Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Rootkit from Lan Party


  • This topic is locked This topic is locked
7 replies to this topic

#1 Firerouge

Firerouge

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:42 AM

Posted 14 January 2014 - 11:17 PM

I can't be certain I am infected, but suspicious activity would suggest I am.

 

I can't run DDS since it says can't be run in compatibility mode (windows 8.1).

 

I ran aswMBR and it returned this and then crashed:

 
I ran Malwarebytes and the Malwarebytes anti Rootkit, nothing was found.

 

I ran SFC, it found corruptions, but couldn't repair, here's the log:

https://www.dropbox.com/s/6na67dj0y3xq03j/CBS.log

 

And while running some bug checkers I got this BSOD:

https://www.dropbox.com/s/657zawjdg3mjevh/BSOD.evtx

Here is the memory dump:

https://www.dropbox.com/s/kbcych9srrp7df3/MEMORY.DMP


Edited by Firerouge, 15 January 2014 - 12:02 AM.


BC AdBot (Login to Remove)

 


#2 Firerouge

Firerouge
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:42 AM

Posted 15 January 2014 - 08:32 PM

I tried system restore. But I don't believe it removed it.



#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,762 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:42 PM

Posted 19 January 2014 - 11:20 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/520891 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 Firerouge

Firerouge
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:42 AM

Posted 21 January 2014 - 07:51 PM

The problem, I'm pretty sure I got a rootkit, can't be certain.

 

Can't create a DDS log, but I'm running Windows 8.1 64bit.

 

I don't have a CD, but I have an 8.1 iso laying around.


Edited by Firerouge, 21 January 2014 - 07:52 PM.


#5 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:42 PM

Posted 24 January 2014 - 03:46 PM

Hi and sorry for the delay.

 

 

I can't be certain I am infected, but suspicious activity would suggest I am.

The problem, I'm pretty sure I got a rootkit, can't be certain.

 

Can you please provide concrete symptoms that your suspicion was based on in the first place? What abnormal activity did you notice?

 

As DDS does not yet run on Windows 8.1 please give FRST a shot to begin with:

 

 

Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)

  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

 



#6 Firerouge

Firerouge
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:42 AM

Posted 27 January 2014 - 04:40 PM

Symptoms were abnormally high CPU usage by windows Defender (I've since disabled Defender and am using Avira now), and Service Host: Local System in task manager as well as momentary (think 30-90 second) lockups where the mouse could move but clicks would do nothing, until the lockup ended, then everything would happen. This lockup extended to Ctrl-Shift-Esc and Ctrl-Alt-Del, neither would do anything until the system started responding again.

 

 

 

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 01
Ran by Alex (administrator) on ALEX-DESKTOP on 27-01-2014 13:35:12
Running from C:\Users\Alex\Downloads
Windows 8.1 Pro (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Flux Software LLC) C:\Users\Alex\AppData\Local\FluxSoftware\Flux\flux.exe
() C:\Program Files (x86)\Deluge\deluge.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Deluge\deluged.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(EJIE Technology) C:\Program Files (x86)\Clover\clover.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-09] (Avira Operations GmbH & Co. KG)
HKCU\...\Run: [f.lux] - C:\Users\Alex\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-15] (Flux Software LLC)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
MountPoints2: {0b6364fc-4607-11e3-825a-e5eff302908f} - "D:\VZW_Software_upgrade_assistant.exe" 
MountPoints2: {0b636b1d-4607-11e3-825a-e5eff302908f} - "D:\VZW_Software_upgrade_assistant.exe" 
MountPoints2: {dd639e2c-42aa-11e3-825a-e5eff302908f} - "I:\setup.exe" -a
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Deluge.lnk
ShortcutTarget: Deluge.lnk -> C:\Program Files (x86)\Deluge\deluge.exe ()
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB7EE07B3E8D4CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ExplorerWatcher Class - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - C:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Technology)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\..\Interfaces\{357C6636-B3DE-4D81-A393-BC1593C46EFB}: [NameServer]8.8.8.8,8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\s01fk3dt.default
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 8080
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchKeyword: google.com_
CHR Extension: (Entanglement Web App) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2013-10-22]
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-22]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-22]
CHR Extension: (YouTube Center) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcegdpionpopahcglnfiiioapcclamdj [2013-10-23]
CHR Extension: (James White) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2013-10-22]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-22]
CHR Extension: (Honey) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2013-10-22]
CHR Extension: (SmoothScroll) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccpiddacjljmfbbgeimpelpndgpoknn [2013-10-22]
CHR Extension: (Adblock Plus) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-22]
CHR Extension: (absOrb) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhngphbmaiknkijaeehlmhaighhbofa [2013-10-22]
CHR Extension: (Bouncy Mouse) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb [2013-10-22]
CHR Extension: (Webpage Screenshot Capture) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2013-10-22]
CHR Extension: (Weebly - Website Builder) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnocophcbjfiimmnhlhleaooedeheifb [2013-10-22]
CHR Extension: (Google Search) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-22]
CHR Extension: (iMacros for Chrome) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp [2013-10-22]
CHR Extension: (MightyText - Send/Receive SMS Text Messages) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2013-10-22]
CHR Extension: (Google News) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2013-10-22]
CHR Extension: (Send2Cloud) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbdajcmcdaechnkloemenffmdoegmnj [2013-10-22]
CHR Extension: (Gmail Offline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2013-10-22]
CHR Extension: (Google Calendar) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-10-22]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2013-10-22]
CHR Extension: (Pandora) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2013-10-22]
CHR Extension: (After the Deadline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdjadjbdihbaodagojiomdljhjhjfho [2013-10-22]
CHR Extension: (Canvas Defense) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmamefdpbpjkfhaaiejkhfkeibbkjicf [2013-10-22]
CHR Extension: (Facebook for Chrome) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2013-10-22]
CHR Extension: (AdBlock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-10-22]
CHR Extension: (FlashBlock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2013-10-22]
CHR Extension: (Updater for Google Web History) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibhehjeahclandhcpbajhdfjeffnbcoa [2013-10-22]
CHR Extension: (Google Play Music) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2013-10-22]
CHR Extension: (Canabalt - HD Version) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkempgfofnfmanpnnhiojeadfhhleicd [2013-10-22]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2013-10-22]
CHR Extension: (StumbleUpon) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg [2013-10-22]
CHR Extension: (Google Voice (by Google)) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2013-10-22]
CHR Extension: (Cargo Bridge) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn [2013-10-22]
CHR Extension: (Chromium Wheel Smooth Scroller) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb [2013-10-22]
CHR Extension: (HootSuite) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kneloppijbcidgidihgdjnooihjcdbij [2013-10-22]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2013-10-22]
CHR Extension: (Beautify FB) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngjhkgckijklngngononnejmadojce [2013-10-22]
CHR Extension: (Stop Autoplay for YouTube.) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdfnbpkmkkdhgidgcpdkgpdlfjcgnnh [2013-10-22]
CHR Extension: (Sketchpad) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2013-10-22]
CHR Extension: (Poppit) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2013-10-22]
CHR Extension: (Plants vs Zombies) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2014-01-06]
CHR Extension: (Google Play Books) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2013-10-22]
CHR Extension: (ChromeReload) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo [2013-10-22]
CHR Extension: (Google Wallet) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-22]
CHR Extension: (Hover Zoom) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2013-10-22]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2013-10-22]
CHR Extension: (The Google Puzzle) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocklllceancijjgbleckjppkdpgionia [2013-10-22]
CHR Extension: (Auto Refresh Plus) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih [2013-10-22]
CHR Extension: (Sinuous) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\omlmnomieeknagejjojcpdomnbnbchdl [2013-10-22]
CHR Extension: (Onion News Network) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\paolneildlfbbkcfdkokicbeodacnhfa [2013-10-22]
CHR Extension: (Ozone) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\peeefgkjcjfpjdmpklpfaompngmbknje [2013-10-22]
CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-22]
 
