Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Farbar Recovery Scan Tool Results


  • This topic is locked This topic is locked
30 replies to this topic

#1 Pl34seH3lp

Pl34seH3lp

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:56 PM

Posted 12 March 2014 - 04:41 PM

DDS didn't work on my computer, said can not run in compatibility mode - I didn't set it up to run in compatibility mode.\

This are Farbar's results: Please help!! :) -  Also, i disabled something called "Disk monitor" in my startup .

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-03-2014
Ran by Dustin (administrator) on ULTIMATEPC on 12-03-2014 16:37:14
Running from D:\Downloads
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(SUPERAntiSpyware.com) D:\Tools\SuperAntiSpyware Free Edition\SASCORE64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Malwarebytes Corporation) D:\Programs\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Programs\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) D:\Programs\Malwarebytes' Anti-Malware\mbamgui.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(VoipBuster) C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe
(SUPERAntiSpyware) D:\Tools\SuperAntiSpyware Free Edition\SUPERAntiSpyware.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MsoSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Dustin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7192792 2013-07-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-04] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] - "C:\Windows\system32\igfxtray.exe"
HKLM\...\Run: [HotKeysCmds] - "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] - "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-08-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Family Tree Builder Update] - C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2532864 2013-12-09] (MyHeritage)
HKLM-x32\...\Run: [Disk Monitor] - C:\Program Files (x86)\Generic\USB Card Reader Driver v1.9a1\Disk_Monitor.exe [466944 2003-03-20] (Neodio Corp.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3551576 2013-12-24] (Electronic Arts)
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.)
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [GoogleChromeAutoLaunch_519B716C98D43A154C4D117C56AD7788] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859464 2014-03-01] (Google Inc.)
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [VoipBuster] - C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe [19753792 2014-02-11] (VoipBuster)
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [Itibiti.exe] - C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [Google Update] - C:\Users\Dustin\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-05] (Google Inc.)
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [SUPERAntiSpyware] - D:\Tools\SuperAntiSpyware Free Edition\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
AppInit_DLLs-x32: c:\progra~2\optimi~1\optpro~1.dll => "c:\progra~2\optimi~1\optpro~1.dll" File Not Found
Startup: C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
Startup: C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
URLSearchHook: HKLM-x32 - SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll (Site Finder)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_11_ff&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0Bzz0AzytCyE0ByDtAyCtCtN0D0Tzu0SzztDtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0AtByBtDzy0CzztGyDyEtB0DtGyDyByDtDtG0CtByC0EtGtDyC0FzyyCtDtDyC0EtCtAyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzztBtB0B0A0BtCtGtD0DtDtBtGtAzyzy0CtGtDyCtB0FtGtA0DtC0Azyzz0D0FyD0E0BtD2Q&cr=900545990&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_11_ff&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0Bzz0AzytCyE0ByDtAyCtCtN0D0Tzu0SzztDtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0AtByBtDzy0CzztGyDyEtB0DtGyDyByDtDtG0CtByC0EtGtDyC0FzyyCtDtDyC0EtCtAyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzztBtB0B0A0BtCtGtD0DtDtBtGtAzyzy0CtGtDyCtB0FtGtA0DtC0Azyzz0D0FyD0E0BtD2Q&cr=900545990&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll (Site Finder)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\5mns3nhb.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Dustin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Dustin\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Dustin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dustin\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dustin\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Dustin\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dustin\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Dustin\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: A Mystical Land Installer - C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\5mns3nhb.default\Extensions\MysticalLandInstaller@madottergames.com [2014-01-22]
FF Extension: MEGA - C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\5mns3nhb.default\Extensions\firefox@mega.co.nz.xpi [2014-03-11]
FF Extension: Mega Browse - C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\5mns3nhb.default\Extensions\{29b136c9-938d-4d3d-8df8-d649d9b74d02}.xpi [2014-03-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-01-03]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\IPSFF [2014-02-18]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider:       "name": "Mysearchdial"
CHR Extension: (Skype Click to Call) - C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-05]
CHR Extension: (Norton Identity Protection) - C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-02-18]
CHR Extension: (Hangouts) - C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-03-04]
CHR Extension: (Google Wallet) - C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx [2014-02-24]

==================== Services (Whitelisted) =================

R2 !SASCORE; D:\Tools\SuperAntiSpyware Free Edition\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2013-06-24] (ASUSTeK Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 MBAMScheduler; D:\Programs\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; D:\Programs\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2014-02-14] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2014-02-02] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-02-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-02-18] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\IPSDefs\20140311.001\IDSvia64.sys [524504 2014-03-05] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-27] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\VirusDefs\20140312.001\ENG64.SYS [126040 2014-02-18] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\VirusDefs\20140312.001\EX64.SYS [2099288 2014-02-18] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R1 SASDIFSV; D:\Tools\SuperAntiSpyware Free Edition\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; D:\Tools\SuperAntiSpyware Free Edition\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-27] (Microsoft Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-07-30] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1501000.012\SymELAM.sys [23568 2013-07-31] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-07-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S1 UimBus; C:\Windows\System32\drivers\uimx64.sys [90960 2012-10-31] (Windows ® 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633552 2012-10-31] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390224 2012-10-31] (Paragon)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S4 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-01-14] (Basil Projects)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EraserUtilDrv11310; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys [X]
S3 EraserUtilDrv11312; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11312.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-12 16:37 - 2014-03-12 16:37 - 00000000 ____D () C:\FRST
2014-03-12 14:56 - 2014-03-12 14:56 - 00001802 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-12 14:56 - 2014-03-12 14:56 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Apple Computer
2014-03-12 14:55 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-03-12 14:54 - 2014-03-12 14:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-12 14:54 - 2014-03-12 14:55 - 00000000 ____D () C:\Program Files\iTunes
2014-03-12 14:54 - 2014-03-12 14:55 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-12 14:54 - 2014-03-12 14:54 - 00000000 ____D () C:\Program Files\iPod
2014-03-12 14:51 - 2014-03-12 14:51 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-12 14:51 - 2014-03-12 14:51 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-12 14:51 - 2014-03-12 14:51 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-12 14:32 - 2014-03-12 15:57 - 00000554 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task c354575b-b536-4a7a-8e3d-e8f937c615e7.job
2014-03-12 14:32 - 2014-03-12 15:57 - 00000554 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 9960357e-e38b-4bda-8a09-fdb4c7c65f34.job
2014-03-12 14:32 - 2014-03-12 14:32 - 00003614 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 9960357e-e38b-4bda-8a09-fdb4c7c65f34
2014-03-12 14:32 - 2014-03-12 14:32 - 00003532 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task c354575b-b536-4a7a-8e3d-e8f937c615e7
2014-03-12 14:32 - 2014-03-12 14:32 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\SUPERAntiSpyware.com
2014-03-12 14:31 - 2014-03-12 14:31 - 00000933 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-03-12 14:31 - 2014-03-12 14:31 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-03-12 14:19 - 2014-03-12 14:19 - 00000765 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-12 14:19 - 2014-03-12 14:19 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Malwarebytes
2014-03-12 14:19 - 2014-03-12 14:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-12 14:19 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-11 21:28 - 2014-03-12 16:00 - 00000042 _____ () C:\Users\Dustin\AppData\Local\RawCopy.sourcedisk.filepath
2014-03-11 21:28 - 2014-03-11 22:57 - 00000012 _____ () C:\Users\Dustin\AppData\Local\RawCopy.opendialog.dir
2014-03-11 21:28 - 2014-03-11 22:57 - 00000001 _____ () C:\Users\Dustin\AppData\Local\RawCopy.opendialog.filterindex
2014-03-11 21:27 - 2014-03-12 16:00 - 00000001 _____ () C:\Users\Dustin\AppData\Local\RawCopy.sourcedisk.index
2014-03-11 21:23 - 2014-03-11 21:23 - 00000001 _____ () C:\Users\Dustin\AppData\Local\RawCopy.1.02.agreement
2014-03-11 21:14 - 2014-03-11 21:20 - 780523831 _____ () C:\Users\Dustin\Desktop\DROIDBOX_iMX6_22-11-2013.rar
2014-03-11 21:10 - 2014-03-11 21:10 - 01648640 _____ () C:\Users\Dustin\Desktop\HDDRawCopy1.02Portable.exe
2014-03-11 15:49 - 2014-03-11 15:49 - 00000047 _____ () C:\Users\Dustin\AppData\Roaming\WB.CFG
2014-03-11 15:48 - 2014-03-11 15:48 - 00724992 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe
2014-03-11 15:48 - 2014-03-11 15:48 - 00000000 ____D () C:\Users\Dustin\Downloads\Reader
2014-03-11 15:48 - 2014-03-11 15:48 - 00000000 ____D () C:\Program Files (x86)\Generic
2014-03-11 15:47 - 2014-03-11 15:47 - 02668841 _____ () C:\Users\Dustin\Downloads\Reader.zip
2014-03-11 15:47 - 2014-03-11 15:47 - 00000000 ____D () C:\Program Files (x86)\SiteFinder
2014-03-11 14:27 - 2014-03-11 14:27 - 00016896 _____ (ASUS) C:\WINDOWS\AsTaskSched.dll
2014-03-11 13:26 - 2014-03-11 13:26 - 00000919 _____ () C:\Users\Dustin\Documents\Downloads - Shortcut.lnk
2014-03-07 14:27 - 2014-03-07 14:35 - 00000000 ____D () C:\Users\Dustin\Documents\MyHeritage
2014-03-07 14:27 - 2014-03-07 14:34 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\MyHeritage
2014-03-07 14:27 - 2014-03-07 14:34 - 00000000 ____D () C:\ProgramData\MyHeritage
2014-03-07 14:24 - 2014-03-07 14:24 - 00001144 _____ () C:\Users\Dustin\Desktop\MyHeritage Family Tree Builder.lnk
2014-03-07 14:24 - 2014-03-07 14:24 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\The Complete Genealogy Reporter - FTB
2014-03-07 14:24 - 2014-03-07 14:24 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2014-03-07 14:24 - 2014-03-07 14:24 - 00000000 ____D () C:\Program Files (x86)\MyHeritage
2014-03-07 14:24 - 2012-08-02 08:56 - 00606208 _____ (Lorenzi Davide) C:\WINDOWS\SysWOW64\HexUniRTFBox.ocx
2014-03-07 14:24 - 2010-06-17 19:49 - 02029056 _____ (Bytescout) C:\WINDOWS\SysWOW64\PDFDocScout.DLL
2014-03-07 14:24 - 2004-12-07 11:11 - 00258352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unicows.dll
2014-03-07 14:24 - 2003-07-06 14:07 - 00372736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ijl15.dll
2014-03-07 14:24 - 2002-03-07 01:19 - 00454656 _____ () C:\WINDOWS\SysWOW64\PaintX.dll
2014-03-07 14:24 - 2000-05-22 17:58 - 00608448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx
2014-03-07 14:24 - 2000-03-14 00:00 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL
2014-03-07 14:24 - 1998-06-24 01:00 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmapi32.ocx
2014-03-05 14:49 - 2014-03-07 08:19 - 00000000 ____D () C:\Users\Dustin\Documents\My Digital Editions
2014-03-05 14:49 - 2014-03-05 14:49 - 00002197 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2014-03-05 14:49 - 2014-03-05 14:49 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Adobe_Systems_Incorporate
2014-03-05 14:48 - 2014-03-05 14:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-03-05 13:51 - 2014-03-05 13:55 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\vlc
2014-03-05 13:51 - 2014-03-05 13:51 - 00001089 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-05 13:51 - 2014-03-05 13:51 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-03-05 10:19 - 2014-03-12 16:24 - 00000934 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001UA.job
2014-03-05 10:19 - 2014-03-05 10:24 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001Core.job
2014-03-05 10:19 - 2014-03-05 10:19 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001UA
2014-03-05 10:19 - 2014-03-05 10:19 - 00003502 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001Core
2014-03-05 00:05 - 2014-03-05 00:05 - 00002138 _____ () C:\Users\Public\Desktop\Xilisoft Audio Converter 6.lnk
2014-03-05 00:05 - 2014-03-05 00:05 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Xilisoft
2014-03-05 00:04 - 2014-03-05 00:04 - 00000000 ____D () C:\ProgramData\Xilisoft
2014-03-05 00:04 - 2014-03-05 00:04 - 00000000 ____D () C:\Program Files (x86)\Xilisoft
2014-03-04 23:28 - 2014-03-04 23:36 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\VoipBuster
2014-03-04 23:28 - 2014-03-04 23:28 - 00001231 _____ () C:\Users\Dustin\Desktop\VoipBuster.lnk
2014-03-04 23:28 - 2014-03-04 23:28 - 00000000 ____D () C:\Program Files (x86)\VoipBuster.com
2014-02-27 16:17 - 2014-02-27 16:17 - 00000793 _____ () C:\Users\Dustin\Desktop\Rocksmith 2014.lnk
2014-02-25 19:58 - 2014-02-25 19:58 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-02-25 19:58 - 2014-02-25 19:58 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Ubisoft Game Launcher
2014-02-25 18:26 - 2014-02-20 01:33 - 01037734 _____ (Thisisu) C:\Users\Dustin\Desktop\JRT_NEW.exe
2014-02-25 17:07 - 2014-02-25 18:31 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Windows Live
2014-02-25 15:21 - 2014-02-25 15:21 - 00094208 _____ (Blizzard Entertainment) C:\WINDOWS\ScUnin.exe
2014-02-25 15:21 - 2014-02-25 15:21 - 00013902 _____ () C:\WINDOWS\scunin.dat
2014-02-25 15:21 - 2014-02-25 15:21 - 00000967 _____ () C:\WINDOWS\ScUnin.pif
2014-02-25 15:20 - 2014-02-26 18:22 - 00000000 ____D () C:\Program Files (x86)\Starcraft
2014-02-25 14:50 - 2014-03-11 19:25 - 00000000 ____D () C:\Users\Dustin\AppData\Local\CrashDumps
2014-02-25 14:49 - 2014-02-25 14:53 - 00000000 ____D () C:\Program Files (x86)\Diablo
2014-02-25 14:49 - 2014-02-25 14:50 - 00007162 _____ () C:\WINDOWS\DiabUnin.dat
2014-02-25 14:49 - 2014-02-25 14:49 - 00118784 _____ (Blizzard Entertainment) C:\WINDOWS\DiabUnin.exe
2014-02-25 14:49 - 2014-02-25 14:49 - 00002829 _____ () C:\WINDOWS\DiabUnin.pif
2014-02-25 14:49 - 2014-02-25 14:49 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo
2014-02-24 19:50 - 2014-02-24 20:23 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\TeamViewer
2014-02-24 19:50 - 2014-02-24 19:50 - 00001185 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-24 19:50 - 2014-02-24 19:50 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-24 19:46 - 2014-02-24 19:46 - 00000000 ____H () C:\Users\Dustin\Documents\Default.rdp
2014-02-20 21:33 - 2014-02-21 16:51 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Overwolf
2014-02-20 21:01 - 2014-02-24 22:00 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\TS3Client
2014-02-20 21:01 - 2014-02-20 21:01 - 00000575 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-02-19 14:48 - 2014-02-19 14:48 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-02-18 18:30 - 2014-02-19 14:43 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-02-18 18:30 - 2014-02-18 18:29 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-02-18 18:29 - 2014-02-19 14:43 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-02-18 18:29 - 2014-02-19 14:42 - 00002528 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-02-18 18:29 - 2014-02-18 18:49 - 00000000 ____D () C:\ProgramData\Norton
2014-02-18 18:29 - 2014-02-18 18:29 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-02-18 18:29 - 2014-02-18 18:29 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-02-18 18:29 - 2014-02-18 18:29 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-02-18 17:40 - 2014-03-12 14:11 - 00000000 ____D () C:\AdwCleaner
2014-02-18 17:35 - 2014-02-18 17:35 - 00001051 _____ () C:\Users\Public\Desktop\CPUID HWMonitorPro.lnk
2014-02-18 17:25 - 2014-02-18 17:25 - 00002156 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-02-18 17:25 - 2014-02-18 17:25 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-18 17:24 - 2014-02-08 11:18 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-02-18 17:22 - 2014-02-08 13:34 - 31432480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 23683360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 17715784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 12324640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-02-18 17:22 - 2014-02-08 13:34 - 11636176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 11589272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 03142432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 02956576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 02782496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 02410784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433489.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433489.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00892192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00875296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00863520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00844576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00832424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00483104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00408352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00378656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00353504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00333600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00174296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00148528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-02-18 17:22 - 2013-11-28 08:38 - 00197408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-02-18 17:22 - 2013-11-28 08:38 - 00031520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-02-18 17:22 - 2013-11-22 03:36 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2014-02-18 17:21 - 2014-02-18 17:21 - 00000000 ____D () C:\NVIDIA
2014-02-18 17:07 - 2014-02-18 17:07 - 00000000 ____D () C:\Users\Dustin\AppData\Local\NVIDIA Corporation
2014-02-18 17:06 - 2014-02-18 17:14 - 00000000 ____D () C:\Users\Dustin\AppData\Local\NVIDIA
2014-02-18 17:06 - 2014-01-20 21:54 - 01179576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-02-18 17:06 - 2014-01-20 21:54 - 01048152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-02-18 17:05 - 2013-12-27 13:42 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-02-18 17:05 - 2013-12-27 13:42 - 00035104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2014-02-18 17:05 - 2013-12-27 13:42 - 00033056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-02-18 16:52 - 2014-02-18 16:52 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-02-18 16:34 - 2014-02-18 16:34 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-17 20:13 - 2013-12-23 22:18 - 00000842 _____ () C:\Users\Dustin\Desktop\µTorrent.lnk
2014-02-17 20:02 - 2013-12-24 04:48 - 00000988 _____ () C:\Users\Dustin\Desktop\Steam.lnk
2014-02-15 23:04 - 2013-11-26 05:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-15 23:04 - 2013-11-23 06:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-15 23:04 - 2013-11-22 22:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-15 23:04 - 2013-11-22 22:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-15 23:04 - 2013-11-22 22:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-15 23:04 - 2013-11-22 22:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-15 23:03 - 2013-12-08 19:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-15 23:03 - 2013-12-08 19:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-15 23:03 - 2013-11-27 10:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-15 23:03 - 2013-11-27 10:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-15 23:03 - 2013-11-27 09:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-15 23:03 - 2013-11-27 08:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-15 23:03 - 2013-11-27 07:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-15 23:03 - 2013-11-27 05:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-15 23:03 - 2013-11-27 05:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-15 23:03 - 2013-11-27 05:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-15 23:03 - 2013-11-27 04:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-15 23:03 - 2013-11-27 04:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-15 23:03 - 2013-11-27 04:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-15 23:03 - 2013-11-27 04:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-15 23:03 - 2013-11-27 03:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-15 23:03 - 2013-11-27 03:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-15 23:03 - 2013-11-26 23:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-15 23:03 - 2013-11-26 08:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-15 23:03 - 2013-11-26 08:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-15 23:03 - 2013-11-26 08:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-15 23:03 - 2013-11-26 08:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-15 23:03 - 2013-11-26 06:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-15 23:03 - 2013-11-26 06:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-15 23:03 - 2013-11-26 06:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-15 23:03 - 2013-11-26 04:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-15 23:03 - 2013-11-26 03:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-15 23:03 - 2013-11-24 20:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-15 23:03 - 2013-11-24 20:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-15 23:03 - 2013-11-24 18:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-15 23:03 - 2013-11-24 18:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-15 23:03 - 2013-11-23 07:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-15 23:03 - 2013-11-23 03:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-15 23:03 - 2013-11-23 02:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-15 23:03 - 2013-11-23 02:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-15 23:03 - 2013-11-23 02:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-15 23:03 - 2013-11-22 23:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-15 23:03 - 2013-11-22 22:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-15 23:03 - 2013-11-22 22:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-15 23:03 - 2013-11-21 01:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-15 23:03 - 2013-11-21 01:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-15 23:03 - 2013-11-16 00:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-15 23:03 - 2013-11-15 13:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-15 23:03 - 2013-11-15 09:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-15 23:03 - 2013-11-15 09:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-15 23:03 - 2013-11-15 09:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-15 23:03 - 2013-11-15 08:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-15 23:03 - 2013-11-05 15:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-15 23:03 - 2013-10-30 19:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-15 23:03 - 2013-10-30 18:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-14 02:04 - 2014-02-14 02:04 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NINJAM
2014-02-14 02:04 - 2014-02-14 02:04 - 00000000 ____D () C:\Program Files (x86)\NINJAM
2014-02-13 21:16 - 2014-02-19 14:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 20:32 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-13 20:32 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-13 20:32 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-13 20:32 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-13 20:32 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-13 20:32 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-13 20:32 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-13 20:32 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-13 20:32 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-13 20:32 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-13 20:32 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-13 20:32 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-13 20:32 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-13 20:32 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-13 20:32 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-13 20:32 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-13 20:32 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-13 20:32 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-13 20:32 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-13 20:32 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-13 20:32 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-13 20:32 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-13 20:32 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-13 20:32 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-13 20:32 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-13 20:32 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-13 20:32 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-13 20:32 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-13 20:32 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-13 20:32 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-13 20:32 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-13 20:32 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-13 20:32 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-13 20:32 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-13 20:32 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-13 20:32 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-13 20:32 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-13 20:32 - 2014-01-07 00:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-13 20:32 - 2014-01-06 23:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-13 20:32 - 2013-12-08 19:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-13 20:32 - 2013-12-08 19:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-13 20:32 - 2013-12-08 18:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-13 20:32 - 2013-12-08 18:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-13 20:32 - 2013-11-21 01:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-13 20:32 - 2013-11-21 00:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-13 20:31 - 2014-01-09 03:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-13 20:31 - 2014-01-09 02:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-13 20:31 - 2014-01-09 02:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-13 20:31 - 2014-01-09 02:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-13 20:31 - 2014-01-09 02:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-13 20:31 - 2014-01-09 02:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-13 20:31 - 2014-01-09 02:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-13 20:31 - 2014-01-09 02:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-13 20:31 - 2014-01-09 02:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-13 20:31 - 2014-01-09 02:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-13 20:31 - 2014-01-07 02:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-13 20:31 - 2014-01-07 00:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-13 20:31 - 2014-01-04 15:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-13 20:31 - 2014-01-04 14:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-13 20:31 - 2014-01-04 09:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-13 20:31 - 2014-01-04 09:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-13 20:31 - 2014-01-04 08:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-13 20:31 - 2014-01-04 08:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-13 20:31 - 2014-01-04 08:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-13 20:31 - 2014-01-04 08:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-13 20:31 - 2013-12-20 21:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-13 20:31 - 2013-12-20 21:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-13 20:31 - 2013-12-20 05:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-13 20:31 - 2013-12-20 01:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-13 20:31 - 2013-12-08 21:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-13 20:31 - 2013-12-08 20:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-11 21:21 - 2014-02-11 19:08 - 00000426 _____ () C:\AVScanner.ini
2014-02-11 20:20 - 2014-02-11 20:20 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\eJamming
2014-02-11 20:19 - 2014-02-11 20:19 - 00001163 _____ () C:\Users\Public\Desktop\eJamming AUDiiO.lnk
2014-02-11 20:19 - 2014-02-11 20:19 - 00000000 ____D () C:\Program Files (x86)\eJamming

