Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with malware.


  • This topic is locked This topic is locked
21 replies to this topic

#1 Dquinte2

Dquinte2

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 19 March 2014 - 11:24 AM

Hello!,

 

First off thank you for your time!

 

Allright so my computer is infected with something since I have seen weird search sites everytime I open chrome. In addition, I see weird ads as well whenever I search something in google.com. I have tried antiviruses and they do not get rid of it it comes back.

 

Here are my logs.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16521
Run by Dan at 12:10:41 on 2014-03-19
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.6056.3546 [GMT -4:00]
.
AV: Webroot SecureAnywhere *Disabled/Updated* {66A6FE14-08CB-F415-3742-517201416109}
SP: Webroot SecureAnywhere *Disabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\Dan\AppData\Local\Apps\2.0\VEEC1Y8V.MDZ\ZJY97RE1.Y71\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\ASRock\XFast LAN\spd.exe
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\OO Software\Defrag\oodag.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [zASRockInstantBoot] <no file>
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Syncios device service] C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
dRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
StartupFolder: C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{0F599453-75EF-45D1-B5BB-C75C5352025E} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{5F351093-E264-4ED1-9FCD-C546186568ED} : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{FEBF55A0-BDF9-4493-8299-6DCA0BAEA3D3} : DHCPNameServer = 65.32.5.111 65.32.5.112
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= c:\windows\syswow64\nvinit.dll  c:\progra~2\sw30e4~1.boo
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: safoeweb: {6392F5A3-4A4D-3F49-3C88-B92E35EF5D72} - C:\Program Files (x86)\safoeweb\fx0JkM7XBi.x64.dll
x64-BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: SNT: {C2F64206-F231-3110-DF86-F3EEE1D7E159} - 
x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: YoutubeAdblocker: {DE6AE88A-F854-3239-578D-86AC0C35FBB8} - 
x64-BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - 
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [XFast LAN] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2013-11-16 9216]
R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\System32\drivers\SCMNdisP.sys [2013-12-29 25056]
R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2014-3-18 113664]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-3-3 1363584]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-3-3 1748608]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-2-26 2224976]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-2-26 377616]
R2 Mezzmo;Mezzmo;C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe [2013-2-3 3925800]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-2-14 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-16 16939296]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-3-11 411936]
R2 WSWNA3100;WSWNA3100;C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [2013-12-29 303360]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-3-4 126952]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-3-4 390632]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-8-14 32344]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-2-14 39200]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-8-14 565352]
S2 1a34a8e0;SW.Sustainer;C:\Windows\System32\rundll32.exe [2009-7-13 45568]
S2 25e4f9bf;WebTect;C:\Windows\System32\rundll32.exe [2009-7-13 45568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-12-30 101888]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-3-18 418376]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-3-18 701512]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2014-3-18 763000]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2013-12-29 1256192]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;C:\Windows\System32\drivers\evolve.sys [2013-11-3 21656]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-12 111616]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-3-18 25928]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-9-5 234776]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-8 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2014-03-19 16:01:13 -------- d-----w- C:\ProgramData\McAfee Security Scan
2014-03-19 16:01:12 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
2014-03-19 03:00:16 -------- d-----w- C:\Users\Dan\AppData\Roaming\Malwarebytes
2014-03-19 03:00:06 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-03-19 03:00:06 -------- d-----w- C:\ProgramData\Malwarebytes
2014-03-19 03:00:06 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-19 02:11:04 10395072 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe
2014-03-19 02:10:32 -------- d-----w- C:\Users\Dan\AppData\Local\lptmp1890866352
2014-03-19 02:10:04 152744 ----a-w- C:\Windows\SysWow64\WRusr.dll
2014-03-19 02:10:04 103816 ----a-w- C:\Windows\System32\WRusr.dll
2014-03-19 02:10:03 113664 ----a-w- C:\Windows\System32\drivers\WRkrn.sys
2014-03-19 02:10:02 -------- d-----w- C:\Program Files\Webroot
2014-03-19 02:10:01 -------- d-----w- C:\ProgramData\WRData
2014-03-18 20:40:26 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{78266F53-76E0-4571-8306-8CE0D8A2DE72}\mpengine.dll
2014-03-17 05:07:18 -------- d-----w- C:\ProgramData\WebTect
2014-03-15 17:21:05 -------- d-----w- C:\ProgramData\SNT
2014-03-15 17:20:50 -------- d-----w- C:\ProgramData\SnowApp
2014-03-15 17:20:45 4210176 ----a-w- C:\Program Files (x86)\SW_x64.Booster
2014-03-15 17:20:27 -------- d-----w- C:\Users\Dan\AppData\Local\Packages
2014-03-15 17:20:27 -------- d-----w- C:\ProgramData\safoeweb
2014-03-15 17:20:27 -------- d-----w- C:\Program Files (x86)\safoeweb
2014-03-15 17:20:22 -------- d-----w- C:\Users\Dan\AppData\Local\Torch
2014-03-15 17:20:22 -------- d-----w- C:\Users\Dan\AppData\Local\Comodo
2014-03-15 17:20:22 -------- d-----w- C:\ProgramData\2b987117163ab168
2014-03-15 17:19:49 -------- d-----w- C:\ProgramData\InstallMate
2014-03-14 20:51:51 -------- d-----w- C:\Users\Dan\AppData\Roaming\iFunbox_UserCache
2014-03-14 20:51:45 -------- d-----w- C:\Program Files (x86)\i-Funbox DevTeam
2014-03-13 03:04:48 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-03-13 03:04:48 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-03-13 03:04:47 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-03-13 03:04:47 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-03-11 21:04:03 5777288 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-03-11 16:49:35 599840 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-03-11 05:05:29 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2014-03-11 01:41:54 -------- d-----w- C:\Program Files (x86)\Origin Games
2014-03-11 01:39:36 -------- d-----w- C:\Users\Dan\AppData\Roaming\Origin
2014-03-11 01:39:32 -------- d-----w- C:\Users\Dan\AppData\Local\Origin
2014-03-11 01:36:20 -------- d-----w- C:\ProgramData\Origin
2014-03-11 01:36:18 -------- d-----w- C:\ProgramData\Electronic Arts
2014-03-11 01:36:17 -------- d-----w- C:\Program Files (x86)\Origin
2014-03-07 17:05:55 -------- d-----w- C:\Program Files (x86)\Southpark Stick of Truth
2014-02-28 03:51:09 -------- d-----w- C:\Windows\Migration
2014-02-28 03:45:05 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2014-02-19 05:52:12 -------- d-----w- C:\Program Files (x86)\Battle.net
.
==================== Find3M  ====================
.
2014-03-19 16:01:09 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-19 16:01:09 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-04 13:06:00 6714312 ----a-w- C:\Windows\System32\nvcpl.dll
2014-03-04 13:06:00 3497816 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-03-04 13:05:58 922968 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-03-04 13:05:58 64968 ----a-w- C:\Windows\System32\nvshext.dll
2014-03-04 13:05:57 386336 ----a-w- C:\Windows\System32\nvmctray.dll
2014-03-04 13:05:53 3649185 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-03-01 05:17:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-03-01 05:16:26 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 04:11:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-03-01 03:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-03-01 03:00:08 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-29 02:32:18 484864 ----a-w- C:\Windows\System32\wer.dll
2014-01-29 02:06:47 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-01-28 02:32:46 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-01-21 02:54:53 1048152 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-01-21 02:54:22 1179576 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-01-15 23:13:01 1885472 ----a-w- C:\Windows\System32\nvdispco6433467.dll
2014-01-15 23:13:01 1515296 ----a-w- C:\Windows\System32\nvdispgenco6433467.dll
2013-12-27 18:42:26 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-12-27 18:42:16 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-12-27 18:42:16 33056 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-12-21 09:53:45 548864 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
.
============= FINISH: 12:11:10.73 ===============
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16521
Run by Dan at 12:10:41 on 2014-03-19
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.6056.3546 [GMT -4:00]
.
AV: Webroot SecureAnywhere *Disabled/Updated* {66A6FE14-08CB-F415-3742-517201416109}
SP: Webroot SecureAnywhere *Disabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\Dan\AppData\Local\Apps\2.0\VEEC1Y8V.MDZ\ZJY97RE1.Y71\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\ASRock\XFast LAN\spd.exe
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\OO Software\Defrag\oodag.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [zASRockInstantBoot] <no file>
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Syncios device service] C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
dRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
StartupFolder: C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{0F599453-75EF-45D1-B5BB-C75C5352025E} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{5F351093-E264-4ED1-9FCD-C546186568ED} : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{FEBF55A0-BDF9-4493-8299-6DCA0BAEA3D3} : DHCPNameServer = 65.32.5.111 65.32.5.112
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= c:\windows\syswow64\nvinit.dll  c:\progra~2\sw30e4~1.boo
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: safoeweb: {6392F5A3-4A4D-3F49-3C88-B92E35EF5D72} - C:\Program Files (x86)\safoeweb\fx0JkM7XBi.x64.dll
x64-BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: SNT: {C2F64206-F231-3110-DF86-F3EEE1D7E159} - 
x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: YoutubeAdblocker: {DE6AE88A-F854-3239-578D-86AC0C35FBB8} - 
x64-BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - 
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [XFast LAN] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2013-11-16 9216]
R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\System32\drivers\SCMNdisP.sys [2013-12-29 25056]
R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2014-3-18 113664]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-3-3 1363584]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-3-3 1748608]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-2-26 2224976]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-2-26 377616]
R2 Mezzmo;Mezzmo;C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe [2013-2-3 3925800]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-2-14 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-16 16939296]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-3-11 411936]
R2 WSWNA3100;WSWNA3100;C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [2013-12-29 303360]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-3-4 126952]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-3-4 390632]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-8-14 32344]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-2-14 39200]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-8-14 565352]
S2 1a34a8e0;SW.Sustainer;C:\Windows\System32\rundll32.exe [2009-7-13 45568]
S2 25e4f9bf;WebTect;C:\Windows\System32\rundll32.exe [2009-7-13 45568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-12-30 101888]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-3-18 418376]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-3-18 701512]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2014-3-18 763000]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2013-12-29 1256192]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;C:\Windows\System32\drivers\evolve.sys [2013-11-3 21656]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-12 111616]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-3-18 25928]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-9-5 234776]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-8 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2014-03-19 16:01:13 -------- d-----w- C:\ProgramData\McAfee Security Scan
2014-03-19 16:01:12 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
2014-03-19 03:00:16 -------- d-----w- C:\Users\Dan\AppData\Roaming\Malwarebytes
2014-03-19 03:00:06 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-03-19 03:00:06 -------- d-----w- C:\ProgramData\Malwarebytes
2014-03-19 03:00:06 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-19 02:11:04 10395072 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe
2014-03-19 02:10:32 -------- d-----w- C:\Users\Dan\AppData\Local\lptmp1890866352
2014-03-19 02:10:04 152744 ----a-w- C:\Windows\SysWow64\WRusr.dll
2014-03-19 02:10:04 103816 ----a-w- C:\Windows\System32\WRusr.dll
2014-03-19 02:10:03 113664 ----a-w- C:\Windows\System32\drivers\WRkrn.sys
2014-03-19 02:10:02 -------- d-----w- C:\Program Files\Webroot
2014-03-19 02:10:01 -------- d-----w- C:\ProgramData\WRData
2014-03-18 20:40:26 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{78266F53-76E0-4571-8306-8CE0D8A2DE72}\mpengine.dll
2014-03-17 05:07:18 -------- d-----w- C:\ProgramData\WebTect
2014-03-15 17:21:05 -------- d-----w- C:\ProgramData\SNT
2014-03-15 17:20:50 -------- d-----w- C:\ProgramData\SnowApp
2014-03-15 17:20:45 4210176 ----a-w- C:\Program Files (x86)\SW_x64.Booster
2014-03-15 17:20:27 -------- d-----w- C:\Users\Dan\AppData\Local\Packages
2014-03-15 17:20:27 -------- d-----w- C:\ProgramData\safoeweb
2014-03-15 17:20:27 -------- d-----w- C:\Program Files (x86)\safoeweb
2014-03-15 17:20:22 -------- d-----w- C:\Users\Dan\AppData\Local\Torch
2014-03-15 17:20:22 -------- d-----w- C:\Users\Dan\AppData\Local\Comodo
2014-03-15 17:20:22 -------- d-----w- C:\ProgramData\2b987117163ab168
2014-03-15 17:19:49 -------- d-----w- C:\ProgramData\InstallMate
2014-03-14 20:51:51 -------- d-----w- C:\Users\Dan\AppData\Roaming\iFunbox_UserCache
2014-03-14 20:51:45 -------- d-----w- C:\Program Files (x86)\i-Funbox DevTeam
2014-03-13 03:04:48 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-03-13 03:04:48 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-03-13 03:04:47 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-03-13 03:04:47 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-03-11 21:04:03 5777288 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-03-11 16:49:35 599840 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-03-11 05:05:29 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2014-03-11 01:41:54 -------- d-----w- C:\Program Files (x86)\Origin Games
2014-03-11 01:39:36 -------- d-----w- C:\Users\Dan\AppData\Roaming\Origin
2014-03-11 01:39:32 -------- d-----w- C:\Users\Dan\AppData\Local\Origin
2014-03-11 01:36:20 -------- d-----w- C:\ProgramData\Origin
2014-03-11 01:36:18 -------- d-----w- C:\ProgramData\Electronic Arts
2014-03-11 01:36:17 -------- d-----w- C:\Program Files (x86)\Origin
2014-03-07 17:05:55 -------- d-----w- C:\Program Files (x86)\Southpark Stick of Truth
2014-02-28 03:51:09 -------- d-----w- C:\Windows\Migration
2014-02-28 03:45:05 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2014-02-19 05:52:12 -------- d-----w- C:\Program Files (x86)\Battle.net
.
==================== Find3M  ====================
.
2014-03-19 16:01:09 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-19 16:01:09 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-04 13:06:00 6714312 ----a-w- C:\Windows\System32\nvcpl.dll
2014-03-04 13:06:00 3497816 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-03-04 13:05:58 922968 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-03-04 13:05:58 64968 ----a-w- C:\Windows\System32\nvshext.dll
2014-03-04 13:05:57 386336 ----a-w- C:\Windows\System32\nvmctray.dll
2014-03-04 13:05:53 3649185 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-03-01 05:17:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-03-01 05:16:26 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 04:11:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-03-01 03:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-03-01 03:00:08 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-29 02:32:18 484864 ----a-w- C:\Windows\System32\wer.dll
2014-01-29 02:06:47 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-01-28 02:32:46 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-01-21 02:54:53 1048152 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-01-21 02:54:22 1179576 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-01-15 23:13:01 1885472 ----a-w- C:\Windows\System32\nvdispco6433467.dll
2014-01-15 23:13:01 1515296 ----a-w- C:\Windows\System32\nvdispgenco6433467.dll
2013-12-27 18:42:26 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-12-27 18:42:16 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-12-27 18:42:16 33056 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-12-21 09:53:45 548864 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
.
============= FINISH: 12:11:10.73 ===============
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:31 AM

Posted 19 March 2014 - 03:14 PM

Greetings and  :welcome: to BleepingComputer,
My name is xXToffeeXx, but feel free to call me Toffee if it is easier for you. I will be helping you with your malware problems.
 
A few points to cover before we start:

  • Do not run any tools without being instructed to as this makes my job much harder in trying to figure out what you have done.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the "Follow this topic" button, and make sure a tick is in the "receive notifications" and is set to "Instantly". Any replies should be made in this topic by clicking the "Reply to this topic" button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will attempt to reply as soon as possible, and normally within 24 hours of your reply. If this is not possible or I have a delay then I will let you know. I am in training and an instructor will need to check my fixes so a little delay may happen at times.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. If you need more time than this please let me know.
  • Lets get going now  :thumbup2:

 

--------------

 

Hi Dquinte2,

 

I will be handling your log to help you get cleaned up. Please give me some time to look it over, and I will get back to you as soon as possible. 

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#3 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:31 AM

Posted 20 March 2014 - 08:46 AM

Hi Dquinte2,
 
Going over your logs I noticed that you have µTorrent installed.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

 

--------------

 

Uninstalling a Program:

  • Click "start" on the taskbar and then click on the "Control Panel" icon.
  • Please double-click the "Add or Remove Programs" icon.
  • A list of programs installed will be "populated", this may take a bit of time.
  • If they exist, uninstall the following by clicking on the following entries and selecting "remove":

McAfee Security Scan Plus

WebTect

  • Additional instructions can be found here if needed.

 

--------------

 

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of# represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

--------------

 

To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • AdwCleaner log

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#4 Dquinte2

Dquinte2
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 20 March 2014 - 12:10 PM

Hello Toffee!! Thanks so much for you help so far. 

 

So I could unistall McAfee but not Webtect it says it cannot find webtect.dll file when I try to unistall it. 

 

AdwCleaner Log:

 

# AdwCleaner v3.022 - Report created 20/03/2014 at 13:06:28
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Dan - DAN-PC
# Running from : C:\Users\Dan\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Found : C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
Folder Found C:\Program Files (x86)\baidu
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Found C:\Program Files (x86)\Optimizer Pro
Folder Found C:\ProgramData\baidu
Folder Found C:\ProgramData\Conduit
Folder Found C:\ProgramData\SNT
Folder Found C:\ProgramData\VisualBee
Folder Found C:\Users\Dan\AppData\Local\Bundled software uninstaller
Folder Found C:\Users\Dan\AppData\Local\Conduit
Folder Found C:\Users\Dan\AppData\Local\emaze
Folder Found C:\Users\Dan\AppData\Local\NativeMessaging
Folder Found C:\Users\Dan\AppData\Local\Temp\baidu
Folder Found C:\Users\Dan\AppData\Local\Temp\NativeMessaging
Folder Found C:\Users\Dan\AppData\Local\torch
Folder Found C:\Users\Dan\AppData\LocalLow\Conduit
Folder Found C:\Users\Dan\AppData\LocalLow\PriceGong
Folder Found C:\Users\Dan\AppData\Roaming\baidu
Folder Found C:\Users\Dan\Documents\Optimizer Pro
Folder Found C:\Windows\SysWOW64\AI_RecycleBin
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\lyrixeeker
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\visualbee
Key Found : [x64] HKCU\Software\BI
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : [x64] HKCU\Software\SmartBar
Key Found : [x64] HKCU\Software\visualbee
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3287810
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3316753
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Found : HKLM\Software\visualbee
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16521
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found : homepage
 
*************************
 
AdwCleaner[R0].txt - [7045 octets] - [20/03/2014 13:06:28]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7105 octets] ##########


#5 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:31 AM

Posted 20 March 2014 - 02:02 PM

Hi Dquinte2,

 
Double click on AdwCleaner.exe to run the tool again.

  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished, this time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

--------------
 
We need to search for a few things with SystemLook:

  • Please download SystemLook (64-bit) by jpshortstuff and save it to your desktop
  • Double-click the program to run it, paste the entire text into the main text box:
:reg
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows
  • Click the Look button to start the scan
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

 

--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • New AdwCleaner log
  • Systemlook log

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#6 Dquinte2

Dquinte2
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 20 March 2014 - 04:11 PM

Hello!

 

Adwcleaner log:

# AdwCleaner v3.022 - Report created 20/03/2014 at 13:11:38
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Dan - DAN-PC
# Running from : C:\Users\Dan\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\SNT
Folder Deleted : C:\ProgramData\VisualBee
Folder Deleted : C:\Program Files (x86)\baidu
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin
Folder Deleted : C:\Users\Dan\AppData\Local\Bundled software uninstaller
Folder Deleted : C:\Users\Dan\AppData\Local\Conduit
Folder Deleted : C:\Users\Dan\AppData\Local\emaze
Folder Deleted : C:\Users\Dan\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Dan\AppData\Local\torch
Folder Deleted : C:\Users\Dan\AppData\Local\Temp\baidu
Folder Deleted : C:\Users\Dan\AppData\Local\Temp\NativeMessaging
Folder Deleted : C:\Users\Dan\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Dan\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Dan\AppData\Roaming\baidu
Folder Deleted : C:\Users\Dan\Documents\Optimizer Pro
File Deleted : C:\END
File Deleted : C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3287810
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3316753
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\visualbee
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\lyrixeeker
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\visualbee
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16521
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : homepage
 
*************************
 
AdwCleaner[R0].txt - [7253 octets] - [20/03/2014 13:06:28]
AdwCleaner[S0].txt - [7096 octets] - [20/03/2014 13:11:38]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7156 octets] ##########
 
SystemLook:
SystemLook 30.07.11 by jpshortstuff
Log created at 17:09 on 20/03/2014 by Dan
Administrator - Elevation successful
 
========== reg ==========
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"IconServiceLib"="IconCodecService.dll"
"DdeSendTimeout"= 0x0000000000 (0)
"DesktopHeapLogging"= 0x0000000001 (1)
"GDIProcessHandleQuota"= 0x0000002710 (10000)
"ShutdownWarningDialogTimeout"= 0x00ffffffff (-1)
"USERNestedWindowLimit"= 0x0000000032 (50)
"USERPostMessageLimit"= 0x0000002710 (10000)
"USERProcessHandleQuota"= 0x0000002710 (10000)
@="mnmsrvc"
"DeviceNotSelectedTimeout"="15"
"Spooler"="yes"
"TransmissionRetryTimeout"="90"
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll  C:\PROGRA~2\SW_X64~1.BOO C:\PROGRA~3\WebTect\WEBTEC~1.DLL"
"LoadAppInit_DLLs"= 0x0000000001 (1)
 
 
-= EOF =-


#7 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:31 AM

Posted 22 March 2014 - 06:41 AM

Hi Dquinte2,

 

You will need to create a system restore point before running the below fixes, see here on how to do so.

 

We need to run a registry script:

  • Click the Windows Start Orb in the bottom-left
  • In the search box, type notepad, then click on Notepad to open it
  • Copy and paste the following text into the notepad document:
    Windows Registry Editor Version 5.00
    
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"
  • Click on File, then Save As...
  • Click on your Desktop as the save location, then in the file name box type: fix.reg
  • Click save and close the notepad document
  • Double-click the file fix.reg on your desktop
    note: if prompted by User Account Control, select Yes or Allow so the fix can continue
  • A message will appear about adding information into the registry, click Yes when prompted
  • A prompt should appear that the information was added successfully
    note: if not, please note the error message and post it in your next reply
  • Right-click on fix.reg and click Delete, then click Yes to confirm.

 

--------------

 

Please download Farbar Recovery Scan Tool and save it to your Desktop.

 

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

 

--------------

 

To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • FRST.txt
  • Addition.txt

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#8 Dquinte2

Dquinte2
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 22 March 2014 - 11:47 AM

Hi Toffee!!