==================== Services (Whitelisted) =================
 
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-09] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2013-10-29] (Microsoft Corporation)
R2 FreeAgentGoFlex Service; C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe [91432 2011-02-10] (Seagate Technology LLC)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation)
R2 vmms; C:\Windows\system32\vmms.exe [13368832 2014-01-11] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [68960 2014-01-11] (Microsoft Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-08-22] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [19456 2014-01-11] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22016 2014-01-11] (Microsoft Corporation)
S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [27136 2014-01-11] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 rkhdrv40; C:\Windows\SysWow64\Drivers\rkhdrv40.sys [24448 2014-01-14] ()
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113936 2013-12-18] (Oracle Corporation)
S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [19456 2014-01-11] (Microsoft Corporation)
R3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [686080 2013-10-07] (Microsoft Corporation)
S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [686080 2013-10-07] (Microsoft Corporation)
S3 VMSVSF; C:\Windows\system32\DRIVERS\vmswitch.sys [686080 2013-10-07] (Microsoft Corporation)
S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [686080 2013-10-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-01-27 13:35 - 2014-01-27 13:37 - 00023361 _____ C:\Users\Alex\Downloads\FRST.txt
2014-01-27 13:34 - 2014-01-27 13:34 - 00000000 ____D C:\FRST
2014-01-27 13:29 - 2014-01-27 13:30 - 02079232 _____ (Farbar) C:\Users\Alex\Downloads\FRST64.exe
2014-01-27 11:43 - 2014-01-27 11:43 - 00655882 _____ C:\Users\Alex\Downloads\YouTubeCenter (1).crx
2014-01-27 11:36 - 2014-01-27 11:37 - 00000000 ____D C:\Users\Alex\Downloads\Microsoft.Visio.Professional.2013.x64-iNDiSO
2014-01-27 11:35 - 2014-01-27 11:35 - 00007065 _____ C:\Users\Alex\Downloads\Microsoft.Visio.Professional.2013.x64-iNDiSO.torrent
2014-01-24 09:49 - 2014-01-24 09:49 - 00000000 ____D C:\Users\Alex\AppData\Roaming\DropboxMaster
2014-01-21 16:50 - 2014-01-21 16:50 - 00688992 _____ (Swearware) C:\Users\Alex\Downloads\dds (1).com
2014-01-20 16:06 - 2014-01-20 16:06 - 00005175 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 16:06 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-20 16:01 - 2014-01-20 16:01 - 00000000 ____D C:\Users\Alex\Dropbox\Documents\National Instruments
2014-01-20 16:01 - 2014-01-20 16:01 - 00000000 ____D C:\Users\Alex\Dropbox\Documents\CptS 223
2014-01-15 17:32 - 2014-01-15 17:31 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-01-14 20:21 - 2014-01-14 19:54 - 1035642773 _____ C:\Users\Alex\Desktop\MEMORY.DMP
2014-01-14 20:16 - 2014-01-14 20:16 - 00069632 _____ C:\Users\Alex\Desktop\BSOD.evtx
2014-01-14 20:16 - 2014-01-14 20:16 - 00000000 ____D C:\Users\Alex\Desktop\LocaleMetaData
2014-01-14 20:11 - 2014-01-14 20:11 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-01-14 20:11 - 2014-01-14 20:11 - 00000000 ____D C:\Program Files (x86)\WinDirStat
2014-01-14 20:10 - 2014-01-14 20:10 - 00645729 _____ (WDS Team) C:\Users\Alex\Downloads\windirstat1_1_2_setup.exe
2014-01-14 20:02 - 2014-01-14 01:41 - 01744364 _____ C:\Users\Alex\Desktop\CBS.log
2014-01-14 19:55 - 2014-01-14 19:55 - 00301240 _____ C:\Windows\Minidump\011414-30140-01.dmp
2014-01-14 19:09 - 2013-11-27 07:36 - 03395920 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2014-01-14 19:07 - 2014-01-14 19:07 - 00688992 _____ (Swearware) C:\Users\Alex\Downloads\dds.com
2014-01-14 19:07 - 2013-11-27 00:48 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 19:07 - 2013-11-27 00:40 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 19:06 - 2013-11-27 00:17 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-14 19:06 - 2013-11-27 00:12 - 00848384 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-14 19:05 - 2013-11-27 03:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2014-01-14 19:05 - 2013-11-27 02:34 - 00138240 _____ C:\Windows\system32\OEMLicense.dll
2014-01-14 19:05 - 2013-11-27 01:54 - 00103936 _____ C:\Windows\SysWOW64\OEMLicense.dll
2014-01-14 19:05 - 2013-11-27 00:45 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2014-01-14 19:05 - 2013-11-27 00:38 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-01-14 19:03 - 2014-01-14 19:03 - 00001191 _____ C:\Users\Alex\AppData\Local\recently-used.xbel
2014-01-14 19:03 - 2013-12-08 16:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-01-14 19:03 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-01-14 19:03 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-01-14 19:03 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-01-14 19:03 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-01-14 19:03 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-01-14 19:03 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-01-14 19:03 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-01-14 19:03 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-01-14 19:03 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-01-14 19:03 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-01-14 19:03 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-01-14 19:03 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-01-14 19:03 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-01-14 19:03 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-01-14 19:03 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-01-14 19:03 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-01-14 19:03 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-01-14 19:03 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-01-14 19:03 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-01-14 19:03 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-01-14 19:03 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-01-14 19:03 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-01-14 19:03 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-01-14 19:03 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-01-14 19:03 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-01-14 19:03 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-01-14 19:03 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-01-14 19:03 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-01-14 19:03 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-01-14 19:03 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-01-14 19:03 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-01-14 19:03 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-01-14 19:03 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-01-14 19:03 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-01-14 19:03 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-01-14 19:03 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-01-14 19:03 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-01-14 19:03 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-01-14 19:03 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-01-14 19:03 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-01-14 19:03 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-01-14 19:03 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-01-14 19:03 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-01-14 19:03 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-01-14 19:03 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-01-14 19:03 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-01-14 19:03 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-01-14 19:03 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-01-14 19:03 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-01-14 19:03 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-01-14 19:03 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-01-14 19:03 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-01-14 19:03 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-01-14 19:03 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-01-14 19:03 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-01-14 19:03 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-01-14 19:03 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-01-14 19:03 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-01-14 19:03 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-01-14 19:03 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-01-14 19:03 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-01-14 19:03 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-01-14 19:03 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-01-14 19:03 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-01-14 19:03 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-01-14 19:03 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-01-14 19:03 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-01-14 19:03 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-01-14 19:03 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-01-14 19:03 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-01-14 19:03 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-01-14 19:03 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-01-14 19:03 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-01-14 