==================== One Month Modified Files and Folders =======

2014-03-12 16:37 - 2014-03-12 16:37 - 00000000 ____D () C:\FRST
2014-03-12 16:37 - 2014-01-22 21:06 - 00004968 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ULTIMATEPC-Dustin UltimatePC
2014-03-12 16:32 - 2013-12-23 20:05 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-178646866-1240154784-113881889-1001
2014-03-12 16:28 - 2014-01-22 16:37 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-12 16:28 - 2013-12-27 14:45 - 00000000 __RDO () C:\Users\Dustin\SkyDrive
2014-03-12 16:27 - 2013-12-27 14:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-12 16:27 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-12 16:27 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-12 16:24 - 2014-03-05 10:19 - 00000934 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001UA.job
2014-03-12 16:18 - 2013-12-27 14:18 - 01384345 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-12 16:04 - 2013-12-23 22:08 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-12 16:03 - 2013-11-14 02:28 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-12 16:00 - 2014-03-11 21:28 - 00000042 _____ () C:\Users\Dustin\AppData\Local\RawCopy.sourcedisk.filepath
2014-03-12 16:00 - 2014-03-11 21:27 - 00000001 _____ () C:\Users\Dustin\AppData\Local\RawCopy.sourcedisk.index
2014-03-12 16:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-12 15:57 - 2014-03-12 14:32 - 00000554 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task c354575b-b536-4a7a-8e3d-e8f937c615e7.job
2014-03-12 15:57 - 2014-03-12 14:32 - 00000554 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 9960357e-e38b-4bda-8a09-fdb4c7c65f34.job
2014-03-12 15:56 - 2013-11-14 02:20 - 00578334 _____ () C:\WINDOWS\PFRO.log
2014-03-12 15:56 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-12 14:56 - 2014-03-12 14:56 - 00001802 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-12 14:56 - 2014-03-12 14:56 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Apple Computer
2014-03-12 14:56 - 2014-01-24 16:34 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Apple Computer
2014-03-12 14:55 - 2014-03-12 14:54 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-12 14:55 - 2014-03-12 14:54 - 00000000 ____D () C:\Program Files\iTunes
2014-03-12 14:55 - 2014-03-12 14:54 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-12 14:54 - 2014-03-12 14:54 - 00000000 ____D () C:\Program Files\iPod
2014-03-12 14:54 - 2014-01-23 16:00 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-03-12 14:52 - 2014-01-23 16:00 - 00000000 ____D () C:\ProgramData\Apple
2014-03-12 14:52 - 2014-01-22 16:37 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-12 14:51 - 2014-03-12 14:51 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-12 14:51 - 2014-03-12 14:51 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-12 14:51 - 2014-03-12 14:51 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-12 14:32 - 2014-03-12 14:32 - 00003614 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 9960357e-e38b-4bda-8a09-fdb4c7c65f34
2014-03-12 14:32 - 2014-03-12 14:32 - 00003532 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task c354575b-b536-4a7a-8e3d-e8f937c615e7
2014-03-12 14:32 - 2014-03-12 14:32 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\SUPERAntiSpyware.com
2014-03-12 14:31 - 2014-03-12 14:31 - 00000933 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-03-12 14:31 - 2014-03-12 14:31 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-03-12 14:19 - 2014-03-12 14:19 - 00000765 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-12 14:19 - 2014-03-12 14:19 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Malwarebytes
2014-03-12 14:19 - 2014-03-12 14:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-12 14:11 - 2014-02-18 17:40 - 00000000 ____D () C:\AdwCleaner
2014-03-12 14:03 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-12 13:57 - 2013-12-27 21:12 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4E79C51D-1407-4EE0-AD04-8F588FDCFE5E}
2014-03-12 02:07 - 2014-02-05 00:02 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Skype
2014-03-11 22:57 - 2014-03-11 21:28 - 00000012 _____ () C:\Users\Dustin\AppData\Local\RawCopy.opendialog.dir
2014-03-11 22:57 - 2014-03-11 21:28 - 00000001 _____ () C:\Users\Dustin\AppData\Local\RawCopy.opendialog.filterindex
2014-03-11 21:23 - 2014-03-11 21:23 - 00000001 _____ () C:\Users\Dustin\AppData\Local\RawCopy.1.02.agreement
2014-03-11 21:20 - 2014-03-11 21:14 - 780523831 _____ () C:\Users\Dustin\Desktop\DROIDBOX_iMX6_22-11-2013.rar
2014-03-11 21:10 - 2014-03-11 21:10 - 01648640 _____ () C:\Users\Dustin\Desktop\HDDRawCopy1.02Portable.exe
2014-03-11 20:20 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-03-11 19:25 - 2014-02-25 14:50 - 00000000 ____D () C:\Users\Dustin\AppData\Local\CrashDumps
2014-03-11 18:06 - 2013-08-22 09:46 - 00023792 _____ () C:\WINDOWS\setupact.log
2014-03-11 15:49 - 2014-03-11 15:49 - 00000047 _____ () C:\Users\Dustin\AppData\Roaming\WB.CFG
2014-03-11 15:48 - 2014-03-11 15:48 - 00724992 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe
2014-03-11 15:48 - 2014-03-11 15:48 - 00000000 ____D () C:\Users\Dustin\Downloads\Reader
2014-03-11 15:48 - 2014-03-11 15:48 - 00000000 ____D () C:\Program Files (x86)\Generic
2014-03-11 15:47 - 2014-03-11 15:47 - 02668841 _____ () C:\Users\Dustin\Downloads\Reader.zip
2014-03-11 15:47 - 2014-03-11 15:47 - 00000000 ____D () C:\Program Files (x86)\SiteFinder
2014-03-11 14:27 - 2014-03-11 14:27 - 00016896 _____ (ASUS) C:\WINDOWS\AsTaskSched.dll
2014-03-11 13:26 - 2014-03-11 13:26 - 00000919 _____ () C:\Users\Dustin\Documents\Downloads - Shortcut.lnk
2014-03-11 13:04 - 2013-12-23 22:08 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-11 12:24 - 2013-12-23 20:25 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Mozilla
2014-03-07 15:36 - 2014-01-28 20:28 - 00000000 ____D () C:\Program Files (x86)\DSPRobotics
2014-03-07 14:35 - 2014-03-07 14:27 - 00000000 ____D () C:\Users\Dustin\Documents\MyHeritage
2014-03-07 14:34 - 2014-03-07 14:27 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\MyHeritage
2014-03-07 14:34 - 2014-03-07 14:27 - 00000000 ____D () C:\ProgramData\MyHeritage
2014-03-07 14:24 - 2014-03-07 14:24 - 00001144 _____ () C:\Users\Dustin\Desktop\MyHeritage Family Tree Builder.lnk
2014-03-07 14:24 - 2014-03-07 14:24 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\The Complete Genealogy Reporter - FTB
2014-03-07 14:24 - 2014-03-07 14:24 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2014-03-07 14:24 - 2014-03-07 14:24 - 00000000 ____D () C:\Program Files (x86)\MyHeritage
2014-03-07 08:19 - 2014-03-05 14:49 - 00000000 ____D () C:\Users\Dustin\Documents\My Digital Editions
2014-03-06 20:55 - 2013-12-24 14:21 - 00001057 _____ () C:\Users\Dustin\AppData\Roaming\vso_ts_preview.xml
2014-03-06 20:55 - 2013-12-23 20:43 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\uTorrent
2014-03-06 20:49 - 2013-12-24 14:31 - 00000000 ____D () C:\Users\Dustin\Documents\ConvertXToDVD
2014-03-06 20:19 - 2013-12-24 14:21 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Vso
2014-03-06 00:39 - 2013-12-27 14:23 - 00000000 ____D () C:\Users\Dustin
2014-03-05 14:49 - 2014-03-05 14:49 - 00002197 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2014-03-05 14:49 - 2014-03-05 14:49 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Adobe_Systems_Incorporate
2014-03-05 14:49 - 2014-03-05 14:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-03-05 14:49 - 2013-08-20 12:03 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-05 13:55 - 2014-03-05 13:51 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\vlc
2014-03-05 13:51 - 2014-03-05 13:51 - 00001089 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-05 13:51 - 2014-03-05 13:51 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-03-05 10:24 - 2014-03-05 10:19 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001Core.job
2014-03-05 10:20 - 2014-01-22 16:37 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Google
2014-03-05 10:19 - 2014-03-05 10:19 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001UA
2014-03-05 10:19 - 2014-03-05 10:19 - 00003502 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001Core
2014-03-05 00:05 - 2014-03-05 00:05 - 00002138 _____ () C:\Users\Public\Desktop\Xilisoft Audio Converter 6.lnk
2014-03-05 00:05 - 2014-03-05 00:05 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Xilisoft
2014-03-05 00:04 - 2014-03-05 00:04 - 00000000 ____D () C:\ProgramData\Xilisoft
2014-03-05 00:04 - 2014-03-05 00:04 - 00000000 ____D () C:\Program Files (x86)\Xilisoft
2014-03-04 23:36 - 2014-03-04 23:28 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\VoipBuster
2014-03-04 23:28 - 2014-03-04 23:28 - 00001231 _____ () C:\Users\Dustin\Desktop\VoipBuster.lnk
2014-03-04 23:28 - 2014-03-04 23:28 - 00000000 ____D () C:\Program Files (x86)\VoipBuster.com
2014-03-04 22:26 - 2013-12-23 20:14 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-02-27 16:17 - 2014-02-27 16:17 - 00000793 _____ () C:\Users\Dustin\Desktop\Rocksmith 2014.lnk
2014-02-27 16:17 - 2013-12-27 13:20 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocksmith 2014
2014-02-26 18:22 - 2014-02-25 15:20 - 00000000 ____D () C:\Program Files (x86)\Starcraft
2014-02-25 19:58 - 2014-02-25 19:58 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-02-25 19:58 - 2014-02-25 19:58 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Ubisoft Game Launcher
2014-02-25 18:31 - 2014-02-25 17:07 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Windows Live
2014-02-25 15:21 - 2014-02-25 15:21 - 00094208 _____ (Blizzard Entertainment) C:\WINDOWS\ScUnin.exe
2014-02-25 15:21 - 2014-02-25 15:21 - 00013902 _____ () C:\WINDOWS\scunin.dat
2014-02-25 15:21 - 2014-02-25 15:21 - 00000967 _____ () C:\WINDOWS\ScUnin.pif
2014-02-25 15:19 - 2014-02-02 22:36 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\DAEMON Tools Pro
2014-02-25 15:19 - 2014-02-02 22:34 - 00000000 ____D () C:\ProgramData\DAEMON Tools Pro
2014-02-25 14:53 - 2014-02-25 14:49 - 00000000 ____D () C:\Program Files (x86)\Diablo
2014-02-25 14:51 - 2013-12-23 19:56 - 00000000 ____D () C:\Users\Dustin\AppData\Local\VirtualStore
2014-02-25 14:50 - 2014-02-25 14:49 - 00007162 _____ () C:\WINDOWS\DiabUnin.dat
2014-02-25 14:49 - 2014-02-25 14:49 - 00118784 _____ (Blizzard Entertainment) C:\WINDOWS\DiabUnin.exe
2014-02-25 14:49 - 2014-02-25 14:49 - 00002829 _____ () C:\WINDOWS\DiabUnin.pif
2014-02-25 14:49 - 2014-02-25 14:49 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo
2014-02-25 14:44 - 2013-08-22 09:44 - 00554168 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-24 22:00 - 2014-02-20 21:01 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\TS3Client
2014-02-24 20:35 - 2013-09-18 02:24 - 00564477 _____ () C:\Users\Dustin\Desktop\NTR 2014 v1.0.exe
2014-02-24 20:23 - 2014-02-24 19:50 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\TeamViewer
2014-02-24 19:50 - 2014-02-24 19:50 - 00001185 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-24 19:50 - 2014-02-24 19:50 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-24 19:46 - 2014-02-24 19:46 - 00000000 ____H () C:\Users\Dustin\Documents\Default.rdp
2014-02-22 02:29 - 2013-12-23 20:14 - 00000000 ____D () C:\Users\Dustin\Documents\StarCraft II
2014-02-22 00:55 - 2013-12-24 04:48 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-21 16:51 - 2014-02-20 21:33 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Overwolf
2014-02-20 21:01 - 2014-02-20 21:01 - 00000575 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-02-20 01:33 - 2014-02-25 18:26 - 01037734 _____ (Thisisu) C:\Users\Dustin\Desktop\JRT_NEW.exe
2014-02-19 23:52 - 2012-07-26 03:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-02-19 14:48 - 2014-02-19 14:48 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-02-19 14:43 - 2014-02-18 18:30 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-02-19 14:43 - 2014-02-18 18:29 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-02-19 14:43 - 2014-02-13 21:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-19 14:43 - 2014-02-05 00:02 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-19 14:43 - 2014-02-05 00:02 - 00000000 ____D () C:\ProgramData\Skype
2014-02-19 14:42 - 2014-02-18 18:29 - 00002528 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-02-18 21:07 - 2013-11-14 02:28 - 00006656 _____ () C:\WINDOWS\system32\lpcio.dll
2014-02-18 18:49 - 2014-02-18 18:29 - 00000000 ____D () C:\ProgramData\Norton
2014-02-18 18:43 - 2014-01-22 16:34 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-18 18:29 - 2014-02-18 18:30 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-02-18 18:29 - 2014-02-18 18:29 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-02-18 18:29 - 2014-02-18 18:29 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-02-18 18:29 - 2014-02-18 18:29 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-02-18 17:35 - 2014-02-18 17:35 - 00001051 _____ () C:\Users\Public\Desktop\CPUID HWMonitorPro.lnk
2014-02-18 17:25 - 2014-02-18 17:25 - 00002156 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-02-18 17:25 - 2014-02-18 17:25 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-18 17:25 - 2013-12-27 14:19 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-18 17:21 - 2014-02-18 17:21 - 00000000 ____D () C:\NVIDIA
2014-02-18 17:18 - 2013-12-27 21:15 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-02-18 17:14 - 2014-02-18 17:06 - 00000000 ____D () C:\Users\Dustin\AppData\Local\NVIDIA
2014-02-18 17:14 - 2013-12-27 14:19 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-18 17:07 - 2014-02-18 17:07 - 00000000 ____D () C:\Users\Dustin\AppData\Local\NVIDIA Corporation
2014-02-18 17:06 - 2013-12-27 14:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-18 16:52 - 2014-02-18 16:52 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-02-18 16:34 - 2014-02-18 16:34 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-18 16:27 - 2014-01-22 23:05 - 00000000 ____D () C:\Users\Dustin\jagexcache
2014-02-18 16:23 - 2013-12-24 02:50 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-02-18 16:22 - 2013-12-24 02:50 - 00000000 ____D () C:\ProgramData\Nero
2014-02-17 16:00 - 2013-08-22 10:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-17 16:00 - 2013-08-22 10:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-16 20:32 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-16 20:13 - 2013-12-27 05:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-16 20:12 - 2013-12-27 05:37 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-16 16:32 - 2013-12-23 19:58 - 00000000 ___RD () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-16 16:32 - 2013-12-23 19:58 - 00000000 ___RD () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-16 16:30 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-16 16:30 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-16 16:30 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-14 23:08 - 2013-12-23 20:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-14 15:05 - 2013-08-20 12:11 - 00000000 ____D () C:\ProgramData\McAfee
2014-02-14 02:10 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-14 02:10 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-14 02:10 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-14 02:04 - 2014-02-14 02:04 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NINJAM
2014-02-14 02:04 - 2014-02-14 02:04 - 00000000 ____D () C:\Program Files (x86)\NINJAM
2014-02-12 15:47 - 2014-01-22 16:37 - 00003892 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 15:47 - 2014-01-22 16:37 - 00003656 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-11 21:23 - 2012-07-26 00:37 - 00000000 ____D () C:\Users\Default.migrated
2014-02-11 20:20 - 2014-02-11 20:20 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\eJamming
2014-02-11 20:19 - 2014-02-11 20:19 - 00001163 _____ () C:\Users\Public\Desktop\eJamming AUDiiO.lnk
2014-02-11 20:19 - 2014-02-11 20:19 - 00000000 ____D () C:\Program Files (x86)\eJamming
2014-02-11 19:08 - 2014-02-11 21:21 - 00000426 _____ () C:\AVScanner.ini
2014-02-11 18:02 - 2014-01-26 16:46 - 00000000 ____D () C:\Fraps

Files to move or delete:
====================
C:\Users\Dustin\jagex_cl_runescape_LIVE.dat
C:\Users\Dustin\jagex_cl_runescape_LIVE1.dat
C:\Users\Dustin\random.dat


Some content of TEMP:
====================
C:\Users\Dustin\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Dustin\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Dustin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dustin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Dustin\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Dustin\AppData\Local\Temp\nvStInst.exe
C:\Users\Dustin\AppData\Local\Temp\ose00000.exe
C:\Users\Dustin\AppData\Local\Temp\SRLDetectionLibrary5746244782177431348.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-09 20:19

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-03-2014
Ran by Dustin at 2014-03-12 16:37:40
Running from D:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30416 - BitTorrent Inc.)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.05 - ASUSTeK Computer Inc.)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
ASUS Easy Update 2 (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 3.00.08 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.3.3 - MAGIX AG)
ASUS Music Maker (Version: 18.0.3.3 - MAGIX AG) Hidden
ASUS MX Suite (HKLM-x32\...\MAGIX_{CFA9C800-9B0B-42E3-92E7-08B5AF2E192E}) (Version: 1.13.0.121 - MAGIX AG)
ASUS MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
ASUS Video easy (HKLM-x32\...\MAGIX_{E3185090-8796-46FB-A27F-6C844F106DAC}) (Version: 4.0.1.90 - MAGIX AG)
ASUS Video easy (Version: 4.0.1.90 - MAGIX AG) Hidden
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4127.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4127.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Cheetah DVD Burner (HKLM-x32\...\{BD01E97F-2A6A-495E-BE38-22C7B80F3CD7}) (Version:  - )
ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
CPUID HWMonitor Pro 1.17 (HKLM\...\CPUID HWMonitorPro_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BED39C88-768C-4345-BF11-58436C984F2A}) (Version:  - Microsoft)
Diablo (HKCU\...\Diablo) (Version:  - )
Diablo (HKLM-x32\...\Diablo) (Version:  - )
eJammingAUDiiO (HKLM-x32\...\{68544F92-4A85-48F2-9997-40E02EFB2305}) (Version: 3.0.10 - eJamming)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.06 - ASUSTeK Computer Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Generic USB Card Reader Driver v1.9a1 (HKLM-x32\...\Generic USB Card Reader Driver) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F8B67DF7-B543-3DE0-BCEF-F844F891FD48}) (Version: 5.1.7.17873 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{1B77E249-B8D5-4E5E-8848-693ACEF84E6D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Help (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{A772BF60-20A5-4279-A18B-B9D8DBC9B30A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3186 - Intel Corporation)
Intel® Processor ID Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 4.80.0000 - Intel® Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.0.0.1083 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
Magic ISO Maker v5.4 (build 0239) (HKLM-x32\...\Magic ISO Maker v5.4 (build 0239)) (Version:  - )
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mega Browse (HKLM\...\Mega Browse) (Version: 2014.03.11.162559 - Mega Browse)
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7129 - MyHeritage.com)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.1.0.18 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA Control Panel 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.40 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6971 - Realtek Semiconductor Corp.)
Rocksmith 2014 (HKLM-x32\...\Rocksmith 20141.3) (Version: 1.3 - Ubisoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
SiteFinder (HKLM-x32\...\SiteFinder) (Version: 1.0.0.0 - SiteFinder) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.0.14735.1561 - Microsoft Corporation)
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
Starcraft (HKLM-x32\...\Starcraft) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{D5412C67-998B-4246-A668-AB522D9F63FE}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{614E655F-A0ED-435A-8E0C-A81EE4BA7BC7}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5E759A69-FA72-4B3C-BE2F-D1194764D31E}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F8580E12-045B-471B-AF74-98C977347F4E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9406D70B-2D9C-4613-A75A-F35B66BA8AFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA390537-AA88-450F-A240-5FB4648A124A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C8D57F4A-0824-4043-89E7-3C6280B67A47}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AC4470FB-8011-4F16-B5D4-E0A34DE10C87}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{39E58ED8-B687-49BD-88F9-968563F51F8E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C809B1D6-BD31-4496-BCFE-4567E0854F5F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{856D47BC-036C-4692-8702-D6CCA8F428D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4FD8F672-3206-469C-B9F0-D6E72F7ACAB2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F33ABF6A-3007-47E8-8E38-506A18E54641}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B38036CB-BAF6-41D4-8810-FD016453ABB9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2A286156-257B-4528-9DB5-B4D4D53211BC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{92833C80-DC88-4A22-8630-407F810EF57B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{602346D6-8E2F-4B0E-820A-CD62AC5B0DC9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUSR_{00A8F3D3-B596-4E04-A180-C9EB4EC87762}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6EE51F51-57B1-4DC7-96C2-857DB7F0BE93}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0A90C645-3F9A-4CF9-BF62-2609602E3DAB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3A48DE63-607B-4FEA-A862-B52669C4433C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{A3C746D9-41B4-4C7E-BF60-0F8C50AD5A0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{EADF44E2-DD3F-4FAC-B17F-566956C06503}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2850061) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{97164652-BF81-41EE-8C0C-C086578E9956}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2850061) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E8F64CB5-1419-47A8-9FCE-F6E4137F2D25}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{52105DB7-F9D9-482C-8796-1461BBB69123}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6FF949A3-1C3F-41C2-9464-933E885ECB53}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2837C624-A972-43CF-BCE5-0AE2EFED72E3}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{538E777B-4508-4ABF-97E2-B93C1BF1CD77}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{538E777B-4508-4ABF-97E2-B93C1BF1CD77}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F16E7B82-23FE-4054-AB73-EAE53965251C}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{DA8548B2-D229-4643-B6E2-989B3CFEECFB}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{DA8548B2-D229-4643-B6E2-989B3CFEECFB}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{DA8548B2-D229-4643-B6E2-989B3CFEECFB}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 3.2 - Ubisoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VoipBuster (HKLM-x32\...\VoipBuster_is1) (Version: 4.14 build 745 - Finarea S.A. Switzerland)
Why ASUS PC (HKLM-x32\...\{5648F9D9-299E-408C-AC1F-59DC75894A1F}) (Version: 1.00.02 - ASUSTeK Computer Inc.)
Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
Xilisoft Audio Converter 6 (HKLM-x32\...\Xilisoft Audio Converter 6) (Version: 6.3.0.20120227 - Xilisoft)
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