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Dan (administrator) on DAN-PC on 22-03-2014 12:42:39
Running from C:\Users\Dan\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Webroot) C:\Program Files\Webroot\WRSA.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Curse) C:\Users\Dan\AppData\Local\Apps\2.0\VEEC1Y8V.MDZ\ZJY97RE1.Y71\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MsoSync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Conceiva Pty. Ltd.) C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\ehome\mcupdate.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\eHome\EhTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ehome\ehRec.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [3832064 2009-09-12] (O&O Software GmbH)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [XFast LAN] - C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Syncios device service] - C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [578048 2013-07-12] ()
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [WRSVC] - C:\Program Files\Webroot\WRSA.exe [763000 2014-03-18] (Webroot)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [zASRockInstantBoot] - [X]
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [uTorrent] - C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe [904272 2013-11-30] (BitTorrent Inc.)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-03-10] (Electronic Arts)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20924064 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\MountPoints2: {e0033211-0643-11e3-8af5-bc5ff41ccbde} - F:\setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs-x32:  c:\progra~2\sw30e4~1.boo => "c:\progra~2\sw30e4~1.boo" File Not Found
Startup: C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
 
==================== Internet (Whitelisted) ====================
 
ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x28391B946199CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKCU - {480DEBEE-D5BE-4FC3-98BD-D6986483346A} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: safoeweb - {6392F5A3-4A4D-3F49-3C88-B92E35EF5D72} - C:\Program Files (x86)\safoeweb\fx0JkM7XBi.x64.dll ()
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: SNT - {C2F64206-F231-3110-DF86-F3EEE1D7E159} - C:\Program Files (x86)\SNT\MI0W.x64.dll No File
BHO: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
BHO: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: YoutubeAdblocker - {DE6AE88A-F854-3239-578D-86AC0C35FBB8} - C:\Program Files (x86)\YoutubeAdblocker\en5Fn.x64.dll No File
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
BHO-x32: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (Adblock Plus) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-06]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-02-01]
CHR Extension: (Falcon Proxy) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchhimlnjdafdlkojbffdkogjhhkdepf [2014-03-15]
CHR Extension: (SNT) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gljogenjojkblmjnpmhlncfdflmdiang [2014-03-15]
CHR Extension: (Webroot Filtering Extension) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-03-19]
CHR Extension: (saFFeweb) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdjlnbfjlhnoieloncmbcgilfkajchdc [2014-03-15]
CHR Extension: (Google Wallet) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Webroot Password Manager) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab [2014-03-19]
CHR Extension: (YoutubeAdblocker) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pifhnlmnkmfpmijbhcndichhobppeipl [2014-03-15]
CHR HKCU\...\Chrome\Extension: [alhkhciaeadgoondadnppeinickmmndo] - C:\Users\Dan\AppData\Local\CRE\alhkhciaeadgoondadnppeinickmmndo.crx [2013-11-03]
CHR HKCU\...\Chrome\Extension: [oiffmnkajgkhjjchngmajlomfdhfjdma] - C:\Users\Dan\AppData\Local\CRE\oiffmnkajgkhjjchngmajlomfdhfjdma.crx [2013-11-02]
CHR HKLM-x32\...\Chrome\Extension: [alhkhciaeadgoondadnppeinickmmndo] - C:\Users\Dan\AppData\Local\CRE\alhkhciaeadgoondadnppeinickmmndo.crx [2013-11-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.32.crx [2014-03-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
CHR HKLM-x32\...\Chrome\Extension: [oiffmnkajgkhjjchngmajlomfdhfjdma] - C:\Users\Dan\AppData\Local\CRE\oiffmnkajgkhjjchngmajlomfdhfjdma.crx [2013-11-02]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2014-03-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-12-09] (Freemake)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Mezzmo; C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe [3925800 2013-09-14] (Conceiva Pty. Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
R2 O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2287360 2009-09-12] (O&O Software GmbH)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [763000 2014-03-18] (Webroot)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [303360 2011-12-07] ()
S2 1a34a8e0; "C:\Windows\system32\rundll32.exe" "c:\progra~2\SWSvc.dll",service
S2 25e4f9bf; "C:\Windows\system32\rundll32.exe" "c:\progra~3\webtect\WebTectSvc.dll",service
 
==================== Drivers (Whitelisted) ====================
 
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2013-11-03] (Echobit, LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-08-14] ()
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [113664 2014-03-18] (Webroot)
U3 az0u1d7p; C:\Windows\System32\Drivers\az0u1d7p.sys [0 ] (Microsoft Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-22 12:42 - 2014-03-22 12:43 - 00019583 _____ () C:\Users\Dan\Downloads\FRST.txt
2014-03-22 12:42 - 2014-03-22 12:42 - 00000000 ____D () C:\FRST
2014-03-22 12:41 - 2014-03-22 12:42 - 02157056 _____ (Farbar) C:\Users\Dan\Downloads\FRST64.exe
2014-03-22 12:41 - 2014-03-22 12:41 - 00294568 _____ (VLCPlayer) C:\Users\Dan\Downloads\Software_Update__CD5MTCD4349_e9200236-2219-424b-8c20-8e981f2bc976_v4ISNMVD7HS7V8EA0S2501DUHP_0_0_0.exe
2014-03-20 22:26 - 2014-03-20 22:27 - 00831962 _____ () C:\Users\Dan\Downloads\powerpoint for presentation.pptx
2014-03-20 17:09 - 2014-03-20 17:09 - 00001666 _____ () C:\Users\Dan\Downloads\SystemLook.txt
2014-03-20 17:08 - 2014-03-20 17:08 - 00165376 _____ () C:\Users\Dan\Downloads\SystemLook_x64.exe
2014-03-20 13:17 - 2014-03-20 13:17 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-20 13:17 - 2014-03-20 13:17 - 00000000 ____D () C:\Users\Dan\AppData\Local\Skype
2014-03-20 13:05 - 2014-03-20 13:11 - 00000000 ____D () C:\AdwCleaner
2014-03-20 13:05 - 2014-03-20 13:05 - 01950720 _____ () C:\Users\Dan\Downloads\AdwCleaner.exe
2014-03-19 12:11 - 2014-03-19 12:12 - 00000000 ____D () C:\Users\Dan\Desktop\logss
2014-03-19 12:11 - 2014-03-19 12:11 - 00027323 _____ () C:\Users\Dan\Desktop\dds.txt
2014-03-19 12:11 - 2014-03-19 12:11 - 00012725 _____ () C:\Users\Dan\Desktop\attach.txt
2014-03-19 12:09 - 2014-03-19 12:09 - 00688992 ____R (Swearware) C:\Users\Dan\Downloads\dds.com
2014-03-19 12:01 - 2014-03-19 12:01 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-18 23:00 - 2014-03-18 23:00 - 00001075 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Malwarebytes
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-18 23:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-18 22:59 - 2014-03-18 23:01 - 00000000 ____D () C:\Users\Dan\Downloads\Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD
2014-03-18 22:59 - 2014-03-18 22:59 - 00000354 _____ () C:\Users\Dan\Downloads\Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD [IPT].torrent
2014-03-18 22:58 - 2014-03-18 22:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dan\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-18 22:56 - 2014-03-18 22:58 - 296354328 _____ () C:\Users\Dan\Downloads\SEP_12_1_RU2_64bit.exe
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (3).1_RU2_(64bit).torrent
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (2).1_RU2_(64bit)
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (1).1_RU2_(64bit)
2014-03-18 22:55 - 2014-03-18 22:55 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12.1_RU2_(64bit)
2014-03-18 22:32 - 2014-03-18 22:32 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack (2).torrent
2014-03-18 22:32 - 2014-03-18 22:32 - 00000000 ____D () C:\Users\Dan\Downloads\Webroot SecureAnywhere Complete 2013 [KaranPc]
2014-03-18 22:31 - 2014-03-18 22:31 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack (1).torrent
2014-03-18 22:10 - 2014-03-22 12:42 - 00000000 ____D () C:\ProgramData\WRData
2014-03-18 22:10 - 2014-03-19 10:13 - 00000000 ____D () C:\Users\Dan\AppData\Local\lptmp1890866352
2014-03-18 22:10 - 2014-03-18 22:10 - 00152744 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2014-03-18 22:10 - 2014-03-18 22:10 - 00113664 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2014-03-18 22:10 - 2014-03-18 22:10 - 00103816 _____ (Webroot) C:\Windows\system32\WRusr.dll
2014-03-18 22:10 - 2014-03-18 22:10 - 00000000 ____D () C:\Program Files\Webroot
2014-03-18 22:06 - 2014-03-18 22:06 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack.torrent
2014-03-18 21:14 - 2014-03-18 21:14 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-03-18 16:58 - 2014-03-18 16:58 - 00000000 ____D () C:\Users\Dan\Desktop\Tor Browser
2014-03-18 16:57 - 2014-03-18 16:58 - 22892386 _____ () C:\Users\Dan\Downloads\torbrowser-install-3.5.2.1_en-US.exe
2014-03-17 15:10 - 2014-03-17 15:10 - 01075264 _____ (OR Interactive Ltd) C:\Users\Dan\Downloads\IDM2.exe
2014-03-15 13:22 - 2013-07-12 20:34 - 00000488 _____ () C:\Users\Dan\Desktop\com.telltalegames.walkingdead100.plist
2014-03-15 13:21 - 2014-03-15 13:21 - 00000850 _____ () C:\Users\Dan\Desktop\ipa01348_Hack.rar
2014-03-15 13:21 - 2013-07-12 20:36 - 00000692 _____ () C:\Users\Dan\Desktop\[Hack] Walking Dead The Game.rar
2014-03-15 13:20 - 2014-03-22 12:33 - 00000432 ____H () C:\Windows\Tasks\SW.Booster-S-571884386.job
2014-03-15 13:20 - 2014-03-15 13:21 - 00000000 ____D () C:\ProgramData\SnowApp
2014-03-15 13:20 - 2014-03-15 13:21 - 00000000 ____D () C:\ProgramData\2b987117163ab168
2014-03-15 13:20 - 2014-03-15 13:20 - 04210176 _____ () C:\Program Files (x86)\SW_x64.Booster
2014-03-15 13:20 - 2014-03-15 13:20 - 00002678 _____ () C:\Windows\System32\Tasks\SW.Booster-S-571884386
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Dan\AppData\Local\Packages
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Dan\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\ProgramData\safoeweb
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Program Files (x86)\safoeweb
2014-03-15 13:19 - 2014-03-15 13:21 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-15 13:19 - 2014-03-15 13:19 - 00341792 _____ (SnowApp) C:\Users\Dan\Downloads\Download_Manager-ipa01348_Hack.rar.exe
2014-03-15 02:03 - 2014-03-15 02:06 - 67135709 _____ () C:\Users\Dan\Downloads\metal_slug_x.ipa
2014-03-14 22:01 - 2014-03-14 22:01 - 00000239 _____ () C:\Users\Dan\Desktop\Hotel.txt
2014-03-14 17:26 - 2014-03-14 17:26 - 00000000 ____D () C:\Users\Dan\Desktop\New folder
2014-03-14 17:24 - 2014-03-14 17:24 - 00000379 _____ () C:\Users\Dan\Downloads\TWD2.zip
2014-03-14 17:19 - 2014-03-14 17:19 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-03-14 17:18 - 2014-03-14 17:18 - 00376256 _____ () C:\Users\Dan\Downloads\7zip.exe
2014-03-14 16:51 - 2014-03-15 13:29 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\iFunbox_UserCache
2014-03-14 16:51 - 2014-03-14 16:51 - 00001022 _____ () C:\Users\Public\Desktop\iFunbox.lnk
2014-03-14 16:51 - 2014-03-14 16:51 - 00000000 ____D () C:\Program Files (x86)\i-Funbox DevTeam
2014-03-14 16:49 - 2014-03-14 16:55 - 524460180 _____ () C:\Users\Dan\Downloads\walking_dead_the_game_season_2.ipa
2014-03-14 16:49 - 2014-03-14 16:49 - 15043804 _____ ( ) C:\Users\Dan\Downloads\ifunbox_setup.exe
2014-03-12 23:06 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 23:06 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 23:06 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 23:06 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 23:06 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 23:06 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 23:06 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 23:06 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 23:06 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 23:06 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 23:06 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 23:06 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 23:06 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 23:06 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 23:06 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 23:06 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 23:06 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 23:06 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 23:06 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 23:06 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 23:06 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 23:06 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 23:06 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 23:06 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 23:06 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 23:06 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 23:06 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 23:06 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 23:06 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 23:06 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 23:06 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 23:06 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 23:06 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 23:06 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 23:06 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 23:06 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 23:06 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 23:06 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 23:06 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 23:06 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 23:06 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 23:06 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 23:06 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 23:06 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 23:04 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 23:04 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 23:04 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 23:04 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-11 17:04 - 2014-03-11 17:04 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-11 12:49 - 2014-03-04 07:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-11 12:46 - 2014-03-04 10:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-11 12:46 - 2014-03-04 10:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-11 01:33 - 2014-03-11 01:33 - 00000000 ____D () C:\Users\Dan\Documents\Respawn
2014-03-11 01:05 - 2014-03-11 01:05 - 00001144 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-03-10 21:41 - 2014-03-10 21:56 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-10 21:39 - 2014-03-11 12:27 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Origin
2014-03-10 21:39 - 2014-03-11 01:33 - 00000000 ____D () C:\Users\Dan\AppData\Local\Origin
2014-03-10 21:36 - 2014-03-22 12:37 - 00000000 ____D () C:\ProgramData\Origin
2014-03-10 21:36 - 2014-03-22 12:34 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-10 21:36 - 2014-03-11 01:33 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-03-10 21:36 - 2014-03-10 21:36 - 00000945 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-03-10 21:33 - 2014-03-10 21:34 - 17009704 _____ (Electronic Arts, Inc.) C:\Users\Dan\Downloads\OriginThinSetup.exe
2014-03-10 14:56 - 2014-03-10 11:54 - 00000025 ____N () C:\Users\Dan\Desktop\ATT00004
2014-03-10 14:56 - 2014-03-10 11:54 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00003
2014-03-10 14:56 - 2014-03-10 11:54 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00002
2014-03-10 14:56 - 2014-03-10 11:54 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00001
2014-03-10 14:54 - 2014-03-10 14:54 - 08936675 _____ () C:\Users\Dan\Desktop\Outlook (1).zip
2014-03-10 01:30 - 2014-03-10 01:31 - 00018218 _____ () C:\Users\Dan\Downloads\True.Detective.S01E08.HDTV.XviD-EVO [IPT].torrent
2014-03-07 20:34 - 2014-03-07 20:34 - 00016832 _____ () C:\Users\Dan\Downloads\Knights of Badassdom 1080p WEBRip - BLiTZCRiEG.torrent
2014-03-07 19:39 - 2014-03-07 19:39 - 00041673 _____ () C:\Users\Dan\Downloads\7E8DE931C0C54EB96523C698F5D030894561B404.torrent
2014-03-07 19:39 - 2014-03-07 19:39 - 00025493 _____ () C:\Users\Dan\Downloads\42DBE12D91EFBC1396292F521B5655091DAEC399.torrent
2014-03-07 19:18 - 2014-03-07 19:18 - 00028853 _____ () C:\Users\Dan\Downloads\D7A9AD75F0FC10C92F3CC8186888617A059E0411.torrent
2014-03-07 19:17 - 2014-03-07 19:36 - 00000000 ____D () C:\Users\Dan\Downloads\Delivery Man (2013) 720p BluRay + Subtitles [GlowGaze.Com]
2014-03-07 19:15 - 2014-03-07 19:15 - 00322272 _____ (HostIt) C:\Users\Dan\Downloads\Delivery Man (2013) 720p BluRay.exe
2014-03-07 19:15 - 2014-03-07 19:15 - 00024836 _____ () C:\Users\Dan\Downloads\67EC9A7B5A839F8C085DC0CDD2B7094B3F75D3B0.torrent
2014-03-07 16:19 - 2014-03-07 16:19 - 00000006 _____ () C:\Users\Dan\Desktop\Confirmation.txt
2014-03-07 15:04 - 2014-03-07 15:04 - 00002061 _____ () C:\Users\Dan\Desktop\Classicshapewear.txt
2014-03-07 15:04 - 2014-03-07 15:04 - 00000000 _____ () C:\Users\Dan\Desktop\New Text Document.txt
2014-03-07 13:14 - 2014-03-07 13:14 - 00001020 _____ () C:\Users\Public\Desktop\Southpark Stick of Truth.lnk
2014-03-07 13:05 - 2014-03-07 13:20 - 00000000 ____D () C:\Program Files (x86)\Southpark Stick of Truth
2014-03-07 04:16 - 2014-03-07 04:16 - 00091040 _____ () C:\Users\Dan\Downloads\Southpark.Stick.Of.Truth-RELOADED.torrent
2014-02-28 22:32 - 2014-02-28 22:32 - 00015788 _____ () C:\Users\Dan\Downloads\Addendum A Daniel Quintero.odt
2014-02-27 23:48 - 2014-02-27 23:51 - 00000000 ____D () C:\Users\Dan\Desktop\New River Invoices
2014-02-27 23:45 - 2014-02-27 23:45 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-25 00:57 - 2014-02-25 00:57 - 37422682 _____ () C:\Users\Dan\Downloads\Tchaikovsky Violin Concerto.m4a
2014-02-24 22:40 - 2014-02-24 22:40 - 89261384 _____ () C:\Users\Dan\Downloads\Scheherazade.m4a
2014-02-24 02:18 - 2014-02-22 23:14 - 19083278 _____ () C:\Users\Dan\Desktop\evasi0n7.exe
2014-02-24 02:15 - 2014-02-24 02:15 - 16620912 _____ () C:\Users\Dan\Downloads\evasi0n7-win-1.0.6-01f65fec4d42d76b3f35eda49f7450b2cfa88ff7.zip
2014-02-24 00:09 - 2014-02-24 00:09 - 00057682 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E11.720p.HDTV.x264-2HD.torrent
2014-02-24 00:07 - 2014-02-24 00:07 - 00057251 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E10.720p.HDTV.x264-REMARKABLE.torrent
2014-02-24 00:07 - 2014-02-24 00:07 - 00040886 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E11.HDTV.x264-2HD.torrent
2014-02-23 17:50 - 2014-02-23 17:50 - 00007642 _____ () C:\Users\Dan\AppData\Local\Resmon.ResmonCfg
2014-02-21 23:30 - 2014-02-21 23:30 - 00012656 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E08.HDTV.x264-2HD._www.ENGSUB.NET.zip
2014-02-21 23:29 - 2014-02-21 23:29 - 00011734 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E07.HDTV.x264-ASAP._www.ENGSUB.NET.zip
2014-02-21 23:28 - 2014-02-21 23:28 - 00009985 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E06.HDTV.x264-2HD._www.ENGSUB.NET.zip
2014-02-21 23:27 - 2014-02-21 23:27 - 00009636 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E05.Internment.-WEB-DL._www.ENGSUB.NET.zip
2014-02-21 23:27 - 2014-02-21 23:27 - 00000212 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E05.HDTV.x264-2HD._www.ENGSUB.NET.zip
2014-02-21 23:26 - 2014-02-21 23:26 - 00015500 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E04.HDTV.x264-2HD._www.ENGSUB.NET.zip
2014-02-21 23:26 - 2014-02-21 23:26 - 00015500 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E04.HDTV.x264-2HD._www.ENGSUB.NET (1).zip
2014-02-21 23:25 - 2014-02-21 23:25 - 00012281 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E03.HDTV.x264-KILLERS._www.ENGSUB.NET.zip
2014-02-21 23:24 - 2014-02-21 23:24 - 00011101 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E02.HDTV.x264-2HD._www.ENGSUB.NET.zip
2014-02-21 23:23 - 2014-02-21 23:23 - 00012265 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E01.480p.HDTV.x264-mSD._www.ENGSUB.NET.zip
2014-02-21 23:22 - 2014-02-21 23:22 - 00012849 _____ () C:\Users\Dan\Downloads\5fa88a99a161d8f637e825f4a43ae0183604b146.zip
2014-02-21 23:15 - 2014-02-21 23:15 - 00022763 _____ () C:\Users\Dan\Downloads\The Walking Dead - 04x01 - 30 Days Without An Accident.HDTV.XviD-FUM.Croatian.orig.Addic7ed.com.srt
2014-02-21 13:48 - 2014-02-21 13:48 - 00018021 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E01.E08.1080p.WEB-DL.DD5.1.H.264-MiXED [IPT].torrent
 