19:03 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-01-14 19:03 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-01-14 19:03 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-01-14 19:03 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-01-14 19:03 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-01-14 19:03 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-01-14 19:03 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-01-14 19:03 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-01-14 19:03 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-01-14 19:03 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-01-14 19:03 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-01-14 19:03 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-01-14 19:03 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-01-14 19:03 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-01-14 19:03 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-01-14 19:03 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-01-14 19:03 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-01-14 19:03 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-01-14 19:03 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-01-14 19:03 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-01-14 19:03 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-01-14 19:03 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-01-14 19:03 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-01-14 19:03 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-01-14 19:03 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-01-14 19:03 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-01-14 19:03 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-01-14 19:03 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-01-14 19:03 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-01-14 19:03 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-01-14 19:03 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-01-14 19:03 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-01-14 19:03 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-01-14 19:03 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-01-14 19:03 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-01-14 19:03 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-01-14 19:03 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-01-14 19:03 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-01-14 19:03 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-01-14 19:03 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-01-14 19:03 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-01-14 19:03 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-01-14 19:03 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-01-14 19:03 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-01-14 19:03 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-01-14 19:03 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-01-14 19:03 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-01-14 19:03 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-01-14 19:03 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-01-14 19:03 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-01-14 19:03 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-01-14 19:02 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-01-14 19:02 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-01-14 19:02 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-01-14 19:02 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-01-14 19:02 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-01-14 19:02 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-01-14 19:02 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-01-14 19:02 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-01-14 19:02 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-01-14 19:02 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-01-14 19:02 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-01-14 19:02 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-01-14 19:02 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-01-14 19:02 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-01-14 19:02 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-01-14 19:02 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-01-14 19:02 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-01-14 19:02 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-01-14 19:02 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-01-14 19:02 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-01-14 19:02 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-01-14 19:02 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-01-14 19:02 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-01-14 19:02 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-01-14 19:02 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-01-14 19:02 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-01-14 19:02 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-01-14 19:02 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-01-14 19:02 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-01-14 19:02 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-01-14 19:02 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-01-14 19:02 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-01-14 19:02 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-01-14 19:02 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-01-14 19:01 - 2014-01-14 19:01 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Avira
2014-01-14 18:56 - 2014-01-14 18:56 - 00000000 ____D C:\ProgramData\Avira
2014-01-14 18:56 - 2014-01-14 18:56 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-14 18:56 - 2013-12-09 11:37 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-01-14 18:56 - 2013-12-09 11:37 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-01-14 18:56 - 2013-12-09 11:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-01-14 18:42 - 2014-01-14 18:42 - 00388608 _____ (Trend Micro Inc.) C:\Users\Alex\Downloads\HijackThis.exe
2014-01-14 18:36 - 2014-01-14 18:36 - 04745728 _____ (AVAST Software) C:\Users\Alex\Downloads\aswmbr.exe
2014-01-14 18:34 - 2014-01-14 18:35 - 129564536 _____ C:\Users\Alex\Downloads\avira_free_antivirus_en.exe
2014-01-14 18:28 - 2014-01-14 18:50 - 00000000 ____D C:\Users\Alex\Desktop\mbar
2014-01-14 18:28 - 2014-01-14 18:29 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-14 18:28 - 2014-01-14 18:28 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-14 18:27 - 2014-01-14 18:27 - 82449480 _____ (Sophos Limited) C:\Users\Alex\Downloads\Sophos Virus Removal Tool.exe
2014-01-14 18:26 - 2014-01-14 18:26 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Alex\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-14 18:26 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-14 18:23 - 2014-01-14 18:23 - 00158300 _____ C:\Users\Alex\Downloads\RkU37300505.zip
2014-01-14 18:23 - 2014-01-14 18:23 - 00024448 _____ C:\Windows\SysWOW64\Drivers\rkhdrv40.sys
2014-01-14 18:23 - 2014-01-14 18:23 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rootkit Unhooker
2014-01-14 18:23 - 2014-01-14 18:23 - 00000000 ____D C:\RkUnhooker
2014-01-14 18:22 - 2014-01-14 18:22 - 00688992 _____ (Swearware) C:\Users\Alex\Downloads\dds.scr
2014-01-14 18:22 - 2014-01-14 18:22 - 00050477 _____ C:\Users\Alex\Downloads\Defogger.exe
2014-01-14 18:22 - 2014-01-14 18:22 - 00000470 _____ C:\Users\Alex\Downloads\defogger_disable.log
2014-01-14 18:22 - 2014-01-14 18:22 - 00000000 _____ C:\Users\Alex\defogger_reenable
2014-01-14 18:10 - 2014-01-14 18:10 - 00000000 ____D C:\Users\Alex\AppData\Local\Apps\2.0
2014-01-14 17:39 - 2014-01-14 17:39 - 00000000 ____D C:\Users\Alex\AppData\Local\Avg2014
2014-01-14 00:55 - 2014-01-14 01:01 - 00000000 ____D C:\ProgramData\MFAData
2014-01-14 00:55 - 2014-01-14 00:55 - 00000000 ____D C:\Users\Alex\AppData\Local\MFAData
2014-01-14 00:54 - 2014-01-14 00:54 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Malwarebytes
2014-01-14 00:53 - 2014-01-14 18:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-14 00:53 - 2014-01-14 00:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-13 23:53 - 2014-01-13 23:54 - 00000000 ____D C:\Users\Alex\AppData\Roaming\.minecraft
2014-01-13 15:24 - 2014-01-13 15:25 - 16829923 _____ C:\Users\Alex\Downloads\OSBIDE Prerequisites.zip
2014-01-13 15:24 - 2014-01-13 15:25 - 08275851 _____ C:\Users\Alex\Downloads\OSBIDE.vsix
2014-01-12 15:53 - 2014-01-12 15:53 - 00098054 _____ C:\Users\Alex\Downloads\The.Fifth.Estate.2013.1080p.BluRay.x264-SPARKS.torrent
2014-01-12 15:47 - 2014-01-12 15:47 - 00032971 _____ C:\Users\Alex\Downloads\settings_331_1M.dat
2014-01-12 15:28 - 2014-01-12 15:28 - 00000000 ____D C:\Users\Alex\AppData\Local\My Games
2014-01-12 15:24 - 2014-01-14 17:58 - 00000000 ____D C:\Users\Alex\AppData\Roaming\uTorrent
2014-01-12 15:24 - 2014-01-12 15:24 - 01045072 _____ (BitTorrent Inc.) C:\Users\Alex\Downloads\utorrent_3.3_29677.exe
2014-01-12 15:21 - 2014-01-12 15:21 - 00074929 _____ C:\Users\Alex\Downloads\The.Kings.Of.Summer.2013.LIMITED.1080p.BluRay.x264-GECKOS.torrent
2014-01-12 15:11 - 2014-01-12 15:11 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-01-12 12:59 - 2014-01-12 12:59 - 00000000 ____D C:\Users\Alex\AppData\Local\Clover