03-03-2014 22:48:12 Scheduled Checkpoint
07-03-2014 18:55:33 Removed Overwolf
12-03-2014 19:52:36 Installed iTunes

==================== Hosts content: ==========================

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23AAD6F1-72C4-40AB-BE18-B41F08B2DD21} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {23C93849-7579-4CCE-9C5F-AF2D81D0BF2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2D48707A-4614-4EEB-8E89-E290A2BFDB8F} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ULTIMATEPC-Dustin UltimatePC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2013-09-10] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {58A7E86B-629B-4E4F-8D21-14638EA7BA41} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {591441BE-88A5-477D-A202-F7604172DDE5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001Core => C:\Users\Dustin\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-05] (Google Inc.)
Task: {5FA29D38-D3AD-47C8-BF23-8A64691BB667} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.)
Task: {5FE9D6A8-33EB-499A-80E4-9FE4E84604B1} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {68DEDADD-A6A0-4037-8720-5F85C4A6FD85} - System32\Tasks\ASUS\ASUS Easy Update 2 => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [2013-07-04] (ASUSTeK Computer Inc.)
Task: {6951A547-8FFB-4D96-947C-A7B1CA39C0C6} - System32\Tasks\SUPERAntiSpyware Scheduled Task 9960357e-e38b-4bda-8a09-fdb4c7c65f34 => D:\Tools\SuperAntiSpyware Free Edition\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {70E6A122-B1B9-47F8-B7A2-389FF13992FD} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {7283D6D9-53D8-4F21-B287-8D37673FAC4E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7E516262-17BE-440D-88E7-F3551B67D50D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {7ECC6C95-B4BA-4563-BBE2-149A4968FAFB} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {89A90BF3-E0CC-4EDD-BA7E-04A30507E304} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9246BB85-66B7-438E-BBA6-75F8C0D2DD4C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-16] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A3858D05-9596-4AEA-8834-4CF79EAC9AED} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001UA => C:\Users\Dustin\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-05] (Google Inc.)
Task: {A688944F-4FF9-4FEF-8409-219B84384180} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {AEE093CA-EFAD-4721-8F52-054741526EFD} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {C9EDB585-64E0-47B5-B911-E85AB96F980A} - System32\Tasks\SUPERAntiSpyware Scheduled Task c354575b-b536-4a7a-8e3d-e8f937c615e7 => D:\Tools\SuperAntiSpyware Free Edition\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F2F99673-6FCC-4EFD-91C0-E2003336BF9A} - \MySearchDial No Task File
Task: {F3022177-702D-44D6-9561-FBF52063D3DA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001Core.job => C:\Users\Dustin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001UA.job => C:\Users\Dustin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 9960357e-e38b-4bda-8a09-fdb4c7c65f34.job => D:\Tools\SuperAntiSpyware Free Edition\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task c354575b-b536-4a7a-8e3d-e8f937c615e7.job => D:\Tools\SuperAntiSpyware Free Edition\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2013-12-27 14:19 - 2014-02-08 12:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-17 11:25 - 2013-10-17 11:25 - 08866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-08-20 12:07 - 2012-06-01 04:42 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2012-12-19 01:10 - 2012-12-19 01:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-20 12:07 - 2014-03-12 16:27 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-08-20 12:07 - 2010-06-28 21:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-03-04 01:53 - 2014-03-01 21:35 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2014-03-04 01:53 - 2014-03-01 21:35 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
2014-03-04 01:53 - 2014-03-01 21:35 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll
2014-03-04 01:53 - 2014-03-01 21:35 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-04 01:53 - 2014-03-01 21:35 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-04 01:53 - 2014-03-01 21:35 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
2014-03-12 16:14 - 2014-03-12 16:14 - 00181760 _____ () C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2014.305.433.2_0\plugin\ace.dll
2013-09-01 07:29 - 2013-03-12 16:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-02-13 21:16 - 2014-02-13 21:16 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Dustin\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/12/2014 04:28:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffeeb140565
Faulting process id: 0xa28
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (03/12/2014 03:55:40 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.3.9600.16441 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: bd0

Start Time: 01cf3e2431ccb9d3

Termination Time: 4294967295

Application Path: C:\WINDOWS\Explorer.EXE

Report Id: 45113b1f-aa20-11e3-beb2-ac220b8a914b

Faulting package full name:

Faulting package-relative application ID:

Error: (03/12/2014 03:53:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 668516

Error: (03/12/2014 03:53:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 668516

Error: (03/12/2014 03:53:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/12/2014 03:42:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1109

Error: (03/12/2014 03:42:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1109

Error: (03/12/2014 03:42:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/12/2014 03:25:23 PM) (Source: Application Hang) (User: )
Description: The program wwahost.exe version 6.3.9600.16431 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1b4c

Start Time: 01cf3e307a63b3c7

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: 6ec11e3a-aa24-11e3-beb2-ac220b8a914b

Faulting package full name: Microsoft.SkypeApp_2.6.0.1000_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (03/11/2014 07:25:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: FileManager.exe, version: 6.3.9600.16507, time stamp: 0x52cea993
Faulting module name: Windows.UI.dll, version: 6.3.9600.16384, time stamp: 0x5215d9e1
Exception code: 0xc0000005
Fault offset: 0x00000000000022e0
Faulting process id: 0xc28
Faulting application start time: 0xFileManager.exe0
Faulting application path: FileManager.exe1
Faulting module path: FileManager.exe2
Report Id: FileManager.exe3
Faulting package full name: FileManager.exe4
Faulting package-relative application ID: FileManager.exe5


System errors:
=============
Error: (03/12/2014 04:28:30 PM) (Source: Service Control Manager) (User: )
Description: The Service KMSELDI service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/12/2014 04:26:31 PM) (Source: Microsoft-Windows-Kernel-Boot) (User: NT AUTHORITY)
Description: 32212256841178928

Error: (03/12/2014 04:27:01 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 3:57:14 PM on ‎3/‎12/‎2014 was unexpected.

Error: (03/12/2014 04:26:01 PM) (Source: DCOM) (User: ULTIMATEPC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (03/12/2014 04:10:14 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk1\DR2, has a bad block.

Error: (03/12/2014 03:58:08 PM) (Source: Service Control Manager) (User: )
Description: The Service KMSELDI service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/12/2014 01:57:27 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (03/12/2014 01:51:12 PM) (Source: Service Control Manager) (User: )
Description: The Service KMSELDI service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/11/2014 03:07:32 PM) (Source: Service Control Manager) (User: )
Description: The Service KMSELDI service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/11/2014 03:04:03 PM) (Source: Service Control Manager) (User: )
Description: The Service KMSELDI service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (03/12/2014 04:28:09 PM) (Source: Application Error)(User: )
Description: Service_KMS.exe11.0.0.052a8d15dunknown0.0.0.0000000000000000000007ffeeb140565a2801cf3e39dcd4966dC:\Program Files\KMSpico\Service_KMS.exeunknown348d8cb8-aa2d-11e3-beb4-ac220b8a914b

Error: (03/12/2014 03:55:40 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.3.9600.16441bd001cf3e2431ccb9d34294967295C:\WINDOWS\Explorer.EXE45113b1f-aa20-11e3-beb2-ac220b8a914b

Error: (03/12/2014 03:53:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 668516

Error: (03/12/2014 03:53:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 668516

Error: (03/12/2014 03:53:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/12/2014 03:42:42 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1109

Error: (03/12/2014 03:42:42 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1109

Error: (03/12/2014 03:42:42 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/12/2014 03:25:23 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.164311b4c01cf3e307a63b3c74294967295C:\WINDOWS\syswow64\wwahost.exe6ec11e3a-aa24-11e3-beb2-ac220b8a914bMicrosoft.SkypeApp_2.6.0.1000_x86__kzf8qxf38zg5cApp

Error: (03/11/2014 07:25:09 PM) (Source: Application Error)(User: )
Description: FileManager.exe6.3.9600.1650752cea993Windows.UI.dll6.3.9600.163845215d9e1c000000500000000000022e0c2801cf3d897c70c6f8C:\WINDOWS\FileManager\FileManager.exeC:\Windows\System32\Windows.UI.dllc42723f3-a97c-11e3-beb1-ac220b8a914bFileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewyMicrosoft.Windows.FileManager


==================== Memory info ===========================

Percentage of memory in use: 37%
Total physical RAM: 6083.27 MB
Available physical RAM: 3824.6 MB
Total Pagefile: 7107.27 MB
Available Pagefile: 4621.94 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:149.66 GB) (Free:37.53 GB) NTFS
Drive d: (Data) (Fixed) (Total:759.33 GB) (Free:555.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 2B3F5DB9)

Partition: GPT Partition Type.

==================== End Of Log ============================

 



BC AdBot (Login to Remove)

 


m

#2 Jo*

Jo*

  • Malware Response Team
  • 3,259 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:56 PM

Posted 13 March 2014 - 05:06 AM

:welcome:

Hello Pl34seH3lp,

my name is Jo and I will help you with your computer problems.


Please follow these guidelines:
  • Logs can take a while to research, so please be patient.
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 Pl34seH3lp

Pl34seH3lp
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:56 PM

Posted 14 March 2014 - 07:58 PM

 Results of screen317's Security Check version 0.99.80  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender           
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 51  
 Adobe Flash Player     12.0.0.77  
 Adobe Reader 10.1.8 Adobe Reader out of Date!  
 Mozilla Firefox (27.0.1)
 Google Chrome 33.0.1750.117  
 Google Chrome 33.0.1750.146  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 



#4 Pl34seH3lp

Pl34seH3lp
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:56 PM

Posted 14 March 2014 - 08:00 PM

I thought I should tell you that I have already tried a few of the tools on this website (JRT, ADWCleaner) and I also disabled an unwanted program called "Disk Monitor" from starting up, so it wont be in that log, but it's on my computer. I did that before I posted on this forum.



#5 Jo*

Jo*

  • Malware Response Team
  • 3,259 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:56 PM

Posted 15 March 2014 - 07:53 AM

Hello Pl34seH3lp,

Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#6 Pl34seH3lp

Pl34seH3lp
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:56 PM

Posted 15 March 2014 - 12:44 PM

No Malware Found 

 

--------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.2.9200 Windows 8 x64
 
Account is Administrative
 
Internet Explorer version: 11.0.9600.16521
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 3.093000 GHz
Memory total: 6378770432, free: 3950391296
 
Downloaded database version: v2014.03.15.04
Downloaded database version: v2014.02.20.01
=======================================
Initializing...
------------ Kernel report ------------
     03/15/2014 12:11:57
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\NISx64\1501000.012\SYMDS64.SYS
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\WdFilter.sys
\SystemRoot\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\dtsoftbus01.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\NISx64\1501000.012\ccSetx64.sys
\SystemRoot\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS
\SystemRoot\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS
\SystemRoot\system32\drivers\NISx64\1501000.012\Ironx64.SYS
\??\C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
\??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\VirusDefs\20140314.016\EX64.SYS
\??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\VirusDefs\20140314.016\ENG64.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\System32\Drivers\UimFIO.SYS
\SystemRoot\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS
\??\D:\Tools\SuperAntiSpyware Free Edition\SASKUTIL64.SYS
\??\D:\Tools\SuperAntiSpyware Free Edition\SASDIFSV64.SYS
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\IPSDefs\20140313.001\IDSvia64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\BASHDefs\20140214.001\BHDrvx64.sys
\SystemRoot\SysWow64\drivers\AsUpIO.sys
\SystemRoot\SysWow64\drivers\AsIO.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\netr28x.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\au630x64.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\UEFI.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\WINDOWS\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffe00002d71060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000034\
Lower Device Object: 0xffffe000002626c0
Lower Device Driver Name: \Driver\iaStorA\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe00002d71060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe00002d71b20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe00002d71060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe00000f09040, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffe000002626c0, DeviceName: \Device\00000034\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Read File: File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\WSDPrint.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\WSDPrint.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 2B3F5DB9
 
GPT Protective MBR Partition information:
 
    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
GPT Partition information:
 
    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 470786561
    GPT Header CurrentLba = 1 BackupLba 1953525167
    GPT Header FirstUsableLba 34  LastUsableLba 1953525134
    GPT Header Guid ed532ab0-2824-4170-b84a-a4d0494fa9fd
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128
 
    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 470786561
    Backup GPT header CurrentLba = 1953525167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 1953525134
    Backup GPT header Guid ed532ab0-2824-4170-b84a-a4d0494fa9fd
    Backup GPT header Contains 128 partition entries starting at LBA 1953525135
    Backup GPT header Partition entry size = 128
 
    Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 65e45046-186b-4cd0-9e82-f2d5d03889c
    FirstLBA 2048  Last LBA 1640447
    Attributes 1
    Partition Name                 Basic data partition
 
    Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID bfcf8f77-5e2a-4503-962c-63f7b7ee5bd7
    FirstLBA 1640448  Last LBA 2172927
    Attributes 0
    Partition Name                 EFI system partition
 
    GPT Partition 1 is bootable
    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 4ac3aba1-cfea-4f0e-8872-3799bb80da46
    FirstLBA 2172928  Last LBA 2435071
    Attributes 0
    Partition Name         Microsoft reserved partition
 
    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 2c89566e-c704-4733-997a-7a2c504e5da8
    FirstLBA 2435072  Last LBA 316291071
    Attributes 0
    Partition Name                 Basic data partition
 
    Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 15176ee7-3bff-44f6-af1e-3e2050efbcb
    FirstLBA 316291072  Last LBA 317007871
    Attributes 1
    Partition Name                                     
 
    Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 641bfd36-64ec-4156-a0a5-2c8f1c9e6913
    FirstLBA 317007872  Last LBA 1909436415
    Attributes 0
    Partition Name                 Basic data partition
 
    Partition 6 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID bb2ef99c-dba-40a7-9363-b9aea73acfd1
    FirstLBA 1909436416  Last LBA 1953523711
    Attributes 1
    Partition Name                 Basic data partition
 
