Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cant download anything


  • This topic is locked This topic is locked
24 replies to this topic

#1 jaxtheop

jaxtheop

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:31 AM

Posted 09 March 2014 - 11:46 AM

Hello,

 

I cannot download anything even update my antivirus software, unless i am in safemode. I have ran adware, bitdefender, malewarebytes, hitmanpro, superantispyware proffesional avg, junkwareremoval, and norton scans, and i have ran full scans many times on all, and in safemode. It works for a day, then it just comes back, i have recently removed a pup.optional.conduit, but i was told that was almost harmless. when i download something, even trustworthy, it asks me if i really want to use it because it says it's dangerous, and if i try to run it it says its's a corrupt download. there has been no other symtoms so far, and i have had this for about a month. here is my DDS.txt that i got from farpoint recovery scan tool 64-bit. ive seen bleepingcomputer have people run this with the same problem. i have also been having problems with EICAR test, but when i searched in google, it s a virus to detect viruses, i have fixed it every time though.

 

thanks,

jaxtheop

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-03-2014
Ran by user1 (administrator) on DESKTOP on 09-03-2014 10:42:53
Running from C:\Users\user1\Downloads
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(SUPERAntiSpyware.com) C:\Program Files (x86)\SUPERAntiSpyware\SASCORE.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\WINDOWS\system32\IProsetMonitor.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\WINDOWS\SysWOW64\PnkBstrA.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\ASUS\USB-N53 Utility\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\ASUS\USB-N53 Utility\RaRegistry64.exe
() C:\MSI\Super RAID\SuperRAIDSvc.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corporation) C:\WINDOWS\System32\alg.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro SafeSync\hrfscore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Spotify Ltd) C:\Users\user1\AppData\Roaming\Spotify\spotify.exe
(Spotify Ltd) C:\Users\user1\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SUPERAntiSpyware) C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
(ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\USB-N53 Utility\WlanMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Users\user1\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\user1\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\user1\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\user1\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update 5\LU5.exe
() C:\Users\user1\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Microsoft Corporation) C:\WINDOWS\system32\wwahost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [XFast LAN] - C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Live Update 5] - C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4962320 2014-01-22] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2172353332-2808221949-1858708511-1001\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-12-14] (Google Inc.)
HKU\S-1-5-21-2172353332-2808221949-1858708511-1001\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-03-06] (Electronic Arts)
HKU\S-1-5-21-2172353332-2808221949-1858708511-1001\...\Run: [Spotify] - C:\Users\user1\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-02-23] (Spotify Ltd)
HKU\S-1-5-21-2172353332-2808221949-1858708511-1001\...\Run: [Spotify Web Helper] - C:\Users\user1\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-23] (Spotify Ltd)
HKU\S-1-5-21-2172353332-2808221949-1858708511-1001\...\Run: [SUPERAntiSpyware] - C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe [5625624 2014-01-06] (SUPERAntiSpyware)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x28DE6A5A7A2BCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - (No Name) - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - No File
URLSearchHook: HKCU - (No Name) - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - No File
SearchScopes: HKCU - {55671F9A-BD81-4B2E-86B6-C57CFDFE43BA} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
BHO: No Name - {55924213-BAFE-8571-5396-3137FE27A738} -  No File
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {9DBFDE5D-7E65-9DE6-5968-A46F44ED260C} -  No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\coIEPlg.dll (Symantec Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} -  No File
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC} -  No File
ShellExecuteHooks-x32: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\user1\AppData\Roaming\Mozilla\Firefox\Profiles\5343wc7q.default
FF Homepage: about:home
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=599486&p=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\user1\AppData\Roaming\Mozilla\Firefox\Profiles\5343wc7q.default\searchplugins\yahoo_ff.xml
FF Extension: Bitdefender QuickScan - C:\Users\user1\AppData\Roaming\Mozilla\Firefox\Profiles\5343wc7q.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2013-12-14]
FF Extension: Adblock Plus - C:\Users\user1\AppData\Roaming\Mozilla\Firefox\Profiles\5343wc7q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-03]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.1.3\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.1.3\IPSFF [2014-02-23]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\ []