2014-01-12 12:59 - 2014-01-12 12:59 - 00000000 ____D C:\Program Files (x86)\Clover
2014-01-12 12:06 - 2014-01-12 12:07 - 275436889 _____ C:\Users\Alex\Desktop\california trip.zip
2014-01-12 11:14 - 2014-01-12 11:15 - 00000000 ____D C:\Program Files (x86)\LinuxLive USB Creator
2014-01-12 11:14 - 2014-01-12 11:14 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2014-01-12 11:12 - 2014-01-12 11:12 - 04764779 _____ (LinuxLive USB Creator) C:\Users\Alex\Downloads\LinuxLive USB Creator 2.8.27.exe
2014-01-11 18:08 - 2014-01-11 18:08 - 00057694 _____ C:\Users\Alex\Downloads\opkg_618-3_brcm63xx.ipk
2014-01-11 18:04 - 2014-01-11 18:04 - 00001151 _____ C:\Users\Alex\Downloads\geek-init1.1.zip
2014-01-11 17:18 - 2014-01-11 17:18 - 00057322 _____ C:\Users\Alex\Downloads\opkg_618-3_brcm47xx.ipk
2014-01-11 16:43 - 2014-01-11 16:43 - 00000000 ____D C:\Users\Alex\Downloads\Windows 8 (x86) - DVD (English-United Kingdom)
2014-01-11 16:32 - 2014-01-11 16:32 - 00000000 ____D C:\Users\Alex\AppData\Local\e-academy Inc
2014-01-11 16:31 - 2014-01-11 16:31 - 00000183 _____ C:\Users\Alex\Downloads\100228539940.sdx
2014-01-11 15:52 - 2014-01-11 15:52 - 02141456 _____ C:\Users\Alex\Downloads\libdb_4.7.25-3_mipsel.ipk
2014-01-11 15:52 - 2014-01-11 15:52 - 01201128 _____ C:\Users\Alex\Downloads\netatalk_2.2.3-3_mipsel.ipk
2014-01-11 15:36 - 2014-01-11 15:37 - 23662592 _____ C:\Users\Alex\Downloads\dd-wrt.v24-K3_AC_ARM (1).bin
2014-01-11 14:42 - 2014-01-11 14:42 - 00000000 ____D C:\Users\Alex\VirtualBox VMs
2014-01-11 14:41 - 2014-01-12 16:08 - 00000000 ____D C:\Users\Alex\.VirtualBox
2014-01-11 14:41 - 2013-12-18 17:19 - 00252688 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-01-11 14:40 - 2014-01-11 14:40 - 00000000 ____D C:\Program Files\Oracle
2014-01-11 14:40 - 2013-12-18 17:16 - 00126736 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-01-11 14:38 - 2014-01-11 14:38 - 106322704 _____ (Oracle Corporation) C:\Users\Alex\Downloads\VirtualBox-4.3.6-91406-Win.exe
2014-01-11 14:27 - 2014-01-11 14:28 - 177209344 _____ C:\Users\Alex\Downloads\gparted-live-0.17.0-4-i486.iso
2014-01-11 14:15 - 2014-01-20 16:05 - 27590656 _____ C:\Windows\system32\vmguest.iso
2014-01-11 14:13 - 2014-01-11 14:13 - 00000000 ____D C:\Windows\vmguest
2014-01-11 14:13 - 2014-01-11 14:13 - 00000000 ____D C:\Windows\system32\BestPractices
2014-01-11 14:13 - 2014-01-11 14:13 - 00000000 ____D C:\Program Files\Hyper-V
2014-01-11 14:11 - 2014-01-11 14:11 - 13368832 _____ (Microsoft Corporation) C:\Windows\system32\vmms.exe
2014-01-11 14:11 - 2014-01-11 14:11 - 06172672 _____ (Microsoft Corporation) C:\Windows\system32\vmwp.exe
2014-01-11 14:11 - 2014-01-11 14:11 - 02159616 _____ (Microsoft Corporation) C:\Windows\system32\rdp4vs.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 01466522 _____ C:\Windows\system32\WindowsVirtualization.V2.mof
2014-01-11 14:11 - 2014-01-11 14:11 - 01427296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2014-01-11 14:11 - 2014-01-11 14:11 - 01386336 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2014-01-11 14:11 - 2014-01-11 14:11 - 01379680 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2014-01-11 14:11 - 2014-01-11 14:11 - 01252192 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2014-01-11 14:11 - 2014-01-11 14:11 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wnv.sys
2014-01-11 14:11 - 2014-01-11 14:11 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\vmconnect.exe
2014-01-11 14:11 - 2014-01-11 14:11 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\vmprox.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\synthnic.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00398336 _____ (Microsoft Corporation) C:\Windows\system32\vsconfig.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\EmulatedNic.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\synthstor.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00257536 _____ (Microsoft Corporation) C:\Windows\system32\synthfcvdev.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\RemoteFileBrowse.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\vmickvpexchange.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\vmicshutdown.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\vmicvss.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\vmicrdv.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00144967 _____ C:\Windows\system32\virtmgmt.msc
2014-01-11 14:11 - 2014-01-11 14:11 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\vmicheartbeat.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\vmicguestinterface.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\vmictimesync.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\vmbusvdev.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00068960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2014-01-11 14:11 - 2014-01-11 14:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\wnvapi.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\vmwpctrl.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\RdvGpuInfo.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00039739 _____ C:\Windows\system32\hypervisor.mof
2014-01-11 14:11 - 2014-01-11 14:11 - 00033280 _____ C:\Windows\system32\ActivationVdev.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\HyperVSysprepProvider.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pvhdparser.sys
2014-01-11 14:11 - 2014-01-11 14:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\passthruparser.sys
2014-01-11 14:11 - 2014-01-11 14:11 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdparser.sys
2014-01-11 14:11 - 2014-01-11 14:11 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lunparser.sys
2014-01-11 14:11 - 2014-01-11 14:11 - 00014688 _____ C:\Windows\system32\sbresources.dll
2014-01-10 18:16 - 2014-01-10 18:16 - 00085511 _____ C:\Users\Alex\Downloads\Last.Vegas.2013.1080p.BluRay.x264-SPARKS.torrent
2014-01-10 18:15 - 2014-01-10 18:15 - 00009876 _____ C:\Users\Alex\Downloads\Last.Vegas.2013.BDRip.x264-SPARKS.torrent
2014-01-10 18:14 - 2014-01-10 18:14 - 00012017 _____ C:\Users\Alex\Downloads\[kickass.to]saving.private.ryan.1998.1080p.brrip.x264.yify.torrent
2014-01-10 15:44 - 2014-01-10 15:44 - 00000648 __RSH C:\ProgramData\ntuser.pol
2014-01-10 14:27 - 2014-01-10 14:27 - 00065560 _____ C:\Users\Alex\Downloads\NETGEAR_R7000.cfg
2014-01-10 14:26 - 2014-01-10 14:27 - 23871488 _____ C:\Users\Alex\Downloads\dd-wrt.v24-K3_AC_ARM.bin
2014-01-10 14:25 - 2014-01-10 14:26 - 23871546 _____ C:\Users\Alex\Downloads\dd-wrt.K3_R7000.chk
2014-01-10 14:04 - 2014-01-10 14:04 - 00020122 _____ C:\Users\Alex\Downloads\Saving.Private.Ryan.1998.720p.BluRay.DTS.x264-ESiR (1).torrent
2014-01-10 13:59 - 2014-01-10 13:59 - 00064206 _____ C:\Users\Alex\Downloads\Saving.Private.Ryan.1998.720p.BluRay.x264.DTS-WiKi.torrent
2014-01-10 13:59 - 2014-01-10 13:59 - 00020122 _____ C:\Users\Alex\Downloads\Saving.Private.Ryan.1998.720p.BluRay.DTS.x264-ESiR.torrent
2014-01-10 13:51 - 2014-01-10 13:51 - 00038559 _____ C:\Users\Alex\Downloads\Les.Miserables.2012.720p.BluRay.x264-SPARKS.torrent
2014-01-08 19:30 - 2014-01-08 20:06 - 00000000 ____D C:\Users\Alex\Downloads\Now.You.See.Me.2013.EXTENDED.RERIP.720p.BluRay.x264-SPARKS
2014-01-08 19:22 - 2014-01-08 19:22 - 00062883 _____ C:\Users\Alex\Downloads\Now.You.See.Me.2013.EXTENDED.RERIP.720p.BluRay.x264-SPARKS.torrent
2014-01-08 19:21 - 2014-01-10 15:03 - 00000000 ____D C:\Users\Alex\Downloads\Tower.Heist.2011.720p.BluRay.X264-AMIABLE
2014-01-08 19:20 - 2014-01-08 19:20 - 00053237 _____ C:\Users\Alex\Downloads\Tower.Heist.2011.720p.BluRay.X264-AMIABLE.torrent
2014-01-08 16:23 - 2014-01-08 16:27 - 00000000 ____D C:\Users\Alex\Downloads\Captain.Phillips.2013.720p.BluRay.X264-AMIABLE
2014-01-08 14:39 - 2014-01-08 14:39 - 00061696 _____ C:\Users\Alex\Downloads\Captain.Phillips.2013.720p.BluRay.X264-AMIABLE.torrent
2014-01-07 19:42 - 2014-01-07 20:07 - 00000000 ____D C:\Users\Alex\Downloads\The.Necessary.Death.of.Charlie.Countryman.2013.BluRay.720p.x264.DD.5.1-HDWinG
2014-01-07 19:42 - 2014-01-07 19:42 - 00099448 _____ C:\Users\Alex\Downloads\The.Necessary.Death.of.Charlie.Countryman.2013.BluRay.720p.x264.DD.5.1-HDWinG.torrent
2014-01-07 19:41 - 2014-01-08 14:40 - 00000000 ____D C:\Users\Alex\Downloads\Cloudy.With.A.Chance.Of.Meatballs.2.2013.720p.PPVRip.x264.AAC-FooKaS
2014-01-07 19:41 - 2014-01-07 19:41 - 00165166 _____ C:\Users\Alex\Downloads\Cloudy.With.A.Chance.Of.Meatballs.2.2013.720p.PPVRip.x264.AAC-FooKaS.torrent
2014-01-06 18:40 - 2014-01-06 18:40 - 00078774 _____ C:\Users\Alex\Downloads\The.Incredibles.2004.BluRay.1080p.DTS-HDMA.x264.dxva-FraMeSToR.torrent
2014-01-06 18:40 - 2014-01-06 18:40 - 00034431 _____ C:\Users\Alex\Downloads\The.Incredibles.2004.BluRay.720p.DTS.x264-CHD.torrent
2014-01-06 18:37 - 2014-01-06 18:51 - 00000000 ____D C:\Users\Alex\Downloads\The Incredibles 2004 720p BRRip x264 RmD (HDScene Release)
2014-01-06 18:37 - 2014-01-06 18:37 - 00012430 _____ C:\Users\Alex\Downloads\[kickass.to]the.incredibles.2004.720p.brrip.x264.rmd.hdscene.release.torrent
2014-01-06 17:55 - 2014-01-06 17:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-06 16:15 - 2014-01-20 16:00 - 00000000 ___RD C:\Users\Alex\SkyDrive
2014-01-06 16:14 - 2014-01-06 16:15 - 00280512 _____ C:\Windows\Minidump\010614-21203-01.dmp
2014-01-05 19:23 - 2013-11-04 15:33 - 29368091 _____ C:\Users\Alex\Dropbox\Documents\IMG_20130807_155541.psd
2014-01-05 19:18 - 2013-12-22 17:09 - 00000485 _____ C:\Users\Alex\Dropbox\Documents\index.php
 