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
 
Done!
Infected file C:\Users\Dustin\AppData\Local\Temp\is80612742\11226463_stp\wajam_validate.exe could not be remediated because backup file is not available
Scan finished
 
----------------
 
# AdwCleaner v3.022 - Report created 15/03/2014 at 12:37:47
# Updated 13/03/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Dustin - ULTIMATEPC
# Running from : C:\Users\Dustin\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\5mns3nhb.default\prefs.js ]
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found : icon_url
Found : search_url
Found : keyword
 
*************************
 
AdwCleaner[R0].txt - [3818 octets] - [18/02/2014 17:40:48]
AdwCleaner[R1].txt - [8628 octets] - [11/03/2014 15:55:02]
AdwCleaner[R2].txt - [2392 octets] - [11/03/2014 15:01:41]
AdwCleaner[R3].txt - [1309 octets] - [11/03/2014 15:05:51]
AdwCleaner[R4].txt - [1430 octets] - [11/03/2014 15:09:45]
AdwCleaner[R5].txt - [1497 octets] - [12/03/2014 14:11:16]
AdwCleaner[R6].txt - [1664 octets] - [15/03/2014 12:37:47]
AdwCleaner[S0].txt - [3547 octets] - [18/02/2014 17:41:39]
AdwCleaner[S1].txt - [7483 octets] - [11/03/2014 15:55:34]
AdwCleaner[S2].txt - [2425 octets] - [11/03/2014 15:02:24]
AdwCleaner[S3].txt - [1373 octets] - [11/03/2014 15:06:20]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R6].txt - [1964 octets] ##########
 


#7 Jo*

Jo*

  • Malware Response Team
  • 3,259 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:56 PM

Posted 15 March 2014 - 12:50 PM

Hello Pl34seH3lp,

Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***


Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***


Run the Farbar Recovery Scan Tool again.
  • Double-click to run FSRT / FSRT64. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

***


How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#8 Pl34seH3lp

Pl34seH3lp
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:56 PM

Posted 15 March 2014 - 01:02 PM

# AdwCleaner v3.022 - Report created 15/03/2014 at 12:56:44
# Updated 13/03/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Dustin - ULTIMATEPC
# Running from : C:\Users\Dustin\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\5mns3nhb.default\prefs.js ]


-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [3818 octets] - [18/02/2014 17:40:48]
AdwCleaner[R1].txt - [8628 octets] - [11/03/2014 15:55:02]
AdwCleaner[R2].txt - [2392 octets] - [11/03/2014 15:01:41]
AdwCleaner[R3].txt - [1309 octets] - [11/03/2014 15:05:51]
AdwCleaner[R4].txt - [1430 octets] - [11/03/2014 15:09:45]
AdwCleaner[R5].txt - [1497 octets] - [12/03/2014 14:11:16]
AdwCleaner[R6].txt - [2052 octets] - [15/03/2014 12:37:47]
AdwCleaner[R7].txt - [2112 octets] - [15/03/2014 12:56:09]
AdwCleaner[S0].txt - [3547 octets] - [18/02/2014 17:41:39]
AdwCleaner[S1].txt - [7483 octets] - [11/03/2014 15:55:34]
AdwCleaner[S2].txt - [2425 octets] - [11/03/2014 15:02:24]
AdwCleaner[S3].txt - [1373 octets] - [11/03/2014 15:06:20]
AdwCleaner[S4].txt - [2041 octets] - [15/03/2014 12:56:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [2101 octets] ##########



going to do JRT and then Farbar next



#9 Pl34seH3lp

Pl34seH3lp
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:56 PM

Posted 15 March 2014 - 01:14 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8.1 x64
Ran by Dustin on 2014-03-15 at 13:03:56.97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Dustin\AppData\Roaming\mozilla\firefox\profiles\5mns3nhb.default\minidumps [4 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2014-03-15 at 13:09:11.62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-03-2014
Ran by Dustin (administrator) on ULTIMATEPC on 15-03-2014 13:11:32
Running from D:\Downloads
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(SUPERAntiSpyware.com) D:\Tools\SuperAntiSpyware Free Edition\SASCORE64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) D:\Programs\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Programs\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Malwarebytes Corporation) D:\Programs\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(VoipBuster) C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe
(SUPERAntiSpyware) D:\Tools\SuperAntiSpyware Free Edition\SUPERAntiSpyware.exe
() C:\Program Files (x86)\Pinger\Pinger.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(Neodio Corp.) C:\Program Files (x86)\Generic\USB Card Reader Driver v1.9a1\Disk_Monitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MsoSync.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Thisisu) C:\Users\Dustin\Desktop\JRT.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7192792 2013-07-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-04] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] - "C:\Windows\system32\igfxtray.exe"
HKLM\...\Run: [HotKeysCmds] - "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] - "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-08-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Family Tree Builder Update] - C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2532864 2013-12-09] (MyHeritage)
HKLM-x32\...\Run: [Disk Monitor] - C:\Program Files (x86)\Generic\USB Card Reader Driver v1.9a1\Disk_Monitor.exe [466944 2003-03-20] (Neodio Corp.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3551576 2013-12-24] (Electronic Arts)
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.)
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [GoogleChromeAutoLaunch_519B716C98D43A154C4D117C56AD7788] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976 2014-03-14] (Google Inc.)
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [VoipBuster] - C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe [19753792 2014-02-11] (VoipBuster)
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [Itibiti.exe] - C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [Google Update] - C:\Users\Dustin\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-05] (Google Inc.)
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [SUPERAntiSpyware] - D:\Tools\SuperAntiSpyware Free Edition\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
HKU\S-1-5-21-178646866-1240154784-113881889-1001\...\Run: [Pinger] - C:\Program Files (x86)\Pinger\Pinger.exe [10581504 2013-08-23] ()
Startup: C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
Startup: C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
URLSearchHook: HKLM-x32 - SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll (Site Finder)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_11_ff&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0Bzz0AzytCyE0ByDtAyCtCtN0D0Tzu0SzztDtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0AtByBtDzy0CzztGyDyEtB0DtGyDyByDtDtG0CtByC0EtGtDyC0FzyyCtDtDyC0EtCtAyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzztBtB0B0A0BtCtGtD0DtDtBtGtAzyzy0CtGtDyCtB0FtGtA0DtC0Azyzz0D0FyD0E0BtD2Q&cr=900545990&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_11_ff&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0Bzz0AzytCyE0ByDtAyCtCtN0D0Tzu0SzztDtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0AtByBtDzy0CzztGyDyEtB0DtGyDyByDtDtG0CtByC0EtGtDyC0FzyyCtDtDyC0EtCtAyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzztBtB0B0A0BtCtGtD0DtDtBtGtAzyzy0CtGtDyCtB0FtGtA0DtC0Azyzz0D0FyD0E0BtD2Q&cr=900545990&ir=
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll (Site Finder)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\5mns3nhb.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Dustin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Dustin\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Dustin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dustin\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dustin\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Dustin\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dustin\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Dustin\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: A Mystical Land Installer - C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\5mns3nhb.default\Extensions\MysticalLandInstaller@madottergames.com [2014-01-22]
FF Extension: MEGA - C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\5mns3nhb.default\Extensions\firefox@mega.co.nz.xpi [2014-03-11]
FF Extension: Mega Browse - C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\5mns3nhb.default\Extensions\{29b136c9-938d-4d3d-8df8-d649d9b74d02}.xpi [2014-03-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-03]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\IPSFF [2014-02-18]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: http://www.google.com
CHR DefaultNewTabURL:
CHR Extension: (Skype Click to Call) - C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-05]
CHR Extension: (Norton Identity Protection) - C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-02-18]
CHR Extension: (Hangouts) - C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-03-04]
CHR Extension: (Google Wallet) - C:\Users\Dustin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx [2014-02-24]