==================== One Month Modified Files and Folders =======
 
2014-03-22 12:43 - 2014-03-22 12:42 - 00019583 _____ () C:\Users\Dan\Downloads\FRST.txt
2014-03-22 12:42 - 2014-03-22 12:42 - 00000000 ____D () C:\FRST
2014-03-22 12:42 - 2014-03-22 12:41 - 02157056 _____ (Farbar) C:\Users\Dan\Downloads\FRST64.exe
2014-03-22 12:42 - 2014-03-18 22:10 - 00000000 ____D () C:\ProgramData\WRData
2014-03-22 12:41 - 2014-03-22 12:41 - 00294568 _____ (VLCPlayer) C:\Users\Dan\Downloads\Software_Update__CD5MTCD4349_e9200236-2219-424b-8c20-8e981f2bc976_v4ISNMVD7HS7V8EA0S2501DUHP_0_0_0.exe
2014-03-22 12:41 - 2014-01-08 19:07 - 00004942 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Dan-PC-Dan Dan-PC
2014-03-22 12:41 - 2013-08-14 20:05 - 01780903 _____ () C:\Windows\WindowsUpdate.log
2014-03-22 12:37 - 2014-03-10 21:36 - 00000000 ____D () C:\ProgramData\Origin
2014-03-22 12:37 - 2013-08-16 13:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-22 12:37 - 2013-08-14 22:52 - 00000000 ____D () C:\Users\Dan\AppData\Local\Deployment
2014-03-22 12:36 - 2013-11-04 23:22 - 00000000 ____D () C:\Users\Dan\AppData\Local\LogMeIn Hamachi
2014-03-22 12:36 - 2013-09-23 22:01 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Skype
2014-03-22 12:36 - 2013-08-25 22:05 - 00000043 _____ () C:\Windows\MezzmoMediaServer.INI
2014-03-22 12:36 - 2009-07-14 00:51 - 00070777 _____ () C:\Windows\setupact.log
2014-03-22 12:35 - 2013-08-16 02:27 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\uTorrent
2014-03-22 12:34 - 2014-03-10 21:36 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-22 12:34 - 2013-08-14 22:53 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-22 12:33 - 2014-03-15 13:20 - 00000432 ____H () C:\Windows\Tasks\SW.Booster-S-571884386.job
2014-03-22 12:33 - 2013-08-15 16:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-22 12:33 - 2013-08-14 22:55 - 00274340 _____ () C:\Windows\system32\oodbs.lor
2014-03-22 12:33 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-22 02:04 - 2013-11-03 19:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-22 02:00 - 2013-08-18 18:56 - 00000000 ____D () C:\Users\Dan\AppData\Local\Adobe
2014-03-22 02:00 - 2013-08-14 22:53 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-22 01:22 - 2013-08-15 02:25 - 00000000 ____D () C:\Program Files (x86)\Heroes of Newerth
2014-03-22 01:20 - 2013-10-06 17:28 - 00000000 ____D () C:\Users\Dan\AppData\Local\Battle.net
2014-03-21 15:47 - 2014-02-19 01:52 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 22:27 - 2014-03-20 22:26 - 00831962 _____ () C:\Users\Dan\Downloads\powerpoint for presentation.pptx
2014-03-20 17:09 - 2014-03-20 17:09 - 00001666 _____ () C:\Users\Dan\Downloads\SystemLook.txt
2014-03-20 17:08 - 2014-03-20 17:08 - 00165376 _____ () C:\Users\Dan\Downloads\SystemLook_x64.exe
2014-03-20 13:23 - 2009-07-14 00:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-20 13:23 - 2009-07-14 00:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-20 13:17 - 2014-03-20 13:17 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-20 13:17 - 2014-03-20 13:17 - 00000000 ____D () C:\Users\Dan\AppData\Local\Skype
2014-03-20 13:17 - 2013-09-23 22:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-20 13:17 - 2013-09-23 22:01 - 00000000 ____D () C:\ProgramData\Skype
2014-03-20 13:11 - 2014-03-20 13:05 - 00000000 ____D () C:\AdwCleaner
2014-03-20 13:05 - 2014-03-20 13:05 - 01950720 _____ () C:\Users\Dan\Downloads\AdwCleaner.exe
2014-03-19 12:12 - 2014-03-19 12:11 - 00000000 ____D () C:\Users\Dan\Desktop\logss
2014-03-19 12:11 - 2014-03-19 12:11 - 00027323 _____ () C:\Users\Dan\Desktop\dds.txt
2014-03-19 12:11 - 2014-03-19 12:11 - 00012725 _____ () C:\Users\Dan\Desktop\attach.txt
2014-03-19 12:09 - 2014-03-19 12:09 - 00688992 ____R (Swearware) C:\Users\Dan\Downloads\dds.com
2014-03-19 12:01 - 2014-03-19 12:01 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-19 12:01 - 2013-11-03 19:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-19 12:01 - 2013-11-03 19:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-19 12:01 - 2013-11-03 19:22 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-19 11:36 - 2013-08-14 22:24 - 00000000 ____D () C:\Users\Dan
2014-03-19 11:36 - 2010-11-20 23:47 - 00226542 _____ () C:\Windows\PFRO.log
2014-03-19 10:13 - 2014-03-18 22:10 - 00000000 ____D () C:\Users\Dan\AppData\Local\lptmp1890866352
2014-03-19 10:11 - 2013-09-07 20:11 - 00000000 ____D () C:\Windows\AutoKMS
2014-03-18 23:01 - 2014-03-18 22:59 - 00000000 ____D () C:\Users\Dan\Downloads\Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD
2014-03-18 23:00 - 2014-03-18 23:00 - 00001075 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Malwarebytes
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-18 22:59 - 2014-03-18 22:59 - 00000354 _____ () C:\Users\Dan\Downloads\Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD [IPT].torrent
2014-03-18 22:59 - 2014-03-18 22:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dan\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-18 22:58 - 2014-03-18 22:56 - 296354328 _____ () C:\Users\Dan\Downloads\SEP_12_1_RU2_64bit.exe
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (3).1_RU2_(64bit).torrent
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (2).1_RU2_(64bit)
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (1).1_RU2_(64bit)
2014-03-18 22:55 - 2014-03-18 22:55 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12.1_RU2_(64bit)
2014-03-18 22:32 - 2014-03-18 22:32 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack (2).torrent
2014-03-18 22:32 - 2014-03-18 22:32 - 00000000 ____D () C:\Users\Dan\Downloads\Webroot SecureAnywhere Complete 2013 [KaranPc]
2014-03-18 22:31 - 2014-03-18 22:31 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack (1).torrent
2014-03-18 22:10 - 2014-03-18 22:10 - 00152744 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2014-03-18 22:10 - 2014-03-18 22:10 - 00113664 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2014-03-18 22:10 - 2014-03-18 22:10 - 00103816 _____ (Webroot) C:\Windows\system32\WRusr.dll
2014-03-18 22:10 - 2014-03-18 22:10 - 00000000 ____D () C:\Program Files\Webroot
2014-03-18 22:06 - 2014-03-18 22:06 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack.torrent
2014-03-18 21:14 - 2014-03-18 21:14 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-03-18 16:58 - 2014-03-18 16:58 - 00000000 ____D () C:\Users\Dan\Desktop\Tor Browser
2014-03-18 16:58 - 2014-03-18 16:57 - 22892386 _____ () C:\Users\Dan\Downloads\torbrowser-install-3.5.2.1_en-US.exe
2014-03-18 16:38 - 2013-09-07 19:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-17 15:10 - 2014-03-17 15:10 - 01075264 _____ (OR Interactive Ltd) C:\Users\Dan\Downloads\IDM2.exe
2014-03-15 13:29 - 2014-03-14 16:51 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\iFunbox_UserCache
2014-03-15 13:21 - 2014-03-15 13:21 - 00000850 _____ () C:\Users\Dan\Desktop\ipa01348_Hack.rar
2014-03-15 13:21 - 2014-03-15 13:20 - 00000000 ____D () C:\ProgramData\SnowApp
2014-03-15 13:21 - 2014-03-15 13:20 - 00000000 ____D () C:\ProgramData\2b987117163ab168
2014-03-15 13:21 - 2014-03-15 13:19 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-15 13:20 - 2014-03-15 13:20 - 04210176 _____ () C:\Program Files (x86)\SW_x64.Booster
2014-03-15 13:20 - 2014-03-15 13:20 - 00002678 _____ () C:\Windows\System32\Tasks\SW.Booster-S-571884386
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Dan\AppData\Local\Packages
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Dan\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\ProgramData\safoeweb
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Program Files (x86)\safoeweb
2014-03-15 13:20 - 2013-08-14 22:53 - 00000000 ____D () C:\Users\Dan\AppData\Local\Google
2014-03-15 13:19 - 2014-03-15 13:19 - 00341792 _____ (SnowApp) C:\Users\Dan\Downloads\Download_Manager-ipa01348_Hack.rar.exe
2014-03-15 13:06 - 2013-08-14 22:53 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-15 02:06 - 2014-03-15 02:03 - 67135709 _____ () C:\Users\Dan\Downloads\metal_slug_x.ipa
2014-03-14 22:01 - 2014-03-14 22:01 - 00000239 _____ () C:\Users\Dan\Desktop\Hotel.txt
2014-03-14 17:26 - 2014-03-14 17:26 - 00000000 ____D () C:\Users\Dan\Desktop\New folder
2014-03-14 17:24 - 2014-03-14 17:24 - 00000379 _____ () C:\Users\Dan\Downloads\TWD2.zip
2014-03-14 17:19 - 2014-03-14 17:19 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-03-14 17:18 - 2014-03-14 17:18 - 00376256 _____ () C:\Users\Dan\Downloads\7zip.exe
2014-03-14 16:55 - 2014-03-14 16:49 - 524460180 _____ () C:\Users\Dan\Downloads\walking_dead_the_game_season_2.ipa
2014-03-14 16:51 - 2014-03-14 16:51 - 00001022 _____ () C:\Users\Public\Desktop\iFunbox.lnk
2014-03-14 16:51 - 2014-03-14 16:51 - 00000000 ____D () C:\Program Files (x86)\i-Funbox DevTeam
2014-03-14 16:49 - 2014-03-14 16:49 - 15043804 _____ ( ) C:\Users\Dan\Downloads\ifunbox_setup.exe
2014-03-13 20:06 - 2013-10-21 22:07 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-13 12:24 - 2009-07-14 01:13 - 00786558 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-13 12:22 - 2009-07-14 00:45 - 05018064 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 12:17 - 2013-08-22 00:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 12:17 - 2013-08-22 00:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 12:00 - 2009-07-13 22:34 - 00000478 _____ () C:\Windows\win.ini
2014-03-12 12:02 - 2014-01-29 16:43 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-03-11 19:48 - 2013-10-16 21:10 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-03-11 17:04 - 2014-03-11 17:04 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-11 12:49 - 2013-08-14 22:51 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-11 12:38 - 2014-02-14 12:53 - 00000000 ____D () C:\Users\Dan\AppData\Local\NVIDIA
2014-03-11 12:27 - 2014-03-10 21:39 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Origin
2014-03-11 01:33 - 2014-03-11 01:33 - 00000000 ____D () C:\Users\Dan\Documents\Respawn
2014-03-11 01:33 - 2014-03-10 21:39 - 00000000 ____D () C:\Users\Dan\AppData\Local\Origin
2014-03-11 01:33 - 2014-03-10 21:36 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-03-11 01:05 - 2014-03-11 01:05 - 00001144 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-03-11 00:14 - 2013-08-14 23:13 - 00116253 _____ () C:\Windows\DirectX.log
2014-03-10 21:56 - 2014-03-10 21:41 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-10 21:36 - 2014-03-10 21:36 - 00000945 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-03-10 21:36 - 2014-01-10 18:07 - 00000000 ____D () C:\Users\Dan\Desktop\Whatbox
2014-03-10 21:34 - 2014-03-10 21:33 - 17009704 _____ (Electronic Arts, Inc.) C:\Users\Dan\Downloads\OriginThinSetup.exe
2014-03-10 14:57 - 2013-12-08 01:06 - 00002246 _____ () C:\Users\Dan\Desktop\AC4BFSP.exe - Shortcut.lnk
2014-03-10 14:54 - 2014-03-10 14:54 - 08936675 _____ () C:\Users\Dan\Desktop\Outlook (1).zip
2014-03-10 11:54 - 2014-03-10 14:56 - 00000025 ____N () C:\Users\Dan\Desktop\ATT00004
2014-03-10 11:54 - 2014-03-10 14:56 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00003
2014-03-10 11:54 - 2014-03-10 14:56 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00002
2014-03-10 11:54 - 2014-03-10 14:56 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00001
2014-03-10 02:35 - 2013-09-08 23:56 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\vlc
2014-03-10 01:31 - 2014-03-10 01:30 - 00018218 _____ () C:\Users\Dan\Downloads\True.Detective.S01E08.HDTV.XviD-EVO [IPT].torrent
2014-03-07 20:34 - 2014-03-07 20:34 - 00016832 _____ () C:\Users\Dan\Downloads\Knights of Badassdom 1080p WEBRip - BLiTZCRiEG.torrent
2014-03-07 19:39 - 2014-03-07 19:39 - 00041673 _____ () C:\Users\Dan\Downloads\7E8DE931C0C54EB96523C698F5D030894561B404.torrent
2014-03-07 19:39 - 2014-03-07 19:39 - 00025493 _____ () C:\Users\Dan\Downloads\42DBE12D91EFBC1396292F521B5655091DAEC399.torrent
2014-03-07 19:36 - 2014-03-07 19:17 - 00000000 ____D () C:\Users\Dan\Downloads\Delivery Man (2013) 720p BluRay + Subtitles [GlowGaze.Com]
2014-03-07 19:18 - 2014-03-07 19:18 - 00028853 _____ () C:\Users\Dan\Downloads\D7A9AD75F0FC10C92F3CC8186888617A059E0411.torrent
2014-03-07 19:15 - 2014-03-07 19:15 - 00322272 _____ (HostIt) C:\Users\Dan\Downloads\Delivery Man (2013) 720p BluRay.exe
2014-03-07 19:15 - 2014-03-07 19:15 - 00024836 _____ () C:\Users\Dan\Downloads\67EC9A7B5A839F8C085DC0CDD2B7094B3F75D3B0.torrent
2014-03-07 16:19 - 2014-03-07 16:19 - 00000006 _____ () C:\Users\Dan\Desktop\Confirmation.txt
2014-03-07 15:04 - 2014-03-07 15:04 - 00002061 _____ () C:\Users\Dan\Desktop\Classicshapewear.txt
2014-03-07 15:04 - 2014-03-07 15:04 - 00000000 _____ () C:\Users\Dan\Desktop\New Text Document.txt
2014-03-07 13:20 - 2014-03-07 13:05 - 00000000 ____D () C:\Program Files (x86)\Southpark Stick of Truth
2014-03-07 13:20 - 2013-08-19 08:58 - 00000000 ____D () C:\Users\Dan\Documents\My Games
2014-03-07 13:14 - 2014-03-07 13:14 - 00001020 _____ () C:\Users\Public\Desktop\Southpark Stick of Truth.lnk
2014-03-07 04:16 - 2014-03-07 04:16 - 00091040 _____ () C:\Users\Dan\Downloads\Southpark.Stick.Of.Truth-RELOADED.torrent
2014-03-04 20:10 - 2013-08-30 22:15 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-03-04 10:35 - 2014-03-11 12:46 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 10:35 - 2014-03-11 12:46 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-04 10:35 - 2013-12-16 00:38 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 10:35 - 2013-08-15 16:04 - 00062408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-04 10:35 - 2013-08-15 16:04 - 00054216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 09:06 - 2013-08-15 16:04 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 09:06 - 2013-08-15 16:04 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 09:05 - 2013-08-15 16:04 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-04 09:05 - 2013-08-15 16:04 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 09:05 - 2013-08-15 16:04 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 09:05 - 2013-08-15 16:04 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-04 07:32 - 2014-03-11 12:49 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-01 13:21 - 2013-08-14 22:22 - 00778680 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-01 02:05 - 2014-03-12 23:06 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 01:17 - 2014-03-12 23:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 01:16 - 2014-03-12 23:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 00:58 - 2014-03-12 23:06 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 00:52 - 2014-03-12 23:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 00:51 - 2014-03-12 23:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 00:42 - 2014-03-12 23:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 00:40 - 2014-03-12 23:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 00:37 - 2014-03-12 23:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 00:33 - 2014-03-12 23:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 00:33 - 2014-03-12 23:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 00:32 - 2014-03-12 23:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 00:30 - 2014-03-12 23:06 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 00:23 - 2014-03-12 23:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 00:17 - 2014-03-12 23:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 00:11 - 2014-03-12 23:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 00:02 - 2014-03-12 23:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-28 23:54 - 2014-03-12 23:06 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-28 23:52 - 2014-03-12 23:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-28 23:51 - 2014-03-12 23:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-28 23:47 - 2014-03-12 23:06 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 23:43 - 2014-03-12 23:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-28 23:43 - 2014-03-12 23:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-28 23:42 - 2014-03-12 23:06 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-28 23:40 - 2014-03-12 23:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-28 23:38 - 2014-03-12 23:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 23:37 - 2014-03-12 23:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-28 23:35 - 2014-03-12 23:06 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-28 23:18 - 2014-03-12 23:06 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-28 23:16 - 2014-03-12 23:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-28 23:14 - 2014-03-12 23:06 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-12 23:06 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-12 23:06 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 23:00 - 2014-03-12 23:06 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 22:57 - 2014-03-12 23:06 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 22:38 - 2014-03-12 23:06 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-12 23:06 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 22:32 - 2014-02-28 22:32 - 00015788 _____ () C:\Users\Dan\Downloads\Addendum A Daniel Quintero.odt
2014-02-28 22:27 - 2014-03-12 23:06 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-12 23:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-12 23:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-27 23:51 - 2014-02-27 23:48 - 00000000 ____D () C:\Users\Dan\Desktop\New River Invoices
2014-02-27 23:45 - 2014-02-27 23:45 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-25 00:57 - 2014-02-25 00:57 - 37422682 _____ () C:\Users\Dan\Downloads\Tchaikovsky Violin Concerto.m4a
2014-02-24 22:40 - 2014-02-24 22:40 - 89261384 _____ () C:\Users\Dan\Downloads\Scheherazade.m4a
2014-02-24 02:15 - 2014-02-24 02:15 - 16620912 _____ () C:\Users\Dan\Downloads\evasi0n7-win-1.0.6-01f65fec4d42d76b3f35eda49f7450b2cfa88ff7.zip
2014-02-24 00:09 - 2014-02-24 00:09 - 00057682 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E11.720p.HDTV.x264-2HD.torrent
2014-02-24 00:07 - 2014-02-24 00:07 - 00057251 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E10.720p.HDTV.x264-REMARKABLE.torrent
2014-02-24 00:07 - 2014-02-24 00:07 - 00040886 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E11.HDTV.x264-2HD.torrent
2014-02-23 17:50 - 2014-02-23 17:50 - 00007642 _____ () C:\Users\Dan\AppData\Local\Resmon.ResmonCfg
2014-02-22 23:14 - 2014-02-24 02:18 - 19083278 _____ () C:\Users\Dan\Desktop\evasi0n7.exe
2014-02-21 23:30 - 2014-02-21 23:30 - 00012656 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E08.HDTV.x264-2HD._www.ENGSUB.NET.zip
2014-02-21 23:29 - 2014-02-21 23:29 - 00011734 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E07.HDTV.x264-ASAP._www.ENGSUB.NET.zip
2014-02-21 23:28 - 2014-02-21 23:28 - 00009985 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E06.HDTV.x264-2HD._www.ENGSUB.NET.zip
2014-02-21 23:27 - 2014-02-21 23:27 - 00009636 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E05.Internment.-WEB-DL._www.ENGSUB.NET.zip
2014-02-21 23:27 - 2014-02-21 23:27 - 00000212 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E05.HDTV.x264-2HD._www.ENGSUB.NET.zip
2014-02-21 23:26 - 2014-02-21 23:26 - 00015500 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E04.HDTV.x264-2HD._www.ENGSUB.NET.zip
2014-02-21 23:26 - 2014-02-21 23:26 - 00015500 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E04.HDTV.x264-2HD._www.ENGSUB.NET (1).zip
2014-02-21 23:25 - 2014-02-21 23:25 - 00012281 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E03.HDTV.x264-KILLERS._www.ENGSUB.NET.zip
2014-02-21 23:24 - 2014-02-21 23:24 - 00011101 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E02.HDTV.x264-2HD._www.ENGSUB.NET.zip
2014-02-21 23:23 - 2014-02-21 23:23 - 00012265 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E01.480p.HDTV.x264-mSD._www.ENGSUB.NET.zip
2014-02-21 23:22 - 2014-02-21 23:22 - 00012849 _____ () C:\Users\Dan\Downloads\5fa88a99a161d8f637e825f4a43ae0183604b146.zip
2014-02-21 23:15 - 2014-02-21 23:15 - 00022763 _____ () C:\Users\Dan\Downloads\The Walking Dead - 04x01 - 30 Days Without An Accident.HDTV.XviD-FUM.Croatian.orig.Addic7ed.com.srt
2014-02-21 13:48 - 2014-02-21 13:48 - 00018021 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E01.E08.1080p.WEB-DL.DD5.1.H.264-MiXED [IPT].torrent
 
Some content of TEMP:
====================
C:\Users\Dan\AppData\Local\Temp\7z.dll
C:\Users\Dan\AppData\Local\Temp\7z.exe
C:\Users\Dan\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Dan\AppData\Local\Temp\bassmod.dll
C:\Users\Dan\AppData\Local\Temp\bdbrowser_setup-19095018_608-4_6_0_36411-4430.exe
C:\Users\Dan\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Dan\AppData\Local\Temp\Bundle.exe
C:\Users\Dan\AppData\Local\Temp\conduitchecker.exe
C:\Users\Dan\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Dan\AppData\Local\Temp\FreemakeVideoConverter_4.1.2.1.exe
C:\Users\Dan\AppData\Local\Temp\Garritan_ARIA_Player.exe
C:\Users\Dan\AppData\Local\Temp\Garritan_Instruments_for_Finale.exe
C:\Users\Dan\AppData\Local\Temp\Installer.exe
C:\Users\Dan\AppData\Local\Temp\install_flash_player_11_plugin.exe
C:\Users\Dan\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\Dan\AppData\Local\Temp\MMFontSetup.exe
C:\Users\Dan\AppData\Local\Temp\nsa5657.exe
C:\Users\Dan\AppData\Local\Temp\nsbFC9.exe
C:\Users\Dan\AppData\Local\Temp\nsbFF04.exe
C:\Users\Dan\AppData\Local\Temp\nseBAD3.exe
C:\Users\Dan\AppData\Local\Temp\nskC072.exe
C:\Users\Dan\AppData\Local\Temp\nsl2F66.exe
C:\Users\Dan\AppData\Local\Temp\nsl33AD.exe
C:\Users\Dan\AppData\Local\Temp\nsu97D9.exe
C:\Users\Dan\AppData\Local\Temp\nsu9F2C.exe
C:\Users\Dan\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dan\AppData\Local\Temp\nvStInst.exe
C:\Users\Dan\AppData\Local\Temp\OnlineWeatherSetup.exe
C:\Users\Dan\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Dan\AppData\Local\Temp\ose00000.exe
C:\Users\Dan\AppData\Local\Temp\Quarantine.exe
C:\Users\Dan\AppData\Local\Temp\QuickShare1.exe
C:\Users\Dan\AppData\Local\Temp\SendMsg.dll
C:\Users\Dan\AppData\Local\Temp\setup__1811.exe
C:\Users\Dan\AppData\Local\Temp\SPStub.exe
C:\Users\Dan\AppData\Local\Temp\SRLDetectionLibrary5455906133374909923.dll
C:\Users\Dan\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Dan\AppData\Local\Temp\tbVisu.dll
C:\Users\Dan\AppData\Local\Temp\tbWhit.dll
C:\Users\Dan\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Dan\AppData\Local\Temp\utt3A0F.tmp.exe
C:\Users\Dan\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Dan\AppData\Local\Temp\vcredist_x86_2008_sp1.exe
C:\Users\Dan\AppData\Local\Temp\_is757B.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-20 00:20
 
==================== End Of Log ============================
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Dan at 2014-03-22 12:43:43
Running from C:\Users\Dan\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
«Amnesia. A Machine for Pigs» (HKLM-x32\...\«Amnesia. A Machine for Pigs»_is1) (Version:  - Frictional Games)
«Torchlight II»  1.0 (HKLM-x32\...\Torchlight II_is1) (Version: 1.0 - Runic Games, Inc.)
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.06 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARIA Engine v1.1.1.1 (HKLM\...\ARIA Engine_is1) (Version: v1.1.1.1 - Plogue Art et Technologie, Inc)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
ASRock InstantBoot v1.29 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Batman Arkham Origins (HKLM-x32\...\QmF0bWFuQXJraGFtT3JpZ2lucw==_is1) (Version: 1 - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlePing 1.3.2.3 (HKLM-x32\...\BattlePing) (Version: 1.3.2.3 - BattlePing)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Bruteforce Save Data (HKLM-x32\...\Bruteforce Save Data) (Version:  - )
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
CuteFTP 9 (HKLM-x32\...\{89B9E358-75C6-4C6B-BD38-803FF156CC4B}) (Version: 9.0.5 - Globalscape)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BED39C88-768C-4345-BF11-58436C984F2A}) (Version:  - Microsoft)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Finale 2012 (HKLM-x32\...\Finale 2012) (Version: 2012.a.r3.10 - MakeMusic)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Freemake Video Converter version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
iFunbox (v2.6.2375.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.6.2375.747 - )
Injustice: Gods Among Us Ultimate Edition (HKLM-x32\...\SW5qdXN0aWNlR29kc0Ftb25nVXNVbHRpbWF0ZUVkaXRpb24=_is1) (Version: 1 - )
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java™ 6 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416021FF}) (Version: 6.0.210 - Oracle)
Java™ 6 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
K-Lite Codec Pack 9.7.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.7.5 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
LogMeIn Ignition (HKLM-x32\...\{0A96A880-C07A-4CA8-A4D7-B4A48383C5EC}) (Version: 1.3.320 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
METAL GEAR RISING: REVENGEANCE (HKLM-x32\...\TUVUQUxHRUFSUklTSU5HUkVWRU5HRUFOQ0U=_is1) (Version: 1 - )
Mezzmo (HKCU\...\Mezzmo) (Version: 3.0.0.0 - Conceiva Pty. Ltd.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (x32 Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (x32 Version: 8.0.51011 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (x32 Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (x32 Version: 8.0.58299 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (x32 Version: 8.0.59193 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (x32 Version: 9.0.21022.218 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (x32 Version: 9.0.30411 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (x32 Version: 9.0.30729.4048 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (x32 Version: 9.0.30729.5570 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 False (x32 Version: 11.0.50727.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 False (x32 Version: 11.0.51106.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{01db25f3-1b76-4d97-88c8-1c90634d88fb}) (Version: 11.0.60610.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR)
NVIDIA 3D Vision Controller Driver 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{186D2CCE-DEFE-4188-AB44-62008E9BC3E0}) (Version: 12.0.197 - O&O Software GmbH)
OpenVPN 2.3.2-I003  (HKLM\...\OpenVPN) (Version: 2.3.2-I003 - )
Orcs Must Die 2 (HKLM-x32\...\Orcs Must Die 2) (Version: 1.0.0.362 - Jimbo)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Origin8 (x32 Version: 8.00.000 - OriginLab) Hidden
OriginPro 8 (HKLM-x32\...\{A912021A-FEDD-4DA3-8DB4-245EBDA84778}) (Version: 8.00.000 - OriginLab Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Papers, Please (HKLM-x32\...\GOGPACKPAPERSPLEASE_is1) (Version: 2.0.0.4 - GOG.com)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
PyMOL (32 bit) (HKLM-x32\...\{82B39CBA-144C-4D34-8C5D-31D2CAEC2AFB}) (Version: 1.3.0.0 - Schrodinger LLC)
ReaConverter 6.9 Standard (HKLM-x32\...\ReaConverter 6.9 Standard_is1) (Version:  - ReaSoft)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
safoeweb (HKLM-x32\...\{497C131E-2032-051B-B32A-C69A960FBB13}) (Version: 4.3.0.1667 - safeweb)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1838.1 - Hi-Rez Studios)
Snitch (HKLM-x32\...\{E31F7BC7-3CB1-4C73-9A9D-2D1343AD6E46}) (Version: 3.2.122 - Hyperdyne Software)
Southpark Stick of Truth (HKLM-x32\...\U291dGhwYXJrU3RpY2tvZlRydXRo_is1) (Version: 1 - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stick It To The Man! (HKLM-x32\...\Stick It To The Man!_is1) (Version:  - Ripstone)
Strife (HKLM-x32\...\strife) (Version: 0.0.1 - S2 Games)
Subtitle Edit 3.3.11 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.3.11.2285 - Nikse)
SW.Sustainer 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{1a34a8e0}) (Version:  - Certified Publisher)
Swish (HKLM\...\{39D4211F-5F78-4BF6-8D25-BF5E6E296EEF}) (Version: 0.7.3 - Alexander Lamaison)
Syncios version 2.1.3 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 2.1.3 - Anvsoft, Inc.)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Stanley Parable (HKLM-x32\...\The Stanley Parable_is1) (Version:  - )
The Walking Dead: Season 2 (HKLM-x32\...\VGhlV2Fsa2luZ0RlYWRTZWFzb24y_is1) (Version: 1 - )
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.0.3 - Electronic Arts)
Tom Clancy`s Splinter Cell® Blacklist™ (HKLM-x32\...\Tom Clancy`s Splinter Cell® Blacklist™_is1) (Version: 1.01 - R.G. Revenants)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.01 - Ubisoft)
Total War Rome 2 (HKLM-x32\...\Total War Rome 2_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
UCSF Chimera 1.8 (HKLM\...\UCSF Chimera 1.8_is1) (Version:  - University of California at San Francisco)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D5412C67-998B-4246-A668-AB522D9F63FE}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{614E655F-A0ED-435A-8E0C-A81EE4BA7BC7}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E759A69-FA72-4B3C-BE2F-D1194764D31E}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F8580E12-045B-471B-AF74-98C977347F4E}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{686A7FD7-2496-49C8-A0BE-D8A1CF1A32ED}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9406D70B-2D9C-4613-A75A-F35B66BA8AFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA390537-AA88-450F-A240-5FB4648A124A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C8D57F4A-0824-4043-89E7-3C6280B67A47}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AC4470FB-8011-4F16-B5D4-E0A34DE10C87}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{39E58ED8-B687-49BD-88F9-968563F51F8E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C809B1D6-BD31-4496-BCFE-4567E0854F5F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4FD8F672-3206-469C-B9F0-D6E72F7ACAB2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{856D47BC-036C-4692-8702-D6CCA8F428D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F33ABF6A-3007-47E8-8E38-506A18E54641}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B38036CB-BAF6-41D4-8810-FD016453ABB9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2A286156-257B-4528-9DB5-B4D4D53211BC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{92833C80-DC88-4A22-8630-407F810EF57B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{602346D6-8E2F-4B0E-820A-CD62AC5B0DC9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{00A8F3D3-B596-4E04-A180-C9EB4EC87762}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6EE51F51-57B1-4DC7-96C2-857DB7F0BE93}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0A90C645-3F9A-4CF9-BF62-2609602E3DAB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3A48DE63-607B-4FEA-A862-B52669C4433C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{A3C746D9-41B4-4C7E-BF60-0F8C50AD5A0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{EADF44E2-DD3F-4FAC-B17F-566956C06503}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF3798F3-F45C-44DA-83B7-229A9EBC9654}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{12087F1E-35F9-4620-9157-BD9C3CFFA2E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6FF949A3-1C3F-41C2-9464-933E885ECB53}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{52105DB7-F9D9-482C-8796-1461BBB69123}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2837C624-A972-43CF-BCE5-0AE2EFED72E3}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{538E777B-4508-4ABF-97E2-B93C1BF1CD77}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{538E777B-4508-4ABF-97E2-B93C1BF1CD77}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F16E7B82-23FE-4054-AB73-EAE53965251C}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{DA8548B2-D229-4643-B6E2-989B3CFEECFB}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{DA8548B2-D229-4643-B6E2-989B3CFEECFB}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{DA8548B2-D229-4643-B6E2-989B3CFEECFB}) (Version:  - Microsoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.4.66 - Webroot)
WebTect (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{25e4f9bf}) (Version:  - Linker Ltd)
Winamp (HKLM-x32\...\Winamp) (Version: 5.601  - Nullsoft, Inc)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
XCOM: Enemy Unknown (HKLM-x32\...\XCOM: Enemy Unknown_is1) (Version:  - )
XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn)
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
 