==================== One Month Modified Files and Folders =======
 
2014-01-27 13:37 - 2014-01-27 13:35 - 00023361 _____ C:\Users\Alex\Downloads\FRST.txt
2014-01-27 13:36 - 2013-10-22 09:56 - 01708263 _____ C:\Windows\WindowsUpdate.log
2014-01-27 13:34 - 2014-01-27 13:34 - 00000000 ____D C:\FRST
2014-01-27 13:32 - 2013-10-22 10:08 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2379810815-3056360514-2832030707-1001
2014-01-27 13:30 - 2014-01-27 13:29 - 02079232 _____ (Farbar) C:\Users\Alex\Downloads\FRST64.exe
2014-01-27 13:27 - 2013-10-22 10:07 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7B58CC48-5285-4764-9C00-DCB6E5AE8C54}
2014-01-27 13:23 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\system32\sru
2014-01-27 11:43 - 2014-01-27 11:43 - 00655882 _____ C:\Users\Alex\Downloads\YouTubeCenter (1).crx
2014-01-27 11:37 - 2014-01-27 11:36 - 00000000 ____D C:\Users\Alex\Downloads\Microsoft.Visio.Professional.2013.x64-iNDiSO
2014-01-27 11:35 - 2014-01-27 11:35 - 00007065 _____ C:\Users\Alex\Downloads\Microsoft.Visio.Professional.2013.x64-iNDiSO.torrent
2014-01-27 11:29 - 2013-10-22 10:44 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Dropbox
2014-01-26 14:39 - 2013-11-11 18:18 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-26 14:14 - 2013-10-22 11:53 - 00000000 ____D C:\Users\Alex\AppData\Roaming\deluge
2014-01-24 10:55 - 2013-10-22 10:45 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-24 09:49 - 2014-01-24 09:49 - 00000000 ____D C:\Users\Alex\AppData\Roaming\DropboxMaster
2014-01-24 09:49 - 2013-10-22 10:49 - 00000000 ___RD C:\Users\Alex\Dropbox
2014-01-24 09:49 - 2013-10-22 10:45 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-24 09:49 - 2013-10-22 10:01 - 00000000 ___RD C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 09:38 - 2013-10-26 13:16 - 00000000 ____D C:\Users\Alex\AppData\Roaming\vlc
2014-01-23 18:19 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\AppReadiness
2014-01-21 16:50 - 2014-01-21 16:50 - 00688992 _____ (Swearware) C:\Users\Alex\Downloads\dds (1).com
2014-01-21 16:42 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\rescache
2014-01-20 16:06 - 2014-01-20 16:06 - 00005175 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 16:06 - 2013-10-22 12:33 - 00000000 ____D C:\ProgramData\Oracle
2014-01-20 16:06 - 2013-10-22 12:33 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-20 16:05 - 2014-01-11 14:15 - 27590656 _____ C:\Windows\system32\vmguest.iso
2014-01-20 16:01 - 2014-01-20 16:01 - 00000000 ____D C:\Users\Alex\Dropbox\Documents\National Instruments
2014-01-20 16:01 - 2014-01-20 16:01 - 00000000 ____D C:\Users\Alex\Dropbox\Documents\CptS 223
2014-01-20 16:00 - 2014-01-06 16:15 - 00000000 ___RD C:\Users\Alex\SkyDrive
2014-01-20 16:00 - 2013-10-22 10:45 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-19 01:39 - 2013-10-22 10:06 - 00913654 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-19 01:35 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\WinStore
2014-01-19 01:34 - 2013-08-22 06:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-19 01:33 - 2013-08-22 05:25 - 01310720 ___SH C:\Windows\system32\config\BBI
2014-01-15 17:31 - 2014-01-15 17:32 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-01-15 17:29 - 2013-11-13 11:00 - 00000000 ____D C:\Windows\system32\MRT
2014-01-14 21:58 - 2013-11-13 11:00 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 20:16 - 2014-01-14 20:16 - 00069632 _____ C:\Users\Alex\Desktop\BSOD.evtx
2014-01-14 20:16 - 2014-01-14 20:16 - 00000000 ____D C:\Users\Alex\Desktop\LocaleMetaData
2014-01-14 20:11 - 2014-01-14 20:11 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-01-14 20:11 - 2014-01-14 20:11 - 00000000 ____D C:\Program Files (x86)\WinDirStat
2014-01-14 20:10 - 2014-01-14 20:10 - 00645729 _____ (WDS Team) C:\Users\Alex\Downloads\windirstat1_1_2_setup.exe
2014-01-14 19:57 - 2013-10-22 09:58 - 00000000 ____D C:\Users\Alex
2014-01-14 19:55 - 2014-01-14 19:55 - 00301240 _____ C:\Windows\Minidump\011414-30140-01.dmp
2014-01-14 19:55 - 2013-10-24 22:06 - 00000000 ____D C:\Windows\Minidump
2014-01-14 19:54 - 2014-01-14 20:21 - 1035642773 _____ C:\Users\Alex\Desktop\MEMORY.DMP
2014-01-14 19:54 - 2013-10-24 22:06 - 1035642773 _____ C:\Windows\MEMORY.DMP
2014-01-14 19:54 - 2013-10-22 09:52 - 00105118 _____ C:\Windows\PFRO.log
2014-01-14 19:07 - 2014-01-14 19:07 - 00688992 _____ (Swearware) C:\Users\Alex\Downloads\dds.com
2014-01-14 19:07 - 2013-10-29 12:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-14 19:03 - 2014-01-14 19:03 - 00001191 _____ C:\Users\Alex\AppData\Local\recently-used.xbel
2014-01-14 19:03 - 2013-10-24 15:38 - 00044020 _____ C:\Windows\DirectX.log
2014-01-14 19:01 - 2014-01-14 19:01 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Avira
2014-01-14 18:56 - 2014-01-14 18:56 - 00000000 ____D C:\ProgramData\Avira
2014-01-14 18:56 - 2014-01-14 18:56 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-14 18:52 - 2013-11-02 15:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-14 18:50 - 2014-01-14 18:28 - 00000000 ____D C:\Users\Alex\Desktop\mbar
2014-01-14 18:42 - 2014-01-14 18:42 - 00388608 _____ (Trend Micro Inc.) C:\Users\Alex\Downloads\HijackThis.exe
2014-01-14 18:36 - 2014-01-14 18:36 - 04745728 _____ (AVAST Software) C:\Users\Alex\Downloads\aswmbr.exe
2014-01-14 18:35 - 2014-01-14 18:34 - 129564536 _____ C:\Users\Alex\Downloads\avira_free_antivirus_en.exe
2014-01-14 18:29 - 2014-01-14 18:28 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-14 18:28 - 2014-01-14 18:28 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-14 18:27 - 2014-01-14 18:27 - 82449480 _____ (Sophos Limited) C:\Users\Alex\Downloads\Sophos Virus Removal Tool.exe
2014-01-14 18:26 - 2014-01-14 18:26 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Alex\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-14 18:26 - 2014-01-14 00:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-14 18:23 - 2014-01-14 18:23 - 00158300 _____ C:\Users\Alex\Downloads\RkU37300505.zip
2014-01-14 18:23 - 2014-01-14 18:23 - 00024448 _____ C:\Windows\SysWOW64\Drivers\rkhdrv40.sys
2014-01-14 18:23 - 2014-01-14 18:23 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rootkit Unhooker
2014-01-14 18:23 - 2014-01-14 18:23 - 00000000 ____D C:\RkUnhooker
2014-01-14 18:23 - 2007-08-27 19:47 - 00169655 _____ C:\Users\Alex\Desktop\RkU3.7.300.505.exe
2014-01-14 18:22 - 2014-01-14 18:22 - 00688992 _____ (Swearware) C:\Users\Alex\Downloads\dds.scr
2014-01-14 18:22 - 2014-01-14 18:22 - 00050477 _____ C:\Users\Alex\Downloads\Defogger.exe
2014-01-14 18:22 - 2014-01-14 18:22 - 00000470 _____ C:\Users\Alex\Downloads\defogger_disable.log
2014-01-14 18:22 - 2014-01-14 18:22 - 00000000 _____ C:\Users\Alex\defogger_reenable
2014-01-14 18:10 - 2014-01-14 18:10 - 00000000 ____D C:\Users\Alex\AppData\Local\Apps\2.0
2014-01-14 18:02 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\registration
2014-01-14 18:01 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\system32\Sysprep
2014-01-14 17:59 - 2013-10-22 09:53 - 00000000 __SHD C:\Recovery
2014-01-14 17:58 - 2014-01-12 15:24 - 00000000 ____D C:\Users\Alex\AppData\Roaming\uTorrent
2014-01-14 17:39 - 2014-01-14 17:39 - 00000000 ____D C:\Users\Alex\AppData\Local\Avg2014
2014-01-14 01:41 - 2014-01-14 20:02 - 01744364 _____ C:\Users\Alex\Desktop\CBS.log
2014-01-14 01:01 - 2014-01-14 00:55 - 00000000 ____D C:\ProgramData\MFAData
2014-01-14 00:55 - 2014-01-14 00:55 - 00000000 ____D C:\Users\Alex\AppData\Local\MFAData
2014-01-14 00:54 - 2014-01-14 00:54 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Malwarebytes
2014-01-14 00:53 - 2014-01-14 00:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-13 23:54 - 2014-01-13 23:53 - 00000000 ____D C:\Users\Alex\AppData\Roaming\.minecraft
2014-01-13 15:25 - 2014-01-13 15:24 - 16829923 _____ C:\Users\Alex\Downloads\OSBIDE Prerequisites.zip
2014-01-13 15:25 - 2014-01-13 15:24 - 08275851 _____ C:\Users\Alex\Downloads\OSBIDE.vsix
2014-01-13 15:16 - 2013-10-29 12:50 - 00000000 ____D C:\Users\Alex\Dropbox\Documents\Visual Studio 2013
2014-01-12 16:08 - 2014-01-11 14:41 - 00000000 ____D C:\Users\Alex\.VirtualBox
2014-01-12 15:53 - 2014-01-12 15:53 - 00098054 _____ C:\Users\Alex\Downloads\The.Fifth.Estate.2013.1080p.BluRay.x264-SPARKS.torrent
2014-01-12 15:47 - 2014-01-12 15:47 - 00032971 _____ C:\Users\Alex\Downloads\settings_331_1M.dat
2014-01-12 15:28 - 2014-01-12 15:28 - 00000000 ____D C:\Users\Alex\AppData\Local\My Games
2014-01-12 15:24 - 2014-01-12 15:24 - 01045072 _____ (BitTorrent Inc.) C:\Users\Alex\Downloads\utorrent_3.3_29677.exe
2014-01-12 15:21 - 2014-01-12 15:21 - 00074929 _____ C:\Users\Alex\Downloads\The.Kings.Of.Summer.2013.LIMITED.1080p.BluRay.x264-GECKOS.torrent
2014-01-12 15:11 - 2014-01-12 15:11 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-01-12 12:59 - 2014-01-12 12:59 - 00000000 ____D C:\Users\Alex\AppData\Local\Clover
2014-01-12 12:59 - 2014-01-12 12:59 - 00000000 ____D C:\Program Files (x86)\Clover
2014-01-12 12:42 - 2013-11-02 15:06 - 00000600 _____ C:\Users\Alex\AppData\Local\PUTTY.RND
2014-01-12 12:07 - 2014-01-12 12:06 - 275436889 _____ C:\Users\Alex\Desktop\california trip.zip
2014-01-12 11:15 - 2014-01-12 11:14 - 00000000 ____D C:\Program Files (x86)\LinuxLive USB Creator
2014-01-12 11:14 - 2014-01-12 11:14 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2014-01-12 11:12 - 2014-01-12 11:12 - 04764779 _____ (LinuxLive USB Creator) C:\Users\Alex\Downloads\LinuxLive USB Creator 2.8.27.exe
2014-01-11 18:08 - 2014-01-11 18:08 - 00057694 _____ C:\Users\Alex\Downloads\opkg_618-3_brcm63xx.ipk