==================== Services (Whitelisted) =================

R2 !SASCORE; D:\Tools\SuperAntiSpyware Free Edition\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2013-06-24] (ASUSTeK Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 MBAMScheduler; D:\Programs\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; D:\Programs\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2014-02-14] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2014-02-02] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-02-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-02-18] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\IPSDefs\20140313.001\IDSvia64.sys [524504 2014-03-05] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-27] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\VirusDefs\20140314.016\ENG64.SYS [126040 2014-02-18] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\VirusDefs\20140314.016\EX64.SYS [2099288 2014-02-18] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R1 SASDIFSV; D:\Tools\SuperAntiSpyware Free Edition\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; D:\Tools\SuperAntiSpyware Free Edition\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-27] (Microsoft Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-07-30] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1501000.012\SymELAM.sys [23568 2013-07-31] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-07-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S1 UimBus; C:\Windows\System32\drivers\uimx64.sys [90960 2012-10-31] (Windows ® 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633552 2012-10-31] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390224 2012-10-31] (Paragon)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)
S4 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-01-14] (Basil Projects)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EraserUtilDrv11310; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys [X]
S3 EraserUtilDrv11312; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11312.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-15 13:09 - 2014-03-15 13:09 - 00000876 _____ () C:\Users\Dustin\Desktop\JRT.txt
2014-03-15 13:03 - 2014-03-15 13:03 - 01037734 _____ (Thisisu) C:\Users\Dustin\Desktop\JRT.exe
2014-03-15 12:55 - 2014-03-15 12:55 - 01950720 _____ () C:\Users\Dustin\Downloads\Unconfirmed 842737.crdownload
2014-03-15 12:11 - 2014-03-15 12:56 - 00000000 ____D () C:\Users\Dustin\Desktop\mbar
2014-03-15 12:11 - 2014-03-15 12:56 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-15 12:11 - 2014-03-15 12:11 - 00119000 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-03-15 12:11 - 2014-03-15 12:11 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-15 12:09 - 2014-03-15 12:09 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Dustin\Downloads\mbar-1.07.0.1009.exe
2014-03-15 12:09 - 2014-03-15 12:09 - 01950720 _____ () C:\Users\Dustin\Downloads\AdwCleaner.exe
2014-03-14 14:49 - 2014-03-14 14:49 - 00000000 ____D () C:\Users\Dustin\AppData\Local\pinger.com
2014-03-14 14:48 - 2014-03-14 14:48 - 00000990 _____ () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Pinger.lnk
2014-03-14 14:48 - 2014-03-14 14:48 - 00000966 _____ () C:\Users\Dustin\Desktop\Pinger.lnk
2014-03-14 14:48 - 2014-03-14 14:48 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Caphyon
2014-03-14 14:48 - 2014-03-14 14:48 - 00000000 ____D () C:\Program Files (x86)\Pinger
2014-03-14 14:45 - 2014-03-14 14:45 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Pinger Inc
2014-03-13 22:42 - 2014-03-13 22:47 - 709885952 _____ () C:\Users\Dustin\Downloads\xbmcbuntu-12.2.Intel-AMD.2.iso
2014-03-13 22:37 - 2014-03-13 22:37 - 01095461 _____ (pendrivelinux.com) C:\Users\Dustin\Downloads\Universal-USB-Installer-1.9.5.2 (1).exe
2014-03-13 22:27 - 2014-03-13 22:27 - 01095461 _____ (pendrivelinux.com) C:\Users\Dustin\Downloads\Universal-USB-Installer-1.9.5.2.exe
2014-03-13 22:00 - 2014-03-13 22:06 - 653262848 _____ () C:\Users\Dustin\Downloads\xbmcbuntu-11.0.iso
2014-03-13 19:44 - 2014-03-13 19:44 - 00014235 _____ () C:\Users\Dustin\Downloads\[kickass.to]windows.8.1.pro.32.bit.x86.vl.portuguese.brazil.dvd.original.msdn.torrent
2014-03-13 19:43 - 2014-03-13 19:43 - 00041815 _____ () C:\Users\Dustin\Downloads\[kickass.to]windows.8.professional.32.64.bit.no.activation.required.torrent
2014-03-13 19:42 - 2014-03-13 19:42 - 00013430 _____ () C:\Users\Dustin\Downloads\[kickass.to]windows.8.pro.retail.32.bit.permanent.activation.wmc.included.torrent
2014-03-12 23:24 - 2014-03-15 12:58 - 00000000 __RDO () C:\Users\Dustin\SkyDrive
2014-03-12 19:39 - 2014-03-12 19:39 - 00000000 ____D () C:\Users\Dustin\Desktop\droidtv-boot-recovery
2014-03-12 19:37 - 2014-03-12 19:37 - 06141926 _____ () C:\Users\Dustin\Desktop\droidtv-boot-recovery.zip
2014-03-12 18:56 - 2014-03-12 18:56 - 00000000 ____D () C:\Users\Dustin\Desktop\DroidBOX_MX422_13012014_loaded_update
2014-03-12 16:55 - 2014-03-12 16:55 - 00000000 ____D () C:\ProgramData\AmUStor
2014-03-12 16:55 - 2014-03-12 16:55 - 00000000 ____D () C:\Program Files (x86)\AmIcoSingLun
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-03-12 16:53 - 2013-07-11 22:42 - 00309976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsBaStor.sys
2014-03-12 16:37 - 2014-03-15 13:11 - 00000000 ____D () C:\FRST
2014-03-12 16:08 - 2014-03-01 01:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-12 16:08 - 2014-02-28 23:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-12 16:08 - 2014-02-28 23:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-12 16:08 - 2014-02-28 23:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-12 16:08 - 2014-02-28 22:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-12 16:08 - 2014-02-28 22:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-12 16:08 - 2014-02-28 22:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-12 16:08 - 2014-02-28 22:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-12 16:08 - 2014-02-28 22:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-12 16:08 - 2014-02-28 22:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-12 16:08 - 2014-02-28 22:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-12 16:08 - 2014-02-28 21:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-12 16:08 - 2014-02-28 21:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-12 16:08 - 2014-02-28 21:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-12 16:08 - 2014-02-28 21:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-12 16:08 - 2014-02-28 21:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-12 16:08 - 2014-02-28 21:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-12 16:07 - 2013-10-30 19:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-12 16:07 - 2013-10-30 19:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-12 16:07 - 2013-10-30 19:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-12 16:06 - 2014-02-10 21:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-12 16:06 - 2014-02-10 21:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-12 16:06 - 2014-01-31 11:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-12 16:06 - 2014-01-31 11:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-12 16:06 - 2014-01-31 08:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-12 16:06 - 2014-01-31 04:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-12 16:06 - 2014-01-29 04:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-12 16:06 - 2014-01-29 03:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-12 16:06 - 2014-01-29 03:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-12 16:06 - 2014-01-29 03:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-12 16:06 - 2014-01-29 03:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-12 16:06 - 2014-01-29 02:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-12 16:06 - 2014-01-29 02:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-12 16:06 - 2014-01-29 02:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-12 16:06 - 2014-01-29 01:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-12 16:06 - 2014-01-28 19:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-12 16:06 - 2014-01-27 14:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-12 16:06 - 2014-01-27 14:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-12 16:06 - 2014-01-27 14:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-12 16:06 - 2014-01-27 13:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-12 16:06 - 2014-01-27 13:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-12 16:06 - 2014-01-27 13:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-12 16:06 - 2014-01-27 13:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-12 16:06 - 2014-01-27 13:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-12 16:06 - 2014-01-27 12:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-12 16:06 - 2014-01-27 12:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-12 16:06 - 2014-01-27 12:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-12 16:06 - 2014-01-27 10:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-12 16:06 - 2014-01-27 10:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-12 16:06 - 2014-01-27 06:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-12 16:06 - 2014-01-17 18:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-12 16:06 - 2014-01-17 16:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-12 16:06 - 2013-12-21 09:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-12 16:06 - 2013-12-21 03:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-12 16:06 - 2013-12-20 05:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-12 16:06 - 2013-12-20 05:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-12 16:04 - 2014-02-10 22:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-12 14:56 - 2014-03-12 14:56 - 00001802 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-12 14:56 - 2014-03-12 14:56 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Apple Computer
2014-03-12 14:55 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-03-12 14:54 - 2014-03-12 14:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-12 14:54 - 2014-03-12 14:55 - 00000000 ____D () C:\Program Files\iTunes
2014-03-12 14:54 - 2014-03-12 14:55 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-12 14:54 - 2014-03-12 14:54 - 00000000 ____D () C:\Program Files\iPod
2014-03-12 14:51 - 2014-03-12 14:51 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-12 14:51 - 2014-03-12 14:51 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-12 14:51 - 2014-03-12 14:51 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-12 14:32 - 2014-03-15 02:00 - 00000554 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 9960357e-e38b-4bda-8a09-fdb4c7c65f34.job
2014-03-12 14:32 - 2014-03-14 14:32 - 00000554 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task c354575b-b536-4a7a-8e3d-e8f937c615e7.job
2014-03-12 14:32 - 2014-03-12 14:32 - 00003614 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 9960357e-e38b-4bda-8a09-fdb4c7c65f34
2014-03-12 14:32 - 2014-03-12 14:32 - 00003532 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task c354575b-b536-4a7a-8e3d-e8f937c615e7
2014-03-12 14:32 - 2014-03-12 14:32 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\SUPERAntiSpyware.com
2014-03-12 14:31 - 2014-03-12 14:31 - 00000933 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-03-12 14:31 - 2014-03-12 14:31 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-03-12 14:19 - 2014-03-12 14:19 - 00000765 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-12 14:19 - 2014-03-12 14:19 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Malwarebytes
2014-03-12 14:19 - 2014-03-12 14:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-12 14:19 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-11 22:19 - 2014-03-11 22:23 - 653088796 _____ () C:\Users\Dustin\Desktop\DroidBOX_MX422_13012014_loaded_update.zip
2014-03-11 21:28 - 2014-03-12 16:00 - 00000042 _____ () C:\Users\Dustin\AppData\Local\RawCopy.sourcedisk.filepath
2014-03-11 21:28 - 2014-03-11 22:57 - 00000012 _____ () C:\Users\Dustin\AppData\Local\RawCopy.opendialog.dir
2014-03-11 21:28 - 2014-03-11 22:57 - 00000001 _____ () C:\Users\Dustin\AppData\Local\RawCopy.opendialog.filterindex
2014-03-11 21:27 - 2014-03-12 16:00 - 00000001 _____ () C:\Users\Dustin\AppData\Local\RawCopy.sourcedisk.index
2014-03-11 21:23 - 2014-03-11 21:23 - 00000001 _____ () C:\Users\Dustin\AppData\Local\RawCopy.1.02.agreement
2014-03-11 21:14 - 2014-03-11 21:20 - 780523831 _____ () C:\Users\Dustin\Desktop\DROIDBOX_iMX6_22-11-2013.rar
2014-03-11 21:10 - 2014-03-11 21:10 - 01648640 _____ () C:\Users\Dustin\Desktop\HDDRawCopy1.02Portable.exe
2014-03-11 15:49 - 2014-03-11 15:49 - 00000047 _____ () C:\Users\Dustin\AppData\Roaming\WB.CFG
2014-03-11 15:48 - 2014-03-11 15:48 - 00724992 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe
2014-03-11 15:48 - 2014-03-11 15:48 - 00000000 ____D () C:\Users\Dustin\Downloads\Reader
2014-03-11 15:48 - 2014-03-11 15:48 - 00000000 ____D () C:\Program Files (x86)\Generic
2014-03-11 15:47 - 2014-03-11 15:47 - 02668841 _____ () C:\Users\Dustin\Downloads\Reader.zip
2014-03-11 15:47 - 2014-03-11 15:47 - 00000000 ____D () C:\Program Files (x86)\SiteFinder
2014-03-11 14:27 - 2014-03-11 14:27 - 00016896 _____ (ASUS) C:\WINDOWS\AsTaskSched.dll
2014-03-11 13:26 - 2014-03-11 13:26 - 00000919 _____ () C:\Users\Dustin\Documents\Downloads - Shortcut.lnk
2014-03-07 14:27 - 2014-03-07 14:35 - 00000000 ____D () C:\Users\Dustin\Documents\MyHeritage
2014-03-07 14:27 - 2014-03-07 14:34 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\MyHeritage
2014-03-07 14:27 - 2014-03-07 14:34 - 00000000 ____D () C:\ProgramData\MyHeritage
2014-03-07 14:24 - 2014-03-07 14:24 - 00001144 _____ () C:\Users\Dustin\Desktop\MyHeritage Family Tree Builder.lnk
2014-03-07 14:24 - 2014-03-07 14:24 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\The Complete Genealogy Reporter - FTB
2014-03-07 14:24 - 2014-03-07 14:24 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2014-03-07 14:24 - 2014-03-07 14:24 - 00000000 ____D () C:\Program Files (x86)\MyHeritage
2014-03-07 14:24 - 2012-08-02 08:56 - 00606208 _____ (Lorenzi Davide) C:\WINDOWS\SysWOW64\HexUniRTFBox.ocx
2014-03-07 14:24 - 2010-06-17 19:49 - 02029056 _____ (Bytescout) C:\WINDOWS\SysWOW64\PDFDocScout.DLL
2014-03-07 14:24 - 2004-12-07 11:11 - 00258352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unicows.dll
2014-03-07 14:24 - 2003-07-06 14:07 - 00372736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ijl15.dll
2014-03-07 14:24 - 2002-03-07 01:19 - 00454656 _____ () C:\WINDOWS\SysWOW64\PaintX.dll
2014-03-07 14:24 - 2000-05-22 17:58 - 00608448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx
2014-03-07 14:24 - 2000-03-14 00:00 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL
2014-03-07 14:24 - 1998-06-24 01:00 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmapi32.ocx
2014-03-05 14:49 - 2014-03-07 08:19 - 00000000 ____D () C:\Users\Dustin\Documents\My Digital Editions
2014-03-05 14:49 - 2014-03-05 14:49 - 00002197 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2014-03-05 14:49 - 2014-03-05 14:49 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Adobe_Systems_Incorporate