==================== Restore Points  =========================
 
13-03-2014 15:58:26 Windows Update
18-03-2014 20:38:09 Windows Update
22-03-2014 16:39:46 3/22/14
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {11F94F96-C91A-48B8-AFC7-D6E42B70D746} - System32\Tasks\SW.Booster-S-571884386 => c:\programdata\snowapp\sw.booster\SW.Booster.exe
Task: {179AD665-8C64-429E-AA9E-5E5BA178069A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-19] (Adobe Systems Incorporated)
Task: {2AB89ED6-77D3-4891-B922-E6F589454E51} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {62B41503-A47A-4708-80F7-C04AAA4A3A8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: {65850467-A755-40B2-A060-FA849FCAD596} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {77BF9082-B758-41A1-8117-3B182EAC18F1} - System32\Tasks\AdobeAAMUpdater-1.0-Dan-PC-Dan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {95BEED8F-362D-4B14-B4D1-D68B9A48E435} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: {C96C580D-E292-4CB8-BC1D-F843137D48C5} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Dan-PC-Dan Dan-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2013-09-10] (Microsoft Corporation)
Task: {CD3FD67F-C89D-4B4F-A1CE-DBCDCCFE16E1} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {D97AF45F-1A78-4169-B75D-6EE26279E32F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E4801FDA-CAD7-4F19-9D73-B4E072982931} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {FE87E871-2BB4-489A-99B4-C2508459317B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SW.Booster-S-571884386.job => c:\programdata\snowapp\sw.booster\SW.Booster.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-08-15 16:04 - 2014-03-04 09:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-17 12:25 - 2013-10-17 12:25 - 08866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-08-14 22:19 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2013-10-13 21:28 - 2011-09-06 22:43 - 00885664 _____ () C:\Program Files (x86)\ReaConverter 6.9 Standard\context64.dll
2013-12-29 00:18 - 2011-12-08 17:53 - 08364288 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
2013-10-02 00:10 - 2013-07-12 10:22 - 00578048 _____ () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
2014-01-29 18:26 - 2014-01-29 18:25 - 00014848 _____ () C:\Users\Dan\AppData\Local\Apps\2.0\VEEC1Y8V.MDZ\ZJY97RE1.Y71\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.WowDb.dll
2014-01-29 18:26 - 2014-01-29 18:25 - 00035840 _____ () C:\Users\Dan\AppData\Local\Apps\2.0\VEEC1Y8V.MDZ\ZJY97RE1.Y71\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.Advertising.dll
2014-01-29 18:26 - 2014-01-29 18:25 - 00099840 _____ () C:\Users\Dan\AppData\Local\Apps\2.0\VEEC1Y8V.MDZ\ZJY97RE1.Y71\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.CMOD2.dll
2013-12-29 00:18 - 2011-12-07 19:31 - 00303360 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
2014-03-10 21:39 - 2014-03-10 21:39 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-03-10 21:39 - 2014-03-10 21:39 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-03-10 21:39 - 2014-03-10 21:39 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-03-10 21:39 - 2014-03-10 21:39 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-03-10 21:39 - 2014-03-10 21:39 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-03-10 21:39 - 2014-03-10 21:39 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-03-10 21:39 - 2014-03-10 21:39 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-03-10 21:39 - 2014-03-10 21:39 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2013-10-17 12:25 - 2013-10-17 12:25 - 08866472 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-12-29 00:18 - 2011-09-13 17:57 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll
2013-10-02 00:10 - 2013-09-30 13:55 - 00375808 _____ () C:\Program Files (x86)\Syncios\DuiLib.dll
2013-10-02 00:10 - 2013-03-01 10:30 - 00059904 _____ () C:\Program Files (x86)\Syncios\zlib.dll
2013-10-02 00:10 - 2013-03-01 10:30 - 00526848 _____ () C:\Program Files (x86)\Syncios\sqlite3.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-15 13:06 - 2014-03-14 20:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2010-11-24 21:11 - 2010-11-24 21:11 - 00062464 _____ () C:\Program Files (x86)\Conceiva\Mezzmo\HS_REGEX.dll
2012-08-13 21:36 - 2012-08-13 21:36 - 00477696 _____ () C:\Program Files (x86)\Conceiva\Mezzmo\tag.dll
2012-04-03 22:08 - 2012-04-03 22:08 - 00839680 _____ () C:\Program Files (x86)\Conceiva\Mezzmo\LIBEAY32.dll
2012-04-03 22:08 - 2012-04-03 22:08 - 00159744 _____ () C:\Program Files (x86)\Conceiva\Mezzmo\SSLEAY32.dll
2012-03-28 20:31 - 2012-03-28 20:31 - 00060928 _____ () C:\Program Files (x86)\Conceiva\Mezzmo\extension-functions.dll
2014-03-15 13:06 - 2014-03-14 20:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 13:06 - 2014-03-14 20:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 13:06 - 2014-03-14 20:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 13:06 - 2014-03-14 20:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 13:06 - 2014-03-14 20:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2013-12-29 00:18 - 2011-10-25 15:54 - 00372736 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2014-03-15 13:06 - 2014-03-14 20:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
2014-01-08 02:19 - 2013-12-12 18:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-08 02:19 - 2013-11-04 21:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-07-01 08:20 - 2014-02-10 22:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-07-26 14:46 - 2014-02-25 17:57 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-07-15 14:32 - 2014-01-10 19:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 15:49 - 2013-06-14 19:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 15:49 - 2013-06-14 19:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 15:49 - 2013-06-14 19:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
Name: Intel® HD Graphics 3000
Description: Intel® HD Graphics 3000
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/22/2014 00:36:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2014 09:55:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (03/20/2014 01:15:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2014 00:59:17 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/19/2014 04:03:20 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/19/2014 11:40:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/19/2014 11:01:39 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (03/19/2014 10:13:19 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/18/2014 09:10:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/18/2014 07:07:56 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
 
System errors:
=============
Error: (03/22/2014 00:39:20 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004
 
Error: (03/22/2014 00:39:20 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004
 
Error: (03/22/2014 00:35:30 PM) (Source: Service Control Manager) (User: )
Description: The Freemake Improver service failed to start due to the following error: 
%%1053
 
Error: (03/22/2014 00:35:30 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Freemake Improver service to connect.
 
Error: (03/22/2014 00:34:43 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the WebTect service to connect.
 
Error: (03/22/2014 00:34:13 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SW.Sustainer service to connect.
 
Error: (03/20/2014 01:15:12 PM) (Source: Service Control Manager) (User: )
Description: The Freemake Improver service failed to start due to the following error: 
%%1053
 
Error: (03/20/2014 01:15:12 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Freemake Improver service to connect.
 
Error: (03/20/2014 01:14:33 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the WebTect service to connect.
 
Error: (03/20/2014 01:14:03 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SW.Sustainer service to connect.
 
 
Microsoft Office Sessions:
=========================
Error: (03/22/2014 00:36:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2014 09:55:01 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
Error: (03/20/2014 01:15:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2014 00:59:17 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/19/2014 04:03:20 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/19/2014 11:40:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/19/2014 11:01:39 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
Error: (03/19/2014 10:13:19 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/18/2014 09:10:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/18/2014 07:07:56 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 49%
Total physical RAM: 6055.53 MB
Available physical RAM: 3045.55 MB
Total Pagefile: 12109.23 MB
Available Pagefile: 8489.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: (HP) (Fixed) (Total:583.45 GB) (Free:122.29 GB) NTFS
Drive d: () (Fixed) (Total:12.49 GB) (Free:12.4 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=583 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#9 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:31 AM

Posted 24 March 2014 - 02:30 PM

Hi Dquinte2,

 

I see a number of lines in your log which are related to cracks, torrents and kerygens. I shall provide this warning:

 

The practice of using keygenshacking toolscracking toolswareztorrents or any pirated software is not only considered illegal activity, but it is a serious security risk which can turn a computer into a virus honeypot or zombie.

 

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible, and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

 

If you want to read on then the full post is here.

 

--------------

 

We need to remove some programs with Revo Uninstaller Free:

Note: Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows. Since it is a more powerful tool, please be sure to follow the instructions carefully.
Note: If the program you want to uninstall is not listed by Revo, let me know and we will try an altenate method of removal.

  • Please download and install Revo Uninstaller Free
    note: there is no need to click anything on that page, the download will start automatically
  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s), or anything similar, to remove it:

safoeweb
SW.Sustainer 1.80
WebTect
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete
    note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done click Finish

 

--------------

 

Uninstalling an extension in chrome:
  1. Click the Chrome menu on the browser toolbar.
  2. Click Tools.
  3. Select Extensions.
  4. Click the recycle bin icon by SNT to completely remove it.
  5. A confirmation dialogue appears, click Remove.
  6. Repeat for saFFeweb and YoutubeAdblocker.

 

--------------

 

Please run systemlook again and paste the contents of the below code box into the main text box:

:file
C:\Windows\System32\Drivers\az0u1d7p.sys
 
:reg
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows
  • Click the Look button to start the scan
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

 

--------------

 

Did you purposely set a proxy in IE?

 

--------------

 

Please run FRST from the desktop (like you did before) and press the scan button. It will produce a FRST.txt log located on the desktop, please copy and paste the contents into your next reply.

 
--------------

To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • Answer to proxy question
  • New SystemLook log
  • New FRST.txt log

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#10 Dquinte2

Dquinte2
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 24 March 2014 - 03:18 PM

Hi Toffee,

 

I was playing around with the proxy settings in IE. So yeah I purposely set one up.

 

The logs:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Dan (administrator) on DAN-PC on 24-03-2014 16:17:10
Running from C:\Users\Dan\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Webroot) C:\Program Files\Webroot\WRSA.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(BitTorrent Inc.) C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Curse) C:\Users\Dan\AppData\Local\Apps\2.0\VEEC1Y8V.MDZ\ZJY97RE1.Y71\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Conceiva Pty. Ltd.) C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Dan\Downloads\SystemLook_x64.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [3832064 2009-09-12] (O&O Software GmbH)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [XFast LAN] - C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Syncios device service] - C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [578048 2013-07-12] ()
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [WRSVC] - C:\Program Files\Webroot\WRSA.exe [763000 2014-03-18] (Webroot)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [zASRockInstantBoot] - [X]
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [uTorrent] - C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe [904272 2013-11-30] (BitTorrent Inc.)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-03-10] (Electronic Arts)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20924064 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\MountPoints2: {e0033211-0643-11e3-8af5-bc5ff41ccbde} - F:\setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs-x32:  c:\progra~2\sw30e4~1.boo => "c:\progra~2\sw30e4~1.boo" File Not Found
Startup: C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x28391B946199CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKCU - DefaultScope {20B9AC15-3714-4949-9314-71D05D8F1CC3} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3287810&CUI=UN97231266611607295&UM=2
SearchScopes: HKCU - {480DEBEE-D5BE-4FC3-98BD-D6986483346A} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: NextCaoup - {98D9245C-B131-A41C-BC09-EF42C9D8D9E3} - C:\Program Files (x86)\NextCaoup\P.x64.dll ()
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: SNT - {C2F64206-F231-3110-DF86-F3EEE1D7E159} - C:\Program Files (x86)\SNT\MI0W.x64.dll No File
BHO: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
BHO: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: YoutubeAdblocker - {DE6AE88A-F854-3239-578D-86AC0C35FBB8} - C:\Program Files (x86)\YoutubeAdblocker\en5Fn.x64.dll No File
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: NextCaoup - {98D9245C-B131-A41C-BC09-EF42C9D8D9E3} - C:\Program Files (x86)\NextCaoup\P.dll ()
BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
BHO-x32: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (Adblock Plus) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-06]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-02-01]
CHR Extension: (Falcon Proxy) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchhimlnjdafdlkojbffdkogjhhkdepf [2014-03-15]
CHR Extension: (NextCaoup) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokgkkecagikijindglamogignebehon [2014-03-24]
CHR Extension: (Webroot Filtering Extension) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-03-19]
CHR Extension: (Google Wallet) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Webroot Password Manager) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab [2014-03-19]
CHR HKCU\...\Chrome\Extension: [alhkhciaeadgoondadnppeinickmmndo] - C:\Users\Dan\AppData\Local\CRE\alhkhciaeadgoondadnppeinickmmndo.crx [2013-11-03]
CHR HKCU\...\Chrome\Extension: [oiffmnkajgkhjjchngmajlomfdhfjdma] - C:\Users\Dan\AppData\Local\CRE\oiffmnkajgkhjjchngmajlomfdhfjdma.crx [2013-11-02]
CHR HKLM-x32\...\Chrome\Extension: [alhkhciaeadgoondadnppeinickmmndo] - C:\Users\Dan\AppData\Local\CRE\alhkhciaeadgoondadnppeinickmmndo.crx [2013-11-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.32.crx [2014-03-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
CHR HKLM-x32\...\Chrome\Extension: [oiffmnkajgkhjjchngmajlomfdhfjdma] - C:\Users\Dan\AppData\Local\CRE\oiffmnkajgkhjjchngmajlomfdhfjdma.crx [2013-11-02]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2014-03-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-12-09] (Freemake)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Mezzmo; C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe [3925800 2013-09-14] (Conceiva Pty. Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
R2 O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2287360 2009-09-12] (O&O Software GmbH)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [763000 2014-03-18] (Webroot)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [303360 2011-12-07] ()
S2 1a34a8e0; "C:\Windows\system32\rundll32.exe" "c:\progra~2\SWSvc.dll",service
S2 25e4f9bf; "C:\Windows\system32\rundll32.exe" "c:\progra~3\webtect\WebTectSvc.dll",service
 
==================== Drivers (Whitelisted) ====================
 
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2013-11-03] (Echobit, LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-08-14] ()
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [113664 2014-03-18] (Webroot)
U3 aumvm7y8; C:\Windows\System32\Drivers\aumvm7y8.sys [0 ] (Microsoft Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\Users\Dan\AppData\Local\Torch
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\ProgramData\NextCaoup
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\Program Files (x86)\NextCaoup
2014-03-24 15:33 - 2014-03-24 15:33 - 00001230 _____ () C:\Users\Dan\Desktop\Revo Uninstaller.lnk
2014-03-24 15:33 - 2014-03-24 15:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-24 15:32 - 2014-03-24 15:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dan\Downloads\revosetup.exe
2014-03-22 12:43 - 2014-03-22 12:45 - 00050236 _____ () C:\Users\Dan\Downloads\Addition.txt
2014-03-22 12:42 - 2014-03-24 16:17 - 00019188 _____ () C:\Users\Dan\Downloads\FRST.txt
2014-03-22 12:42 - 2014-03-24 16:17 - 00000000 ____D () C:\FRST
2014-03-22 12:41 - 2014-03-22 12:42 - 02157056 _____ (Farbar) C:\Users\Dan\Downloads\FRST64.exe
2014-03-22 12:41 - 2014-03-22 12:41 - 00294568 _____ (VLCPlayer) C:\Users\Dan\Downloads\Software_Update__CD5MTCD4349_e9200236-2219-424b-8c20-8e981f2bc976_v4ISNMVD7HS7V8EA0S2501DUHP_0_0_0.exe
2014-03-20 22:26 - 2014-03-20 22:27 - 00831962 _____ () C:\Users\Dan\Downloads\powerpoint for presentation.pptx
2014-03-20 17:09 - 2014-03-24 16:16 - 00001892 _____ () C:\Users\Dan\Downloads\SystemLook.txt
2014-03-20 17:08 - 2014-03-20 17:08 - 00165376 _____ () C:\Users\Dan\Downloads\SystemLook_x64.exe
2014-03-20 13:17 - 2014-03-20 13:17 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-20 13:17 - 2014-03-20 13:17 - 00000000 ____D () C:\Users\Dan\AppData\Local\Skype
2014-03-20 13:05 - 2014-03-20 13:11 - 00000000 ____D () C:\AdwCleaner
2014-03-20 13:05 - 2014-03-20 13:05 - 01950720 _____ () C:\Users\Dan\Downloads\AdwCleaner.exe
2014-03-19 12:11 - 2014-03-19 12:12 - 00000000 ____D () C:\Users\Dan\Desktop\logss
2014-03-19 12:11 - 2014-03-19 12:11 - 00027323 _____ () C:\Users\Dan\Desktop\dds.txt
2014-03-19 12:11 - 2014-03-19 12:11 - 00012725 _____ () C:\Users\Dan\Desktop\attach.txt
2014-03-19 12:09 - 2014-03-19 12:09 - 00688992 ____R (Swearware) C:\Users\Dan\Downloads\dds.com
2014-03-19 12:01 - 2014-03-19 12:01 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-18 23:00 - 2014-03-18 23:00 - 00001075 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Malwarebytes
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-18 23:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-18 22:59 - 2014-03-18 23:01 - 00000000 ____D () C:\Users\Dan\Downloads\Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD
2014-03-18 22:59 - 2014-03-18 22:59 - 00000354 _____ () C:\Users\Dan\Downloads\Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD [IPT].torrent
2014-03-18 22:58 - 2014-03-18 22:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dan\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-18 22:56 - 2014-03-18 22:58 - 296354328 _____ () C:\Users\Dan\Downloads\SEP_12_1_RU2_64bit.exe
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (3).1_RU2_(64bit).torrent
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (2).1_RU2_(64bit)
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (1).1_RU2_(64bit)
2014-03-18 22:55 - 2014-03-18 22:55 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12.1_RU2_(64bit)
2014-03-18 22:32 - 2014-03-18 22:32 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack (2).torrent
2014-03-18 22:32 - 2014-03-18 22:32 - 00000000 ____D () C:\Users\Dan\Downloads\Webroot SecureAnywhere Complete 2013 [KaranPc]
2014-03-18 22:31 - 2014-03-18 22:31 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack (1).torrent
2014-03-18 22:10 - 2014-03-24 15:53 - 00000000 ____D () C:\ProgramData\WRData
2014-03-18 22:10 - 2014-03-19 10:13 - 00000000 ____D () C:\Users\Dan\AppData\Local\lptmp1890866352
2014-03-18 22:10 - 2014-03-18 22:10 - 00152744 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2014-03-18 22:10 - 2014-03-18 22:10 - 00113664 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2014-03-18 22:10 - 2014-03-18 22:10 - 00103816 _____ (Webroot) C:\Windows\system32\WRusr.dll
2014-03-18 22:10 - 2014-03-18 22:10 - 00000000 ____D () C:\Program Files\Webroot
2014-03-18 22:06 - 2014-03-18 22:06 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack.torrent
2014-03-18 21:14 - 2014-03-18 21:14 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-03-18 16:58 - 2014-03-18 16:58 - 00000000 ____D () C:\Users\Dan\Desktop\Tor Browser
2014-03-18 16:57 - 2014-03-18 16:58 - 22892386 _____ () C:\Users\Dan\Downloads\torbrowser-install-3.5.2.1_en-US.exe
2014-03-17 15:10 - 2014-03-17 15:10 - 01075264 _____ (OR Interactive Ltd) C:\Users\Dan\Downloads\IDM2.exe
2014-03-15 13:22 - 2013-07-12 20:34 - 00000488 _____ () C:\Users\Dan\Desktop\com.telltalegames.walkingdead100.plist
2014-03-15 13:21 - 2014-03-15 13:21 - 00000850 _____ () C:\Users\Dan\Desktop\ipa01348_Hack.rar
2014-03-15 13:21 - 2013-07-12 20:36 - 00000692 _____ () C:\Users\Dan\Desktop\[Hack] Walking Dead The Game.rar
2014-03-15 13:20 - 2014-03-24 15:40 - 00000432 ____H () C:\Windows\Tasks\SW.Booster-S-571884386.job
2014-03-15 13:20 - 2014-03-24 15:40 - 00000000 ____D () C:\ProgramData\safoeweb
2014-03-15 13:20 - 2014-03-24 15:38 - 00000000 ____D () C:\ProgramData\2b987117163ab168
2014-03-15 13:20 - 2014-03-24 15:38 - 00000000 ____D () C:\Program Files (x86)\safoeweb
2014-03-15 13:20 - 2014-03-15 13:21 - 00000000 ____D () C:\ProgramData\SnowApp
2014-03-15 13:20 - 2014-03-15 13:20 - 04210176 _____ () C:\Program Files (x86)\SW_x64.Booster
2014-03-15 13:20 - 2014-03-15 13:20 - 00002678 _____ () C:\Windows\System32\Tasks\SW.Booster-S-571884386
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Dan\AppData\Local\Packages
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Dan\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator
2014-03-15 13:19 - 2014-03-15 13:21 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-15 13:19 - 2014-03-15 13:19 - 00341792 _____ (SnowApp) C:\Users\Dan\Downloads\Download_Manager-ipa01348_Hack.rar.exe
2014-03-15 02:03 - 2014-03-15 02:06 - 67135709 _____ () C:\Users\Dan\Downloads\metal_slug_x.ipa
2014-03-14 22:01 - 2014-03-14 22:01 - 00000239 _____ () C:\Users\Dan\Desktop\Hotel.txt
2014-03-14 17:26 - 2014-03-14 17:26 - 00000000 ____D () C:\Users\Dan\Desktop\New folder
2014-03-14 17:24 - 2014-03-14 17:24 - 00000379 _____ () C:\Users\Dan\Downloads\TWD2.zip
2014-03-14 17:19 - 2014-03-14 17:19 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-03-14 17:18 - 2014-03-14 17:18 - 00376256 _____ () C:\Users\Dan\Downloads\7zip.exe
2014-03-14 16:51 - 2014-03-15 13:29 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\iFunbox_UserCache
2014-03-14 16:51 - 2014-03-14 16:51 - 00001022 _____ () C:\Users\Public\Desktop\iFunbox.lnk
2014-03-14 16:51 - 2014-03-14 16:51 - 00000000 ____D () C:\Program Files (x86)\i-Funbox DevTeam
2014-03-14 16:49 - 2014-03-14 16:55 - 524460180 _____ () C:\Users\Dan\Downloads\walking_dead_the_game_season_2.ipa
2014-03-14 16:49 - 2014-03-14 16:49 - 15043804 _____ ( ) C:\Users\Dan\Downloads\ifunbox_setup.exe
2014-03-12 23:06 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 23:06 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 23:06 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 23:06 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 23:06 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 23:06 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 23:06 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 23:06 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 23:06 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 23:06 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 23:06 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 23:06 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 23:06 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 23:06 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 23:06 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 23:06 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 23:06 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 23:06 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 23:06 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 23:06 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 23:06 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 23:06 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 23:06 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 23:06 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 23:06 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 23:06 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 23:06 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 23:06 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 23:06 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 23:06 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 23:06 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 23:06 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 23:06 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 23:06 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 23:06 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 23:06 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 23:06 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 23:06 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 23:06 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 23:06 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 23:06 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 23:06 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 23:06 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 23:06 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 23:04 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 23:04 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 23:04 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 23:04 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-11 17:04 - 2014-03-11 17:04 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-11 12:49 - 2014-03-04 07:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-11 12:46 - 2014-03-04 10:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-11 12:46 - 2014-03-04 10:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-11 01:33 - 2014-03-11 01:33 - 00000000 ____D () C:\Users\Dan\Documents\Respawn
2014-03-11 01:05 - 2014-03-11 01:05 - 00001144 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-03-10 21:41 - 2014-03-10 21:56 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-10 21:39 - 2014-03-11 12:27 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Origin
2014-03-10 21:39 - 2014-03-11 01:33 - 00000000 ____D () C:\Users\Dan\AppData\Local\Origin
2014-03-10 21:36 - 2014-03-24 15:41 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-10 21:36 - 2014-03-24 10:28 - 00000000 ____D () C:\ProgramData\Origin
2014-03-10 21:36 - 2014-03-11 01:33 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-03-10 21:36 - 2014-03-10 21:36 - 00000945 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-03-10 21:33 - 2014-03-10 21:34 - 17009704 _____ (Electronic Arts, Inc.) C:\Users\Dan\Downloads\OriginThinSetup.exe
2014-03-10 14:56 - 2014-03-10 11:54 - 00000025 ____N () C:\Users\Dan\Desktop\ATT00004
2014-03-10 14:56 - 2014-03-10 11:54 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00003
2014-03-10 14:56 - 2014-03-10 11:54 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00002
2014-03-10 14:56 - 2014-03-10 11:54 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00001
2014-03-10 14:54 - 2014-03-10 14:54 - 08936675 _____ () C:\Users\Dan\Desktop\Outlook (1).zip
2014-03-10 01:30 - 2014-03-10 01:31 - 00018218 _____ () C:\Users\Dan\Downloads\True.Detective.S01E08.HDTV.XviD-EVO [IPT].torrent
2014-03-07 20:34 - 2014-03-07 20:34 - 00016832 _____ () C:\Users\Dan\Downloads\Knights of Badassdom 1080p WEBRip - BLiTZCRiEG.torrent
2014-03-07 19:39 - 2014-03-07 19:39 - 00041673 _____ () C:\Users\Dan\Downloads\7E8DE931C0C54EB96523C698F5D030894561B404.torrent
2014-03-07 19:39 - 2014-03-07 19:39 - 00025493 _____ () C:\Users\Dan\Downloads\42DBE12D91EFBC1396292F521B5655091DAEC399.torrent
2014-03-07 19:18 - 2014-03-07 19:18 - 00028853 _____ () C:\Users\Dan\Downloads\D7A9AD75F0FC10C92F3CC8186888617A059E0411.torrent
2014-03-07 19:17 - 2014-03-07 19:36 - 00000000 ____D () C:\Users\Dan\Downloads\Delivery Man (2013) 720p BluRay + Subtitles [GlowGaze.Com]
2014-03-07 19:15 - 2014-03-07 19:15 - 00322272 _____ (HostIt) C:\Users\Dan\Downloads\Delivery Man (2013) 720p BluRay.exe
2014-03-07 19:15 - 2014-03-07 19:15 - 00024836 _____ () C:\Users\Dan\Downloads\67EC9A7B5A839F8C085DC0CDD2B7094B3F75D3B0.torrent
2014-03-07 16:19 - 2014-03-07 16:19 - 00000006 _____ () C:\Users\Dan\Desktop\Confirmation.txt
2014-03-07 15:04 - 2014-03-07 15:04 - 00002061 _____ () C:\Users\Dan\Desktop\Classicshapewear.txt
2014-03-07 15:04 - 2014-03-07 15:04 - 00000000 _____ () C:\Users\Dan\Desktop\New Text Document.txt
2014-03-07 13:14 - 2014-03-07 13:14 - 00001020 _____ () C:\Users\Public\Desktop\Southpark Stick of Truth.lnk
2014-03-07 13:05 - 2014-03-07 13:20 - 00000000 ____D () C:\Program Files (x86)\Southpark Stick of Truth
2014-03-07 04:16 - 2014-03-07 04:16 - 00091040 _____ () C:\Users\Dan\Downloads\Southpark.Stick.Of.Truth-RELOADED.torrent
2014-02-28 22:32 - 2014-02-28 22:32 - 00015788 _____ () C:\Users\Dan\Downloads\Addendum A Daniel Quintero.odt
2014-02-27 23:48 - 2014-02-27 23:51 - 00000000 ____D () C:\Users\Dan\Desktop\New River Invoices
2014-02-27 23:45 - 2014-02-27 23:45 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-25 00:57 - 2014-02-25 00:57 - 37422682 _____ () C:\Users\Dan\Downloads\Tchaikovsky Violin Concerto.m4a
2014-02-24 22:40 - 2014-02-24 22:40 - 89261384 _____ () C:\Users\Dan\Downloads\Scheherazade.m4a
2014-02-24 02:18 - 2014-02-22 23:14 - 19083278 _____ () C:\Users\Dan\Desktop\evasi0n7.exe
2014-02-24 02:15 - 2014-02-24 02:15 - 16620912 _____ () C:\Users\Dan\Downloads\evasi0n7-win-1.0.6-01f65fec4d42d76b3f35eda49f7450b2cfa88ff7.zip
2014-02-24 00:09 - 2014-02-24 00:09 - 00057682 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E11.720p.HDTV.x264-2HD.torrent
2014-02-24 00:07 - 2014-02-24 00:07 - 00057251 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E10.720p.HDTV.x264-REMARKABLE.torrent
2014-02-24 00:07 - 2014-02-24 00:07 - 00040886 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E11.HDTV.x264-2HD.torrent
2014-02-23 17:50 - 2014-02-23 17:50 - 00007642 _____ () C:\Users\Dan\AppData\Local\Resmon.ResmonCfg
 
