PM


Hello

:P2P Warning!:

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. P2P programs form a direct conduit on to your computer, their security measures are easily circumvented and malware writers are increasingly exploiting them to spread their wares on to your computer. Further to that, if your P2P program is not configured correctly, your computer may be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.These logs are looking allot better. But we still have some work to do.


uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (it does allot better of a job
  • Programs to remove

    • µTorrent
      Adobe Reader X MUI
      ScorpionSaver
      ScorpionSaver Services
      Search Protect by conduit
      Search Protection



  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.


Update Adobe reader
  • Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

    You can download it from http://www.adobe.com/products/acrobat/readstep2.html
    After installing the latest Adobe Reader, uninstall all previous versions.
    If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.
    • If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.

      Note: When installing FoxitReader, be careful not to install anything to do with AskBar.

Clean Out Temp Files
  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here CCleaner
    • Run the installer to install the application.
    • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
    • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
    • Click Run Cleaner.
    • Close CCleaner.
: Malwarebytes' Anti-Malware :
  • Please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.




Download HijackThis
  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic
"information and logs"
  • In your next post I need the following
    • Log From MBAM
    • report from Hijackthis
    • let me know of any problems you may have had
    • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 TatertotInvasion

TatertotInvasion
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 01 December 2013 - 03:22 AM

I had no problems running these programs. My computer seems to be fine now, I notice no signs of infection.

 

 

MBAM

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org
 
Database version: v2013.12.01.02
 
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16438
Tate :: GOLDENTATERTOT [administrator]
 
12/1/2013 12:12:06 AM
mbam-log-2013-12-01 (00-12-06).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 233799
Time elapsed: 5 minute(s), 5 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 5
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKCR\AppID\AdpeakProxy.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKCR\Wow6432Node\AppID\AdpeakProxy.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Adpeak, Inc. (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\Users\Tate\Downloads\Start Menu.zip (Trojan.Dropper) -> Quarantined and deleted successfully.
 
(end)
 
 
 
 
 
 
 
 
 
hijackthis
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:20:18 AM, on 12/1/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16384)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Auto Typer by MurGee\AutoTyper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Tate\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\Tate\Desktop\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.2.1\AVG SafeGuard toolbar_toolbar.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [AutoTyperMurGee] C:\ProgramData\Auto Typer by MurGee\AutoTyper.exe :settings
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_1113a] C:\Users\Tate\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=55f2e3d2420247d39dc0f543228dda13-f50525a840464c2ee0321a11d4741edc1b4226b7 /CMPID=1113a
O4 - HKCU\..\Run: [MurGee.com Auto Clicker] C:\Users\Tate\AppData\Local\Auto Clicker\AutoClicker.exe :silent
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Dropbox.lnk = Tate\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AtherosSvc - Windows ® Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - C:\Program Files\mcafee\msc\McAWFwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater17.1.2 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
 
--
End of file - 16735 bytes
 


#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:12 PM

Posted 01 December 2013 - 10:53 AM


Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.
  • Run HijackThis (rightclick and run as admin)
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
      O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
      O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
      O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
      O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
      O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
      O4 - HKCU\..\Run: [AutoTyperMurGee] C:\ProgramData\Auto Typer by MurGee\AutoTyper.exe :settings
      O4 - HKCU\..\Run: [MurGee.com Auto Clicker] C:\Users\Tate\AppData\Local\Auto Clicker\AutoClicker.exe :silent
      O4 - Startup: Dropbox.lnk = Tate\AppData\Roaming\Dropbox\bin\Dropbox.exe
      O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
      O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe


  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.
    • NOTE**You can research each of those lines >here< and see if you want to keep them or not
      just copy the name between the brackets and paste into the search space
      O4 - HKLM\..\Run: [IntelliPoint]


Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the add/on to be installed
    • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
    • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.

  • Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish
When the scan is complete
  • If no threats were found
    • put a checkmark in "Uninstall application on close"
    • close program
    • report to me that nothing was found
  • If threats were found
    • click on "list of threats found"
    • click on "export to text file" and save it as ESET SCAN and save to the desktop
    • Click on back
    • put a checkmark in "Uninstall application on close"
    • click on finish
    • close program
    • copy and paste the report here
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 TatertotInvasion

TatertotInvasion
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 02 December 2013 - 12:03 AM

The Eset is not detecting that it is running in IE, although it is. Should I download the program that it prompts me to?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users