2014-03-05 14:48 - 2014-03-05 14:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-03-05 13:51 - 2014-03-05 13:55 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\vlc
2014-03-05 13:51 - 2014-03-05 13:51 - 00001089 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-05 13:51 - 2014-03-05 13:51 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-03-05 10:19 - 2014-03-15 12:24 - 00000934 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001UA.job
2014-03-05 10:19 - 2014-03-05 10:24 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001Core.job
2014-03-05 10:19 - 2014-03-05 10:19 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001UA
2014-03-05 10:19 - 2014-03-05 10:19 - 00003502 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001Core
2014-03-05 00:05 - 2014-03-05 00:05 - 00002138 _____ () C:\Users\Public\Desktop\Xilisoft Audio Converter 6.lnk
2014-03-05 00:05 - 2014-03-05 00:05 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Xilisoft
2014-03-05 00:04 - 2014-03-05 00:04 - 00000000 ____D () C:\ProgramData\Xilisoft
2014-03-05 00:04 - 2014-03-05 00:04 - 00000000 ____D () C:\Program Files (x86)\Xilisoft
2014-03-04 23:28 - 2014-03-04 23:36 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\VoipBuster
2014-03-04 23:28 - 2014-03-04 23:28 - 00001231 _____ () C:\Users\Dustin\Desktop\VoipBuster.lnk
2014-03-04 23:28 - 2014-03-04 23:28 - 00000000 ____D () C:\Program Files (x86)\VoipBuster.com
2014-02-27 16:17 - 2014-02-27 16:17 - 00000793 _____ () C:\Users\Dustin\Desktop\Rocksmith 2014.lnk
2014-02-25 19:58 - 2014-02-25 19:58 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-02-25 19:58 - 2014-02-25 19:58 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Ubisoft Game Launcher
2014-02-25 18:26 - 2014-02-20 01:33 - 01037734 _____ (Thisisu) C:\Users\Dustin\Desktop\JRT_NEW.exe
2014-02-25 17:07 - 2014-02-25 18:31 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Windows Live
2014-02-25 15:21 - 2014-02-25 15:21 - 00094208 _____ (Blizzard Entertainment) C:\WINDOWS\ScUnin.exe
2014-02-25 15:21 - 2014-02-25 15:21 - 00013902 _____ () C:\WINDOWS\scunin.dat
2014-02-25 15:21 - 2014-02-25 15:21 - 00000967 _____ () C:\WINDOWS\ScUnin.pif
2014-02-25 15:20 - 2014-02-26 18:22 - 00000000 ____D () C:\Program Files (x86)\Starcraft
2014-02-25 14:50 - 2014-03-11 19:25 - 00000000 ____D () C:\Users\Dustin\AppData\Local\CrashDumps
2014-02-25 14:49 - 2014-02-25 14:53 - 00000000 ____D () C:\Program Files (x86)\Diablo
2014-02-25 14:49 - 2014-02-25 14:50 - 00007162 _____ () C:\WINDOWS\DiabUnin.dat
2014-02-25 14:49 - 2014-02-25 14:49 - 00118784 _____ (Blizzard Entertainment) C:\WINDOWS\DiabUnin.exe
2014-02-25 14:49 - 2014-02-25 14:49 - 00002829 _____ () C:\WINDOWS\DiabUnin.pif
2014-02-25 14:49 - 2014-02-25 14:49 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo
2014-02-24 19:50 - 2014-02-24 20:23 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\TeamViewer
2014-02-24 19:50 - 2014-02-24 19:50 - 00001185 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-24 19:50 - 2014-02-24 19:50 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-24 19:46 - 2014-02-24 19:46 - 00000000 ____H () C:\Users\Dustin\Documents\Default.rdp
2014-02-20 21:33 - 2014-02-21 16:51 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Overwolf
2014-02-20 21:01 - 2014-02-24 22:00 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\TS3Client
2014-02-20 21:01 - 2014-02-20 21:01 - 00000575 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-02-19 14:48 - 2014-02-19 14:48 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-02-18 18:30 - 2014-02-19 14:43 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-02-18 18:30 - 2014-02-18 18:29 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-02-18 18:29 - 2014-02-19 14:43 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-02-18 18:29 - 2014-02-19 14:42 - 00002528 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-02-18 18:29 - 2014-02-18 18:49 - 00000000 ____D () C:\ProgramData\Norton
2014-02-18 18:29 - 2014-02-18 18:29 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-02-18 18:29 - 2014-02-18 18:29 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-02-18 18:29 - 2014-02-18 18:29 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-02-18 17:40 - 2014-03-15 12:56 - 00000000 ____D () C:\AdwCleaner
2014-02-18 17:35 - 2014-02-18 17:35 - 00001051 _____ () C:\Users\Public\Desktop\CPUID HWMonitorPro.lnk
2014-02-18 17:25 - 2014-02-18 17:25 - 00002156 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-02-18 17:25 - 2014-02-18 17:25 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-18 17:24 - 2014-02-08 11:18 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-02-18 17:22 - 2014-02-08 13:34 - 31432480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 23683360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 17715784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 12324640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-02-18 17:22 - 2014-02-08 13:34 - 11636176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 11589272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 03142432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 02956576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 02782496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 02410784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433489.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433489.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00892192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00875296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00863520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00844576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00832424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00483104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00408352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00378656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00353504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00333600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00174296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-02-18 17:22 - 2014-02-08 13:34 - 00148528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-02-18 17:22 - 2013-11-28 08:38 - 00197408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-02-18 17:22 - 2013-11-28 08:38 - 00031520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-02-18 17:22 - 2013-11-22 03:36 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2014-02-18 17:21 - 2014-02-18 17:21 - 00000000 ____D () C:\NVIDIA
2014-02-18 17:07 - 2014-02-18 17:07 - 00000000 ____D () C:\Users\Dustin\AppData\Local\NVIDIA Corporation
2014-02-18 17:06 - 2014-02-18 17:14 - 00000000 ____D () C:\Users\Dustin\AppData\Local\NVIDIA
2014-02-18 17:06 - 2014-01-20 21:54 - 01179576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-02-18 17:06 - 2014-01-20 21:54 - 01048152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-02-18 17:05 - 2013-12-27 13:42 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-02-18 17:05 - 2013-12-27 13:42 - 00035104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2014-02-18 17:05 - 2013-12-27 13:42 - 00033056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-02-18 16:52 - 2014-02-18 16:52 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-02-18 16:34 - 2014-02-18 16:34 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-17 20:13 - 2013-12-23 22:18 - 00000842 _____ () C:\Users\Dustin\Desktop\µTorrent.lnk
2014-02-17 20:02 - 2013-12-24 04:48 - 00000988 _____ () C:\Users\Dustin\Desktop\Steam.lnk
2014-02-15 23:04 - 2013-11-23 06:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-15 23:04 - 2013-11-22 22:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-15 23:04 - 2013-11-22 22:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-15 23:04 - 2013-11-22 22:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-15 23:04 - 2013-11-22 22:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-15 23:03 - 2013-12-08 19:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-15 23:03 - 2013-12-08 19:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-15 23:03 - 2013-11-27 10:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-15 23:03 - 2013-11-27 10:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-15 23:03 - 2013-11-27 09:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-15 23:03 - 2013-11-27 08:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-15 23:03 - 2013-11-27 07:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-15 23:03 - 2013-11-27 05:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-15 23:03 - 2013-11-27 05:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-15 23:03 - 2013-11-27 05:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-15 23:03 - 2013-11-27 04:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-15 23:03 - 2013-11-27 04:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-15 23:03 - 2013-11-27 04:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-15 23:03 - 2013-11-27 04:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-15 23:03 - 2013-11-27 03:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-15 23:03 - 2013-11-27 03:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-15 23:03 - 2013-11-26 08:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-15 23:03 - 2013-11-26 08:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-15 23:03 - 2013-11-26 06:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-15 23:03 - 2013-11-26 04:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-15 23:03 - 2013-11-26 03:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-15 23:03 - 2013-11-24 20:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-15 23:03 - 2013-11-24 20:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-15 23:03 - 2013-11-24 18:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-15 23:03 - 2013-11-24 18:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-15 23:03 - 2013-11-23 07:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-15 23:03 - 2013-11-23 03:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-15 23:03 - 2013-11-23 02:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-15 23:03 - 2013-11-23 02:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-15 23:03 - 2013-11-23 02:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-15 23:03 - 2013-11-22 23:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-15 23:03 - 2013-11-22 22:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-15 23:03 - 2013-11-22 22:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-15 23:03 - 2013-11-21 01:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-15 23:03 - 2013-11-21 01:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-15 23:03 - 2013-11-15 09:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-15 23:03 - 2013-11-15 09:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-15 23:03 - 2013-11-15 09:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-15 23:03 - 2013-11-15 08:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-15 23:03 - 2013-10-30 19:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-15 23:03 - 2013-10-30 18:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-14 02:04 - 2014-02-14 02:04 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NINJAM
2014-02-14 02:04 - 2014-02-14 02:04 - 00000000 ____D () C:\Program Files (x86)\NINJAM
2014-02-13 21:16 - 2014-02-19 14:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 20:32 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-13 20:32 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-13 20:32 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-13 20:32 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-13 20:32 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-13 20:32 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-13 20:32 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-13 20:32 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-13 20:32 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-13 20:32 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-13 20:32 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-13 20:32 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-13 20:32 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-13 20:32 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-13 20:32 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-13 20:32 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-13 20:32 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-13 20:32 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-13 20:32 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-13 20:32 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-13 20:32 - 2014-01-07 00:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-13 20:32 - 2014-01-06 23:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-13 20:32 - 2013-12-08 19:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-13 20:32 - 2013-12-08 19:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-13 20:32 - 2013-12-08 18:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-13 20:32 - 2013-12-08 18:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-13 20:32 - 2013-11-21 01:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-13 20:32 - 2013-11-21 00:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-13 20:31 - 2014-01-09 03:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-13 20:31 - 2014-01-09 02:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-13 20:31 - 2014-01-09 02:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-13 20:31 - 2014-01-09 02:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-13 20:31 - 2014-01-09 02:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-13 20:31 - 2014-01-09 02:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-13 20:31 - 2014-01-09 02:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-13 20:31 - 2014-01-09 02:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-13 20:31 - 2014-01-09 02:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-13 20:31 - 2014-01-09 02:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-13 20:31 - 2014-01-07 02:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-13 20:31 - 2014-01-07 00:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-13 20:31 - 2014-01-04 15:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-13 20:31 - 2014-01-04 14:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-13 20:31 - 2014-01-04 09:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-13 20:31 - 2014-01-04 09:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-13 20:31 - 2014-01-04 08:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-13 20:31 - 2014-01-04 08:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-13 20:31 - 2014-01-04 08:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-13 20:31 - 2014-01-04 08:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-13 20:31 - 2013-12-20 21:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-13 20:31 - 2013-12-20 21:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-13 20:31 - 2013-12-20 05:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-13 20:31 - 2013-12-20 01:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-13 20:31 - 2013-12-08 21:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-13 20:31 - 2013-12-08 20:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