==================== One Month Modified Files and Folders =======
 
2014-03-24 16:17 - 2014-03-22 12:42 - 00019188 _____ () C:\Users\Dan\Downloads\FRST.txt
2014-03-24 16:17 - 2014-03-22 12:42 - 00000000 ____D () C:\FRST
2014-03-24 16:17 - 2013-08-16 02:27 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\uTorrent
2014-03-24 16:16 - 2014-03-20 17:09 - 00001892 _____ () C:\Users\Dan\Downloads\SystemLook.txt
2014-03-24 16:04 - 2013-11-03 19:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-24 16:02 - 2014-01-08 19:07 - 00004942 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Dan-PC-Dan Dan-PC
2014-03-24 16:00 - 2013-08-14 22:53 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-24 15:56 - 2009-07-14 00:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-24 15:56 - 2009-07-14 00:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-24 15:53 - 2014-03-18 22:10 - 00000000 ____D () C:\ProgramData\WRData
2014-03-24 15:52 - 2013-08-14 20:05 - 02068585 _____ () C:\Windows\WindowsUpdate.log
2014-03-24 15:44 - 2013-09-23 22:01 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Skype
2014-03-24 15:44 - 2013-08-16 13:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-24 15:44 - 2013-08-14 22:52 - 00000000 ____D () C:\Users\Dan\AppData\Local\Deployment
2014-03-24 15:43 - 2013-11-04 23:22 - 00000000 ____D () C:\Users\Dan\AppData\Local\LogMeIn Hamachi
2014-03-24 15:43 - 2013-08-25 22:05 - 00000043 _____ () C:\Windows\MezzmoMediaServer.INI
2014-03-24 15:43 - 2009-07-14 00:51 - 00071673 _____ () C:\Windows\setupact.log
2014-03-24 15:41 - 2014-03-10 21:36 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-24 15:41 - 2013-08-14 22:53 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-24 15:40 - 2014-03-15 13:20 - 00000432 ____H () C:\Windows\Tasks\SW.Booster-S-571884386.job
2014-03-24 15:40 - 2014-03-15 13:20 - 00000000 ____D () C:\ProgramData\safoeweb
2014-03-24 15:40 - 2013-08-15 16:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-24 15:40 - 2013-08-14 22:55 - 00276892 _____ () C:\Windows\system32\oodbs.lor
2014-03-24 15:40 - 2013-08-14 22:24 - 00000000 ____D () C:\Users\Dan
2014-03-24 15:40 - 2010-11-20 23:47 - 00226864 _____ () C:\Windows\PFRO.log
2014-03-24 15:40 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\Users\Dan\AppData\Local\Torch
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\ProgramData\NextCaoup
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\Program Files (x86)\NextCaoup
2014-03-24 15:38 - 2014-03-15 13:20 - 00000000 ____D () C:\ProgramData\2b987117163ab168
2014-03-24 15:38 - 2014-03-15 13:20 - 00000000 ____D () C:\Program Files (x86)\safoeweb
2014-03-24 15:35 - 2013-10-06 17:28 - 00000000 ____D () C:\Users\Dan\AppData\Local\Battle.net
2014-03-24 15:33 - 2014-03-24 15:33 - 00001230 _____ () C:\Users\Dan\Desktop\Revo Uninstaller.lnk
2014-03-24 15:33 - 2014-03-24 15:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-24 15:32 - 2014-03-24 15:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dan\Downloads\revosetup.exe
2014-03-24 10:28 - 2014-03-10 21:36 - 00000000 ____D () C:\ProgramData\Origin
2014-03-24 02:00 - 2013-08-18 18:56 - 00000000 ____D () C:\Users\Dan\AppData\Local\Adobe
2014-03-22 12:45 - 2014-03-22 12:43 - 00050236 _____ () C:\Users\Dan\Downloads\Addition.txt
2014-03-22 12:42 - 2014-03-22 12:41 - 02157056 _____ (Farbar) C:\Users\Dan\Downloads\FRST64.exe
2014-03-22 12:41 - 2014-03-22 12:41 - 00294568 _____ (VLCPlayer) C:\Users\Dan\Downloads\Software_Update__CD5MTCD4349_e9200236-2219-424b-8c20-8e981f2bc976_v4ISNMVD7HS7V8EA0S2501DUHP_0_0_0.exe
2014-03-22 01:22 - 2013-08-15 02:25 - 00000000 ____D () C:\Program Files (x86)\Heroes of Newerth
2014-03-21 15:47 - 2014-02-19 01:52 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 22:27 - 2014-03-20 22:26 - 00831962 _____ () C:\Users\Dan\Downloads\powerpoint for presentation.pptx
2014-03-20 17:08 - 2014-03-20 17:08 - 00165376 _____ () C:\Users\Dan\Downloads\SystemLook_x64.exe
2014-03-20 13:17 - 2014-03-20 13:17 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-20 13:17 - 2014-03-20 13:17 - 00000000 ____D () C:\Users\Dan\AppData\Local\Skype
2014-03-20 13:17 - 2013-09-23 22:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-20 13:17 - 2013-09-23 22:01 - 00000000 ____D () C:\ProgramData\Skype
2014-03-20 13:11 - 2014-03-20 13:05 - 00000000 ____D () C:\AdwCleaner
2014-03-20 13:05 - 2014-03-20 13:05 - 01950720 _____ () C:\Users\Dan\Downloads\AdwCleaner.exe
2014-03-19 12:12 - 2014-03-19 12:11 - 00000000 ____D () C:\Users\Dan\Desktop\logss
2014-03-19 12:11 - 2014-03-19 12:11 - 00027323 _____ () C:\Users\Dan\Desktop\dds.txt
2014-03-19 12:11 - 2014-03-19 12:11 - 00012725 _____ () C:\Users\Dan\Desktop\attach.txt
2014-03-19 12:09 - 2014-03-19 12:09 - 00688992 ____R (Swearware) C:\Users\Dan\Downloads\dds.com
2014-03-19 12:01 - 2014-03-19 12:01 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-19 12:01 - 2013-11-03 19:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-19 12:01 - 2013-11-03 19:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-19 12:01 - 2013-11-03 19:22 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-19 10:13 - 2014-03-18 22:10 - 00000000 ____D () C:\Users\Dan\AppData\Local\lptmp1890866352
2014-03-19 10:11 - 2013-09-07 20:11 - 00000000 ____D () C:\Windows\AutoKMS
2014-03-18 23:01 - 2014-03-18 22:59 - 00000000 ____D () C:\Users\Dan\Downloads\Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD
2014-03-18 23:00 - 2014-03-18 23:00 - 00001075 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Malwarebytes
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-18 22:59 - 2014-03-18 22:59 - 00000354 _____ () C:\Users\Dan\Downloads\Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD [IPT].torrent
2014-03-18 22:59 - 2014-03-18 22:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dan\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-18 22:58 - 2014-03-18 22:56 - 296354328 _____ () C:\Users\Dan\Downloads\SEP_12_1_RU2_64bit.exe
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (3).1_RU2_(64bit).torrent
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (2).1_RU2_(64bit)
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (1).1_RU2_(64bit)
2014-03-18 22:55 - 2014-03-18 22:55 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12.1_RU2_(64bit)
2014-03-18 22:32 - 2014-03-18 22:32 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack (2).torrent
2014-03-18 22:32 - 2014-03-18 22:32 - 00000000 ____D () C:\Users\Dan\Downloads\Webroot SecureAnywhere Complete 2013 [KaranPc]
2014-03-18 22:31 - 2014-03-18 22:31 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack (1).torrent
2014-03-18 22:10 - 2014-03-18 22:10 - 00152744 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2014-03-18 22:10 - 2014-03-18 22:10 - 00113664 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2014-03-18 22:10 - 2014-03-18 22:10 - 00103816 _____ (Webroot) C:\Windows\system32\WRusr.dll
2014-03-18 22:10 - 2014-03-18 22:10 - 00000000 ____D () C:\Program Files\Webroot
2014-03-18 22:06 - 2014-03-18 22:06 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack.torrent
2014-03-18 21:14 - 2014-03-18 21:14 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-03-18 16:58 - 2014-03-18 16:58 - 00000000 ____D () C:\Users\Dan\Desktop\Tor Browser
2014-03-18 16:58 - 2014-03-18 16:57 - 22892386 _____ () C:\Users\Dan\Downloads\torbrowser-install-3.5.2.1_en-US.exe
2014-03-18 16:38 - 2013-09-07 19:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-17 15:10 - 2014-03-17 15:10 - 01075264 _____ (OR Interactive Ltd) C:\Users\Dan\Downloads\IDM2.exe
2014-03-15 13:29 - 2014-03-14 16:51 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\iFunbox_UserCache
2014-03-15 13:21 - 2014-03-15 13:21 - 00000850 _____ () C:\Users\Dan\Desktop\ipa01348_Hack.rar
2014-03-15 13:21 - 2014-03-15 13:20 - 00000000 ____D () C:\ProgramData\SnowApp
2014-03-15 13:21 - 2014-03-15 13:19 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-15 13:20 - 2014-03-15 13:20 - 04210176 _____ () C:\Program Files (x86)\SW_x64.Booster
2014-03-15 13:20 - 2014-03-15 13:20 - 00002678 _____ () C:\Windows\System32\Tasks\SW.Booster-S-571884386
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Dan\AppData\Local\Packages
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Dan\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator
2014-03-15 13:20 - 2013-08-14 22:53 - 00000000 ____D () C:\Users\Dan\AppData\Local\Google
2014-03-15 13:19 - 2014-03-15 13:19 - 00341792 _____ (SnowApp) C:\Users\Dan\Downloads\Download_Manager-ipa01348_Hack.rar.exe
2014-03-15 13:06 - 2013-08-14 22:53 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-15 02:06 - 2014-03-15 02:03 - 67135709 _____ () C:\Users\Dan\Downloads\metal_slug_x.ipa
2014-03-14 22:01 - 2014-03-14 22:01 - 00000239 _____ () C:\Users\Dan\Desktop\Hotel.txt
2014-03-14 17:26 - 2014-03-14 17:26 - 00000000 ____D () C:\Users\Dan\Desktop\New folder
2014-03-14 17:24 - 2014-03-14 17:24 - 00000379 _____ () C:\Users\Dan\Downloads\TWD2.zip
2014-03-14 17:19 - 2014-03-14 17:19 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-03-14 17:18 - 2014-03-14 17:18 - 00376256 _____ () C:\Users\Dan\Downloads\7zip.exe
2014-03-14 16:55 - 2014-03-14 16:49 - 524460180 _____ () C:\Users\Dan\Downloads\walking_dead_the_game_season_2.ipa
2014-03-14 16:51 - 2014-03-14 16:51 - 00001022 _____ () C:\Users\Public\Desktop\iFunbox.lnk
2014-03-14 16:51 - 2014-03-14 16:51 - 00000000 ____D () C:\Program Files (x86)\i-Funbox DevTeam
2014-03-14 16:49 - 2014-03-14 16:49 - 15043804 _____ ( ) C:\Users\Dan\Downloads\ifunbox_setup.exe
2014-03-13 20:06 - 2013-10-21 22:07 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-13 12:24 - 2009-07-14 01:13 - 00786558 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-13 12:22 - 2009-07-14 00:45 - 05018064 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 12:17 - 2013-08-22 00:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 12:17 - 2013-08-22 00:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 12:00 - 2009-07-13 22:34 - 00000478 _____ () C:\Windows\win.ini
2014-03-12 12:02 - 2014-01-29 16:43 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-03-11 19:48 - 2013-10-16 21:10 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-03-11 17:04 - 2014-03-11 17:04 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-11 12:49 - 2013-08-14 22:51 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-11 12:38 - 2014-02-14 12:53 - 00000000 ____D () C:\Users\Dan\AppData\Local\NVIDIA
2014-03-11 12:27 - 2014-03-10 21:39 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Origin
2014-03-11 01:33 - 2014-03-11 01:33 - 00000000 ____D () C:\Users\Dan\Documents\Respawn
2014-03-11 01:33 - 2014-03-10 21:39 - 00000000 ____D () C:\Users\Dan\AppData\Local\Origin
2014-03-11 01:33 - 2014-03-10 21:36 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-03-11 01:05 - 2014-03-11 01:05 - 00001144 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-03-11 00:14 - 2013-08-14 23:13 - 00116253 _____ () C:\Windows\DirectX.log
2014-03-10 21:56 - 2014-03-10 21:41 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-10 21:36 - 2014-03-10 21:36 - 00000945 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-03-10 21:36 - 2014-01-10 18:07 - 00000000 ____D () C:\Users\Dan\Desktop\Whatbox
2014-03-10 21:34 - 2014-03-10 21:33 - 17009704 _____ (Electronic Arts, Inc.) C:\Users\Dan\Downloads\OriginThinSetup.exe
2014-03-10 14:57 - 2013-12-08 01:06 - 00002246 _____ () C:\Users\Dan\Desktop\AC4BFSP.exe - Shortcut.lnk
2014-03-10 14:54 - 2014-03-10 14:54 - 08936675 _____ () C:\Users\Dan\Desktop\Outlook (1).zip
2014-03-10 11:54 - 2014-03-10 14:56 - 00000025 ____N () C:\Users\Dan\Desktop\ATT00004
2014-03-10 11:54 - 2014-03-10 14:56 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00003
2014-03-10 11:54 - 2014-03-10 14:56 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00002
2014-03-10 11:54 - 2014-03-10 14:56 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00001
2014-03-10 02:35 - 2013-09-08 23:56 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\vlc
2014-03-10 01:31 - 2014-03-10 01:30 - 00018218 _____ () C:\Users\Dan\Downloads\True.Detective.S01E08.HDTV.XviD-EVO [IPT].torrent
2014-03-07 20:34 - 2014-03-07 20:34 - 00016832 _____ () C:\Users\Dan\Downloads\Knights of Badassdom 1080p WEBRip - BLiTZCRiEG.torrent
2014-03-07 19:39 - 2014-03-07 19:39 - 00041673 _____ () C:\Users\Dan\Downloads\7E8DE931C0C54EB96523C698F5D030894561B404.torrent
2014-03-07 19:39 - 2014-03-07 19:39 - 00025493 _____ () C:\Users\Dan\Downloads\42DBE12D91EFBC1396292F521B5655091DAEC399.torrent
2014-03-07 19:36 - 2014-03-07 19:17 - 00000000 ____D () C:\Users\Dan\Downloads\Delivery Man (2013) 720p BluRay + Subtitles [GlowGaze.Com]
2014-03-07 19:18 - 2014-03-07 19:18 - 00028853 _____ () C:\Users\Dan\Downloads\D7A9AD75F0FC10C92F3CC8186888617A059E0411.torrent
2014-03-07 19:15 - 2014-03-07 19:15 - 00322272 _____ (HostIt) C:\Users\Dan\Downloads\Delivery Man (2013) 720p BluRay.exe
2014-03-07 19:15 - 2014-03-07 19:15 - 00024836 _____ () C:\Users\Dan\Downloads\67EC9A7B5A839F8C085DC0CDD2B7094B3F75D3B0.torrent
2014-03-07 16:19 - 2014-03-07 16:19 - 00000006 _____ () C:\Users\Dan\Desktop\Confirmation.txt
2014-03-07 15:04 - 2014-03-07 15:04 - 00002061 _____ () C:\Users\Dan\Desktop\Classicshapewear.txt
2014-03-07 15:04 - 2014-03-07 15:04 - 00000000 _____ () C:\Users\Dan\Desktop\New Text Document.txt
2014-03-07 13:20 - 2014-03-07 13:05 - 00000000 ____D () C:\Program Files (x86)\Southpark Stick of Truth
2014-03-07 13:20 - 2013-08-19 08:58 - 00000000 ____D () C:\Users\Dan\Documents\My Games
2014-03-07 13:14 - 2014-03-07 13:14 - 00001020 _____ () C:\Users\Public\Desktop\Southpark Stick of Truth.lnk
2014-03-07 04:16 - 2014-03-07 04:16 - 00091040 _____ () C:\Users\Dan\Downloads\Southpark.Stick.Of.Truth-RELOADED.torrent
2014-03-04 20:10 - 2013-08-30 22:15 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-03-04 10:35 - 2014-03-11 12:46 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 10:35 - 2014-03-11 12:46 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-04 10:35 - 2013-12-16 00:38 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 10:35 - 2013-08-15 16:04 - 00062408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-04 10:35 - 2013-08-15 16:04 - 00054216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 09:06 - 2013-08-15 16:04 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 09:06 - 2013-08-15 16:04 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 09:05 - 2013-08-15 16:04 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-04 09:05 - 2013-08-15 16:04 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 09:05 - 2013-08-15 16:04 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 09:05 - 2013-08-15 16:04 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-04 07:32 - 2014-03-11 12:49 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-01 13:21 - 2013-08-14 22:22 - 00778680 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-01 02:05 - 2014-03-12 23:06 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 01:17 - 2014-03-12 23:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 01:16 - 2014-03-12 23:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 00:58 - 2014-03-12 23:06 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 00:52 - 2014-03-12 23:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 00:51 - 2014-03-12 23:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 00:42 - 2014-03-12 23:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 00:40 - 2014-03-12 23:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 00:37 - 2014-03-12 23:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 00:33 - 2014-03-12 23:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 00:33 - 2014-03-12 23:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 00:32 - 2014-03-12 23:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 00:30 - 2014-03-12 23:06 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 00:23 - 2014-03-12 23:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 00:17 - 2014-03-12 23:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 00:11 - 2014-03-12 23:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 00:02 - 2014-03-12 23:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-28 23:54 - 2014-03-12 23:06 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-28 23:52 - 2014-03-12 23:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-28 23:51 - 2014-03-12 23:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-28 23:47 - 2014-03-12 23:06 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 23:43 - 2014-03-12 23:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-28 23:43 - 2014-03-12 23:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-28 23:42 - 2014-03-12 23:06 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-28 23:40 - 2014-03-12 23:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-28 23:38 - 2014-03-12 23:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 23:37 - 2014-03-12 23:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-28 23:35 - 2014-03-12 23:06 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-28 23:18 - 2014-03-12 23:06 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-28 23:16 - 2014-03-12 23:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-28 23:14 - 2014-03-12 23:06 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-12 23:06 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-12 23:06 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 23:00 - 2014-03-12 23:06 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 22:57 - 2014-03-12 23:06 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 22:38 - 2014-03-12 23:06 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-12 23:06 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 22:32 - 2014-02-28 22:32 - 00015788 _____ () C:\Users\Dan\Downloads\Addendum A Daniel Quintero.odt
2014-02-28 22:27 - 2014-03-12 23:06 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-12 23:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-12 23:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-27 23:51 - 2014-02-27 23:48 - 00000000 ____D () C:\Users\Dan\Desktop\New River Invoices
2014-02-27 23:45 - 2014-02-27 23:45 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-25 00:57 - 2014-02-25 00:57 - 37422682 _____ () C:\Users\Dan\Downloads\Tchaikovsky Violin Concerto.m4a
2014-02-24 22:40 - 2014-02-24 22:40 - 89261384 _____ () C:\Users\Dan\Downloads\Scheherazade.m4a
2014-02-24 02:15 - 2014-02-24 02:15 - 16620912 _____ () C:\Users\Dan\Downloads\evasi0n7-win-1.0.6-01f65fec4d42d76b3f35eda49f7450b2cfa88ff7.zip
2014-02-24 00:09 - 2014-02-24 00:09 - 00057682 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E11.720p.HDTV.x264-2HD.torrent
2014-02-24 00:07 - 2014-02-24 00:07 - 00057251 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E10.720p.HDTV.x264-REMARKABLE.torrent
2014-02-24 00:07 - 2014-02-24 00:07 - 00040886 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E11.HDTV.x264-2HD.torrent
2014-02-23 17:50 - 2014-02-23 17:50 - 00007642 _____ () C:\Users\Dan\AppData\Local\Resmon.ResmonCfg
2014-02-22 23:14 - 2014-02-24 02:18 - 19083278 _____ () C:\Users\Dan\Desktop\evasi0n7.exe
 