2014-01-11 18:04 - 2014-01-11 18:04 - 00001151 _____ C:\Users\Alex\Downloads\geek-init1.1.zip
2014-01-11 17:18 - 2014-01-11 17:18 - 00057322 _____ C:\Users\Alex\Downloads\opkg_618-3_brcm47xx.ipk
2014-01-11 16:43 - 2014-01-11 16:43 - 00000000 ____D C:\Users\Alex\Downloads\Windows 8 (x86) - DVD (English-United Kingdom)
2014-01-11 16:32 - 2014-01-11 16:32 - 00000000 ____D C:\Users\Alex\AppData\Local\e-academy Inc
2014-01-11 16:32 - 2013-10-29 12:03 - 00003165 _____ C:\Users\Alex\Desktop\Shortcut to SecureDownloadManager.exe.lnk
2014-01-11 16:32 - 2013-10-29 12:03 - 00000000 _____ C:\Users\Alex\Downloads\SecureDownloadManager.log
2014-01-11 16:31 - 2014-01-11 16:31 - 00000183 _____ C:\Users\Alex\Downloads\100228539940.sdx
2014-01-11 15:52 - 2014-01-11 15:52 - 02141456 _____ C:\Users\Alex\Downloads\libdb_4.7.25-3_mipsel.ipk
2014-01-11 15:52 - 2014-01-11 15:52 - 01201128 _____ C:\Users\Alex\Downloads\netatalk_2.2.3-3_mipsel.ipk
2014-01-11 15:37 - 2014-01-11 15:36 - 23662592 _____ C:\Users\Alex\Downloads\dd-wrt.v24-K3_AC_ARM (1).bin
2014-01-11 14:42 - 2014-01-11 14:42 - 00000000 ____D C:\Users\Alex\VirtualBox VMs
2014-01-11 14:40 - 2014-01-11 14:40 - 00000000 ____D C:\Program Files\Oracle
2014-01-11 14:38 - 2014-01-11 14:38 - 106322704 _____ (Oracle Corporation) C:\Users\Alex\Downloads\VirtualBox-4.3.6-91406-Win.exe
2014-01-11 14:28 - 2014-01-11 14:27 - 177209344 _____ C:\Users\Alex\Downloads\gparted-live-0.17.0-4-i486.iso
2014-01-11 14:13 - 2014-01-11 14:13 - 00000000 ____D C:\Windows\vmguest
2014-01-11 14:13 - 2014-01-11 14:13 - 00000000 ____D C:\Windows\system32\BestPractices
2014-01-11 14:13 - 2014-01-11 14:13 - 00000000 ____D C:\Program Files\Hyper-V
2014-01-11 14:13 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\schemas
2014-01-11 14:11 - 2014-01-11 14:11 - 13368832 _____ (Microsoft Corporation) C:\Windows\system32\vmms.exe
2014-01-11 14:11 - 2014-01-11 14:11 - 06172672 _____ (Microsoft Corporation) C:\Windows\system32\vmwp.exe
2014-01-11 14:11 - 2014-01-11 14:11 - 02159616 _____ (Microsoft Corporation) C:\Windows\system32\rdp4vs.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 01466522 _____ C:\Windows\system32\WindowsVirtualization.V2.mof
2014-01-11 14:11 - 2014-01-11 14:11 - 01427296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2014-01-11 14:11 - 2014-01-11 14:11 - 01386336 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2014-01-11 14:11 - 2014-01-11 14:11 - 01379680 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2014-01-11 14:11 - 2014-01-11 14:11 - 01252192 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2014-01-11 14:11 - 2014-01-11 14:11 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wnv.sys
2014-01-11 14:11 - 2014-01-11 14:11 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\vmconnect.exe
2014-01-11 14:11 - 2014-01-11 14:11 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\vmprox.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\synthnic.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00398336 _____ (Microsoft Corporation) C:\Windows\system32\vsconfig.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\EmulatedNic.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\synthstor.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00257536 _____ (Microsoft Corporation) C:\Windows\system32\synthfcvdev.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\RemoteFileBrowse.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\vmickvpexchange.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\vmicshutdown.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\vmicvss.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\vmicrdv.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00144967 _____ C:\Windows\system32\virtmgmt.msc
2014-01-11 14:11 - 2014-01-11 14:11 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\vmicheartbeat.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\vmicguestinterface.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\vmictimesync.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\vmbusvdev.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00068960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2014-01-11 14:11 - 2014-01-11 14:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\wnvapi.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\vmwpctrl.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\RdvGpuInfo.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00039739 _____ C:\Windows\system32\hypervisor.mof
2014-01-11 14:11 - 2014-01-11 14:11 - 00033280 _____ C:\Windows\system32\ActivationVdev.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\HyperVSysprepProvider.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pvhdparser.sys
2014-01-11 14:11 - 2014-01-11 14:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\passthruparser.sys
2014-01-11 14:11 - 2014-01-11 14:11 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2014-01-11 14:11 - 2014-01-11 14:11 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdparser.sys
2014-01-11 14:11 - 2014-01-11 14:11 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lunparser.sys
2014-01-11 14:11 - 2014-01-11 14:11 - 00014688 _____ C:\Windows\system32\sbresources.dll
2014-01-10 18:16 - 2014-01-10 18:16 - 00085511 _____ C:\Users\Alex\Downloads\Last.Vegas.2013.1080p.BluRay.x264-SPARKS.torrent
2014-01-10 18:15 - 2014-01-10 18:15 - 00009876 _____ C:\Users\Alex\Downloads\Last.Vegas.2013.BDRip.x264-SPARKS.torrent
2014-01-10 18:14 - 2014-01-10 18:14 - 00012017 _____ C:\Users\Alex\Downloads\[kickass.to]saving.private.ryan.1998.1080p.brrip.x264.yify.torrent
2014-01-10 15:44 - 2014-01-10 15:44 - 00000648 __RSH C:\ProgramData\ntuser.pol
2014-01-10 15:43 - 2013-08-22 07:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2014-01-10 15:03 - 2014-01-08 19:21 - 00000000 ____D C:\Users\Alex\Downloads\Tower.Heist.2011.720p.BluRay.X264-AMIABLE
2014-01-10 14:44 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\system32\NDF
2014-01-10 14:27 - 2014-01-10 14:27 - 00065560 _____ C:\Users\Alex\Downloads\NETGEAR_R7000.cfg
2014-01-10 14:27 - 2014-01-10 14:26 - 23871488 _____ C:\Users\Alex\Downloads\dd-wrt.v24-K3_AC_ARM.bin
2014-01-10 14:26 - 2014-01-10 14:25 - 23871546 _____ C:\Users\Alex\Downloads\dd-wrt.K3_R7000.chk
2014-01-10 14:04 - 2014-01-10 14:04 - 00020122 _____ C:\Users\Alex\Downloads\Saving.Private.Ryan.1998.720p.BluRay.DTS.x264-ESiR (1).torrent
2014-01-10 13:59 - 2014-01-10 13:59 - 00064206 _____ C:\Users\Alex\Downloads\Saving.Private.Ryan.1998.720p.BluRay.x264.DTS-WiKi.torrent
2014-01-10 13:59 - 2014-01-10 13:59 - 00020122 _____ C:\Users\Alex\Downloads\Saving.Private.Ryan.1998.720p.BluRay.DTS.x264-ESiR.torrent
2014-01-10 13:51 - 2014-01-10 13:51 - 00038559 _____ C:\Users\Alex\Downloads\Les.Miserables.2012.720p.BluRay.x264-SPARKS.torrent
2014-01-08 20:06 - 2014-01-08 19:30 - 00000000 ____D C:\Users\Alex\Downloads\Now.You.See.Me.2013.EXTENDED.RERIP.720p.BluRay.x264-SPARKS
2014-01-08 19:22 - 2014-01-08 19:22 - 00062883 _____ C:\Users\Alex\Downloads\Now.You.See.Me.2013.EXTENDED.RERIP.720p.BluRay.x264-SPARKS.torrent
2014-01-08 19:20 - 2014-01-08 19:20 - 00053237 _____ C:\Users\Alex\Downloads\Tower.Heist.2011.720p.BluRay.X264-AMIABLE.torrent
2014-01-08 16:27 - 2014-01-08 16:23 - 00000000 ____D C:\Users\Alex\Downloads\Captain.Phillips.2013.720p.BluRay.X264-AMIABLE
2014-01-08 14:40 - 2014-01-07 19:41 - 00000000 ____D C:\Users\Alex\Downloads\Cloudy.With.A.Chance.Of.Meatballs.2.2013.720p.PPVRip.x264.AAC-FooKaS
2014-01-08 14:39 - 2014-01-08 14:39 - 00061696 _____ C:\Users\Alex\Downloads\Captain.Phillips.2013.720p.BluRay.X264-AMIABLE.torrent
2014-01-07 20:07 - 2014-01-07 19:42 - 00000000 ____D C:\Users\Alex\Downloads\The.Necessary.Death.of.Charlie.Countryman.2013.BluRay.720p.x264.DD.5.1-HDWinG
2014-01-07 19:42 - 2014-01-07 19:42 - 00099448 _____ C:\Users\Alex\Downloads\The.Necessary.Death.of.Charlie.Countryman.2013.BluRay.720p.x264.DD.5.1-HDWinG.torrent
2014-01-07 19:41 - 2014-01-07 19:41 - 00165166 _____ C:\Users\Alex\Downloads\Cloudy.With.A.Chance.Of.Meatballs.2.2013.720p.PPVRip.x264.AAC-FooKaS.torrent
2014-01-06 18:51 - 2014-01-06 18:37 - 00000000 ____D C:\Users\Alex\Downloads\The Incredibles 2004 720p BRRip x264 RmD (HDScene Release)
2014-01-06 18:44 - 2013-12-05 00:44 - 00000887 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-06 18:40 - 2014-01-06 18:40 - 00078774 _____ C:\Users\Alex\Downloads\The.Incredibles.2004.BluRay.1080p.DTS-HDMA.x264.dxva-FraMeSToR.torrent
2014-01-06 18:40 - 2014-01-06 18:40 - 00034431 _____ C:\Users\Alex\Downloads\The.Incredibles.2004.BluRay.720p.DTS.x264-CHD.torrent
2014-01-06 18:37 - 2014-01-06 18:37 - 00012430 _____ C:\Users\Alex\Downloads\[kickass.to]the.incredibles.2004.720p.brrip.x264.rmd.hdscene.release.torrent
2014-01-06 17:55 - 2014-01-06 17:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-06 16:15 - 2014-01-06 16:14 - 00280512 _____ C:\Windows\Minidump\010614-21203-01.dmp
2014-01-06 16:15 - 2013-10-28 10:09 - 00000000 __RDO C:\Users\Alex\SkyDrive (2).old
2014-01-06 14:31 - 2013-08-22 07:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-06 14:31 - 2013-08-22 07:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-05 19:20 - 2013-11-22 14:21 - 00000000 ____D C:\Users\Alex\Dropbox\Documents\Math 220
2014-01-05 19:19 - 2013-10-22 10:49 - 00000000 ____D C:\Users\Alex\Dropbox\Documents\PHYS 201
2014-01-05 19:19 - 2013-10-22 10:49 - 00000000 ____D C:\Users\Alex\Dropbox\Documents\MATH 172
2014-01-05 19:19 - 2013-10-22 10:49 - 00000000 ____D C:\Users\Alex\Dropbox\Documents\CPTS122
2014-01-05 19:18 - 2013-10-22 10:49 - 00000000 ____D C:\Users\Alex\Dropbox\Documents\Visual Studio 2012
 