Chrome:
=======
CHR HomePage: hxxp://search.yahoo.com/?type=599486&fr=spigot-yhp-ch
CHR Extension: (websoavee) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagmgegamheelfkgomlcmihcfciifpfi [2014-02-23]
CHR Extension: (YoutubeAdblocker) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfcgaejaicgnbfiibjafpneiginbnjof [2014-02-23]
CHR Extension: (Attachment Icons for Gmail) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\johdeoloijidhejmalfkpchbihbiamph [2014-02-23]
CHR Extension: (Google Wallet) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-14]
CHR Extension: (Norton Identity Protection) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-02-24]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\Exts\Chrome.crx [2014-02-25]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files (x86)\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-10] (SUPERAntiSpyware.com)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1358944 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-02-27] (SurfRight B.V.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe [262288 2013-08-31] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe [129424 2013-08-14] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
R3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-02-09] ()
R2 RalinkRegistryWriter; C:\Program Files (x86)\ASUS\USB-N53 Utility\RaRegistry.exe [375872 2011-03-30] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\ASUS\USB-N53 Utility\RaRegistry64.exe [454208 2011-03-30] (Ralink Technology, Corp.)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120 2014-02-10] (Trusteer Ltd.)
R2 SuperRAIDSvc; C:\MSI\Super RAID\SuperRAIDSvc.exe [16384 2013-09-23] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2102072 2013-12-18] (AVG)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2013-12-08] (ASRock Incorporation)
R0 AsrRamDisk; C:\Windows\System32\drivers\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
R3 AsrVDrive; C:\Windows\System32\drivers\AsrVDrive.sys [24400 2012-10-01] (ASRock Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-11-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-10-21] (AVG Technologies CZ, s.r.o.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2014-02-14] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1500010.003\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE05000.043\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-27] (Intel Corporation)
R3 e1rexpress; C:\Windows\system32\DRIVERS\e1r64x64.sys [467216 2013-05-03] (Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-02-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-02-26] (Symantec Corporation)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\IPSDefs\20140307.001\IDSvia64.sys [524504 2014-03-05] (Symantec Corporation)
R3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-03-14] ()
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20140226.001\ENG64.SYS [126040 2014-02-26] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20140226.001\EX64.SYS [2099288 2014-02-26] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NTIOLib_1_0_1; C:\MSI\Super RAID\NTIOLib_X64.sys [14136 2012-06-11] (MSI)
R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [606672 2014-01-06] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [282712 2014-02-10] (Trusteer Ltd.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [273592 2014-02-10] (Trusteer Ltd.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [316312 2014-02-10] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [397848 2014-02-10] (Trusteer Ltd.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S1 SASDIFSV; C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
R3 SRTSP; C:\Windows\system32\drivers\NAVx64\1500010.003\SRTSP64.SYS [854616 2013-07-30] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1500010.003\SRTSPX64.SYS [36952 2013-07-30] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-12-09] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1500010.003\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1500010.003\SYMEFA64.SYS [1147480 2013-08-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1500010.003\SymELAM.sys [23568 2013-07-31] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1500010.003\Ironx64.SYS [264280 2013-07-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NAVx64\1500010.003\SYMNETS.SYS [590424 2013-07-30] (Symantec Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2014-02-23] (BitDefender)
S3 NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-09 00:29 - 2014-03-09 00:30 - 00000000 ____D () C:\Users\user1\Zomboid
2014-03-08 21:12 - 2014-03-08 21:12 - 00001336 _____ () C:\Users\user1\Desktop\JRT.txt
2014-03-06 23:16 - 2014-03-06 23:16 - 01037734 _____ (Thisisu) C:\Users\user1\Downloads\JRT.exe
2014-03-06 23:16 - 2014-03-06 23:16 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-06 23:15 - 2014-03-06 23:15 - 00058421 _____ () C:\Users\user1\Downloads\Shortcut.txt
2014-03-06 23:15 - 2014-03-06 23:15 - 00042025 _____ () C:\Users\user1\Downloads\Addition.txt
2014-03-06 23:14 - 2014-03-09 10:42 - 00028084 _____ () C:\Users\user1\Downloads\FRST.txt
2014-03-06 23:14 - 2014-03-09 10:42 - 00000000 ____D () C:\FRST
2014-03-06 23:13 - 2014-03-06 23:13 - 02156544 _____ (Farbar) C:\Users\user1\Downloads\FRST64.exe
2014-03-06 22:06 - 2014-03-06 22:29 - 00000000 ____D () C:\Users\user1\Downloads\Gameboy Advance
2014-03-06 22:05 - 2014-03-06 22:05 - 00019852 _____ () C:\Users\user1\Downloads\Castlevania_Retro_Rom_Pack.7051162.TPB.torrent
2014-03-06 21:44 - 2014-03-06 21:46 - 08388608 ____R () C:\Users\user1\Downloads\Metroid Zero Mission.gba
2014-03-06 21:42 - 2014-03-06 21:42 - 00005571 _____ () C:\Users\user1\Downloads\Metroid_Zero_Mission.4041730.TPB.torrent
2014-03-05 23:27 - 2014-03-05 23:27 - 00000000 ____D () C:\Users\user1\Downloads\The_Legend_Of_Zelda_The_Wind_Waker_USA_NGC-STARCUBE
2014-03-05 23:17 - 2014-03-05 23:24 - 1200250377 ____R () C:\Users\user1\Downloads\The_Legend_Of_Zelda_The_Wind_Waker_USA_NGC-STARCUBE.rar
2014-03-05 23:15 - 2014-03-05 23:26 - 00000000 ____D () C:\Users\user1\Downloads\The_Legend_of_Zelda_Twilight_Princess_USA_NGC-iND
2014-03-05 21:17 - 2014-03-05 23:13 - 00000000 ____D () C:\The Legend of Zelda - A Link to the Past (E)
2014-03-05 20:14 - 2014-03-05 20:15 - 00000000 ____D () C:\Users\user1\Downloads\zelda roms colection
2014-03-05 20:11 - 2014-03-05 20:11 - 00000896 _____ () C:\Users\user1\Desktop\µTorrent.lnk
2014-03-05 20:11 - 2014-03-05 20:11 - 00000876 _____ () C:\Users\user1\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-03-05 20:09 - 2014-03-06 23:25 - 00000000 ____D () C:\Users\user1\AppData\Roaming\uTorrent
2014-03-05 20:07 - 2014-03-05 20:07 - 01853008 _____ (BitTorrent Inc.) C:\Users\user1\Downloads\uTorrent.exe
2014-03-05 20:04 - 2014-03-05 20:04 - 00000000 ____D () C:\Users\user1\Desktop\CubeSX-beta2.1
2014-03-05 20:00 - 2014-03-05 20:00 - 00000000 ____D () C:\Users\user1\Desktop\iso
2014-03-05 19:55 - 2014-03-05 20:08 - 115630644 _____ () C:\Users\user1\Downloads\Zelda_Collectors_Edition_PAL-GCiSOZONE.rar.part
2014-03-05 17:04 - 2014-03-05 17:04 - 00002762 _____ () C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-03-05 16:38 - 2014-03-05 16:38 - 00711389 _____ () C:\Users\user1\Downloads\CubeSX-beta2.1.zip
2014-03-05 16:19 - 2014-03-05 16:22 - 00000000 ____D () C:\Users\user1\Desktop\New folder
2014-03-03 21:42 - 2014-03-03 23:05 - 1170284426 _____ () C:\Users\user1\Downloads\Harvest Moon A Wonderful Life (U)(OneUp).rar
2014-03-03 19:49 - 2014-03-03 19:50 - 05065001 _____ () C:\Users\user1\Downloads\dolphin-master-4.0-1062-x64(1).7z
2014-03-03 19:41 - 2014-03-03 19:41 - 05065001 _____ () C:\Users\user1\Downloads\dolphin-master-4.0-1062-x64.7z
2014-03-03 19:05 - 2014-03-03 19:05 - 00003704 _____ () C:\WINDOWS\System32\Tasks\Java Update Scheduler
2014-03-03 16:11 - 2013-12-18 10:38 - 00040248 _____ (AVG) C:\WINDOWS\system32\TURegOpt.exe
2014-03-03 16:11 - 2013-12-18 10:38 - 00029496 _____ (AVG) C:\WINDOWS\system32\authuitu.dll
2014-03-03 16:11 - 2013-12-18 10:38 - 00025400 _____ (AVG) C:\WINDOWS\SysWOW64\authuitu.dll
2014-03-03 16:10 - 2014-03-03 16:10 - 00002205 _____ () C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk
2014-03-03 16:10 - 2014-03-03 16:10 - 00002179 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
2014-03-03 16:09 - 2014-03-03 16:09 - 00000000 ____D () C:\Users\user1\AppData\Roaming\AVG
2014-03-03 15:54 - 2014-03-03 19:01 - 00000000 ____D () C:\ProgramData\AVG
2014-03-02 22:59 - 2014-03-02 22:59 - 00866401 _____ () C:\Users\user1\AppData\Local\census.cache
2014-03-02 22:59 - 2014-03-02 22:59 - 00073993 _____ () C:\Users\user1\AppData\Local\ars.cache
2014-03-02 22:51 - 2014-03-02 22:51 - 00000010 _____ () C:\Users\user1\AppData\Local\sponge.last.runtime.cache
2014-03-02 22:49 - 2014-03-02 22:50 - 01581896 _____ (ESET) C:\Users\user1\Downloads\eset_smart_security_live_installer.exe
2014-03-02 22:45 - 2014-03-02 22:49 - 00000000 ____D () C:\Users\user1\Downloads\Speclean
2014-03-02 22:44 - 2014-03-02 22:44 - 00000000 _____ () C:\WINDOWS\SysWOW64\winlogon.exe
2014-03-02 22:44 - 2014-03-02 22:44 - 00000000 _____ () C:\WINDOWS\SysWOW64\wininit.exe
2014-03-02 22:44 - 2014-03-02 22:44 - 00000000 _____ () C:\WINDOWS\SysWOW64\lsass.exe
2014-03-02 22:44 - 2014-03-02 22:44 - 00000000 _____ () C:\WINDOWS\SysWOW64\dwm.exe
2014-03-02 22:38 - 2014-03-02 22:38 - 00000036 _____ () C:\Users\user1\AppData\Local\housecall.guid.cache
2014-03-02 22:35 - 2014-03-02 22:35 - 01682336 _____ (ESET) C:\Users\user1\Downloads\eset_nod32_antivirus_live_installer.exe
2014-03-02 22:34 - 2014-03-03 19:05 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-02 22:33 - 2014-03-02 22:33 - 78353832 _____ (AVG) C:\Users\user1\Downloads\avg_tuh_stf_all_2014_295_24c4.exe
2014-03-02 11:43 - 2014-03-02 11:43 - 16376028 _____ () C:\Users\user1\Downloads\Space Adventure v2.rar
2014-03-02 11:35 - 2014-03-09 10:10 - 00002978 _____ () C:\WINDOWS\System32\Tasks\HDMISwitch
2014-03-01 23:09 - 2014-03-01 23:09 - 02346186 _____ () C:\Users\user1\Downloads\TechnicLauncher.exe
2014-03-01 19:56 - 2014-03-01 19:56 - 00000000 ____D () C:\Users\user1\Downloads\Root_with_Restore_by_Bin4ry_v30
2014-03-01 19:53 - 2014-03-01 19:54 - 11927879 _____ () C:\Users\user1\Downloads\Kindle Fire HD 8.9 ADB drivers.zip