Some content of TEMP:
====================
C:\Users\Dan\AppData\Local\Temp\7z.dll
C:\Users\Dan\AppData\Local\Temp\7z.exe
C:\Users\Dan\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Dan\AppData\Local\Temp\bassmod.dll
C:\Users\Dan\AppData\Local\Temp\bdbrowser_setup-19095018_608-4_6_0_36411-4430.exe
C:\Users\Dan\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Dan\AppData\Local\Temp\Bundle.exe
C:\Users\Dan\AppData\Local\Temp\conduitchecker.exe
C:\Users\Dan\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Dan\AppData\Local\Temp\FreemakeVideoConverter_4.1.2.1.exe
C:\Users\Dan\AppData\Local\Temp\Garritan_ARIA_Player.exe
C:\Users\Dan\AppData\Local\Temp\Garritan_Instruments_for_Finale.exe
C:\Users\Dan\AppData\Local\Temp\Installer.exe
C:\Users\Dan\AppData\Local\Temp\install_flash_player_11_plugin.exe
C:\Users\Dan\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\Dan\AppData\Local\Temp\MMFontSetup.exe
C:\Users\Dan\AppData\Local\Temp\nsa5657.exe
C:\Users\Dan\AppData\Local\Temp\nsbFC9.exe
C:\Users\Dan\AppData\Local\Temp\nsbFF04.exe
C:\Users\Dan\AppData\Local\Temp\nseBAD3.exe
C:\Users\Dan\AppData\Local\Temp\nskC072.exe
C:\Users\Dan\AppData\Local\Temp\nsl2F66.exe
C:\Users\Dan\AppData\Local\Temp\nsl33AD.exe
C:\Users\Dan\AppData\Local\Temp\nsu97D9.exe
C:\Users\Dan\AppData\Local\Temp\nsu9F2C.exe
C:\Users\Dan\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dan\AppData\Local\Temp\nvStInst.exe
C:\Users\Dan\AppData\Local\Temp\OnlineWeatherSetup.exe
C:\Users\Dan\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Dan\AppData\Local\Temp\ose00000.exe
C:\Users\Dan\AppData\Local\Temp\Quarantine.exe
C:\Users\Dan\AppData\Local\Temp\QuickShare1.exe
C:\Users\Dan\AppData\Local\Temp\SendMsg.dll
C:\Users\Dan\AppData\Local\Temp\setup__1811.exe
C:\Users\Dan\AppData\Local\Temp\SPStub.exe
C:\Users\Dan\AppData\Local\Temp\SRLDetectionLibrary5455906133374909923.dll
C:\Users\Dan\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Dan\AppData\Local\Temp\tbVisu.dll
C:\Users\Dan\AppData\Local\Temp\tbWhit.dll
C:\Users\Dan\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Dan\AppData\Local\Temp\utt3A0F.tmp.exe
C:\Users\Dan\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Dan\AppData\Local\Temp\vcredist_x86_2008_sp1.exe
C:\Users\Dan\AppData\Local\Temp\_is757B.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-20 00:20
 
==================== End Of Log ============================Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Dan (administrator) on DAN-PC on 24-03-2014 16:17:10
Running from C:\Users\Dan\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Webroot) C:\Program Files\Webroot\WRSA.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(BitTorrent Inc.) C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Curse) C:\Users\Dan\AppData\Local\Apps\2.0\VEEC1Y8V.MDZ\ZJY97RE1.Y71\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Conceiva Pty. Ltd.) C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Dan\Downloads\SystemLook_x64.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [3832064 2009-09-12] (O&O Software GmbH)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [XFast LAN] - C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Syncios device service] - C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [578048 2013-07-12] ()
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [WRSVC] - C:\Program Files\Webroot\WRSA.exe [763000 2014-03-18] (Webroot)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [zASRockInstantBoot] - [X]
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [uTorrent] - C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe [904272 2013-11-30] (BitTorrent Inc.)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-03-10] (Electronic Arts)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20924064 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\MountPoints2: {e0033211-0643-11e3-8af5-bc5ff41ccbde} - F:\setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs-x32:  c:\progra~2\sw30e4~1.boo => "c:\progra~2\sw30e4~1.boo" File Not Found
Startup: C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x28391B946199CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKCU - DefaultScope {20B9AC15-3714-4949-9314-71D05D8F1CC3} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3287810&CUI=UN97231266611607295&UM=2
SearchScopes: HKCU - {480DEBEE-D5BE-4FC3-98BD-D6986483346A} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: NextCaoup - {98D9245C-B131-A41C-BC09-EF42C9D8D9E3} - C:\Program Files (x86)\NextCaoup\P.x64.dll ()
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: SNT - {C2F64206-F231-3110-DF86-F3EEE1D7E159} - C:\Program Files (x86)\SNT\MI0W.x64.dll No File
BHO: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
BHO: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: YoutubeAdblocker - {DE6AE88A-F854-3239-578D-86AC0C35FBB8} - C:\Program Files (x86)\YoutubeAdblocker\en5Fn.x64.dll No File
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: NextCaoup - {98D9245C-B131-A41C-BC09-EF42C9D8D9E3} - C:\Program Files (x86)\NextCaoup\P.dll ()
BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
BHO-x32: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (Adblock Plus) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-06]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-02-01]
CHR Extension: (Falcon Proxy) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchhimlnjdafdlkojbffdkogjhhkdepf [2014-03-15]
CHR Extension: (NextCaoup) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokgkkecagikijindglamogignebehon [2014-03-24]
CHR Extension: (Webroot Filtering Extension) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-03-19]
CHR Extension: (Google Wallet) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Webroot Password Manager) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab [2014-03-19]
CHR HKCU\...\Chrome\Extension: [alhkhciaeadgoondadnppeinickmmndo] - C:\Users\Dan\AppData\Local\CRE\alhkhciaeadgoondadnppeinickmmndo.crx [2013-11-03]
CHR HKCU\...\Chrome\Extension: [oiffmnkajgkhjjchngmajlomfdhfjdma] - C:\Users\Dan\AppData\Local\CRE\oiffmnkajgkhjjchngmajlomfdhfjdma.crx [2013-11-02]
CHR HKLM-x32\...\Chrome\Extension: [alhkhciaeadgoondadnppeinickmmndo] - C:\Users\Dan\AppData\Local\CRE\alhkhciaeadgoondadnppeinickmmndo.crx [2013-11-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.32.crx [2014-03-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
CHR HKLM-x32\...\Chrome\Extension: [oiffmnkajgkhjjchngmajlomfdhfjdma] - C:\Users\Dan\AppData\Local\CRE\oiffmnkajgkhjjchngmajlomfdhfjdma.crx [2013-11-02]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2014-03-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-12-09] (Freemake)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Mezzmo; C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe [3925800 2013-09-14] (Conceiva Pty. Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
R2 O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2287360 2009-09-12] (O&O Software GmbH)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [763000 2014-03-18] (Webroot)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [303360 2011-12-07] ()
S2 1a34a8e0; "C:\Windows\system32\rundll32.exe" "c:\progra~2\SWSvc.dll",service
S2 25e4f9bf; "C:\Windows\system32\rundll32.exe" "c:\progra~3\webtect\WebTectSvc.dll",service
 
==================== Drivers (Whitelisted) ====================
 
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2013-11-03] (Echobit, LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-08-14] ()
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [113664 2014-03-18] (Webroot)
U3 aumvm7y8; C:\Windows\System32\Drivers\aumvm7y8.sys [0 ] (Microsoft Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\Users\Dan\AppData\Local\Torch
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\ProgramData\NextCaoup
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\Program Files (x86)\NextCaoup
2014-03-24 15:33 - 2014-03-24 15:33 - 00001230 _____ () C:\Users\Dan\Desktop\Revo Uninstaller.lnk
2014-03-24 15:33 - 2014-03-24 15:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-24 15:32 - 2014-03-24 15:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dan\Downloads\revosetup.exe
2014-03-22 12:43 - 2014-03-22 12:45 - 00050236 _____ () C:\Users\Dan\Downloads\Addition.txt
2014-03-22 12:42 - 2014-03-24 16:17 - 00019188 _____ () C:\Users\Dan\Downloads\FRST.txt
2014-03-22 12:42 - 2014-03-24 16:17 - 00000000 ____D () C:\FRST
2014-03-22 12:41 - 2014-03-22 12:42 - 02157056 _____ (Farbar) C:\Users\Dan\Downloads\FRST64.exe
2014-03-22 12:41 - 2014-03-22 12:41 - 00294568 _____ (VLCPlayer) C:\Users\Dan\Downloads\Software_Update__CD5MTCD4349_e9200236-2219-424b-8c20-8e981f2bc976_v4ISNMVD7HS7V8EA0S2501DUHP_0_0_0.exe
2014-03-20 22:26 - 2014-03-20 22:27 - 00831962 _____ () C:\Users\Dan\Downloads\powerpoint for presentation.pptx
2014-03-20 17:09 - 2014-03-24 16:16 - 00001892 _____ () C:\Users\Dan\Downloads\SystemLook.txt
2014-03-20 17:08 - 2014-03-20 17:08 - 00165376 _____ () C:\Users\Dan\Downloads\SystemLook_x64.exe
2014-03-20 13:17 - 2014-03-20 13:17 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-20 13:17 - 2014-03-20 13:17 - 00000000 ____D () C:\Users\Dan\AppData\Local\Skype
2014-03-20 13:05 - 2014-03-20 13:11 - 00000000 ____D () C:\AdwCleaner
2014-03-20 13:05 - 2014-03-20 13:05 - 01950720 _____ () C:\Users\Dan\Downloads\AdwCleaner.exe
2014-03-19 12:11 - 2014-03-19 12:12 - 00000000 ____D () C:\Users\Dan\Desktop\logss
2014-03-19 12:11 - 2014-03-19 12:11 - 00027323 _____ () C:\Users\Dan\Desktop\dds.txt
2014-03-19 12:11 - 2014-03-19 12:11 - 00012725 _____ () C:\Users\Dan\Desktop\attach.txt
2014-03-19 12:09 - 2014-03-19 12:09 - 00688992 ____R (Swearware) C:\Users\Dan\Downloads\dds.com
2014-03-19 12:01 - 2014-03-19 12:01 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-18 23:00 - 2014-03-18 23:00 - 00001075 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Malwarebytes
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-18 23:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-18 22:59 - 2014-03-18 23:01 - 00000000 ____D () C:\Users\Dan\Downloads\Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD
2014-03-18 22:59 - 2014-03-18 22:59 - 00000354 _____ () C:\Users\Dan\Downloads\Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD [IPT].torrent
2014-03-18 22:58 - 2014-03-18 22:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dan\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-18 22:56 - 2014-03-18 22:58 - 296354328 _____ () C:\Users\Dan\Downloads\SEP_12_1_RU2_64bit.exe
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (3).1_RU2_(64bit).torrent
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (2).1_RU2_(64bit)
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (1).1_RU2_(64bit)
2014-03-18 22:55 - 2014-03-18 22:55 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12.1_RU2_(64bit)
2014-03-18 22:32 - 2014-03-18 22:32 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack (2).torrent
2014-03-18 22:32 - 2014-03-18 22:32 - 00000000 ____D () C:\Users\Dan\Downloads\Webroot SecureAnywhere Complete 2013 [KaranPc]
2014-03-18 22:31 - 2014-03-18 22:31 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack (1).torrent
2014-03-18 22:10 - 2014-03-24 15:53 - 00000000 ____D () C:\ProgramData\WRData
2014-03-18 22:10 - 2014-03-19 10:13 - 00000000 ____D () C:\Users\Dan\AppData\Local\lptmp1890866352
2014-03-18 22:10 - 2014-03-18 22:10 - 00152744 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2014-03-18 22:10 - 2014-03-18 22:10 - 00113664 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2014-03-18 22:10 - 2014-03-18 22:10 - 00103816 _____ (Webroot) C:\Windows\system32\WRusr.dll
2014-03-18 22:10 - 2014-03-18 22:10 - 00000000 ____D () C:\Program Files\Webroot
2014-03-18 22:06 - 2014-03-18 22:06 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack.torrent
2014-03-18 21:14 - 2014-03-18 21:14 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-03-18 16:58 - 2014-03-18 16:58 - 00000000 ____D () C:\Users\Dan\Desktop\Tor Browser
2014-03-18 16:57 - 2014-03-18 16:58 - 22892386 _____ () C:\Users\Dan\Downloads\torbrowser-install-3.5.2.1_en-US.exe
2014-03-17 15:10 - 2014-03-17 15:10 - 01075264 _____ (OR Interactive Ltd) C:\Users\Dan\Downloads\IDM2.exe
2014-03-15 13:22 - 2013-07-12 20:34 - 00000488 _____ () C:\Users\Dan\Desktop\com.telltalegames.walkingdead100.plist
2014-03-15 13:21 - 2014-03-15 13:21 - 00000850 _____ () C:\Users\Dan\Desktop\ipa01348_Hack.rar
2014-03-15 13:21 - 2013-07-12 20:36 - 00000692 _____ () C:\Users\Dan\Desktop\[Hack] Walking Dead The Game.rar
2014-03-15 13:20 - 2014-03-24 15:40 - 00000432 ____H () C:\Windows\Tasks\SW.Booster-S-571884386.job
2014-03-15 13:20 - 2014-03-24 15:40 - 00000000 ____D () C:\ProgramData\safoeweb
2014-03-15 13:20 - 2014-03-24 15:38 - 00000000 ____D () C:\ProgramData\2b987117163ab168
2014-03-15 13:20 - 2014-03-24 15:38 - 00000000 ____D () C:\Program Files (x86)\safoeweb
2014-03-15 13:20 - 2014-03-15 13:21 - 00000000 ____D () C:\ProgramData\SnowApp
2014-03-15 13:20 - 2014-03-15 13:20 - 04210176 _____ () C:\Program Files (x86)\SW_x64.Booster
2014-03-15 13:20 - 2014-03-15 13:20 - 00002678 _____ () C:\Windows\System32\Tasks\SW.Booster-S-571884386
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Dan\AppData\Local\Packages
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Dan\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator
2014-03-15 13:19 - 2014-03-15 13:21 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-15 13:19 - 2014-03-15 13:19 - 00341792 _____ (SnowApp) C:\Users\Dan\Downloads\Download_Manager-ipa01348_Hack.rar.exe
2014-03-15 02:03 - 2014-03-15 02:06 - 67135709 _____ () C:\Users\Dan\Downloads\metal_slug_x.ipa
2014-03-14 22:01 - 2014-03-14 22:01 - 00000239 _____ () C:\Users\Dan\Desktop\Hotel.txt
2014-03-14 17:26 - 2014-03-14 17:26 - 00000000 ____D () C:\Users\Dan\Desktop\New folder
2014-03-14 17:24 - 2014-03-14 17:24 - 00000379 _____ () C:\Users\Dan\Downloads\TWD2.zip
2014-03-14 17:19 - 2014-03-14 17:19 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-03-14 17:18 - 2014-03-14 17:18 - 00376256 _____ () C:\Users\Dan\Downloads\7zip.exe
2014-03-14 16:51 - 2014-03-15 13:29 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\iFunbox_UserCache
2014-03-14 16:51 - 2014-03-14 16:51 - 00001022 _____ () C:\Users\Public\Desktop\iFunbox.lnk
2014-03-14 16:51 - 2014-03-14 16:51 - 00000000 ____D () C:\Program Files (x86)\i-Funbox DevTeam
2014-03-14 16:49 - 2014-03-14 16:55 - 524460180 _____ () C:\Users\Dan\Downloads\walking_dead_the_game_season_2.ipa
2014-03-14 16:49 - 2014-03-14 16:49 - 15043804 _____ ( ) C:\Users\Dan\Downloads\ifunbox_setup.exe
2014-03-12 23:06 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 23:06 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 23:06 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 23:06 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 23:06 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 23:06 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 23:06 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 23:06 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 23:06 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 23:06 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 23:06 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 23:06 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 23:06 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 23:06 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 23:06 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 23:06 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 23:06 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 23:06 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 23:06 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 23:06 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 23:06 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 23:06 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 23:06 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 23:06 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 23:06 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 23:06 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 23:06 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 23:06 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 23:06 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 23:06 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 23:06 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 23:06 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 23:06 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 23:06 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 23:06 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 23:06 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 23:06 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 23:06 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 23:06 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 23:06 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 23:06 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 23:06 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 23:06 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 23:06 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 23:04 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 23:04 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 23:04 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 23:04 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-11 17:04 - 2014-03-11 17:04 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-11 12:49 - 2014-03-04 07:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-11 12:46 - 2014-03-04 10:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-11 12:46 - 2014-03-04 10:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-11 01:33 - 2014-03-11 01:33 - 00000000 ____D () C:\Users\Dan\Documents\Respawn
2014-03-11 01:05 - 2014-03-11 01:05 - 00001144 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-03-10 21:41 - 2014-03-10 21:56 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-10 21:39 - 2014-03-11 12:27 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Origin
2014-03-10 21:39 - 2014-03-11 01:33 - 00000000 ____D () C:\Users\Dan\AppData\Local\Origin
2014-03-10 21:36 - 2014-03-24 15:41 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-10 21:36 - 2014-03-24 10:28 - 00000000 ____D () C:\ProgramData\Origin
2014-03-10 21:36 - 2014-03-11 01:33 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-03-10 21:36 - 2014-03-10 21:36 - 00000945 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-03-10 21:33 - 2014-03-10 21:34 - 17009704 _____ (Electronic Arts, Inc.) C:\Users\Dan\Downloads\OriginThinSetup.exe
2014-03-10 14:56 - 2014-03-10 11:54 - 00000025 ____N () C:\Users\Dan\Desktop\ATT00004
2014-03-10 14:56 - 2014-03-10 11:54 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00003
2014-03-10 14:56 - 2014-03-10 11:54 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00002
2014-03-10 14:56 - 2014-03-10 11:54 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00001
2014-03-10 14:54 - 2014-03-10 14:54 - 08936675 _____ () C:\Users\Dan\Desktop\Outlook (1).zip
2014-03-10 01:30 - 2014-03-10 01:31 - 00018218 _____ () C:\Users\Dan\Downloads\True.Detective.S01E08.HDTV.XviD-EVO [IPT].torrent
2014-03-07 20:34 - 2014-03-07 20:34 - 00016832 _____ () C:\Users\Dan\Downloads\Knights of Badassdom 1080p WEBRip - BLiTZCRiEG.torrent
2014-03-07 19:39 - 2014-03-07 19:39 - 00041673 _____ () C:\Users\Dan\Downloads\7E8DE931C0C54EB96523C698F5D030894561B404.torrent
2014-03-07 19:39 - 2014-03-07 19:39 - 00025493 _____ () C:\Users\Dan\Downloads\42DBE12D91EFBC1396292F521B5655091DAEC399.torrent
2014-03-07 19:18 - 2014-03-07 19:18 - 00028853 _____ () C:\Users\Dan\Downloads\D7A9AD75F0FC10C92F3CC8186888617A059E0411.torrent
2014-03-07 19:17 - 2014-03-07 19:36 - 00000000 ____D () C:\Users\Dan\Downloads\Delivery Man (2013) 720p BluRay + Subtitles [GlowGaze.Com]
2014-03-07 19:15 - 2014-03-07 19:15 - 00322272 _____ (HostIt) C:\Users\Dan\Downloads\Delivery Man (2013) 720p BluRay.exe
2014-03-07 19:15 - 2014-03-07 19:15 - 00024836 _____ () C:\Users\Dan\Downloads\67EC9A7B5A839F8C085DC0CDD2B7094B3F75D3B0.torrent
2014-03-07 16:19 - 2014-03-07 16:19 - 00000006 _____ () C:\Users\Dan\Desktop\Confirmation.txt
2014-03-07 15:04 - 2014-03-07 15:04 - 00002061 _____ () C:\Users\Dan\Desktop\Classicshapewear.txt
2014-03-07 15:04 - 2014-03-07 15:04 - 00000000 _____ () C:\Users\Dan\Desktop\New Text Document.txt
2014-03-07 13:14 - 2014-03-07 13:14 - 00001020 _____ () C:\Users\Public\Desktop\Southpark Stick of Truth.lnk
2014-03-07 13:05 - 2014-03-07 13:20 - 00000000 ____D () C:\Program Files (x86)\Southpark Stick of Truth
2014-03-07 04:16 - 2014-03-07 04:16 - 00091040 _____ () C:\Users\Dan\Downloads\Southpark.Stick.Of.Truth-RELOADED.torrent
2014-02-28 22:32 - 2014-02-28 22:32 - 00015788 _____ () C:\Users\Dan\Downloads\Addendum A Daniel Quintero.odt
2014-02-27 23:48 - 2014-02-27 23:51 - 00000000 ____D () C:\Users\Dan\Desktop\New River Invoices
2014-02-27 23:45 - 2014-02-27 23:45 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-25 00:57 - 2014-02-25 00:57 - 37422682 _____ () C:\Users\Dan\Downloads\Tchaikovsky Violin Concerto.m4a
2014-02-24 22:40 - 2014-02-24 22:40 - 89261384 _____ () C:\Users\Dan\Downloads\Scheherazade.m4a
2014-02-24 02:18 - 2014-02-22 23:14 - 19083278 _____ () C:\Users\Dan\Desktop\evasi0n7.exe
2014-02-24 02:15 - 2014-02-24 02:15 - 16620912 _____ () C:\Users\Dan\Downloads\evasi0n7-win-1.0.6-01f65fec4d42d76b3f35eda49f7450b2cfa88ff7.zip
2014-02-24 00:09 - 2014-02-24 00:09 - 00057682 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E11.720p.HDTV.x264-2HD.torrent
2014-02-24 00:07 - 2014-02-24 00:07 - 00057251 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E10.720p.HDTV.x264-REMARKABLE.torrent
2014-02-24 00:07 - 2014-02-24 00:07 - 00040886 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E11.HDTV.x264-2HD.torrent
2014-02-23 17:50 - 2014-02-23 17:50 - 00007642 _____ () C:\Users\Dan\AppData\Local\Resmon.ResmonCfg
 