Some content of TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\ADKAppsOfferManager.dll
C:\Users\Alex\AppData\Local\Temp\avgnt.exe
C:\Users\Alex\AppData\Local\Temp\BunndleOfferManager.dll
C:\Users\Alex\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphohobx.dll
C:\Users\Alex\AppData\Local\Temp\jna6627323182278307524.dll
C:\Users\Alex\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Alex\AppData\Local\Temp\MotoHelper_2.0.45_Driver_5.0.0.exe
C:\Users\Alex\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Alex\AppData\Local\Temp\npp.6.5.1.Installer.exe
C:\Users\Alex\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Alex\AppData\Local\Temp\sonarinst.exe
C:\Users\Alex\AppData\Local\Temp\vlc-2.1.1-win64.exe
C:\Users\Alex\AppData\Local\Temp\vlc-2.1.2-win64.exe
C:\Users\Alex\AppData\Local\Temp\xmlUpdater.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-01-20 21:13
 
==================== End Of Log ============================
 
Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2014 01
Ran by Alex at 2014-01-27 13:38:42
Running from C:\Users\Alex\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Out of date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Out of date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Reader XI (11.0.06) (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Android SDK Tools (x32 Version: 1.16 - Google Inc.)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
AviSynth 2.5 (x32 Version:  - )
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Battlefield 4 Update 1 (x32 Version: 1 - )
Battlefield 4™ (x32 Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.3.0 - EA Digital Illusions CE AB)
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Clover 3.0 (x32 Version: 3.0 - )
Deluge 1.3.6 (x32 Version:  - )
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dropbox (HKCU Version: 2.6.5 - Dropbox, Inc.)
Entity Framework Tools for Visual Studio 2013 (x32 Version: 12.0.20912.0 - Microsoft Corporation)
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
f.lux (HKCU Version:  - )
FileBot (Version: 3.62 - Reinhard Pointner)
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HandBrake 0.9.9.1 (x32 Version: 0.9.9.1 - )
IIS 8.0 Express (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (Version:  - )
IIS Express Application Compatibility Database for x86 (Version:  - )
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
JavaScript Tooling (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
K-Lite Codec Pack 10.1.5 Basic (x32 Version: 10.1.5 - )
LinuxLive USB Creator (x32 Version: 2.8 - Thibaut Lauziere)
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (x32 Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (x32 Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 SDK (x32 Version: 4.5.51641 - Microsoft Corporation)
Microsoft Advertising SDK for Windows 8.1 - ENU (x32 Version: 8.1.30809.0 - Microsoft Corporation) Hidden
Microsoft Advertising Service Extension for Visual Studio (x32 Version: 12.0.30809.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - ENU (x32 Version: 5.0.11001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20716.0 - Microsoft Corporation) Hidden
Microsoft C++ Azure Mobile SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Exchange Web Services Managed API 2.0 (x32 Version: 15.0.516.14 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20525.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Identity Extensions (Version: 2.0.1459.0 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 CoreRes - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 v4.0 Tools (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 v4.0 ToolsRes - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft LightSwitch v4.0 SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2013 (x32 Version: 2.7.40911.287 - Microsoft Corporation) Hidden
Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) - ENU Language Pack (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - en-us (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 12.0.21005.01 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 12.0.21005.01 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On for Visual Studio 2013 (x32 Version: 11.1.3366.16 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio 2012 Nuget Package (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio ENU Language Pack (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Silverlight (x32 Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (x32 Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x32 Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x32 Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (x32 Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (x32 Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (x32 Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x32 Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  ARM Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Native Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Native Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-arm Cross Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-arm Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-x86 Cross Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-x86 Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013  x64 Designtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Extended Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Microsoft Foundation Class Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40825 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Devenv (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Devenv Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Performance Collection Tools - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Performance Collection Tools (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Preparation (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Profiling Tools (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 VsGraphics Helper Dependencies (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 (x32 Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.5 (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Developer Tools 2013 - Visual Studio 2013 (x32 Version: 2.0.40926.0 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Notepad++ (x32 Version: 6.5.1 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.3.6 (Version: 4.3.6 - Oracle Corporation)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (x32 Version: 11.1.3000.0 - Microsoft Corporation)
PS3 Media Server MLX (x32 Version: 1.52.1_mlx_v0.7 - PS3 Media Server MLX)
PuTTY version 0.63 (x32 Version: 0.63 - Simon Tatham)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
Rootkit Unhooker Uninstall (x32 Version:  - )
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Seagate Drive Settings Installer (x32 Version: 1.00.0000 - Seagate Technologies LLC)
Seagate Drive Settings Installer (x32 Version: 1.00.0000 - Seagate Technologies LLC) Hidden
SeaTools for Windows (x32 Version: 1.2.0.7 - Seagate Technology)
Secure Download Manager (x32 Version: 3.1.40 - Kivuto Solutions Inc.)
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
Sid Meier's Civilization V (x32 Version:  - 2K Games, Inc.)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
The Sims™ 3 (x32 Version: 1.63.5 - Electronic Arts)
The Sims™ 3 70s, 80s, & 90s Stuff (x32 Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Ambitions (x32 Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Diesel Stuff (x32 Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Fast Lane Stuff (x32 Version: 5.0.44 - Electronic Arts)
The Sims™ 3 Generations (x32 Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (x32 Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Into the Future (x32 Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Island Paradise (x32 Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Katy Perry's Sweet Treats (x32 Version: 13.0.62 - Electronic Arts)
The Sims™ 3 Late Night (x32 Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Master Suite Stuff (x32 Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Movie Stuff (x32 Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (x32 Version: 7.0.55 - Electronic Arts)
The Sims™ 3 Pets (x32 Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Seasons (x32 Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (x32 Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Supernatural (x32 Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Town Life Stuff (x32 Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (x32 Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (x32 Version: 2.0.86 - Electronic Arts)
TrueCrypt (x32 Version: 7.1a - TrueCrypt Foundation)
Unlocker 1.9.2 (Version: 1.9.2 - Cedrick Collomb)
Update for  (KB2504637) (x32 Version: 1 - Microsoft Corporation)
Visual F# 3.1 SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual F# 3.1 VS (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2013 Prerequisites - ENU Language Pack (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2013 Prerequisites (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9600.16408 - Microsoft Corporation) Hidden
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (x32 Version: 4.1.62812.0 - Microsoft Corporation)
WinDirStat 1.1.2 (HKCU Version:  - )
Windows App Certification Kit Native Components (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Azure Mobile Services SDK (x32 Version: 1.0.10815.0 - Microsoft Corporation) Hidden
Windows Azure Mobile Services Tools for Visual Studio 2013 Preview - v1.0 (x32 Version: 1.0.60906.1602 - Microsoft Corporation) Hidden
Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
Windows Azure Tools for LightSwitch for Visual Studio 2013 - v2.1 (x32 Version: 2.1.10909.1601 - Microsoft) Hidden
Windows Runtime Intellisense Content - en-us (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
 