2014-03-01 19:50 - 2014-03-01 19:50 - 07213097 _____ () C:\Users\user1\Downloads\Root_with_Restore_by_Bin4ry_v30.zip
2014-03-01 19:35 - 2014-03-01 19:35 - 00000000 ____D () C:\Users\user1\Downloads\Superuser-3.1.3__46___-efghi-signed_Final
2014-03-01 19:34 - 2014-03-01 19:34 - 01302408 _____ () C:\Users\user1\Downloads\Superuser-3.1.3__46___-efghi-signed_Final.rar
2014-03-01 18:52 - 2014-03-01 18:52 - 00063307 _____ () C:\Users\user1\Downloads\ProjectBench-1.6.2-v1.8.0.jar
2014-03-01 16:01 - 2014-03-01 16:01 - 00000550 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 8a8ebf15-f704-44f2-986f-a6d87dd15f12.job
2014-03-01 16:01 - 2014-03-01 16:01 - 00000550 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 51869ade-0870-41db-9527-380f3ce15c0c.job
2014-03-01 16:01 - 2014-03-01 16:01 - 00000000 ____D () C:\Users\user1\AppData\Roaming\SUPERAntiSpyware.com
2014-03-01 16:00 - 2014-03-08 20:54 - 00000000 ____D () C:\Program Files (x86)\SUPERAntiSpyware
2014-03-01 16:00 - 2014-03-01 16:00 - 00001991 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-03-01 16:00 - 2014-03-01 16:00 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-03-01 15:59 - 2014-03-01 16:00 - 18125592 _____ (SUPERAntiSpyware) C:\Users\user1\Downloads\SUPERAntiSpyware.exe
2014-02-27 23:18 - 2014-02-27 23:18 - 00000850 _____ () C:\WINDOWS\system32\.crusader
2014-02-27 22:35 - 2014-02-27 23:07 - 00001909 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-02-27 22:35 - 2014-02-27 22:35 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-27 22:34 - 2014-02-27 23:18 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-27 22:33 - 2014-02-27 22:34 - 10820032 _____ (SurfRight B.V.) C:\Users\user1\Downloads\HitmanPro_x64(2).exe
2014-02-27 22:19 - 2014-03-06 23:05 - 00000000 ____D () C:\AdwCleaner
2014-02-27 22:19 - 2014-02-27 22:19 - 01244192 _____ () C:\Users\user1\Desktop\adwcleaner(1).exe
2014-02-25 22:46 - 2014-02-25 22:46 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Identity Safe
2014-02-25 19:45 - 2014-02-25 20:34 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-02-25 08:46 - 2014-02-25 08:47 - 00000000 ____D () C:\Users\user1\Downloads\mbam-chameleon-1.62.1.1000(1)
2014-02-25 08:46 - 2014-02-25 08:46 - 01440846 _____ () C:\Users\user1\Downloads\mbam-chameleon-1.62.1.1000(1).zip
2014-02-25 08:33 - 2014-02-25 08:33 - 12589848 _____ (Malwarebytes Corp.) C:\Users\user1\Downloads\mbar-1.07.0.1009.exe
2014-02-25 08:32 - 2014-02-25 20:45 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-25 08:31 - 2014-02-25 20:45 - 00000000 ____D () C:\Users\user1\Desktop\mbar
2014-02-23 21:52 - 2014-02-24 16:42 - 00011116 _____ () C:\Users\user1\Desktop\avgrep.txt
2014-02-23 21:43 - 2014-02-23 21:43 - 00000000 ____D () C:\Users\user1\AppData\Roaming\AVG2014
2014-02-23 21:42 - 2014-02-23 21:42 - 00000941 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-02-23 21:42 - 2014-02-23 21:42 - 00000000 ____D () C:\Users\user1\AppData\Roaming\TuneUp Software
2014-02-23 21:40 - 2014-03-03 16:07 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-02-23 21:40 - 2014-02-23 21:42 - 00000000 ____D () C:\ProgramData\AVG2014
2014-02-23 21:40 - 2014-02-23 21:40 - 00000000 ___HD () C:\$AVG
2014-02-23 21:38 - 2014-02-23 21:38 - 04462392 _____ (AVG Technologies) C:\Users\user1\Downloads\avg_isct_stb_all_2014_4335(2).exe
2014-02-23 21:31 - 2014-02-23 21:31 - 00001085 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-23 21:31 - 2014-02-23 21:31 - 00000000 ____D () C:\Users\user1\AppData\Roaming\Malwarebytes
2014-02-23 21:31 - 2014-02-23 21:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-23 21:31 - 2014-02-23 21:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-23 21:31 - 2013-04-04 15:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-23 21:30 - 2014-02-23 21:30 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\user1\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-23 19:32 - 2014-02-23 19:32 - 05683160 _____ () C:\Users\user1\Downloads\bitdefender_isecurity_[quickscan](2).exe
2014-02-23 19:13 - 2014-02-23 19:20 - 00000000 ____D () C:\Users\user1\AppData\Local\NPE
2014-02-23 18:38 - 2014-02-23 15:10 - 00026912 _____ () C:\Users\user1\Documents\nutrition_habits_rubric.doc_1.odt
2014-02-23 18:38 - 2014-02-23 15:10 - 00020440 _____ () C:\Users\user1\Documents\news_letter_rubric_1.doc_0.odt
2014-02-23 18:32 - 2014-02-23 18:32 - 04462392 _____ (AVG Technologies) C:\Users\user1\Downloads\avg_isct_stb_all_2014_4335(1).exe
2014-02-23 18:30 - 2014-03-09 10:14 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-23 18:30 - 2014-02-23 21:52 - 00000000 ____D () C:\Users\user1\AppData\Local\Avg2014
2014-02-23 18:30 - 2014-02-23 18:30 - 04462392 _____ (AVG Technologies) C:\Users\user1\Downloads\avg_isct_stb_all_2014_4335.exe
2014-02-23 18:30 - 2014-02-23 18:30 - 00000000 ____D () C:\Users\user1\AppData\Local\MFAData
2014-02-23 18:25 - 2014-02-23 18:25 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton AntiVirus
2014-02-23 18:24 - 2014-02-23 18:24 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-02-23 18:24 - 2014-02-23 18:24 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-02-23 18:24 - 2014-02-23 18:24 - 00003216 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-02-23 18:24 - 2014-02-23 18:24 - 00002444 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-02-23 18:24 - 2014-02-23 18:24 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NSTx64
2014-02-23 18:24 - 2014-02-23 18:24 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-02-23 18:24 - 2014-02-23 18:24 - 00000000 ____D () C:\Program Files (x86)\Norton Identity Safe
2014-02-23 18:23 - 2014-02-23 18:23 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NAVx64
2014-02-23 18:23 - 2014-02-23 18:23 - 00000000 ____D () C:\Program Files (x86)\Norton AntiVirus
2014-02-23 18:18 - 2014-02-23 18:22 - 198505264 ____N (Symantec Corporation) C:\Users\user1\Downloads\NAV-TW-21.0.0-EN-PD1.exe
2014-02-23 18:15 - 2014-02-23 18:15 - 00261056 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2014-02-23 18:11 - 2014-02-23 18:11 - 00178774 _____ () C:\ProgramData\1393200676.bdinstall.bin
2014-02-23 18:11 - 2014-02-23 18:11 - 00037664 _____ () C:\ProgramData\1393200675.bdinstall.bin
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\user1\AppData\Local\Comodo
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\Guest
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\Administrator
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\ProgramData\5bade5602386d7d7
2014-02-23 18:09 - 2014-02-23 18:09 - 00000000 ____D () C:\ProgramData\InstallMate
2014-02-23 15:46 - 2014-03-09 10:14 - 00000000 ____D () C:\Users\user1\AppData\Roaming\Spotify
2014-02-23 15:46 - 2014-03-03 15:39 - 00000000 ____D () C:\Users\user1\AppData\Local\Spotify
2014-02-23 15:46 - 2014-02-23 15:46 - 00001836 _____ () C:\Users\user1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-02-20 16:16 - 2014-02-20 16:16 - 00001987 _____ () C:\Users\Public\Desktop\Live Update 5.lnk
2014-02-18 20:09 - 2014-01-07 19:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-02-18 20:09 - 2014-01-07 19:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-02-18 20:09 - 2014-01-07 19:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-02-18 20:09 - 2014-01-04 09:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-02-18 20:09 - 2014-01-04 09:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-02-18 20:09 - 2014-01-04 08:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-02-18 20:09 - 2014-01-04 07:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-02-18 20:09 - 2014-01-02 17:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-18 20:09 - 2014-01-02 17:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-18 20:09 - 2014-01-02 17:40 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-02-18 20:09 - 2014-01-02 17:38 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-02-18 20:09 - 2013-12-31 19:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-02-18 20:09 - 2013-12-31 19:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-02-18 20:09 - 2013-12-31 18:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-02-18 20:09 - 2013-12-31 18:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-02-18 20:09 - 2013-12-31 17:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-02-18 20:09 - 2013-12-31 17:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-02-18 20:09 - 2013-12-31 17:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-02-18 20:09 - 2013-12-30 17:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-02-18 20:09 - 2013-12-30 17:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-02-18 20:09 - 2013-12-30 17:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-02-18 20:09 - 2013-12-30 17:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-02-18 20:09 - 2013-12-30 17:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-02-18 20:09 - 2013-12-27 09:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-02-18 20:09 - 2013-12-27 04:38 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-02-18 20:09 - 2013-12-27 02:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-02-18 20:09 - 2013-12-27 02:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-18 20:09 - 2013-12-27 02:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-18 20:09 - 2013-12-27 02:16 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-02-18 20:09 - 2013-12-27 01:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-02-18 20:09 - 2013-12-27 01:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-18 20:09 - 2013-12-27 00:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-18 20:09 - 2013-12-21 01:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-02-18 20:09 - 2013-12-17 01:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-02-18 20:09 - 2013-12-14 00:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-18 20:09 - 2013-12-14 00:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-18 20:09 - 2013-12-13 04:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-02-18 20:09 - 2013-12-13 00:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-02-18 20:09 - 2013-12-12 23:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-02-18 20:09 - 2013-12-09 02:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-18 20:09 - 2013-12-08 22:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-18 20:09 - 2013-12-08 21:25 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-18 20:07 - 2014-02-18 20:07 - 00002113 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-02-18 20:07 - 2014-02-08 10:18 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-02-18 20:04 - 2014-02-08 12:34 - 31432480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 23683360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 15740232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 12324640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-02-18 20:04 - 2014-02-08 12:34 - 11636176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 11589272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 03142432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 02956576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 02782496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 02410784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433489.