==================== One Month Modified Files and Folders =======
 
2014-03-24 16:17 - 2014-03-22 12:42 - 00019188 _____ () C:\Users\Dan\Downloads\FRST.txt
2014-03-24 16:17 - 2014-03-22 12:42 - 00000000 ____D () C:\FRST
2014-03-24 16:17 - 2013-08-16 02:27 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\uTorrent
2014-03-24 16:16 - 2014-03-20 17:09 - 00001892 _____ () C:\Users\Dan\Downloads\SystemLook.txt
2014-03-24 16:04 - 2013-11-03 19:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-24 16:02 - 2014-01-08 19:07 - 00004942 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Dan-PC-Dan Dan-PC
2014-03-24 16:00 - 2013-08-14 22:53 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-24 15:56 - 2009-07-14 00:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-24 15:56 - 2009-07-14 00:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-24 15:53 - 2014-03-18 22:10 - 00000000 ____D () C:\ProgramData\WRData
2014-03-24 15:52 - 2013-08-14 20:05 - 02068585 _____ () C:\Windows\WindowsUpdate.log
2014-03-24 15:44 - 2013-09-23 22:01 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Skype
2014-03-24 15:44 - 2013-08-16 13:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-24 15:44 - 2013-08-14 22:52 - 00000000 ____D () C:\Users\Dan\AppData\Local\Deployment
2014-03-24 15:43 - 2013-11-04 23:22 - 00000000 ____D () C:\Users\Dan\AppData\Local\LogMeIn Hamachi
2014-03-24 15:43 - 2013-08-25 22:05 - 00000043 _____ () C:\Windows\MezzmoMediaServer.INI
2014-03-24 15:43 - 2009-07-14 00:51 - 00071673 _____ () C:\Windows\setupact.log
2014-03-24 15:41 - 2014-03-10 21:36 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-24 15:41 - 2013-08-14 22:53 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-24 15:40 - 2014-03-15 13:20 - 00000432 ____H () C:\Windows\Tasks\SW.Booster-S-571884386.job
2014-03-24 15:40 - 2014-03-15 13:20 - 00000000 ____D () C:\ProgramData\safoeweb
2014-03-24 15:40 - 2013-08-15 16:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-24 15:40 - 2013-08-14 22:55 - 00276892 _____ () C:\Windows\system32\oodbs.lor
2014-03-24 15:40 - 2013-08-14 22:24 - 00000000 ____D () C:\Users\Dan
2014-03-24 15:40 - 2010-11-20 23:47 - 00226864 _____ () C:\Windows\PFRO.log
2014-03-24 15:40 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\Users\Dan\AppData\Local\Torch
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\ProgramData\NextCaoup
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\Program Files (x86)\NextCaoup
2014-03-24 15:38 - 2014-03-15 13:20 - 00000000 ____D () C:\ProgramData\2b987117163ab168
2014-03-24 15:38 - 2014-03-15 13:20 - 00000000 ____D () C:\Program Files (x86)\safoeweb
2014-03-24 15:35 - 2013-10-06 17:28 - 00000000 ____D () C:\Users\Dan\AppData\Local\Battle.net
2014-03-24 15:33 - 2014-03-24 15:33 - 00001230 _____ () C:\Users\Dan\Desktop\Revo Uninstaller.lnk
2014-03-24 15:33 - 2014-03-24 15:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-24 15:32 - 2014-03-24 15:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dan\Downloads\revosetup.exe
2014-03-24 10:28 - 2014-03-10 21:36 - 00000000 ____D () C:\ProgramData\Origin
2014-03-24 02:00 - 2013-08-18 18:56 - 00000000 ____D () C:\Users\Dan\AppData\Local\Adobe
2014-03-22 12:45 - 2014-03-22 12:43 - 00050236 _____ () C:\Users\Dan\Downloads\Addition.txt
2014-03-22 12:42 - 2014-03-22 12:41 - 02157056 _____ (Farbar) C:\Users\Dan\Downloads\FRST64.exe
2014-03-22 12:41 - 2014-03-22 12:41 - 00294568 _____ (VLCPlayer) C:\Users\Dan\Downloads\Software_Update__CD5MTCD4349_e9200236-2219-424b-8c20-8e981f2bc976_v4ISNMVD7HS7V8EA0S2501DUHP_0_0_0.exe
2014-03-22 01:22 - 2013-08-15 02:25 - 00000000 ____D () C:\Program Files (x86)\Heroes of Newerth
2014-03-21 15:47 - 2014-02-19 01:52 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 22:27 - 2014-03-20 22:26 - 00831962 _____ () C:\Users\Dan\Downloads\powerpoint for presentation.pptx
2014-03-20 17:08 - 2014-03-20 17:08 - 00165376 _____ () C:\Users\Dan\Downloads\SystemLook_x64.exe
2014-03-20 13:17 - 2014-03-20 13:17 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-20 13:17 - 2014-03-20 13:17 - 00000000 ____D () C:\Users\Dan\AppData\Local\Skype
2014-03-20 13:17 - 2013-09-23 22:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-20 13:17 - 2013-09-23 22:01 - 00000000 ____D () C:\ProgramData\Skype
2014-03-20 13:11 - 2014-03-20 13:05 - 00000000 ____D () C:\AdwCleaner
2014-03-20 13:05 - 2014-03-20 13:05 - 01950720 _____ () C:\Users\Dan\Downloads\AdwCleaner.exe
2014-03-19 12:12 - 2014-03-19 12:11 - 00000000 ____D () C:\Users\Dan\Desktop\logss
2014-03-19 12:11 - 2014-03-19 12:11 - 00027323 _____ () C:\Users\Dan\Desktop\dds.txt
2014-03-19 12:11 - 2014-03-19 12:11 - 00012725 _____ () C:\Users\Dan\Desktop\attach.txt
2014-03-19 12:09 - 2014-03-19 12:09 - 00688992 ____R (Swearware) C:\Users\Dan\Downloads\dds.com
2014-03-19 12:01 - 2014-03-19 12:01 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-19 12:01 - 2013-11-03 19:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-19 12:01 - 2013-11-03 19:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-19 12:01 - 2013-11-03 19:22 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-19 10:13 - 2014-03-18 22:10 - 00000000 ____D () C:\Users\Dan\AppData\Local\lptmp1890866352
2014-03-19 10:11 - 2013-09-07 20:11 - 00000000 ____D () C:\Windows\AutoKMS
2014-03-18 23:01 - 2014-03-18 22:59 - 00000000 ____D () C:\Users\Dan\Downloads\Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD
2014-03-18 23:00 - 2014-03-18 23:00 - 00001075 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Malwarebytes
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-18 22:59 - 2014-03-18 22:59 - 00000354 _____ () C:\Users\Dan\Downloads\Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD [IPT].torrent
2014-03-18 22:59 - 2014-03-18 22:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dan\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-18 22:58 - 2014-03-18 22:56 - 296354328 _____ () C:\Users\Dan\Downloads\SEP_12_1_RU2_64bit.exe
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (3).1_RU2_(64bit).torrent
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (2).1_RU2_(64bit)
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (1).1_RU2_(64bit)
2014-03-18 22:55 - 2014-03-18 22:55 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12.1_RU2_(64bit)
2014-03-18 22:32 - 2014-03-18 22:32 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack (2).torrent
2014-03-18 22:32 - 2014-03-18 22:32 - 00000000 ____D () C:\Users\Dan\Downloads\Webroot SecureAnywhere Complete 2013 [KaranPc]
2014-03-18 22:31 - 2014-03-18 22:31 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack (1).torrent
2014-03-18 22:10 - 2014-03-18 22:10 - 00152744 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2014-03-18 22:10 - 2014-03-18 22:10 - 00113664 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2014-03-18 22:10 - 2014-03-18 22:10 - 00103816 _____ (Webroot) C:\Windows\system32\WRusr.dll
2014-03-18 22:10 - 2014-03-18 22:10 - 00000000 ____D () C:\Program Files\Webroot
2014-03-18 22:06 - 2014-03-18 22:06 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack.torrent
2014-03-18 21:14 - 2014-03-18 21:14 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-03-18 16:58 - 2014-03-18 16:58 - 00000000 ____D () C:\Users\Dan\Desktop\Tor Browser
2014-03-18 16:58 - 2014-03-18 16:57 - 22892386 _____ () C:\Users\Dan\Downloads\torbrowser-install-3.5.2.1_en-US.exe
2014-03-18 16:38 - 2013-09-07 19:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-17 15:10 - 2014-03-17 15:10 - 01075264 _____ (OR Interactive Ltd) C:\Users\Dan\Downloads\IDM2.exe
2014-03-15 13:29 - 2014-03-14 16:51 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\iFunbox_UserCache
2014-03-15 13:21 - 2014-03-15 13:21 - 00000850 _____ () C:\Users\Dan\Desktop\ipa01348_Hack.rar
2014-03-15 13:21 - 2014-03-15 13:20 - 00000000 ____D () C:\ProgramData\SnowApp
2014-03-15 13:21 - 2014-03-15 13:19 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-15 13:20 - 2014-03-15 13:20 - 04210176 _____ () C:\Program Files (x86)\SW_x64.Booster
2014-03-15 13:20 - 2014-03-15 13:20 - 00002678 _____ () C:\Windows\System32\Tasks\SW.Booster-S-571884386
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Dan\AppData\Local\Packages
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Dan\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator
2014-03-15 13:20 - 2013-08-14 22:53 - 00000000 ____D () C:\Users\Dan\AppData\Local\Google
2014-03-15 13:19 - 2014-03-15 13:19 - 00341792 _____ (SnowApp) C:\Users\Dan\Downloads\Download_Manager-ipa01348_Hack.rar.exe
2014-03-15 13:06 - 2013-08-14 22:53 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-15 02:06 - 2014-03-15 02:03 - 67135709 _____ () C:\Users\Dan\Downloads\metal_slug_x.ipa
2014-03-14 22:01 - 2014-03-14 22:01 - 00000239 _____ () C:\Users\Dan\Desktop\Hotel.txt
2014-03-14 17:26 - 2014-03-14 17:26 - 00000000 ____D () C:\Users\Dan\Desktop\New folder
2014-03-14 17:24 - 2014-03-14 17:24 - 00000379 _____ () C:\Users\Dan\Downloads\TWD2.zip
2014-03-14 17:19 - 2014-03-14 17:19 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-03-14 17:18 - 2014-03-14 17:18 - 00376256 _____ () C:\Users\Dan\Downloads\7zip.exe
2014-03-14 16:55 - 2014-03-14 16:49 - 524460180 _____ () C:\Users\Dan\Downloads\walking_dead_the_game_season_2.ipa
2014-03-14 16:51 - 2014-03-14 16:51 - 00001022 _____ () C:\Users\Public\Desktop\iFunbox.lnk
2014-03-14 16:51 - 2014-03-14 16:51 - 00000000 ____D () C:\Program Files (x86)\i-Funbox DevTeam
2014-03-14 16:49 - 2014-03-14 16:49 - 15043804 _____ ( ) C:\Users\Dan\Downloads\ifunbox_setup.exe
2014-03-13 20:06 - 2013-10-21 22:07 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-13 12:24 - 2009-07-14 01:13 - 00786558 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-13 12:22 - 2009-07-14 00:45 - 05018064 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 12:17 - 2013-08-22 00:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 12:17 - 2013-08-22 00:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 12:00 - 2009-07-13 22:34 - 00000478 _____ () C:\Windows\win.ini
2014-03-12 12:02 - 2014-01-29 16:43 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-03-11 19:48 - 2013-10-16 21:10 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-03-11 17:04 - 2014-03-11 17:04 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-11 12:49 - 2013-08-14 22:51 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-11 12:38 - 2014-02-14 12:53 - 00000000 ____D () C:\Users\Dan\AppData\Local\NVIDIA
2014-03-11 12:27 - 2014-03-10 21:39 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Origin
2014-03-11 01:33 - 2014-03-11 01:33 - 00000000 ____D () C:\Users\Dan\Documents\Respawn
2014-03-11 01:33 - 2014-03-10 21:39 - 00000000 ____D () C:\Users\Dan\AppData\Local\Origin
2014-03-11 01:33 - 2014-03-10 21:36 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-03-11 01:05 - 2014-03-11 01:05 - 00001144 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-03-11 00:14 - 2013-08-14 23:13 - 00116253 _____ () C:\Windows\DirectX.log
2014-03-10 21:56 - 2014-03-10 21:41 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-10 21:36 - 2014-03-10 21:36 - 00000945 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-03-10 21:36 - 2014-01-10 18:07 - 00000000 ____D () C:\Users\Dan\Desktop\Whatbox
2014-03-10 21:34 - 2014-03-10 21:33 - 17009704 _____ (Electronic Arts, Inc.) C:\Users\Dan\Downloads\OriginThinSetup.exe
2014-03-10 14:57 - 2013-12-08 01:06 - 00002246 _____ () C:\Users\Dan\Desktop\AC4BFSP.exe - Shortcut.lnk
2014-03-10 14:54 - 2014-03-10 14:54 - 08936675 _____ () C:\Users\Dan\Desktop\Outlook (1).zip
2014-03-10 11:54 - 2014-03-10 14:56 - 00000025 ____N () C:\Users\Dan\Desktop\ATT00004
2014-03-10 11:54 - 2014-03-10 14:56 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00003
2014-03-10 11:54 - 2014-03-10 14:56 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00002
2014-03-10 11:54 - 2014-03-10 14:56 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00001
2014-03-10 02:35 - 2013-09-08 23:56 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\vlc
2014-03-10 01:31 - 2014-03-10 01:30 - 00018218 _____ () C:\Users\Dan\Downloads\True.Detective.S01E08.HDTV.XviD-EVO [IPT].torrent
2014-03-07 20:34 - 2014-03-07 20:34 - 00016832 _____ () C:\Users\Dan\Downloads\Knights of Badassdom 1080p WEBRip - BLiTZCRiEG.torrent
2014-03-07 19:39 - 2014-03-07 19:39 - 00041673 _____ () C:\Users\Dan\Downloads\7E8DE931C0C54EB96523C698F5D030894561B404.torrent
2014-03-07 19:39 - 2014-03-07 19:39 - 00025493 _____ () C:\Users\Dan\Downloads\42DBE12D91EFBC1396292F521B5655091DAEC399.torrent
2014-03-07 19:36 - 2014-03-07 19:17 - 00000000 ____D () C:\Users\Dan\Downloads\Delivery Man (2013) 720p BluRay + Subtitles [GlowGaze.Com]
2014-03-07 19:18 - 2014-03-07 19:18 - 00028853 _____ () C:\Users\Dan\Downloads\D7A9AD75F0FC10C92F3CC8186888617A059E0411.torrent
2014-03-07 19:15 - 2014-03-07 19:15 - 00322272 _____ (HostIt) C:\Users\Dan\Downloads\Delivery Man (2013) 720p BluRay.exe
2014-03-07 19:15 - 2014-03-07 19:15 - 00024836 _____ () C:\Users\Dan\Downloads\67EC9A7B5A839F8C085DC0CDD2B7094B3F75D3B0.torrent
2014-03-07 16:19 - 2014-03-07 16:19 - 00000006 _____ () C:\Users\Dan\Desktop\Confirmation.txt
2014-03-07 15:04 - 2014-03-07 15:04 - 00002061 _____ () C:\Users\Dan\Desktop\Classicshapewear.txt
2014-03-07 15:04 - 2014-03-07 15:04 - 00000000 _____ () C:\Users\Dan\Desktop\New Text Document.txt
2014-03-07 13:20 - 2014-03-07 13:05 - 00000000 ____D () C:\Program Files (x86)\Southpark Stick of Truth
2014-03-07 13:20 - 2013-08-19 08:58 - 00000000 ____D () C:\Users\Dan\Documents\My Games
2014-03-07 13:14 - 2014-03-07 13:14 - 00001020 _____ () C:\Users\Public\Desktop\Southpark Stick of Truth.lnk
2014-03-07 04:16 - 2014-03-07 04:16 - 00091040 _____ () C:\Users\Dan\Downloads\Southpark.Stick.Of.Truth-RELOADED.torrent
2014-03-04 20:10 - 2013-08-30 22:15 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-03-04 10:35 - 2014-03-11 12:46 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 10:35 - 2014-03-11 12:46 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-04 10:35 - 2013-12-16 00:38 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 10:35 - 2013-08-15 16:04 - 00062408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-04 10:35 - 2013-08-15 16:04 - 00054216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 09:06 - 2013-08-15 16:04 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 09:06 - 2013-08-15 16:04 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 09:05 - 2013-08-15 16:04 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-04 09:05 - 2013-08-15 16:04 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 09:05 - 2013-08-15 16:04 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 09:05 - 2013-08-15 16:04 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-04 07:32 - 2014-03-11 12:49 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-01 13:21 - 2013-08-14 22:22 - 00778680 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-01 02:05 - 2014-03-12 23:06 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 01:17 - 2014-03-12 23:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 01:16 - 2014-03-12 23:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 00:58 - 2014-03-12 23:06 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 00:52 - 2014-03-12 23:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 00:51 - 2014-03-12 23:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 00:42 - 2014-03-12 23:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 00:40 - 2014-03-12 23:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 00:37 - 2014-03-12 23:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 00:33 - 2014-03-12 23:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 00:33 - 2014-03-12 23:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 00:32 - 2014-03-12 23:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 00:30 - 2014-03-12 23:06 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 00:23 - 2014-03-12 23:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 00:17 - 2014-03-12 23:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 00:11 - 2014-03-12 23:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 00:02 - 2014-03-12 23:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-28 23:54 - 2014-03-12 23:06 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-28 23:52 - 2014-03-12 23:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-28 23:51 - 2014-03-12 23:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-28 23:47 - 2014-03-12 23:06 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 23:43 - 2014-03-12 23:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-28 23:43 - 2014-03-12 23:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-28 23:42 - 2014-03-12 23:06 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-28 23:40 - 2014-03-12 23:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-28 23:38 - 2014-03-12 23:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 23:37 - 2014-03-12 23:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-28 23:35 - 2014-03-12 23:06 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-28 23:18 - 2014-03-12 23:06 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-28 23:16 - 2014-03-12 23:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-28 23:14 - 2014-03-12 23:06 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-12 23:06 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-12 23:06 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 23:00 - 2014-03-12 23:06 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 22:57 - 2014-03-12 23:06 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 22:38 - 2014-03-12 23:06 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-12 23:06 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 22:32 - 2014-02-28 22:32 - 00015788 _____ () C:\Users\Dan\Downloads\Addendum A Daniel Quintero.odt
2014-02-28 22:27 - 2014-03-12 23:06 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-12 23:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-12 23:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-27 23:51 - 2014-02-27 23:48 - 00000000 ____D () C:\Users\Dan\Desktop\New River Invoices
2014-02-27 23:45 - 2014-02-27 23:45 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-25 00:57 - 2014-02-25 00:57 - 37422682 _____ () C:\Users\Dan\Downloads\Tchaikovsky Violin Concerto.m4a
2014-02-24 22:40 - 2014-02-24 22:40 - 89261384 _____ () C:\Users\Dan\Downloads\Scheherazade.m4a
2014-02-24 02:15 - 2014-02-24 02:15 - 16620912 _____ () C:\Users\Dan\Downloads\evasi0n7-win-1.0.6-01f65fec4d42d76b3f35eda49f7450b2cfa88ff7.zip
2014-02-24 00:09 - 2014-02-24 00:09 - 00057682 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E11.720p.HDTV.x264-2HD.torrent
2014-02-24 00:07 - 2014-02-24 00:07 - 00057251 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E10.720p.HDTV.x264-REMARKABLE.torrent
2014-02-24 00:07 - 2014-02-24 00:07 - 00040886 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E11.HDTV.x264-2HD.torrent
2014-02-23 17:50 - 2014-02-23 17:50 - 00007642 _____ () C:\Users\Dan\AppData\Local\Resmon.ResmonCfg
2014-02-22 23:14 - 2014-02-24 02:18 - 19083278 _____ () C:\Users\Dan\Desktop\evasi0n7.exe
 
Some content of TEMP:
====================
C:\Users\Dan\AppData\Local\Temp\7z.dll
C:\Users\Dan\AppData\Local\Temp\7z.exe
C:\Users\Dan\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Dan\AppData\Local\Temp\bassmod.dll
C:\Users\Dan\AppData\Local\Temp\bdbrowser_setup-19095018_608-4_6_0_36411-4430.exe
C:\Users\Dan\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Dan\AppData\Local\Temp\Bundle.exe
C:\Users\Dan\AppData\Local\Temp\conduitchecker.exe
C:\Users\Dan\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Dan\AppData\Local\Temp\FreemakeVideoConverter_4.1.2.1.exe
C:\Users\Dan\AppData\Local\Temp\Garritan_ARIA_Player.exe
C:\Users\Dan\AppData\Local\Temp\Garritan_Instruments_for_Finale.exe
C:\Users\Dan\AppData\Local\Temp\Installer.exe
C:\Users\Dan\AppData\Local\Temp\install_flash_player_11_plugin.exe
C:\Users\Dan\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\Dan\AppData\Local\Temp\MMFontSetup.exe
C:\Users\Dan\AppData\Local\Temp\nsa5657.exe
C:\Users\Dan\AppData\Local\Temp\nsbFC9.exe
C:\Users\Dan\AppData\Local\Temp\nsbFF04.exe
C:\Users\Dan\AppData\Local\Temp\nseBAD3.exe
C:\Users\Dan\AppData\Local\Temp\nskC072.exe
C:\Users\Dan\AppData\Local\Temp\nsl2F66.exe
C:\Users\Dan\AppData\Local\Temp\nsl33AD.exe
C:\Users\Dan\AppData\Local\Temp\nsu97D9.exe
C:\Users\Dan\AppData\Local\Temp\nsu9F2C.exe
C:\Users\Dan\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dan\AppData\Local\Temp\nvStInst.exe
C:\Users\Dan\AppData\Local\Temp\OnlineWeatherSetup.exe
C:\Users\Dan\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Dan\AppData\Local\Temp\ose00000.exe
C:\Users\Dan\AppData\Local\Temp\Quarantine.exe
C:\Users\Dan\AppData\Local\Temp\QuickShare1.exe
C:\Users\Dan\AppData\Local\Temp\SendMsg.dll
C:\Users\Dan\AppData\Local\Temp\setup__1811.exe
C:\Users\Dan\AppData\Local\Temp\SPStub.exe
C:\Users\Dan\AppData\Local\Temp\SRLDetectionLibrary5455906133374909923.dll
C:\Users\Dan\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Dan\AppData\Local\Temp\tbVisu.dll
C:\Users\Dan\AppData\Local\Temp\tbWhit.dll
C:\Users\Dan\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Dan\AppData\Local\Temp\utt3A0F.tmp.exe
C:\Users\Dan\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Dan\AppData\Local\Temp\vcredist_x86_2008_sp1.exe
C:\Users\Dan\AppData\Local\Temp\_is757B.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-20 00:20
 
==================== End Of Log ============================
 
 
SystemLook 30.07.11 by jpshortstuff
Log created at 16:16 on 24/03/2014 by Dan
Administrator - Elevation successful
 
========== file ==========
 
C:\Windows\System32\Drivers\az0u1d7p.sys - Unable to find/read file.
 
  - Unable to find/read file.
 
========== reg ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows]
"IconServiceLib"="IconCodecService.dll"
"DdeSendTimeout"= 0x0000000000 (0)
"DesktopHeapLogging"= 0x0000000001 (1)
"GDIProcessHandleQuota"= 0x0000002710 (10000)
"ShutdownWarningDialogTimeout"= 0x00ffffffff (-1)
"USERNestedWindowLimit"= 0x0000000032 (50)
"USERPostMessageLimit"= 0x0000002710 (10000)
"USERProcessHandleQuota"= 0x0000002710 (10000)
@="mnmsrvc"
"DeviceNotSelectedTimeout"="15"
"Spooler"="yes"
"TransmissionRetryTimeout"="90"
"AppInit_DLLs"="c:\windows\syswow64\nvinit.dll  c:\progra~2\sw30e4~1.boo"
"LoadAppInit_DLLs"= 0x0000000001 (1)
 
 
-= EOF =-


#11 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:31 AM

Posted 26 March 2014 - 10:35 AM

Hi Dquinte2,
 
Uninstalling an extension in chrome:
  1. Click the Chrome menu on the browser toolbar.
  2. Click Tools.
  3. Select Extensions.
  4. Click the recycle bin icon by SNT to completely remove it.
  5. A confirmation dialogue appears, click Remove.
  6. Repeat for saFFeweb and YoutubeAdblocker.

 

--------------

 

We need to run a fix with FRST:

  • Press Windows Logo (on keyboard) + R and type notepad into the run box which appears. Press enter.
  • Copy and paste the script below in the notepad document:​
HKLM-x32\...\Run: [] - [X]
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [zASRockInstantBoot] - [X]
AppInit_DLLs-x32:  c:\progra~2\sw30e4~1.boo => "c:\progra~2\sw30e4~1.boo" File Not Found
SearchScopes: HKCU - DefaultScope {20B9AC15-3714-4949-9314-71D05D8F1CC3} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3287810&CUI=UN97231266611607295&UM=2
SearchScopes: HKCU - {20B9AC15-3714-4949-9314-71D05D8F1CC3} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3287810&CUI=UN97231266611607295&UM=2
BHO: NextCaoup - {98D9245C-B131-A41C-BC09-EF42C9D8D9E3} - C:\Program Files (x86)\NextCaoup\P.x64.dll ()
BHO-x32: NextCaoup - {98D9245C-B131-A41C-BC09-EF42C9D8D9E3} - C:\Program Files (x86)\NextCaoup\P.dll ()
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\ProgramData\NextCaoup
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\Program Files (x86)\NextCaoup
BHO: SNT - {C2F64206-F231-3110-DF86-F3EEE1D7E159} - C:\Program Files (x86)\SNT\MI0W.x64.dll No File
BHO: YoutubeAdblocker - {DE6AE88A-F854-3239-578D-86AC0C35FBB8} - C:\Program Files (x86)\YoutubeAdblocker\en5Fn.x64.dll No File
C:\Program Files (x86)\YoutubeAdblocker
C:\Program Files (x86)\SNT
CHR HKCU\...\Chrome\Extension: [alhkhciaeadgoondadnppeinickmmndo] - C:\Users\Dan\AppData\Local\CRE\alhkhciaeadgoondadnppeinickmmndo.crx [2013-11-03]
CHR HKCU\...\Chrome\Extension: [oiffmnkajgkhjjchngmajlomfdhfjdma] - C:\Users\Dan\AppData\Local\CRE\oiffmnkajgkhjjchngmajlomfdhfjdma.crx [2013-11-02]
CHR HKLM-x32\...\Chrome\Extension: [alhkhciaeadgoondadnppeinickmmndo] - C:\Users\Dan\AppData\Local\CRE\alhkhciaeadgoondadnppeinickmmndo.crx [2013-11-03]
CHR HKLM-x32\...\Chrome\Extension: [oiffmnkajgkhjjchngmajlomfdhfjdma] - C:\Users\Dan\AppData\Local\CRE\oiffmnkajgkhjjchngmajlomfdhfjdma.crx [2013-11-02]
C:\Users\Dan\AppData\Local\CRE
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 1a34a8e0; "C:\Windows\system32\rundll32.exe" "c:\progra~2\SWSvc.dll",service
S2 25e4f9bf; "C:\Windows\system32\rundll32.exe" "c:\progra~3\webtect\WebTectSvc.dll",service
2014-03-15 13:20 - 2014-03-24 15:40 - 00000000 ____D () C:\ProgramData\safoeweb
2014-03-15 13:20 - 2014-03-24 15:38 - 00000000 ____D () C:\ProgramData\2b987117163ab168
2014-03-15 13:20 - 2014-03-24 15:38 - 00000000 ____D () C:\Program Files (x86)\safoeweb
2014-03-15 13:20 - 2014-03-15 13:21 - 00000000 ____D () C:\ProgramData\SnowApp
2014-03-15 13:20 - 2014-03-15 13:20 - 04210176 _____ () C:\Program Files (x86)\SW_x64.Booster
Task: {11F94F96-C91A-48B8-AFC7-D6E42B70D746} - System32\Tasks\SW.Booster-S-571884386 => c:\programdata\snowapp\sw.booster\SW.Booster.exe
Task: C:\Windows\Tasks\SW.Booster-S-571884386.job => c:\programdata\snowapp\sw.booster\SW.Booster.exe
  • Save the file to your desktop and name it as fixlist.txt

Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply.