==================== Restore Points  =========================
 
21-01-2014 00:05:58 Installed Java 7 Update 51
 
==================== Hosts content: ==========================
 
2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {095A6743-D5E0-4851-BC17-63F5FB9B22DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-22] (Google Inc.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {11A23A16-D8E6-4037-86FA-125184684C4A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-22] (Google Inc.)
Task: {1777AD23-ABE9-40CA-BC09-BCFAB2B9D3B9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {1F37919D-814C-4413-88BD-DE5324AB54ED} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {63789589-3649-460D-AA37-D1EBD5EDB720} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {809FD9CC-C571-4332-8D85-0B4C50216587} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-14] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AEAA05AD-155D-4020-83AC-A01E7CEFDC90} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D9A7DE0F-FCF0-46CB-9279-581BF37D2BA5} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E1011697-DB65-44FB-81B0-F0FF6CC1250C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-11-20 00:10 - 2013-11-20 00:10 - 00183808 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-01-14 19:05 - 2014-01-14 19:05 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2010-07-14 20:44 - 2010-07-14 20:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2012-06-18 07:24 - 2012-06-18 07:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-01-14 18:56 - 2013-12-09 11:37 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2010-08-24 10:47 - 2010-08-24 10:47 - 00040448 _____ () C:\Program Files (x86)\Deluge\_socket.pyd
2010-08-24 10:48 - 2010-08-24 10:48 - 00720896 _____ () C:\Program Files (x86)\Deluge\_ssl.pyd
2011-02-26 09:33 - 2011-02-26 09:33 - 00096768 _____ () C:\Program Files (x86)\Deluge\win32api.pyd
2011-02-27 08:12 - 2011-02-27 08:12 - 00110080 _____ () C:\Program Files (x86)\Deluge\pywintypes26.dll
2011-04-09 00:58 - 2011-04-09 00:58 - 00058368 _____ () C:\Program Files (x86)\Deluge\glib._glib.pyd
2011-04-09 00:58 - 2011-04-09 00:58 - 00113152 _____ () C:\Program Files (x86)\Deluge\gobject._gobject.pyd
2012-12-14 16:20 - 2012-12-14 16:20 - 00019968 _____ () C:\Program Files (x86)\Deluge\zope.interface._zope_interface_coptimizations.pyd
2012-12-14 16:20 - 2012-12-14 16:20 - 00006656 _____ () C:\Program Files (x86)\Deluge\twisted.python._initgroups.pyd
2011-09-02 03:55 - 2011-09-02 03:55 - 00056320 _____ () C:\Program Files (x86)\Deluge\OpenSSL.crypto.pyd
2011-09-02 03:55 - 2011-09-02 03:55 - 00010752 _____ () C:\Program Files (x86)\Deluge\OpenSSL.rand.pyd
2011-09-02 03:55 - 2011-09-02 03:55 - 00043520 _____ () C:\Program Files (x86)\Deluge\OpenSSL.SSL.pyd
2010-08-24 10:48 - 2010-08-24 10:48 - 00073728 _____ () C:\Program Files (x86)\Deluge\_ctypes.pyd
2011-02-26 09:32 - 2011-02-26 09:32 - 00035840 _____ () C:\Program Files (x86)\Deluge\win32process.pyd
2010-08-24 10:48 - 2010-08-24 10:48 - 00011776 _____ () C:\Program Files (x86)\Deluge\select.pyd
2011-02-26 09:31 - 2011-02-26 09:31 - 00112128 _____ () C:\Program Files (x86)\Deluge\win32file.pyd
2011-02-26 09:31 - 2011-02-26 09:31 - 00017408 _____ () C:\Program Files (x86)\Deluge\win32event.pyd
2011-02-26 09:33 - 2011-02-26 09:33 - 00167424 _____ () C:\Program Files (x86)\Deluge\win32gui.pyd
2011-04-09 01:00 - 2011-04-09 01:00 - 01882624 _____ () C:\Program Files (x86)\Deluge\gtk._gtk.pyd
2012-02-08 15:43 - 2012-02-08 15:43 - 01294335 _____ () C:\Program Files (x86)\Deluge\libcairo-2.dll
2012-02-08 15:43 - 2012-02-08 15:43 - 00279059 _____ () C:\Program Files (x86)\Deluge\libfontconfig-1.dll
2012-02-08 15:43 - 2012-02-08 15:43 - 00538324 _____ () C:\Program Files (x86)\Deluge\freetype6.dll
2012-02-08 15:43 - 2012-02-08 15:43 - 00230529 _____ () C:\Program Files (x86)\Deluge\libpng14-14.dll
2012-02-08 15:43 - 2012-02-08 15:43 - 00100352 _____ () C:\Program Files (x86)\Deluge\zlib1.dll
2012-02-08 15:43 - 2012-02-08 15:43 - 00143096 _____ () C:\Program Files (x86)\Deluge\libexpat-1.dll
2010-11-02 12:34 - 2010-11-02 12:34 - 00069632 _____ () C:\Program Files (x86)\Deluge\cairo._cairo.pyd
2011-04-09 00:58 - 2011-04-09 00:58 - 00263168 _____ () C:\Program Files (x86)\Deluge\gio._gio.pyd
2011-04-09 01:01 - 2011-04-09 01:01 - 00111616 _____ () C:\Program Files (x86)\Deluge\pango.pyd
2011-04-09 01:01 - 2011-04-09 01:01 - 00208384 _____ () C:\Program Files (x86)\Deluge\atk.pyd
2011-04-09 01:01 - 2011-04-09 01:01 - 00017920 _____ () C:\Program Files (x86)\Deluge\pangocairo.pyd
2011-04-09 01:01 - 2011-04-09 01:01 - 00018944 _____ () C:\Program Files (x86)\Deluge\gtk.glade.pyd
2012-02-08 15:43 - 2012-02-08 15:43 - 00168833 _____ () C:\Program Files (x86)\Deluge\libglade-2.0-0.dll
2012-02-08 15:43 - 2012-02-08 15:43 - 01225225 _____ () C:\Program Files (x86)\Deluge\libxml2-2.dll
2010-08-24 10:48 - 2010-08-24 10:48 - 00286208 _____ () C:\Program Files (x86)\Deluge\_hashlib.pyd
2011-02-26 09:32 - 2011-02-26 09:32 - 00023552 _____ () C:\Program Files (x86)\Deluge\win32pipe.pyd
2013-02-25 09:50 - 2013-02-25 09:50 - 00156686 _____ () C:\Program Files (x86)\Deluge\lib\gtk-2.0\2.10.0\engines\libmurrine.dll
2012-02-08 15:43 - 2012-02-08 15:43 - 00062248 _____ () C:\Program Files (x86)\Deluge\lib\gtk-2.0\2.10.0\engines\libpixmap.dll
2010-08-24 10:48 - 2010-08-24 10:48 - 00585728 _____ () C:\Program Files (x86)\Deluge\unicodedata.pyd
2012-02-21 17:43 - 2012-02-21 17:43 - 01949184 _____ () C:\Program Files (x86)\Deluge\libtorrent.pyd
2010-08-24 10:47 - 2010-08-24 10:47 - 00072192 _____ () C:\Program Files (x86)\Deluge\bz2.pyd
2012-12-14 16:20 - 2012-12-14 16:20 - 00008704 _____ () C:\Program Files (x86)\Deluge\markupsafe._speedups.pyd
2014-01-15 18:03 - 2014-01-11 02:28 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-15 18:03 - 2014-01-11 02:28 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-15 18:03 - 2014-01-11 02:29 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-15 18:03 - 2014-01-11 02:29 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-15 18:03 - 2014-01-11 02:28 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2014-01-15 18:03 - 2014-01-11 02:29 - 13615896 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
2014-01-24 09:49 - 2014-01-24 09:49 - 00041984 _____ () c:\users\alex\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphohobx.dll
2013-08-23 11:01 - 2013-08-23 11:01 - 25100288 _____ () C:\Users\Alex\AppData\Roaming\Dropbox\bin\libcef.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\Alex\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Alex\SkyDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\Alex\SkyDrive.old:ms-properties
AlternateDataStreams: C:\Users\Alex\Dropbox\Documents\$RECYCLE.BIN:com.dropbox.attributes
AlternateDataStreams: C:\Users\Alex\Dropbox\Documents\animation.gif:com.dropbox.attributes
AlternateDataStreams: C:\Users\Alex\Dropbox\Documents\building 001.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Alex\Dropbox\Documents\Direct TV Pricing.docx:com.dropbox.attributes
AlternateDataStreams: C:\Users\Alex\Dropbox\Documents\Grow Project.xlsx:com.dropbox.attributes
AlternateDataStreams: C:\Users\Alex\Dropbox\Documents\IMG_20130807_155541.psd:com.dropbox.attributes
AlternateDataStreams: C:\Users\Alex\Dropbox\Documents\index.php:com.dropbox.attributes
AlternateDataStreams: C:\Users\Alex\Dropbox\Documents\LED Project.xlsx:com.dropbox.attributes
AlternateDataStreams: C:\Users\Alex\Dropbox\Documents\Led1????.bmp:com.dropbox.attributes
AlternateDataStreams: C:\Users\Alex\Dropbox\Documents\Note to self.docx:com.dropbox.attributes
AlternateDataStreams: C:\Users\Alex\Dropbox\Documents\Oyocgjs.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Alex\Dropbox\Documents\physics day 1.docx:com.dropbox.attributes
AlternateDataStreams: C:\Users\Alex\Dropbox\Documents\The continuouse computing theory.docx:com.dropbox.attributes
AlternateDataStreams: C:\Users\Alex\Dropbox\Documents\The Note.docx:com.dropbox.attributes
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Faulty Device Manager Devices =============
 
Name: USB camera
Description: USB camera
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: ATI Radeon HD 3300 Graphics (Microsoft Corporation - WDDM v1.1)
Description: ATI Radeon HD 3300 Graphics (Microsoft Corporation - WDDM v1.1)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices, Inc.
Service: amdkmdap
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Could not start eventlog service, could not read events.
 
The requested service has already been started.
 
More help is available by typing NET HELPMSG 2182.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 53%
Total physical RAM: 7927.87 MB
Available physical RAM: 3650.22 MB
Total Pagefile: 15863.87 MB
Available Pagefile: 9758.24 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:1862.54 GB) (Free:1278.48 GB) NTFS
Drive h: (Backup) (Fixed) (Total:69.4 GB) (Free:35.18 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 99992C3E)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=-199131922432) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=180 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=49 GB) - (Type=05)
Partition 3: (Not Active) - (Size=69 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#7 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:42 PM

Posted 31 January 2014 - 05:50 PM

I don't see an indication for malware.


Please download the ESET Online Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    Copy and paste the content of this log file in your next reply.
  • Note: Do not forget to re-enable your antivirus application after running the above scan!


#8 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:42 PM

Posted 27 February 2014 - 03:25 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users