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433489.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 00892192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 00875296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 00863520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 00844576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 00832424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 00483104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 00408352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 00378656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 00353504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 00333600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 00174296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-02-18 20:04 - 2014-02-08 12:34 - 00148528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-02-16 18:52 - 2014-02-16 18:52 - 00002210 _____ () C:\Users\user1\Desktop\Bitdefender Antivirus Free Edition.lnk
2014-02-16 18:51 - 2014-02-16 18:51 - 00001483 _____ () C:\Users\user1\Desktop\iexplore - Shortcut.lnk
2014-02-15 21:17 - 2014-03-01 19:55 - 00000000 ____D () C:\Users\user1\.android
2014-02-15 16:38 - 2014-02-15 16:38 - 00000000 ____D () C:\Program Files\DIFX
2014-02-15 16:37 - 2014-02-15 16:37 - 00000000 ____D () C:\Program Files (x86)\Amazon.com
2014-02-14 22:52 - 2014-02-14 22:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 16:53 - 2014-02-14 16:53 - 00000000 ____D () C:\Users\user1\AppData\Roaming\ArcaneWorlds
2014-02-12 17:54 - 2014-02-12 17:57 - 00000000 ____D () C:\Users\user1\AppData\Local\Ubisoft
2014-02-12 17:53 - 2014-02-12 17:53 - 00000000 __SHD () C:\Users\user1\wc
2014-02-12 17:53 - 2014-02-12 17:53 - 00000000 __SHD () C:\Users\user1\AppData\Roaming\wyUpdate AU
2014-02-12 17:53 - 2014-02-12 17:53 - 00000000 ____D () C:\Users\user1\AppData\Roaming\Ubisoft
2014-02-12 17:52 - 2014-02-12 17:54 - 00000000 ____D () C:\Program Files (x86)\The Mighty Quest For Epic Loot
2014-02-11 20:07 - 2014-02-11 20:07 - 00000000 ____D () C:\Users\user1\AppData\Local\EdgeOfReality
2014-02-11 17:13 - 2013-12-08 18:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-11 17:13 - 2013-12-08 17:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-11 17:12 - 2014-02-06 06:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-11 17:12 - 2014-02-06 05:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-11 17:12 - 2014-02-06 05:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-11 17:12 - 2014-02-06 05:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-11 17:12 - 2014-02-06 05:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-11 17:12 - 2014-02-06 05:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-11 17:12 - 2014-02-06 04:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-11 17:12 - 2014-02-06 04:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-11 17:12 - 2014-02-06 04:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-11 17:12 - 2014-02-06 04:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-11 17:12 - 2014-02-06 04:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-11 17:12 - 2014-02-06 04:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-11 17:12 - 2014-02-06 04:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-11 17:12 - 2014-02-06 04:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-11 17:12 - 2014-02-06 04:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-11 17:12 - 2014-02-06 04:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-11 17:12 - 2014-02-06 04:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-11 17:12 - 2014-02-06 04:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-11 17:12 - 2014-02-06 03:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-11 17:12 - 2014-02-06 03:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-11 17:12 - 2014-02-06 03:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-11 17:12 - 2014-02-06 03:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-11 17:12 - 2014-02-06 03:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-11 17:12 - 2014-02-06 03:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-11 17:12 - 2014-02-06 03:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-11 17:12 - 2014-02-06 03:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-11 17:12 - 2014-02-06 03:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-11 17:12 - 2014-02-06 03:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-11 17:12 - 2014-02-06 03:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-11 17:12 - 2014-02-06 03:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-11 17:12 - 2014-02-06 03:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-11 17:12 - 2014-02-06 03:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-11 17:12 - 2014-02-06 02:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-11 17:12 - 2014-02-06 02:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-11 17:12 - 2014-02-06 02:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-11 17:12 - 2014-02-06 02:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-11 17:12 - 2014-02-06 02:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-11 17:12 - 2014-01-06 23:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-11 17:12 - 2014-01-06 22:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-11 17:12 - 2013-12-08 18:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-11 17:12 - 2013-12-08 17:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-11 17:12 - 2013-11-21 00:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-11 17:12 - 2013-11-20 23:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-11 17:11 - 2014-01-09 02:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-11 17:11 - 2014-01-09 01:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-11 17:11 - 2014-01-09 01:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-11 17:11 - 2014-01-09 01:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-11 17:11 - 2014-01-09 01:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-11 17:11 - 2014-01-09 01:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-11 17:11 - 2014-01-09 01:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-11 17:11 - 2014-01-09 01:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-11 17:11 - 2014-01-09 01:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-11 17:11 - 2014-01-09 01:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-11 17:11 - 2014-01-07 01:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-11 17:11 - 2014-01-06 23:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-11 17:11 - 2014-01-04 14:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-11 17:11 - 2014-01-04 13:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-11 17:11 - 2014-01-04 08:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-11 17:11 - 2014-01-04 08:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-11 17:11 - 2014-01-04 07:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-11 17:11 - 2014-01-04 07:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-11 17:11 - 2014-01-04 07:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-11 17:11 - 2014-01-04 07:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-11 17:11 - 2013-12-20 20:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-11 17:11 - 2013-12-20 20:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-11 17:11 - 2013-12-20 04:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-11 17:11 - 2013-12-20 00:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-11 17:11 - 2013-12-08 20:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-11 17:11 - 2013-12-08 19:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-10 15:02 - 2014-02-10 15:03 - 00299664 _____ () C:\WINDOWS\Minidump\021014-41062-01.dmp
2014-02-10 15:02 - 2014-02-10 15:02 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-09 18:44 - 2014-02-09 18:44 - 00000000 ____D () C:\Users\user1\Documents\Electrontic Arts
2014-02-09 18:44 - 2014-02-09 18:44 - 00000000 ____D () C:\Users\user1\Documents\Electronic Arts
2014-02-09 18:44 - 2014-02-09 18:44 - 00000000 ____D () C:\Users\user1\AppData\Local\Electronic Arts
2014-02-09 16:47 - 2014-02-18 21:53 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-02-09 16:47 - 2014-02-09 16:47 - 00000000 ____D () C:\Users\user1\AppData\Local\PunkBuster
2014-02-09 16:47 - 2014-02-09 16:47 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-02-09 16:46 - 2014-02-09 16:47 - 00000000 ____D () C:\Users\user1\Documents\Battlefield 3
2014-02-09 16:18 - 2014-02-18 21:53 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-02-09 16:18 - 2014-02-18 21:53 - 00280904 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-02-09 16:18 - 2014-02-09 16:52 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-02-09 15:50 - 2014-02-09 15:50 - 00000000 ____D () C:\Users\user1\AppData\Local\EA Games
2014-02-09 00:18 - 2014-02-09 17:02 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-02-09 00:14 - 2014-02-09 15:24 - 00000000 ____D () C:\Users\user1\AppData\Local\Origin
2014-02-09 00:14 - 2014-02-09 00:18 - 00000000 ____D () C:\Users\user1\AppData\Roaming\Origin
2014-02-09 00:13 - 2014-03-09 10:10 - 00000000 ____D () C:\ProgramData\Origin
2014-02-09 00:13 - 2014-03-09 10:09 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-02-08 02:24 - 2014-02-08 14:04 - 00000000 ____D () C:\Users\user1\AppData\Local\Warframe