==================== One Month Modified Files and Folders =======

2014-03-15 13:11 - 2014-03-12 16:37 - 00000000 ____D () C:\FRST
2014-03-15 13:10 - 2013-12-27 14:18 - 01898551 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-15 13:09 - 2014-03-15 13:09 - 00000876 _____ () C:\Users\Dustin\Desktop\JRT.txt
2014-03-15 13:04 - 2013-12-23 22:08 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-15 13:04 - 2013-12-23 20:05 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-178646866-1240154784-113881889-1001
2014-03-15 13:03 - 2014-03-15 13:03 - 01037734 _____ (Thisisu) C:\Users\Dustin\Desktop\JRT.exe
2014-03-15 13:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-15 12:59 - 2014-01-22 21:06 - 00004970 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ULTIMATEPC-Dustin UltimatePC
2014-03-15 12:58 - 2014-03-12 23:24 - 00000000 __RDO () C:\Users\Dustin\SkyDrive
2014-03-15 12:58 - 2014-01-22 16:37 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-15 12:57 - 2013-12-27 14:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-15 12:57 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-15 12:56 - 2014-03-15 12:11 - 00000000 ____D () C:\Users\Dustin\Desktop\mbar
2014-03-15 12:56 - 2014-03-15 12:11 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-15 12:56 - 2014-02-18 17:40 - 00000000 ____D () C:\AdwCleaner
2014-03-15 12:55 - 2014-03-15 12:55 - 01950720 _____ () C:\Users\Dustin\Downloads\Unconfirmed 842737.crdownload
2014-03-15 12:52 - 2014-01-22 16:37 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-15 12:24 - 2014-03-05 10:19 - 00000934 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001UA.job
2014-03-15 12:11 - 2014-03-15 12:11 - 00119000 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-03-15 12:11 - 2014-03-15 12:11 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-15 12:09 - 2014-03-15 12:09 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Dustin\Downloads\mbar-1.07.0.1009.exe
2014-03-15 12:09 - 2014-03-15 12:09 - 01950720 _____ () C:\Users\Dustin\Downloads\AdwCleaner.exe
2014-03-15 12:06 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-15 02:00 - 2014-03-12 14:32 - 00000554 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 9960357e-e38b-4bda-8a09-fdb4c7c65f34.job
2014-03-15 01:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-14 16:38 - 2013-12-27 21:12 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4E79C51D-1407-4EE0-AD04-8F588FDCFE5E}
2014-03-14 14:49 - 2014-03-14 14:49 - 00000000 ____D () C:\Users\Dustin\AppData\Local\pinger.com
2014-03-14 14:48 - 2014-03-14 14:48 - 00000990 _____ () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Pinger.lnk
2014-03-14 14:48 - 2014-03-14 14:48 - 00000966 _____ () C:\Users\Dustin\Desktop\Pinger.lnk
2014-03-14 14:48 - 2014-03-14 14:48 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Caphyon
2014-03-14 14:48 - 2014-03-14 14:48 - 00000000 ____D () C:\Program Files (x86)\Pinger
2014-03-14 14:45 - 2014-03-14 14:45 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Pinger Inc
2014-03-14 14:32 - 2014-03-12 14:32 - 00000554 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task c354575b-b536-4a7a-8e3d-e8f937c615e7.job
2014-03-14 01:46 - 2013-12-23 20:43 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\uTorrent
2014-03-13 23:22 - 2014-02-05 00:02 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-13 22:47 - 2014-03-13 22:42 - 709885952 _____ () C:\Users\Dustin\Downloads\xbmcbuntu-12.2.Intel-AMD.2.iso
2014-03-13 22:37 - 2014-03-13 22:37 - 01095461 _____ (pendrivelinux.com) C:\Users\Dustin\Downloads\Universal-USB-Installer-1.9.5.2 (1).exe
2014-03-13 22:30 - 2013-11-14 02:28 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-13 22:27 - 2014-03-13 22:27 - 01095461 _____ (pendrivelinux.com) C:\Users\Dustin\Downloads\Universal-USB-Installer-1.9.5.2.exe
2014-03-13 22:06 - 2014-03-13 22:00 - 653262848 _____ () C:\Users\Dustin\Downloads\xbmcbuntu-11.0.iso
2014-03-13 21:09 - 2013-12-23 19:56 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Packages
2014-03-13 19:44 - 2014-03-13 19:44 - 00014235 _____ () C:\Users\Dustin\Downloads\[kickass.to]windows.8.1.pro.32.bit.x86.vl.portuguese.brazil.dvd.original.msdn.torrent
2014-03-13 19:43 - 2014-03-13 19:43 - 00041815 _____ () C:\Users\Dustin\Downloads\[kickass.to]windows.8.professional.32.64.bit.no.activation.required.torrent
2014-03-13 19:42 - 2014-03-13 19:42 - 00013430 _____ () C:\Users\Dustin\Downloads\[kickass.to]windows.8.pro.retail.32.bit.permanent.activation.wmc.included.torrent
2014-03-13 19:21 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-12 23:24 - 2013-12-27 14:45 - 00000000 __RDO () C:\Users\Dustin\SkyDrive (2).old
2014-03-12 23:24 - 2013-12-27 14:23 - 00000000 ____D () C:\Users\Dustin
2014-03-12 23:23 - 2013-08-22 09:44 - 00554168 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-12 20:27 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 20:27 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 20:27 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-12 20:27 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-12 19:39 - 2014-03-12 19:39 - 00000000 ____D () C:\Users\Dustin\Desktop\droidtv-boot-recovery
2014-03-12 19:37 - 2014-03-12 19:37 - 06141926 _____ () C:\Users\Dustin\Desktop\droidtv-boot-recovery.zip
2014-03-12 18:56 - 2014-03-12 18:56 - 00000000 ____D () C:\Users\Dustin\Desktop\DroidBOX_MX422_13012014_loaded_update
2014-03-12 18:39 - 2013-08-22 09:46 - 00024586 _____ () C:\WINDOWS\setupact.log
2014-03-12 18:07 - 2014-01-14 20:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 18:07 - 2012-07-26 00:26 - 00000199 _____ () C:\WINDOWS\win.ini
2014-03-12 16:56 - 2013-11-14 02:20 - 00578694 _____ () C:\WINDOWS\PFRO.log
2014-03-12 16:55 - 2014-03-12 16:55 - 00000000 ____D () C:\ProgramData\AmUStor
2014-03-12 16:55 - 2014-03-12 16:55 - 00000000 ____D () C:\Program Files (x86)\AmIcoSingLun
2014-03-12 16:55 - 2013-08-20 11:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-03-12 16:53 - 2013-08-20 11:53 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-03-12 16:27 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-12 16:00 - 2014-03-11 21:28 - 00000042 _____ () C:\Users\Dustin\AppData\Local\RawCopy.sourcedisk.filepath
2014-03-12 16:00 - 2014-03-11 21:27 - 00000001 _____ () C:\Users\Dustin\AppData\Local\RawCopy.sourcedisk.index
2014-03-12 14:56 - 2014-03-12 14:56 - 00001802 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-12 14:56 - 2014-03-12 14:56 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Apple Computer
2014-03-12 14:56 - 2014-01-24 16:34 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Apple Computer
2014-03-12 14:55 - 2014-03-12 14:54 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-12 14:55 - 2014-03-12 14:54 - 00000000 ____D () C:\Program Files\iTunes
2014-03-12 14:55 - 2014-03-12 14:54 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-12 14:54 - 2014-03-12 14:54 - 00000000 ____D () C:\Program Files\iPod
2014-03-12 14:54 - 2014-01-23 16:00 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-03-12 14:52 - 2014-01-23 16:00 - 00000000 ____D () C:\ProgramData\Apple
2014-03-12 14:51 - 2014-03-12 14:51 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-12 14:51 - 2014-03-12 14:51 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-12 14:51 - 2014-03-12 14:51 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-12 14:32 - 2014-03-12 14:32 - 00003614 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 9960357e-e38b-4bda-8a09-fdb4c7c65f34
2014-03-12 14:32 - 2014-03-12 14:32 - 00003532 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task c354575b-b536-4a7a-8e3d-e8f937c615e7
2014-03-12 14:32 - 2014-03-12 14:32 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\SUPERAntiSpyware.com
2014-03-12 14:31 - 2014-03-12 14:31 - 00000933 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-03-12 14:31 - 2014-03-12 14:31 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-03-12 14:19 - 2014-03-12 14:19 - 00000765 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-12 14:19 - 2014-03-12 14:19 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Malwarebytes
2014-03-12 14:19 - 2014-03-12 14:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-12 02:07 - 2014-02-05 00:02 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Skype
2014-03-11 22:57 - 2014-03-11 21:28 - 00000012 _____ () C:\Users\Dustin\AppData\Local\RawCopy.opendialog.dir
2014-03-11 22:57 - 2014-03-11 21:28 - 00000001 _____ () C:\Users\Dustin\AppData\Local\RawCopy.opendialog.filterindex
2014-03-11 22:23 - 2014-03-11 22:19 - 653088796 _____ () C:\Users\Dustin\Desktop\DroidBOX_MX422_13012014_loaded_update.zip
2014-03-11 21:23 - 2014-03-11 21:23 - 00000001 _____ () C:\Users\Dustin\AppData\Local\RawCopy.1.02.agreement
2014-03-11 21:20 - 2014-03-11 21:14 - 780523831 _____ () C:\Users\Dustin\Desktop\DROIDBOX_iMX6_22-11-2013.rar
2014-03-11 21:10 - 2014-03-11 21:10 - 01648640 _____ () C:\Users\Dustin\Desktop\HDDRawCopy1.02Portable.exe
2014-03-11 20:20 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-03-11 19:25 - 2014-02-25 14:50 - 00000000 ____D () C:\Users\Dustin\AppData\Local\CrashDumps
2014-03-11 15:49 - 2014-03-11 15:49 - 00000047 _____ () C:\Users\Dustin\AppData\Roaming\WB.CFG
2014-03-11 15:48 - 2014-03-11 15:48 - 00724992 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe
2014-03-11 15:48 - 2014-03-11 15:48 - 00000000 ____D () C:\Users\Dustin\Downloads\Reader
2014-03-11 15:48 - 2014-03-11 15:48 - 00000000 ____D () C:\Program Files (x86)\Generic
2014-03-11 15:47 - 2014-03-11 15:47 - 02668841 _____ () C:\Users\Dustin\Downloads\Reader.zip
2014-03-11 15:47 - 2014-03-11 15:47 - 00000000 ____D () C:\Program Files (x86)\SiteFinder
2014-03-11 14:27 - 2014-03-11 14:27 - 00016896 _____ (ASUS) C:\WINDOWS\AsTaskSched.dll
2014-03-11 13:26 - 2014-03-11 13:26 - 00000919 _____ () C:\Users\Dustin\Documents\Downloads - Shortcut.lnk
2014-03-11 13:04 - 2013-12-23 22:08 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-11 12:24 - 2013-12-23 20:25 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Mozilla
2014-03-07 15:36 - 2014-01-28 20:28 - 00000000 ____D () C:\Program Files (x86)\DSPRobotics
2014-03-07 14:35 - 2014-03-07 14:27 - 00000000 ____D () C:\Users\Dustin\Documents\MyHeritage
2014-03-07 14:34 - 2014-03-07 14:27 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\MyHeritage
2014-03-07 14:34 - 2014-03-07 14:27 - 00000000 ____D () C:\ProgramData\MyHeritage
2014-03-07 14:24 - 2014-03-07 14:24 - 00001144 _____ () C:\Users\Dustin\Desktop\MyHeritage Family Tree Builder.lnk
2014-03-07 14:24 - 2014-03-07 14:24 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\The Complete Genealogy Reporter - FTB
2014-03-07 14:24 - 2014-03-07 14:24 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2014-03-07 14:24 - 2014-03-07 14:24 - 00000000 ____D () C:\Program Files (x86)\MyHeritage
2014-03-07 08:19 - 2014-03-05 14:49 - 00000000 ____D () C:\Users\Dustin\Documents\My Digital Editions
2014-03-06 20:55 - 2013-12-24 14:21 - 00001057 _____ () C:\Users\Dustin\AppData\Roaming\vso_ts_preview.xml
2014-03-06 20:49 - 2013-12-24 14:31 - 00000000 ____D () C:\Users\Dustin\Documents\ConvertXToDVD
2014-03-06 20:19 - 2013-12-24 14:21 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Vso
2014-03-05 14:49 - 2014-03-05 14:49 - 00002197 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2014-03-05 14:49 - 2014-03-05 14:49 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Adobe_Systems_Incorporate
2014-03-05 14:49 - 2014-03-05 14:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-03-05 14:49 - 2013-08-20 12:03 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-05 13:55 - 2014-03-05 13:51 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\vlc
2014-03-05 13:51 - 2014-03-05 13:51 - 00001089 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-05 13:51 - 2014-03-05 13:51 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-03-05 10:24 - 2014-03-05 10:19 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001Core.job
2014-03-05 10:20 - 2014-01-22 16:37 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Google
2014-03-05 10:19 - 2014-03-05 10:19 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001UA
2014-03-05 10:19 - 2014-03-05 10:19 - 00003502 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178646866-1240154784-113881889-1001Core
2014-03-05 00:05 - 2014-03-05 00:05 - 00002138 _____ () C:\Users\Public\Desktop\Xilisoft Audio Converter 6.lnk
2014-03-05 00:05 - 2014-03-05 00:05 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Xilisoft
2014-03-05 00:04 - 2014-03-05 00:04 - 00000000 ____D () C:\ProgramData\Xilisoft
2014-03-05 00:04 - 2014-03-05 00:04 - 00000000 ____D () C:\Program Files (x86)\Xilisoft
2014-03-04 23:36 - 2014-03-04 23:28 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\VoipBuster
2014-03-04 23:28 - 2014-03-04 23:28 - 00001231 _____ () C:\Users\Dustin\Desktop\VoipBuster.lnk
2014-03-04 23:28 - 2014-03-04 23:28 - 00000000 ____D () C:\Program Files (x86)\VoipBuster.com
2014-03-04 22:26 - 2013-12-23 20:14 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-03-04 17:53 - 2013-08-22 10:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-04 17:53 - 2013-08-22 10:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-01 01:05 - 2014-03-12 16:08 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-28 23:58 - 2014-03-12 16:08 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-28 23:30 - 2014-03-12 16:08 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-28 23:17 - 2014-03-12 16:08 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-28 22:54 - 2014-03-12 16:08 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-28 22:47 - 2014-03-12 16:08 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-28 22:42 - 2014-03-12 16:08 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-28 22:18 - 2014-03-12 16:08 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-28 22:14 - 2014-03-12 16:08 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-28 22:10 - 2014-03-12 16:08 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-28 22:03 - 2014-03-12 16:08 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-28 21:57 - 2014-03-12 16:08 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-28 21:38 - 2014-03-12 16:08 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-28 21:32 - 2014-03-12 16:08 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-28 21:27 - 2014-03-12 16:08 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-28 21:25 - 2014-03-12 16:08 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-28 21:25 - 2014-03-12 16:08 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-27 16:17 - 2014-02-27 16:17 - 00000793 _____ () C:\Users\Dustin\Desktop\Rocksmith 2014.lnk
2014-02-27 16:17 - 2013-12-27 13:20 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocksmith 2014
2014-02-26 18:22 - 2014-02-25 15:20 - 00000000 ____D () C:\Program Files (x86)\Starcraft
2014-02-25 19:58 - 2014-02-25 19:58 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-02-25 19:58 - 2014-02-25 19:58 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Ubisoft Game Launcher
2014-02-25 18:31 - 2014-02-25 17:07 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Windows Live
2014-02-25 15:21 - 2014-02-25 15:21 - 00094208 _____ (Blizzard Entertainment) C:\WINDOWS\ScUnin.exe
2014-02-25 15:21 - 2014-02-25 15:21 - 00013902 _____ () C:\WINDOWS\scunin.dat
2014-02-25 15:21 - 2014-02-25 15:21 - 00000967 _____ () C:\WINDOWS\ScUnin.pif
2014-02-25 15:19 - 2014-02-02 22:36 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\DAEMON Tools Pro
2014-02-25 15:19 - 2014-02-02 22:34 - 00000000 ____D () C:\ProgramData\DAEMON Tools Pro
2014-02-25 14:53 - 2014-02-25 14:49 - 00000000 ____D () C:\Program Files (x86)\Diablo
2014-02-25 14:51 - 2013-12-23 19:56 - 00000000 ____D () C:\Users\Dustin\AppData\Local\VirtualStore
2014-02-25 14:50 - 2014-02-25 14:49 - 00007162 _____ () C:\WINDOWS\DiabUnin.dat
2014-02-25 14:49 - 2014-02-25 14:49 - 00118784 _____ (Blizzard Entertainment) C:\WINDOWS\DiabUnin.exe
2014-02-25 14:49 - 2014-02-25 14:49 - 00002829 _____ () C:\WINDOWS\DiabUnin.pif
2014-02-25 14:49 - 2014-02-25 14:49 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo
2014-02-24 22:00 - 2014-02-20 21:01 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\TS3Client
2014-02-24 20:35 - 2013-09-18 02:24 - 00564477 _____ () C:\Users\Dustin\Desktop\NTR 2014 v1.0.exe
2014-02-24 20:23 - 2014-02-24 19:50 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\TeamViewer
2014-02-24 19:50 - 2014-02-24 19:50 - 00001185 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-24 19:50 - 2014-02-24 19:50 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-24 19:46 - 2014-02-24 19:46 - 00000000 ____H () C:\Users\Dustin\Documents\Default.rdp
2014-02-22 02:29 - 2013-12-23 20:14 - 00000000 ____D () C:\Users\Dustin\Documents\StarCraft II
2014-02-22 00:55 - 2013-12-24 04:48 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-21 16:51 - 2014-02-20 21:33 - 00000000 ____D () C:\Users\Dustin\AppData\Local\Overwolf
2014-02-20 21:01 - 2014-02-20 21:01 - 00000575 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-02-20 01:33 - 2014-02-25 18:26 - 01037734 _____ (Thisisu) C:\Users\Dustin\Desktop\JRT_NEW.exe
2014-02-19 23:52 - 2012-07-26 03:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-02-19 14:48 - 2014-02-19 14:48 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-02-19 14:43 - 2014-02-18 18:30 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-02-19 14:43 - 2014-02-18 18:29 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-02-19 14:43 - 2014-02-13 21:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-19 14:43 - 2014-02-05 00:02 - 00000000 ____D () C:\ProgramData\Skype
2014-02-19 14:42 - 2014-02-18 18:29 - 00002528 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-02-18 21:07 - 2013-11-14 02:28 - 00006656 _____ () C:\WINDOWS\system32\lpcio.dll
2014-02-18 18:49 - 2014-02-18 18:29 - 00000000 ____D () C:\ProgramData\Norton
2014-02-18 18:43 - 2014-01-22 16:34 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-18 18:29 - 2014-02-18 18:30 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-02-18 18:29 - 2014-02-18 18:29 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-02-18 18:29 - 2014-02-18 18:29 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-02-18 18:29 - 2014-02-18 18:29 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-02-18 17:35 - 2014-02-18 17:35 - 00001051 _____ () C:\Users\Public\Desktop\CPUID HWMonitorPro.lnk
2014-02-18 17:25 - 2014-02-18 17:25 - 00002156 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-02-18 17:25 - 2014-02-18 17:25 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-18 17:25 - 2013-12-27 14:19 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-18 17:21 - 2014-02-18 17:21 - 00000000 ____D () C:\NVIDIA
2014-02-18 17:18 - 2013-12-27 21:15 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-02-18 17:14 - 2014-02-18 17:06 - 00000000 ____D () C:\Users\Dustin\AppData\Local\NVIDIA
2014-02-18 17:14 - 2013-12-27 14:19 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-18 17:07 - 2014-02-18 17:07 - 00000000 ____D () C:\Users\Dustin\AppData\Local\NVIDIA Corporation
2014-02-18 17:06 - 2013-12-27 14:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-18 16:52 - 2014-02-18 16:52 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-02-18 16:34 - 2014-02-18 16:34 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-18 16:27 - 2014-01-22 23:05 - 00000000 ____D () C:\Users\Dustin\jagexcache
2014-02-18 16:23 - 2013-12-24 02:50 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-02-18 16:22 - 2013-12-24 02:50 - 00000000 ____D () C:\ProgramData\Nero
2014-02-16 20:13 - 2013-12-27 05:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-16 20:12 - 2013-12-27 05:37 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-16 16:32 - 2013-12-23 19:58 - 00000000 ___RD () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-16 16:32 - 2013-12-23 19:58 - 00000000 ___RD () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-16 16:30 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-16 16:30 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-16 16:30 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-14 23:08 - 2013-12-23 20:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-14 15:05 - 2013-08-20 12:11 - 00000000 ____D () C:\ProgramData\McAfee
2014-02-14 02:10 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-14 02:10 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-14 02:10 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-14 02:04 - 2014-02-14 02:04 - 00000000 ____D () C:\Users\Dustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NINJAM
2014-02-14 02:04 - 2014-02-14 02:04 - 00000000 ____D () C:\Program Files (x86)\NINJAM