==================== One Month Modified Files and Folders =======

2014-03-09 10:43 - 2014-03-06 23:14 - 00028084 _____ () C:\Users\user1\Downloads\FRST.txt
2014-03-09 10:43 - 2013-12-09 17:27 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AD2F2E32-21C8-4A61-A075-227DE126299F}
2014-03-09 10:42 - 2014-03-06 23:14 - 00000000 ____D () C:\FRST
2014-03-09 10:37 - 2013-12-14 17:07 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-09 10:20 - 2013-12-09 01:51 - 01622346 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-09 10:16 - 2013-07-20 05:25 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2172353332-2808221949-1858708511-1001
2014-03-09 10:14 - 2014-02-23 18:30 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-09 10:14 - 2014-02-23 15:46 - 00000000 ____D () C:\Users\user1\AppData\Roaming\Spotify
2014-03-09 10:11 - 2013-12-14 10:55 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-09 10:10 - 2014-03-02 11:35 - 00002978 _____ () C:\WINDOWS\System32\Tasks\HDMISwitch
2014-03-09 10:10 - 2014-02-09 00:13 - 00000000 ____D () C:\ProgramData\Origin
2014-03-09 10:10 - 2013-12-14 10:55 - 00002163 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-09 10:10 - 2013-12-14 10:55 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-09 10:09 - 2014-02-09 00:13 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-09 10:09 - 2013-12-09 17:25 - 00000000 __RDO () C:\Users\user1\SkyDrive
2014-03-09 10:09 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-09 00:30 - 2014-03-09 00:29 - 00000000 ____D () C:\Users\user1\Zomboid
2014-03-09 00:29 - 2013-12-09 01:56 - 00000000 ____D () C:\Users\user1
2014-03-09 00:29 - 2013-12-08 20:24 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-09 00:03 - 2013-12-08 23:55 - 00000000 ____D () C:\Users\user1\AppData\Roaming\.minecraft
2014-03-08 21:12 - 2014-03-08 21:12 - 00001336 _____ () C:\Users\user1\Desktop\JRT.txt
2014-03-08 20:54 - 2014-03-01 16:00 - 00000000 ____D () C:\Program Files (x86)\SUPERAntiSpyware
2014-03-08 20:48 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-06 23:25 - 2014-03-05 20:09 - 00000000 ____D () C:\Users\user1\AppData\Roaming\uTorrent
2014-03-06 23:16 - 2014-03-06 23:16 - 01037734 _____ (Thisisu) C:\Users\user1\Downloads\JRT.exe
2014-03-06 23:16 - 2014-03-06 23:16 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-06 23:15 - 2014-03-06 23:15 - 00058421 _____ () C:\Users\user1\Downloads\Shortcut.txt
2014-03-06 23:15 - 2014-03-06 23:15 - 00042025 _____ () C:\Users\user1\Downloads\Addition.txt
2014-03-06 23:15 - 2013-12-08 21:42 - 00000000 ____D () C:\Users\user1\AppData\Local\CrashDumps
2014-03-06 23:13 - 2014-03-06 23:13 - 02156544 _____ (Farbar) C:\Users\user1\Downloads\FRST64.exe
2014-03-06 23:05 - 2014-02-27 22:19 - 00000000 ____D () C:\AdwCleaner
2014-03-06 22:29 - 2014-03-06 22:06 - 00000000 ____D () C:\Users\user1\Downloads\Gameboy Advance
2014-03-06 22:05 - 2014-03-06 22:05 - 00019852 _____ () C:\Users\user1\Downloads\Castlevania_Retro_Rom_Pack.7051162.TPB.torrent
2014-03-06 21:46 - 2014-03-06 21:44 - 08388608 ____R () C:\Users\user1\Downloads\Metroid Zero Mission.gba
2014-03-06 21:42 - 2014-03-06 21:42 - 00005571 _____ () C:\Users\user1\Downloads\Metroid_Zero_Mission.4041730.TPB.torrent
2014-03-06 19:37 - 2013-09-29 22:04 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-06 19:33 - 2013-08-22 08:46 - 00335472 _____ () C:\WINDOWS\setupact.log
2014-03-06 19:32 - 2013-12-09 01:51 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-06 19:32 - 2013-08-22 08:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-05 23:29 - 2013-12-28 13:13 - 00000000 ____D () C:\Users\user1\Documents\Dolphin Emulator
2014-03-05 23:27 - 2014-03-05 23:27 - 00000000 ____D () C:\Users\user1\Downloads\The_Legend_Of_Zelda_The_Wind_Waker_USA_NGC-STARCUBE
2014-03-05 23:26 - 2014-03-05 23:15 - 00000000 ____D () C:\Users\user1\Downloads\The_Legend_of_Zelda_Twilight_Princess_USA_NGC-iND
2014-03-05 23:24 - 2014-03-05 23:17 - 1200250377 ____R () C:\Users\user1\Downloads\The_Legend_Of_Zelda_The_Wind_Waker_USA_NGC-STARCUBE.rar
2014-03-05 23:13 - 2014-03-05 21:17 - 00000000 ____D () C:\The Legend of Zelda - A Link to the Past (E)
2014-03-05 20:39 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-05 20:38 - 2014-02-04 21:54 - 00000000 ____D () C:\Users\user1\AppData\Local\Battle.net
2014-03-05 20:34 - 2013-12-25 18:18 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-03-05 20:33 - 2014-02-04 21:54 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-05 20:24 - 2013-09-29 21:55 - 01225936 _____ () C:\WINDOWS\PFRO.log
2014-03-05 20:15 - 2014-03-05 20:14 - 00000000 ____D () C:\Users\user1\Downloads\zelda roms colection
2014-03-05 20:11 - 2014-03-05 20:11 - 00000896 _____ () C:\Users\user1\Desktop\µTorrent.lnk
2014-03-05 20:11 - 2014-03-05 20:11 - 00000876 _____ () C:\Users\user1\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-03-05 20:08 - 2014-03-05 19:55 - 115630644 _____ () C:\Users\user1\Downloads\Zelda_Collectors_Edition_PAL-GCiSOZONE.rar.part
2014-03-05 20:07 - 2014-03-05 20:07 - 01853008 _____ (BitTorrent Inc.) C:\Users\user1\Downloads\uTorrent.exe
2014-03-05 20:04 - 2014-03-05 20:04 - 00000000 ____D () C:\Users\user1\Desktop\CubeSX-beta2.1
2014-03-05 20:00 - 2014-03-05 20:00 - 00000000 ____D () C:\Users\user1\Desktop\iso
2014-03-05 17:04 - 2014-03-05 17:04 - 00002762 _____ () C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-03-05 16:38 - 2014-03-05 16:38 - 00711389 _____ () C:\Users\user1\Downloads\CubeSX-beta2.1.zip
2014-03-05 16:22 - 2014-03-05 16:19 - 00000000 ____D () C:\Users\user1\Desktop\New folder
2014-03-03 23:05 - 2014-03-03 21:42 - 1170284426 _____ () C:\Users\user1\Downloads\Harvest Moon A Wonderful Life (U)(OneUp).rar
2014-03-03 19:50 - 2014-03-03 19:49 - 05065001 _____ () C:\Users\user1\Downloads\dolphin-master-4.0-1062-x64(1).7z
2014-03-03 19:41 - 2014-03-03 19:41 - 05065001 _____ () C:\Users\user1\Downloads\dolphin-master-4.0-1062-x64.7z
2014-03-03 19:05 - 2014-03-03 19:05 - 00003704 _____ () C:\WINDOWS\System32\Tasks\Java Update Scheduler
2014-03-03 19:05 - 2014-03-02 22:34 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-03 19:01 - 2014-03-03 15:54 - 00000000 ____D () C:\ProgramData\AVG
2014-03-03 16:18 - 2013-07-20 05:18 - 00000000 ____D () C:\Users\user1\AppData\Local\VirtualStore
2014-03-03 16:10 - 2014-03-03 16:10 - 00002205 _____ () C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk
2014-03-03 16:10 - 2014-03-03 16:10 - 00002179 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
2014-03-03 16:09 - 2014-03-03 16:09 - 00000000 ____D () C:\Users\user1\AppData\Roaming\AVG
2014-03-03 16:07 - 2014-02-23 21:40 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-03-03 15:41 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-03 15:39 - 2014-02-23 15:46 - 00000000 ____D () C:\Users\user1\AppData\Local\Spotify
2014-03-02 22:59 - 2014-03-02 22:59 - 00866401 _____ () C:\Users\user1\AppData\Local\census.cache
2014-03-02 22:59 - 2014-03-02 22:59 - 00073993 _____ () C:\Users\user1\AppData\Local\ars.cache
2014-03-02 22:51 - 2014-03-02 22:51 - 00000010 _____ () C:\Users\user1\AppData\Local\sponge.last.runtime.cache
2014-03-02 22:50 - 2014-03-02 22:49 - 01581896 _____ (ESET) C:\Users\user1\Downloads\eset_smart_security_live_installer.exe
2014-03-02 22:49 - 2014-03-02 22:45 - 00000000 ____D () C:\Users\user1\Downloads\Speclean
2014-03-02 22:44 - 2014-03-02 22:44 - 00000000 _____ () C:\WINDOWS\SysWOW64\winlogon.exe
2014-03-02 22:44 - 2014-03-02 22:44 - 00000000 _____ () C:\WINDOWS\SysWOW64\wininit.exe
2014-03-02 22:44 - 2014-03-02 22:44 - 00000000 _____ () C:\WINDOWS\SysWOW64\lsass.exe
2014-03-02 22:44 - 2014-03-02 22:44 - 00000000 _____ () C:\WINDOWS\SysWOW64\dwm.exe
2014-03-02 22:38 - 2014-03-02 22:38 - 00000036 _____ () C:\Users\user1\AppData\Local\housecall.guid.cache
2014-03-02 22:35 - 2014-03-02 22:35 - 01682336 _____ (ESET) C:\Users\user1\Downloads\eset_nod32_antivirus_live_installer.exe
2014-03-02 22:33 - 2014-03-02 22:33 - 78353832 _____ (AVG) C:\Users\user1\Downloads\avg_tuh_stf_all_2014_295_24c4.exe
2014-03-02 21:37 - 2013-12-14 17:07 - 00000000 ____D () C:\Users\user1\AppData\Local\Adobe
2014-03-02 11:43 - 2014-03-02 11:43 - 16376028 _____ () C:\Users\user1\Downloads\Space Adventure v2.rar
2014-03-02 01:16 - 2013-12-08 21:00 - 00431823 _____ () C:\WINDOWS\DirectX.log
2014-03-02 01:16 - 2013-12-08 21:00 - 00000000 ____D () C:\Users\user1\Documents\My Games
2014-03-01 23:09 - 2014-03-01 23:09 - 02346186 _____ () C:\Users\user1\Downloads\TechnicLauncher.exe
2014-03-01 19:59 - 2013-07-20 05:57 - 00039948 _____ () C:\WINDOWS\DPINST.LOG
2014-03-01 19:56 - 2014-03-01 19:56 - 00000000 ____D () C:\Users\user1\Downloads\Root_with_Restore_by_Bin4ry_v30
2014-03-01 19:55 - 2014-02-15 21:17 - 00000000 ____D () C:\Users\user1\.android
2014-03-01 19:54 - 2014-03-01 19:53 - 11927879 _____ () C:\Users\user1\Downloads\Kindle Fire HD 8.9 ADB drivers.zip
2014-03-01 19:50 - 2014-03-01 19:50 - 07213097 _____ () C:\Users\user1\Downloads\Root_with_Restore_by_Bin4ry_v30.zip
2014-03-01 19:35 - 2014-03-01 19:35 - 00000000 ____D () C:\Users\user1\Downloads\Superuser-3.1.3__46___-efghi-signed_Final
2014-03-01 19:34 - 2014-03-01 19:34 - 01302408 _____ () C:\Users\user1\Downloads\Superuser-3.1.3__46___-efghi-signed_Final.rar
2014-03-01 18:52 - 2014-03-01 18:52 - 00063307 _____ () C:\Users\user1\Downloads\ProjectBench-1.6.2-v1.8.0.jar
2014-03-01 18:31 - 2013-12-14 17:07 - 00003732 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-01 16:01 - 2014-03-01 16:01 - 00000550 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 8a8ebf15-f704-44f2-986f-a6d87dd15f12.job
2014-03-01 16:01 - 2014-03-01 16:01 - 00000550 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 51869ade-0870-41db-9527-380f3ce15c0c.job
2014-03-01 16:01 - 2014-03-01 16:01 - 00000000 ____D () C:\Users\user1\AppData\Roaming\SUPERAntiSpyware.com
2014-03-01 16:00 - 2014-03-01 16:00 - 00001991 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-03-01 16:00 - 2014-03-01 16:00 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-03-01 16:00 - 2014-03-01 15:59 - 18125592 _____ (SUPERAntiSpyware) C:\Users\user1\Downloads\SUPERAntiSpyware.exe
2014-03-01 13:12 - 2014-01-05 22:00 - 00000003 _____ () C:\WINDOWS\system32\HRUPPROG.TXT
2014-02-27 23:18 - 2014-02-27 23:18 - 00000850 _____ () C:\WINDOWS\system32\.crusader
2014-02-27 23:18 - 2014-02-27 22:34 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-27 23:07 - 2014-02-27 22:35 - 00001909 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-02-27 22:35 - 2014-02-27 22:35 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-27 22:34 - 2014-02-27 22:33 - 10820032 _____ (SurfRight B.V.) C:\Users\user1\Downloads\HitmanPro_x64(2).exe
2014-02-27 22:19 - 2014-02-27 22:19 - 01244192 _____ () C:\Users\user1\Desktop\adwcleaner(1).exe
2014-02-25 22:46 - 2014-02-25 22:46 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Identity Safe
2014-02-25 20:45 - 2014-02-25 08:32 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-25 20:45 - 2014-02-25 08:31 - 00000000 ____D () C:\Users\user1\Desktop\mbar
2014-02-25 20:34 - 2014-02-25 19:45 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-02-25 08:47 - 2014-02-25 08:46 - 00000000 ____D () C:\Users\user1\Downloads\mbam-chameleon-1.62.1.1000(1)
2014-02-25 08:46 - 2014-02-25 08:46 - 01440846 _____ () C:\Users\user1\Downloads\mbam-chameleon-1.62.1.1000(1).zip
2014-02-25 08:33 - 2014-02-25 08:33 - 12589848 _____ (Malwarebytes Corp.) C:\Users\user1\Downloads\mbar-1.07.0.1009.exe
2014-02-25 00:50 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-02-24 19:18 - 2013-12-14 11:19 - 00000000 ____D () C:\Users\user1\AppData\Roaming\QuickScan
2014-02-24 16:42 - 2014-02-23 21:52 - 00011116 _____ () C:\Users\user1\Desktop\avgrep.txt
2014-02-23 21:52 - 2014-02-23 18:30 - 00000000 ____D () C:\Users\user1\AppData\Local\Avg2014
2014-02-23 21:43 - 2014-02-23 21:43 - 00000000 ____D () C:\Users\user1\AppData\Roaming\AVG2014
2014-02-23 21:42 - 2014-02-23 21:42 - 00000941 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-02-23 21:42 - 2014-02-23 21:42 - 00000000 ____D () C:\Users\user1\AppData\Roaming\TuneUp Software
2014-02-23 21:42 - 2014-02-23 21:40 - 00000000 ____D () C:\ProgramData\AVG2014
2014-02-23 21:42 - 2012-07-26 02:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-02-23 21:40 - 2014-02-23 21:40 - 00000000 ___HD () C:\$AVG
2014-02-23 21:38 - 2014-02-23 21:38 - 04462392 _____ (AVG Technologies) C:\Users\user1\Downloads\avg_isct_stb_all_2014_4335(2).exe
2014-02-23 21:31 - 2014-02-23 21:31 - 00001085 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-23 21:31 - 2014-02-23 21:31 - 00000000 ____D () C:\Users\user1\AppData\Roaming\Malwarebytes
2014-02-23 21:31 - 2014-02-23 21:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-23 21:31 - 2014-02-23 21:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-23 21:30 - 2014-02-23 21:30 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\user1\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-23 19:32 - 2014-02-23 19:32 - 05683160 _____ () C:\Users\user1\Downloads\bitdefender_isecurity_[quickscan](2).exe
2014-02-23 19:20 - 2014-02-23 19:13 - 00000000 ____D () C:\Users\user1\AppData\Local\NPE
2014-02-23 19:14 - 2013-12-11 18:24 - 00000000 ____D () C:\ProgramData\Norton
2014-02-23 18:32 - 2014-02-23 18:32 - 04462392 _____ (AVG Technologies) C:\Users\user1\Downloads\avg_isct_stb_all_2014_4335(1).exe
2014-02-23 18:30 - 2014-02-23 18:30 - 04462392 _____ (AVG Technologies) C:\Users\user1\Downloads\avg_isct_stb_all_2014_4335.exe
2014-02-23 18:30 - 2014-02-23 18:30 - 00000000 ____D () C:\Users\user1\AppData\Local\MFAData
2014-02-23 18:25 - 2014-02-23 18:25 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton AntiVirus
2014-02-23 18:24 - 2014-02-23 18:24 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-02-23 18:24 - 2014-02-23 18:24 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-02-23 18:24 - 2014-02-23 18:24 - 00003216 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-02-23 18:24 - 2014-02-23 18:24 - 00002444 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-02-23 18:24 - 2014-02-23 18:24 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NSTx64
2014-02-23 18:24 - 2014-02-23 18:24 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-02-23 18:24 - 2014-02-23 18:24 - 00000000 ____D () C:\Program Files (x86)\Norton Identity Safe
2014-02-23 18:23 - 2014-02-23 18:23 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NAVx64
2014-02-23 18:23 - 2014-02-23 18:23 - 00000000 ____D () C:\Program Files (x86)\Norton AntiVirus
2014-02-23 18:22 - 2014-02-23 18:18 - 198505264 ____N (Symantec Corporation) C:\Users\user1\Downloads\NAV-TW-21.0.0-EN-PD1.exe
2014-02-23 18:15 - 2014-02-23 18:15 - 00261056 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2014-02-23 18:11 - 2014-02-23 18:11 - 00178774 _____ () C:\ProgramData\1393200676.bdinstall.bin
2014-02-23 18:11 - 2014-02-23 18:11 - 00037664 _____ () C:\ProgramData\1393200675.bdinstall.bin
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\user1\AppData\Local\Comodo
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\Guest
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\Users\Administrator
2014-02-23 18:10 - 2014-02-23 18:10 - 00000000 ____D () C:\ProgramData\5bade5602386d7d7
2014-02-23 18:10 - 2013-12-09 02:07 - 00000000 ____D () C:\Users\user1\AppData\Local\GOOGLE
2014-02-23 18:09 - 2014-02-23 18:09 - 00000000 ____D () C:\ProgramData\InstallMate
2014-02-23 15:46 - 2014-02-23 15:46 - 00001836 _____ () C:\Users\user1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-02-23 15:10 - 2014-02-23 18:38 - 00026912 _____ () C:\Users\user1\Documents\nutrition_habits_rubric.doc_1.odt
2014-02-23 15:10 - 2014-02-23 18:38 - 00020440 _____ () C:\Users\user1\Documents\news_letter_rubric_1.doc_0.odt
2014-02-20 16:16 - 2014-02-20 16:16 - 00001987 _____ () C:\Users\Public\Desktop\Live Update 5.lnk
2014-02-19 08:41 - 2013-07-20 05:17 - 00000000 ____D () C:\Users\user1\AppData\Local\Packages
2014-02-18 21:53 - 2014-02-09 16:47 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-02-18 21:53 - 2014-02-09 16:18 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-02-18 21:53 - 2014-02-09 16:18 - 00280904 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-02-18 20:44 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-18 20:13 - 2013-07-20 05:18 - 00000000 ___RD () C:\Users\user1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-18 20:13 - 2013-07-20 05:18 - 00000000 ___RD () C:\Users\user1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-18 20:12 - 2013-08-22 08:44 - 00362480 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-18 20:11 - 2013-12-14 11:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-18 20:10 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-18 20:07 - 2014-02-18 20:07 - 00002113 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-02-18 20:07 - 2013-12-09 01:51 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-17 15:00 - 2013-08-22 09:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-17 15:00 - 2013-08-22 09:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-16 20:23 - 2014-01-05 01:01 - 00000000 ____D () C:\Rodina
2014-02-16 18:52 - 2014-02-16 18:52 - 00002210 _____ () C:\Users\user1\Desktop\Bitdefender Antivirus Free Edition.lnk
2014-02-16 18:51 - 2014-02-16 18:51 - 00001483 _____ () C:\Users\user1\Desktop\iexplore - Shortcut.lnk
2014-02-16 17:32 - 2013-12-08 23:58 - 00000000 ____D () C:\Users\user1\AppData\Roaming\.technic
2014-02-15 21:14 - 2014-01-14 19:17 - 00000000 ____D () C:\Users\user1\Documents\Visual Studio 2013
2014-02-15 17:00 - 2013-09-15 06:33 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-15 16:59 - 2013-07-19 10:16 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-15 16:38 - 2014-02-15 16:38 - 00000000 ____D () C:\Program Files\DIFX
2014-02-15 16:37 - 2014-02-15 16:37 - 00000000 ____D () C:\Program Files (x86)\Amazon.com
2014-02-14 22:52 - 2014-02-14 22:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 16:53 - 2014-02-14 16:53 - 00000000 ____D () C:\Users\user1\AppData\Roaming\ArcaneWorlds
2014-02-13 21:49 - 2013-12-14 11:04 - 00000000 ____D () C:\Users\user1\AppData\Roaming\NetBeans
2014-02-12 17:57 - 2014-02-12 17:54 - 00000000 ____D () C:\Users\user1\AppData\Local\Ubisoft
2014-02-12 17:54 - 2014-02-12 17:52 - 00000000 ____D () C:\Program Files (x86)\The Mighty Quest For Epic Loot
2014-02-12 17:53 - 2014-02-12 17:53 - 00000000 __SHD () C:\Users\user1\wc
2014-02-12 17:53 - 2014-02-12 17:53 - 00000000 __SHD () C:\Users\user1\AppData\Roaming\wyUpdate AU
2014-02-12 17:53 - 2014-02-12 17:53 - 00000000 ____D () C:\Users\user1\AppData\Roaming\Ubisoft
2014-02-11 23:12 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-11 23:12 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-11 23:12 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-11 20:07 - 2014-02-11 20:07 - 00000000 ____D () C:\Users\user1\AppData\Local\EdgeOfReality
2014-02-10 16:06 - 2013-12-14 10:55 - 00003884 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-10 16:06 - 2013-12-14 10:55 - 00003648 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-10 15:03 - 2014-02-10 15:02 - 00299664 _____ () C:\WINDOWS\Minidump\021014-41062-01.dmp
2014-02-10 15:02 - 2014-02-10 15:02 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-10 15:02 - 2013-09-15 22:11 - 779860448 _____ () C:\WINDOWS\MEMORY.DMP
2014-02-10 12:35 - 2014-01-06 21:11 - 00316312 _____ (Trusteer Ltd.) C:\WINDOWS\system32\Drivers\RapportKE64.sys
2014-02-10 12:35 - 2014-01-06 21:11 - 00273592 _____ (Trusteer Ltd.) C:\WINDOWS\system32\Drivers\RapportHades64.sys
2014-02-09 18:44 - 2014-02-09 18:44 - 00000000 ____D () C:\Users\user1\Documents\Electrontic Arts
2014-02-09 18:44 - 2014-02-09 18:44 - 00000000 ____D () C:\Users\user1\Documents\Electronic Arts
2014-02-09 18:44 - 2014-02-09 18:44 - 00000000 ____D () C:\Users\user1\AppData\Local\Electronic Arts
2014-02-09 17:02 - 2014-02-09 00:18 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-02-09 16:52 - 2014-02-09 16:18 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-02-09 16:47 - 2014-02-09 16:47 - 00000000 ____D () C:\Users\user1\AppData\Local\PunkBuster
2014-02-09 16:47 - 2014-02-09 16:47 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-02-09 16:47 - 2014-02-09 16:46 - 00000000 ____D () C:\Users\user1\Documents\Battlefield 3
2014-02-09 15:50 - 2014-02-09 15:50 - 00000000 ____D () C:\Users\user1\AppData\Local\EA Games
2014-02-09 15:50 - 2013-12-13 18:59 - 00000000 ____D () C:\Users\user1\Documents\EA Games
2014-02-09 15:50 - 2013-12-09 00:55 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-02-09 15:24 - 2014-02-09 00:14 - 00000000 ____D () C:\Users\user1\AppData\Local\Origin
2014-02-09 11:45 - 2014-02-04 21:55 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-02-09 00:18 - 2014-02-09 00:14 - 00000000 ____D () C:\Users\user1\AppData\Roaming\Origin
2014-02-08 14:04 - 2014-02-08 02:24 - 00000000 ____D () C:\Users\user1\AppData\Local\Warframe
2014-02-08 12:34 - 2014-02-18 20:04 - 31432480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 23683360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 15740232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 12324640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-02-08 12:34 - 2014-02-18 20:04 - 11636176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 11589272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 03142432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 02956576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 02782496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 02410784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433489.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433489.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 00892192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 00875296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 00863520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 00844576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 00832424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 00483104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 00408352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 00378656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 00353504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 00333600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 00174296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-02-08 12:34 - 2014-02-18 20:04 - 00148528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-02-08 12:34 - 2013-12-09 00:44 - 18257576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-02-08 12:34 - 2013-12-09 00:44 - 17715784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-02-08 12:34 - 2013-12-09 00:44 - 14669032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-02-08 12:34 - 2013-12-09 00:44 - 03090184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-02-08 12:34 - 2013-12-09 00:44 - 02713728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-02-08 12:34 - 2013-12-09 00:44 - 00947296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-02-08 12:34 - 2013-12-09 00:44 - 00024544 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-02-08 12:34 - 2013-07-19 05:27 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-02-08 12:34 - 2013-07-19 05:27 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-02-08 11:42 - 2013-12-09 01:51 - 06712608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-02-08 11:42 - 2013-12-09 01:51 - 03498272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-02-08 11:42 - 2013-12-09 01:51 - 00923936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-02-08 11:42 - 2013-12-09 01:51 - 00386336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-02-08 11:42 - 2013-12-09 01:51 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-02-08 10:18 - 2014-02-18 20:07 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