Files to move or delete:
====================
C:\Users\Dustin\jagex_cl_runescape_LIVE.dat
C:\Users\Dustin\jagex_cl_runescape_LIVE1.dat
C:\Users\Dustin\random.dat


Some content of TEMP:
====================
C:\Users\Dustin\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Dustin\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Dustin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dustin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Dustin\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Dustin\AppData\Local\Temp\nvStInst.exe
C:\Users\Dustin\AppData\Local\Temp\ose00000.exe
C:\Users\Dustin\AppData\Local\Temp\Quarantine.exe
C:\Users\Dustin\AppData\Local\Temp\SRLDetectionLibrary5746244782177431348.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-09 20:19

==================== End Of Log ============================


Going to restart computer quick and see



#10 Pl34seH3lp

Pl34seH3lp
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:56 PM

Posted 15 March 2014 - 01:19 PM

I still have a lot of pop ups, the performance of my computer is a bit choppy and a program that I never installed called Disk Monitor is in my start up tray.



#11 Jo*

Jo*

  • Malware Response Team
  • 3,259 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:56 PM

Posted 15 March 2014 - 01:29 PM

Disk_Monitor is not bad.
We can delete it's startup item if you are sure.
http://www.systemlookup.com/search.php?list=&type=filename&search=Disk_Monitor.exe+

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#12 Pl34seH3lp

Pl34seH3lp
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:56 PM

Posted 15 March 2014 - 01:31 PM

Okay, It must have come with the card reader that I installed. that makes sense. What about all of the pop ups I've been getting? Ridiculous ammount of pop ups and a tad slow computer



#13 Jo*

Jo*

  • Malware Response Team
  • 3,259 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:56 PM

Posted 15 March 2014 - 01:47 PM

Hello Pl34seH3lp,
 

What about all of the pop ups I've been getting? Ridiculous ammount of pop ups and a tad slow computer

Looks like we have to do some more work.

Are there any titles / names you get with the pop ups?

If you have installed a program called "Site Finder" > uninstall it.
 

***


Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it in the same location as / FSRT / FSRT64 (usually your desktop) as fixlist.txt

 
start
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
URLSearchHook: HKLM-x32 - SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll (Site Finder)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_11_ff&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0Bzz0AzytCyE0ByDtAyCtCtN0D0Tzu0SzztDtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0AtByBtDzy0CzztGyDyEtB0DtGyDyByDtDtG0CtByC0EtGtDyC0FzyyCtDtDyC0EtCtAyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzztBtB0B0A0BtCtGtD0DtDtBtGtAzyzy0CtGtDyCtB0FtGtA0DtC0Azyzz0D0FyD0E0BtD2Q&cr=900545990&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_11_ff&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0Bzz0AzytCyE0ByDtAyCtCtN0D0Tzu0SzztDtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0AtByBtDzy0CzztGyDyEtB0DtGyDyByDtDtG0CtByC0EtGtDyC0FzyyCtDtDyC0EtCtAyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzztBtB0B0A0BtCtGtD0DtDtBtGtAzyzy0CtGtDyCtB0FtGtA0DtC0Azyzz0D0FyD0E0BtD2Q&cr=900545990&ir=
2014-03-11 15:47 - 2014-03-11 15:47 - 00000000 ____D () C:\Program Files (x86)\SiteFinder
C:\Users\Dustin\jagex_cl_runescape_LIVE.dat
C:\Users\Dustin\jagex_cl_runescape_LIVE1.dat
C:\Users\Dustin\random.dat
end


NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Run FRST / FSRT64 again like we did before but this time press the Fix button just once and wait.
The tool will make a log on the flash drive (Fixlog.txt) please post it to your reply.



***


How the computer is running now?

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#14 Pl34seH3lp

Pl34seH3lp
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:56 PM

Posted 15 March 2014 - 02:02 PM

The one pop up that I have up right now says

"Related searches" with a picture of Norton, then underneath it says
"remove spyware, free antivirus download, adware and spyware removal, virus scan, adware removal, free virus protection, antivirus download, free spyware removal, free virus & spyware scans, guelph foreclousurehomes"

a lot of pop ups are being blocked, when i get another ill paste what it says.
Here's the fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-03-2014
Ran by Dustin at 2014-03-15 14:01:18 Run:1
Running from D:\Downloads\Frst
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
URLSearchHook: HKLM-x32 - SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll (Site Finder)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_11_ff&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0Bzz0AzytCyE0ByDtAyCtCtN0D0Tzu0SzztDtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0AtByBtDzy0CzztGyDyEtB0DtGyDyByDtDtG0CtByC0EtGtDyC0FzyyCtDtDyC0EtCtAyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzztBtB0B0A0BtCtGtD0DtDtBtGtAzyzy0CtGtDyCtB0FtGtA0DtC0Azyzz0D0FyD0E0BtD2Q&cr=900545990&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_11_ff&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0Bzz0AzytCyE0ByDtAyCtCtN0D0Tzu0SzztDtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0AtByBtDzy0CzztGyDyEtB0DtGyDyByDtDtG0CtByC0EtGtDyC0FzyyCtDtDyC0EtCtAyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzztBtB0B0A0BtCtGtD0DtDtBtGtAzyzy0CtGtDyCtB0FtGtA0DtC0Azyzz0D0FyD0E0BtD2Q&cr=900545990&ir=
2014-03-11 15:47 - 2014-03-11 15:47 - 00000000 ____D () C:\Program Files (x86)\SiteFinder
C:\Users\Dustin\jagex_cl_runescape_LIVE.dat
C:\Users\Dustin\jagex_cl_runescape_LIVE1.dat
C:\Users\Dustin\random.dat
end
*****************

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
C:\Program Files (x86)\SiteFinder => Moved successfully.
C:\Users\Dustin\jagex_cl_runescape_LIVE.dat => Moved successfully.
C:\Users\Dustin\jagex_cl_runescape_LIVE1.dat => Moved successfully.
C:\Users\Dustin\random.dat => Moved successfully.

==== End of Fixlog ====



#15 Pl34seH3lp

Pl34seH3lp
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:56 PM

Posted 15 March 2014 - 02:05 PM

One of the pop ups has a picture of an old lady and then a picture of ellen degeneres and says something like "She went from looking 55 to 25"






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users