Some content of TEMP:
====================
C:\Users\user1\AppData\Local\Temp\bitdefender_isecurity_[quickscan].exe
C:\Users\user1\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\user1\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\user1\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\user1\AppData\Local\Temp\Gw2.exe
C:\Users\user1\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\user1\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\user1\AppData\Local\Temp\i4jdel0.exe
C:\Users\user1\AppData\Local\Temp\install_flashplayer12x32_mssd_aaa_aih.exe
C:\Users\user1\AppData\Local\Temp\install_flashplayer12x32_mssd_aaa_aih_1.exe
C:\Users\user1\AppData\Local\Temp\install_flashplayer12x32_mssd_aaa_aih_2.exe
C:\Users\user1\AppData\Local\Temp\install_flashplayer12x32_mssd_aaa_aih_3.exe
C:\Users\user1\AppData\Local\Temp\install_flashplayer12x32_mssd_aaa_aih_4.exe
C:\Users\user1\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\user1\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\user1\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\user1\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\user1\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\user1\AppData\Local\Temp\nvStInst.exe
C:\Users\user1\AppData\Local\Temp\sonarinst.exe
C:\Users\user1\AppData\Local\Temp\Tsu4E698020.dll
C:\Users\user1\AppData\Local\Temp\ubiEB6A.tmp.exe
C:\Users\user1\AppData\Local\Temp\utt4A52.tmp.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe
[2014-03-02 22:44] - [2014-03-02 22:44] - 0000000 ____A ()

C:\Windows\SysWOW64\wininit.exe IS INFECTED. <===== ATTENTION!

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-06 20:30

==================== End Of Log ============================


Edited by jaxtheop, 09 March 2014 - 12:32 PM.


BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 PM

Posted 10 March 2014 - 08:04 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

 

Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.

  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 jaxtheop

jaxtheop
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:31 AM

Posted 10 March 2014 - 01:15 PM

hello, thanks for helping, i ran this in safemode so that no 3rd party software would load.

 

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-03-10 12:07:40
Windows 6.3.9600  x64 \Device\Harddisk0\DR0 -> \Device\0000002e ST1000DM003-9YN162 rev.CC4B 931.51GB
Running: o4pkkk9k.exe; Driver: C:\Users\user1\AppData\Local\Temp\fxldapoc.sys


---- Threads - GMER 2.1 ----

Thread  C:\WINDOWS\system32\csrss.exe [544:560]                                                                                                                                           fffff9600083b4d0

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control@SystemStartOptions                                                                                                                           NOEXECUTE=OPTIN
Reg     HKLM\SYSTEM\CurrentControlSet\Control@LastBootShutdown                                                                                                                            0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\MSBDD_BNQ7F2569D03865SL0_26_07DD_A0_1414_008D_FFFFFFFF_FFFFFFFF_0^B19CEEB4B28185BD3522BD1962D8159B@Timestamp  0x89 0x24 0x5D 0x86 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Lsa@LsaPid                                                                                                                                  908
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Executive@UuidSequenceNumber                                                                                                4521680
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                                                                 -859829240
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BootId                                                                                 81
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BaseTime                                                                               406102249
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime                                                                                                              14553
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@FwPOSTTime                                                                                                            7734
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID                                                                                                                  ac3b6bd8-1db2-4aea-a85c-a35ac83
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@GlassSessionId                                                                                                              5
Reg     HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\AITEventLog@FileCounter                                                                                                      3
Reg     HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\Intel Application Pairing@FileCounter                                                                                        1
Reg     HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\SQMLogger@FileCounter                                                                                                        1
Reg     HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\WdiContextLog@FileCounter                                                                                                    3
Reg     HKLM\SYSTEM\CurrentControlSet\Services\acpiex\Parameters\Wdf@TimeOfLastSqmLog                                                                                                     0x1D 0xE6 0x61 0x39 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\amdsbs\Parameters\Device-1@RaidCount                                                                                                       13
Reg     HKLM\SYSTEM\CurrentControlSet\Services\cdrom\Parameters\Wdf@TimeOfLastSqmLog                                                                                                      0x72 0x0E 0xF1 0x41 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\cFosSpeed@load_log                                                                                                                         speed: cFosSpeed (x64) (NDIS 6) v6.61.1880 loading 183155.161   183155.161   183155.161 ----------------------------------------------------------------  183155.161   183155.177 This is cFosSpeed (x64) v6.61 (NDIS 6), build 1880  183155.177 Copyright © 2003-2011 Chris Lueders, Martin Winkler --
Reg     HKLM\SYSTEM\CurrentControlSet\Services\CompositeBus\Parameters\Wdf@TimeOfLastSqmLog                                                                                               0x3D 0xAE 0xB0 0x41 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\HDAudBus\Parameters\Wdf@TimeOfLastSqmLog                                                                                                   0xA0 0x23 0xC6 0x41 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\ICCWDT\Parameters\Wdf@TimeOfLastSqmLog                                                                                                     0xBA 0x49 0xEC 0x41 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\msisadrv\Parameters\Wdf@TimeOfLastSqmLog                                                                                                   0xA3 0x82 0x7E 0x39 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\NdisVirtualBus\Parameters\Wdf@TimeOfLastSqmLog                                                                                             0x0A 0xAC 0xEE 0x41 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\netr28ux\Parameters\Wdf@TimeOfLastSqmLog                                                                                                   0x47 0x37 0xDE 0x42 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@ReadyBootPlanAge                                                                                                       0
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                                                                   3752
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                                                                                  733
Reg     HKLM\SYSTEM\CurrentControlSet\Services\UCX01000\Parameters\Wdf@TimeOfLastSqmLog                                                                                                   0x05 0x4D 0x8F 0x41 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\umbus\Parameters\Wdf@TimeOfLastSqmLog                                                                                                      0x3D 0xAE 0xB0 0x41 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\USBHUB3\Parameters\Wdf@TimeOfLastSqmLog                                                                                                    0x08 0x10 0x19 0x42 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\USBXHCI\Parameters\Wdf@TimeOfLastSqmLog                                                                                                    0x84 0x0F 0xD2 0x41 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\vdrvroot\Parameters\Wdf@TimeOfLastSqmLog                                                                                                   0x7C 0x81 0x9D 0x39 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\vwifibus\Parameters\Wdf@TimeOfLastSqmLog                                                                                                   0xEC 0x33 0x79 0x43 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt\Parameters@ServiceDllUnloadOnStop                                                                                                  0
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shutdown@CleanShutdown                                                                                                    1

---- EOF - GMER 2.1 ----
 



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 PM

Posted 11 March 2014 - 06:00 AM

I need the attach.txt from FRST as well.

In addition, do the following:

 

 

 

Search for files with FRST (Recovery Environment)


Run FRST.

Type the following in the edit box after "Search:"

wininit.exe

Click Search button and post the log (Search.txt) it makes to your reply.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 jaxtheop

jaxtheop
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:31 AM

Posted 11 March 2014 - 04:45 PM

thank you very much for helping, here are the things that you asked for

 

Attached File  Addition.txt   41.04KB   2 downloadsAttached File  Search.txt   719bytes   2 downloads



#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 PM

Posted 12 March 2014 - 04:29 AM

Multiple Antivirus Programs installed!

I do not recommend that you have more than one anti-virus product installed and running on your computer at a time.

The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti-virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:

1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.

Therefore please go to add/remove in the control panel and remove either AVG, Norton or BitDefender.

 

 

Going over your logs I noticed that you have uTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep it, please do not use it until your computer is cleaned.

 

 

 

 

Fix with FRST (normal mode)

  • Open notepad (Start =>All Programs => Accessories => Notepad).
  • Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
  • Save it to the same direction as frst.exe (or frst64.exe) as fixlist.txt.

    URLSearchHook: HKLM-x32 - (No Name) - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - No File
    URLSearchHook: HKCU - (No Name) - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - No File
    BHO: No Name - {9DBFDE5D-7E65-9DE6-5968-A46F44ED260C} -  No File
    Toolbar: HKLM-x32 - No Name - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} -  No File
    Toolbar: HKCU - No Name - {D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC} -  No File
    CHR Extension: (websoavee) - C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagmgegamheelfkgomlcmihcfciifpfi [2014-02-23]
    
    Replace: C:\Windows\System32\wininit.exe C:\Windows\SysWOW64\wininit.exe
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.


If the program is already installed:
  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 jaxtheop

jaxtheop
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:31 AM

Posted 12 March 2014 - 07:57 PM

heres what you wanted

 

thanksAttached File  mbam-log-2014-03-12 (15-43-02).txt   1.83KB   1 downloadsAttached File  Fixlog.txt   2.07KB   1 downloads



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 PM

Posted 13 March 2014 - 08:29 AM

Looks good!

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 jaxtheop

jaxtheop
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:31 AM

Posted 13 March 2014 - 05:40 PM

hello,

 

I had to run ESAT in safemode because i still couldent download it, error 2002, it downloads, but theres always an error, if i was not more specific earlier

 

thanks

 

Attached File  ESATscanresults.txt   687bytes   3 downloads



#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 PM

Posted 15 March 2014 - 08:41 AM

Which brwoser displays the error?

Have you tried another?


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 jaxtheop

jaxtheop
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:31 AM

Posted 15 March 2014 - 01:09 PM

its not the browser that displayed the error, when i tryed to install it in the esat installer it gave the error 2002, i have tried to download esat before, and after i try to install it it says the download was corrupt. With different things like nortons intellegant installer i have tried different browsers, and didnt work, and they dont even start, my computer says its corrupt before it goes into the launcher, esat has been the exeption. I would also like to note that when i went into safemode, i used the same download, not downloaded again, but i used the same file to download, and it wasent corrupt that time.



#12 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 PM

Posted 15 March 2014 - 02:51 PM

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe


When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#13 jaxtheop

jaxtheop
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:31 AM

Posted 15 March 2014 - 04:50 PM

hello,

 

i get an error saying "ComboFix is not meant to run in 'Compatibility Mode'. The program shall now exit." when i try to run it, all antiviruses were disabled. I also went into safemode and it said it didnt support windows 2000 anymore. I made sure it was downloaded to my desktop

 

thanks


Edited by jaxtheop, 16 March 2014 - 01:14 AM.


#14 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 PM

Posted 17 March 2014 - 03:00 AM

Please follow this tutorial to refresh your windows system files: http://windows.microsoft.com/en-us/windows-8/restore-refresh-reset-pc


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#15 jaxtheop

jaxtheop
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:31 AM

Posted 17 March 2014 - 11:10 PM

hello, it says i have to have the installation disk, which i cant find. I searched for a way, but then it required windows 8 instead of windows 8.1, also where you have to enter your key, which is with my disk.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users