 

--------------

 

Please run FRST from the desktop (like you did before) and press the scan button. It will produce a FRST.txt log located on the desktop, please copy and paste the contents into your next reply.

 
--------------

To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • Fixlog.txt
  • New FRST.txt log

xXToffeeXx~

 


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#12 Dquinte2

Dquinte2
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 26 March 2014 - 03:10 PM

Hello,

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Dan at 2014-03-26 16:08:32 Run:1
Running from C:\Users\Dan\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKLM-x32\...\Run: [] - [X]
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [zASRockInstantBoot] - [X]
AppInit_DLLs-x32:  c:\progra~2\sw30e4~1.boo => "c:\progra~2\sw30e4~1.boo" File Not Found
SearchScopes: HKCU - DefaultScope {20B9AC15-3714-4949-9314-71D05D8F1CC3} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3287810&CUI=UN97231266611607295&UM=2
BHO: NextCaoup - {98D9245C-B131-A41C-BC09-EF42C9D8D9E3} - C:\Program Files (x86)\NextCaoup\P.x64.dll ()
BHO-x32: NextCaoup - {98D9245C-B131-A41C-BC09-EF42C9D8D9E3} - C:\Program Files (x86)\NextCaoup\P.dll ()
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\ProgramData\NextCaoup
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\Program Files (x86)\NextCaoup
BHO: SNT - {C2F64206-F231-3110-DF86-F3EEE1D7E159} - C:\Program Files (x86)\SNT\MI0W.x64.dll No File
BHO: YoutubeAdblocker - {DE6AE88A-F854-3239-578D-86AC0C35FBB8} - C:\Program Files (x86)\YoutubeAdblocker\en5Fn.x64.dll No File
C:\Program Files (x86)\YoutubeAdblocker
C:\Program Files (x86)\SNT
CHR HKCU\...\Chrome\Extension: [alhkhciaeadgoondadnppeinickmmndo] - C:\Users\Dan\AppData\Local\CRE\alhkhciaeadgoondadnppeinickmmndo.crx [2013-11-03]
CHR HKCU\...\Chrome\Extension: [oiffmnkajgkhjjchngmajlomfdhfjdma] - C:\Users\Dan\AppData\Local\CRE\oiffmnkajgkhjjchngmajlomfdhfjdma.crx [2013-11-02]
CHR HKLM-x32\...\Chrome\Extension: [alhkhciaeadgoondadnppeinickmmndo] - C:\Users\Dan\AppData\Local\CRE\alhkhciaeadgoondadnppeinickmmndo.crx [2013-11-03]
CHR HKLM-x32\...\Chrome\Extension: [oiffmnkajgkhjjchngmajlomfdhfjdma] - C:\Users\Dan\AppData\Local\CRE\oiffmnkajgkhjjchngmajlomfdhfjdma.crx [2013-11-02]
C:\Users\Dan\AppData\Local\CRE
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 1a34a8e0; "C:\Windows\system32\rundll32.exe" "c:\progra~2\SWSvc.dll",service
S2 25e4f9bf; "C:\Windows\system32\rundll32.exe" "c:\progra~3\webtect\WebTectSvc.dll",service
2014-03-15 13:20 - 2014-03-24 15:40 - 00000000 ____D () C:\ProgramData\safoeweb
2014-03-15 13:20 - 2014-03-24 15:38 - 00000000 ____D () C:\ProgramData\2b987117163ab168
2014-03-15 13:20 - 2014-03-24 15:38 - 00000000 ____D () C:\Program Files (x86)\safoeweb
2014-03-15 13:20 - 2014-03-15 13:21 - 00000000 ____D () C:\ProgramData\SnowApp
2014-03-15 13:20 - 2014-03-15 13:20 - 04210176 _____ () C:\Program Files (x86)\SW_x64.Booster
Task: {11F94F96-C91A-48B8-AFC7-D6E42B70D746} - System32\Tasks\SW.Booster-S-571884386 => c:\programdata\snowapp\sw.booster\SW.Booster.exe
Task: C:\Windows\Tasks\SW.Booster-S-571884386.job => c:\programdata\snowapp\sw.booster\SW.Booster.exe
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\Software\Microsoft\Windows\CurrentVersion\Run\\zASRockInstantBoot => Value deleted successfully.
" c:\\progra~2\\sw30e4~1.boo" => Value Data removed successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{20B9AC15-3714-4949-9314-71D05D8F1CC3} => Key deleted successfully.
HKCR\CLSID\{20B9AC15-3714-4949-9314-71D05D8F1CC3} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{98D9245C-B131-A41C-BC09-EF42C9D8D9E3} => Key deleted successfully.
HKCR\CLSID\{98D9245C-B131-A41C-BC09-EF42C9D8D9E3} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{98D9245C-B131-A41C-BC09-EF42C9D8D9E3} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{98D9245C-B131-A41C-BC09-EF42C9D8D9E3} => Key deleted successfully.
C:\ProgramData\NextCaoup => Moved successfully.
C:\Program Files (x86)\NextCaoup => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2F64206-F231-3110-DF86-F3EEE1D7E159} => Key deleted successfully.
HKCR\CLSID\{C2F64206-F231-3110-DF86-F3EEE1D7E159} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DE6AE88A-F854-3239-578D-86AC0C35FBB8} => Key deleted successfully.
HKCR\CLSID\{DE6AE88A-F854-3239-578D-86AC0C35FBB8} => Key deleted successfully.
"C:\Program Files (x86)\YoutubeAdblocker" => File/Directory not found.
"C:\Program Files (x86)\SNT" => File/Directory not found.
HKCU\SOFTWARE\Google\Chrome\Extensions\alhkhciaeadgoondadnppeinickmmndo => Key deleted successfully.
C:\Users\Dan\AppData\Local\CRE\alhkhciaeadgoondadnppeinickmmndo.crx => Moved successfully.
HKCU\SOFTWARE\Google\Chrome\Extensions\oiffmnkajgkhjjchngmajlomfdhfjdma => Key deleted successfully.
C:\Users\Dan\AppData\Local\CRE\oiffmnkajgkhjjchngmajlomfdhfjdma.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\alhkhciaeadgoondadnppeinickmmndo => Key deleted successfully.
"C:\Users\Dan\AppData\Local\CRE\alhkhciaeadgoondadnppeinickmmndo.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\oiffmnkajgkhjjchngmajlomfdhfjdma => Key deleted successfully.
"C:\Users\Dan\AppData\Local\CRE\oiffmnkajgkhjjchngmajlomfdhfjdma.crx" => File/Directory not found.
C:\Users\Dan\AppData\Local\CRE => Moved successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
1a34a8e0 => Service deleted successfully.
25e4f9bf => Service deleted successfully.
C:\ProgramData\safoeweb => Moved successfully.
C:\ProgramData\2b987117163ab168 => Moved successfully.
C:\Program Files (x86)\safoeweb => Moved successfully.
C:\ProgramData\SnowApp => Moved successfully.
C:\Program Files (x86)\SW_x64.Booster => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{11F94F96-C91A-48B8-AFC7-D6E42B70D746} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11F94F96-C91A-48B8-AFC7-D6E42B70D746} => Key deleted successfully.
C:\Windows\System32\Tasks\SW.Booster-S-571884386 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SW.Booster-S-571884386 => Key deleted successfully.
C:\Windows\Tasks\SW.Booster-S-571884386.job => Moved successfully.
 
==== End of Fixlog ====
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Dan (administrator) on DAN-PC on 26-03-2014 16:08:59
Running from C:\Users\Dan\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(BitTorrent Inc.) C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Curse) C:\Users\Dan\AppData\Local\Apps\2.0\VEEC1Y8V.MDZ\ZJY97RE1.Y71\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Conceiva Pty. Ltd.) C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.4336\Battle.net.exe
(Flagship Industries, Inc.) C:\Program Files\Ventrilo\Ventrilo.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Blizzard Entertainment) C:\Program Files (x86)\Diablo III\Diablo III.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [3832064 2009-09-12] (O&O Software GmbH)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [XFast LAN] - C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Syncios device service] - C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [578048 2013-07-12] ()
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [WRSVC] - C:\Program Files\Webroot\WRSA.exe [765528 2014-03-26] (Webroot)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [uTorrent] - C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe [904272 2013-11-30] (BitTorrent Inc.)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-03-10] (Electronic Arts)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20924064 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2438885594-1318036786-3929801425-1000\...\MountPoints2: {e0033211-0643-11e3-8af5-bc5ff41ccbde} - F:\setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)
Startup: C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x28391B946199CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKCU - {480DEBEE-D5BE-4FC3-98BD-D6986483346A} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
BHO: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
BHO-x32: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (Adblock Plus) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-06]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-02-01]
CHR Extension: (Falcon Proxy) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchhimlnjdafdlkojbffdkogjhhkdepf [2014-03-15]
CHR Extension: (Google Wallet) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.32.crx [2014-03-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2014-03-18]
 
==================== Services (Whitelisted) =================
 
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-12-09] (Freemake)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Mezzmo; C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe [3925800 2013-09-14] (Conceiva Pty. Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
R2 O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2287360 2009-09-12] (O&O Software GmbH)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [765528 2014-03-26] (Webroot)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [303360 2011-12-07] ()
 
==================== Drivers (Whitelisted) ====================
 
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2013-11-03] (Echobit, LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-08-14] ()
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [115168 2014-03-26] (Webroot)
U3 aqjqw1ms; C:\Windows\System32\Drivers\aqjqw1ms.sys [0 ] (Microsoft Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-26 16:08 - 2014-03-26 16:08 - 00016895 _____ () C:\Users\Dan\Desktop\FRST.txt
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\Users\Dan\AppData\Local\Torch
2014-03-24 15:33 - 2014-03-24 15:33 - 00001230 _____ () C:\Users\Dan\Desktop\Revo Uninstaller.lnk
2014-03-24 15:33 - 2014-03-24 15:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-24 15:32 - 2014-03-24 15:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dan\Downloads\revosetup.exe
2014-03-22 12:43 - 2014-03-22 12:45 - 00050236 _____ () C:\Users\Dan\Downloads\Addition.txt
2014-03-22 12:42 - 2014-03-26 16:08 - 00000000 ____D () C:\FRST
2014-03-22 12:42 - 2014-03-24 16:17 - 00070104 _____ () C:\Users\Dan\Downloads\FRST.txt
2014-03-22 12:41 - 2014-03-22 12:42 - 02157056 _____ (Farbar) C:\Users\Dan\Desktop\FRST64.exe
2014-03-22 12:41 - 2014-03-22 12:41 - 00294568 _____ (VLCPlayer) C:\Users\Dan\Downloads\Software_Update__CD5MTCD4349_e9200236-2219-424b-8c20-8e981f2bc976_v4ISNMVD7HS7V8EA0S2501DUHP_0_0_0.exe
2014-03-20 22:26 - 2014-03-20 22:27 - 00831962 _____ () C:\Users\Dan\Downloads\powerpoint for presentation.pptx
2014-03-20 17:09 - 2014-03-24 16:16 - 00001892 _____ () C:\Users\Dan\Downloads\SystemLook.txt
2014-03-20 17:08 - 2014-03-20 17:08 - 00165376 _____ () C:\Users\Dan\Downloads\SystemLook_x64.exe
2014-03-20 13:17 - 2014-03-20 13:17 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-20 13:17 - 2014-03-20 13:17 - 00000000 ____D () C:\Users\Dan\AppData\Local\Skype
2014-03-20 13:05 - 2014-03-20 13:11 - 00000000 ____D () C:\AdwCleaner
2014-03-20 13:05 - 2014-03-20 13:05 - 01950720 _____ () C:\Users\Dan\Downloads\AdwCleaner.exe
2014-03-19 12:11 - 2014-03-19 12:12 - 00000000 ____D () C:\Users\Dan\Desktop\logss
2014-03-19 12:11 - 2014-03-19 12:11 - 00027323 _____ () C:\Users\Dan\Desktop\dds.txt
2014-03-19 12:11 - 2014-03-19 12:11 - 00012725 _____ () C:\Users\Dan\Desktop\attach.txt
2014-03-19 12:09 - 2014-03-19 12:09 - 00688992 ____R (Swearware) C:\Users\Dan\Downloads\dds.com
2014-03-19 12:01 - 2014-03-19 12:01 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-18 23:00 - 2014-03-18 23:00 - 00001075 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Malwarebytes
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-18 23:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-18 22:59 - 2014-03-18 23:01 - 00000000 ____D () C:\Users\Dan\Downloads\Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD
2014-03-18 22:59 - 2014-03-18 22:59 - 00000354 _____ () C:\Users\Dan\Downloads\Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD [IPT].torrent
2014-03-18 22:58 - 2014-03-18 22:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dan\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-18 22:56 - 2014-03-18 22:58 - 296354328 _____ () C:\Users\Dan\Downloads\SEP_12_1_RU2_64bit.exe
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (3).1_RU2_(64bit).torrent
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (2).1_RU2_(64bit)
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (1).1_RU2_(64bit)
2014-03-18 22:55 - 2014-03-18 22:55 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12.1_RU2_(64bit)
2014-03-18 22:32 - 2014-03-18 22:32 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack (2).torrent
2014-03-18 22:32 - 2014-03-18 22:32 - 00000000 ____D () C:\Users\Dan\Downloads\Webroot SecureAnywhere Complete 2013 [KaranPc]
2014-03-18 22:31 - 2014-03-18 22:31 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack (1).torrent
2014-03-18 22:10 - 2014-03-26 16:08 - 00000000 ____D () C:\ProgramData\WRData
2014-03-18 22:10 - 2014-03-26 13:00 - 00154248 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2014-03-18 22:10 - 2014-03-26 13:00 - 00115168 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2014-03-18 22:10 - 2014-03-26 13:00 - 00105320 _____ (Webroot) C:\Windows\system32\WRusr.dll
2014-03-18 22:10 - 2014-03-19 10:13 - 00000000 ____D () C:\Users\Dan\AppData\Local\lptmp1890866352
2014-03-18 22:10 - 2014-03-18 22:10 - 00000000 ____D () C:\Program Files\Webroot
2014-03-18 22:06 - 2014-03-18 22:06 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack.torrent
2014-03-18 21:14 - 2014-03-18 21:14 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-03-18 16:58 - 2014-03-18 16:58 - 00000000 ____D () C:\Users\Dan\Desktop\Tor Browser
2014-03-18 16:57 - 2014-03-18 16:58 - 22892386 _____ () C:\Users\Dan\Downloads\torbrowser-install-3.5.2.1_en-US.exe
2014-03-17 15:10 - 2014-03-17 15:10 - 01075264 _____ (OR Interactive Ltd) C:\Users\Dan\Downloads\IDM2.exe
2014-03-15 13:22 - 2013-07-12 20:34 - 00000488 _____ () C:\Users\Dan\Desktop\com.telltalegames.walkingdead100.plist
2014-03-15 13:21 - 2014-03-15 13:21 - 00000850 _____ () C:\Users\Dan\Desktop\ipa01348_Hack.rar
2014-03-15 13:21 - 2013-07-12 20:36 - 00000692 _____ () C:\Users\Dan\Desktop\[Hack] Walking Dead The Game.rar
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Dan\AppData\Local\Packages
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Dan\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator
2014-03-15 13:19 - 2014-03-15 13:21 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-15 13:19 - 2014-03-15 13:19 - 00341792 _____ (SnowApp) C:\Users\Dan\Downloads\Download_Manager-ipa01348_Hack.rar.exe
2014-03-15 02:03 - 2014-03-15 02:06 - 67135709 _____ () C:\Users\Dan\Downloads\metal_slug_x.ipa
2014-03-14 22:01 - 2014-03-14 22:01 - 00000239 _____ () C:\Users\Dan\Desktop\Hotel.txt
2014-03-14 17:26 - 2014-03-14 17:26 - 00000000 ____D () C:\Users\Dan\Desktop\New folder
2014-03-14 17:24 - 2014-03-14 17:24 - 00000379 _____ () C:\Users\Dan\Downloads\TWD2.zip
2014-03-14 17:19 - 2014-03-14 17:19 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-03-14 17:18 - 2014-03-14 17:18 - 00376256 _____ () C:\Users\Dan\Downloads\7zip.exe
2014-03-14 16:51 - 2014-03-15 13:29 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\iFunbox_UserCache
2014-03-14 16:51 - 2014-03-14 16:51 - 00001022 _____ () C:\Users\Public\Desktop\iFunbox.lnk
2014-03-14 16:51 - 2014-03-14 16:51 - 00000000 ____D () C:\Program Files (x86)\i-Funbox DevTeam
2014-03-14 16:49 - 2014-03-14 16:55 - 524460180 _____ () C:\Users\Dan\Downloads\walking_dead_the_game_season_2.ipa
2014-03-14 16:49 - 2014-03-14 16:49 - 15043804 _____ ( ) C:\Users\Dan\Downloads\ifunbox_setup.exe
2014-03-12 23:06 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 23:06 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 23:06 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 23:06 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 23:06 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 23:06 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 23:06 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 23:06 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 23:06 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 23:06 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 23:06 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 23:06 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 23:06 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 23:06 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 23:06 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 23:06 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 23:06 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 23:06 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 23:06 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 23:06 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 23:06 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 23:06 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 23:06 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 23:06 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 23:06 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 23:06 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 23:06 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 23:06 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 23:06 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 23:06 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 23:06 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 23:06 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 23:06 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 23:06 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 23:06 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 23:06 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 23:06 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 23:06 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 23:06 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 23:06 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 23:06 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 23:06 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 23:06 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 23:06 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 23:04 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 23:04 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 23:04 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 23:04 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-11 17:04 - 2014-03-11 17:04 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-11 12:49 - 2014-03-04 07:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-11 12:46 - 2014-03-04 10:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-11 12:46 - 2014-03-04 10:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-11 12:46 - 2014-03-04 10:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-11 01:33 - 2014-03-11 01:33 - 00000000 ____D () C:\Users\Dan\Documents\Respawn
2014-03-11 01:05 - 2014-03-11 01:05 - 00001144 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-03-10 21:41 - 2014-03-10 21:56 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-10 21:39 - 2014-03-11 12:27 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Origin
2014-03-10 21:39 - 2014-03-11 01:33 - 00000000 ____D () C:\Users\Dan\AppData\Local\Origin
2014-03-10 21:36 - 2014-03-26 11:03 - 00000000 ____D () C:\ProgramData\Origin
2014-03-10 21:36 - 2014-03-26 11:00 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-10 21:36 - 2014-03-11 01:33 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-03-10 21:36 - 2014-03-10 21:36 - 00000945 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-03-10 21:33 - 2014-03-10 21:34 - 17009704 _____ (Electronic Arts, Inc.) C:\Users\Dan\Downloads\OriginThinSetup.exe
2014-03-10 14:56 - 2014-03-10 11:54 - 00000025 ____N () C:\Users\Dan\Desktop\ATT00004
2014-03-10 14:56 - 2014-03-10 11:54 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00003
2014-03-10 14:56 - 2014-03-10 11:54 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00002
2014-03-10 14:56 - 2014-03-10 11:54 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00001
2014-03-10 14:54 - 2014-03-10 14:54 - 08936675 _____ () C:\Users\Dan\Desktop\Outlook (1).zip
2014-03-10 01:30 - 2014-03-10 01:31 - 00018218 _____ () C:\Users\Dan\Downloads\True.Detective.S01E08.HDTV.XviD-EVO [IPT].torrent
2014-03-07 20:34 - 2014-03-07 20:34 - 00016832 _____ () C:\Users\Dan\Downloads\Knights of Badassdom 1080p WEBRip - BLiTZCRiEG.torrent
2014-03-07 19:39 - 2014-03-07 19:39 - 00041673 _____ () C:\Users\Dan\Downloads\7E8DE931C0C54EB96523C698F5D030894561B404.torrent
2014-03-07 19:39 - 2014-03-07 19:39 - 00025493 _____ () C:\Users\Dan\Downloads\42DBE12D91EFBC1396292F521B5655091DAEC399.torrent
2014-03-07 19:18 - 2014-03-07 19:18 - 00028853 _____ () C:\Users\Dan\Downloads\D7A9AD75F0FC10C92F3CC8186888617A059E0411.torrent
2014-03-07 19:17 - 2014-03-07 19:36 - 00000000 ____D () C:\Users\Dan\Downloads\Delivery Man (2013) 720p BluRay + Subtitles [GlowGaze.Com]
2014-03-07 19:15 - 2014-03-07 19:15 - 00322272 _____ (HostIt) C:\Users\Dan\Downloads\Delivery Man (2013) 720p BluRay.exe
2014-03-07 19:15 - 2014-03-07 19:15 - 00024836 _____ () C:\Users\Dan\Downloads\67EC9A7B5A839F8C085DC0CDD2B7094B3F75D3B0.torrent
2014-03-07 16:19 - 2014-03-07 16:19 - 00000006 _____ () C:\Users\Dan\Desktop\Confirmation.txt
2014-03-07 15:04 - 2014-03-07 15:04 - 00002061 _____ () C:\Users\Dan\Desktop\Classicshapewear.txt
2014-03-07 15:04 - 2014-03-07 15:04 - 00000000 _____ () C:\Users\Dan\Desktop\New Text Document.txt
2014-03-07 13:14 - 2014-03-07 13:14 - 00001020 _____ () C:\Users\Public\Desktop\Southpark Stick of Truth.lnk
2014-03-07 13:05 - 2014-03-07 13:20 - 00000000 ____D () C:\Program Files (x86)\Southpark Stick of Truth
2014-03-07 04:16 - 2014-03-07 04:16 - 00091040 _____ () C:\Users\Dan\Downloads\Southpark.Stick.Of.Truth-RELOADED.torrent
2014-02-28 22:32 - 2014-02-28 22:32 - 00015788 _____ () C:\Users\Dan\Downloads\Addendum A Daniel Quintero.odt
2014-02-27 23:48 - 2014-02-27 23:51 - 00000000 ____D () C:\Users\Dan\Desktop\New River Invoices
2014-02-27 23:45 - 2014-02-27 23:45 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-25 00:57 - 2014-02-25 00:57 - 37422682 _____ () C:\Users\Dan\Downloads\Tchaikovsky Violin Concerto.m4a
2014-02-24 22:40 - 2014-02-24 22:40 - 89261384 _____ () C:\Users\Dan\Downloads\Scheherazade.m4a
2014-02-24 02:18 - 2014-02-22 23:14 - 19083278 _____ () C:\Users\Dan\Desktop\evasi0n7.exe
2014-02-24 02:15 - 2014-02-24 02:15 - 16620912 _____ () C:\Users\Dan\Downloads\evasi0n7-win-1.0.6-01f65fec4d42d76b3f35eda49f7450b2cfa88ff7.zip
2014-02-24 00:09 - 2014-02-24 00:09 - 00057682 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E11.720p.HDTV.x264-2HD.torrent
2014-02-24 00:07 - 2014-02-24 00:07 - 00057251 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E10.720p.HDTV.x264-REMARKABLE.torrent
2014-02-24 00:07 - 2014-02-24 00:07 - 00040886 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E11.HDTV.x264-2HD.torrent
 
==================== One Month Modified Files and Folders =======
 
2014-03-26 16:09 - 2014-03-26 16:08 - 00016895 _____ () C:\Users\Dan\Desktop\FRST.txt
2014-03-26 16:08 - 2014-03-22 12:42 - 00000000 ____D () C:\FRST
2014-03-26 16:08 - 2014-03-18 22:10 - 00000000 ____D () C:\ProgramData\WRData
2014-03-26 16:08 - 2013-08-16 02:27 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\uTorrent
2014-03-26 16:07 - 2013-08-14 22:52 - 00000000 ____D () C:\Users\Dan\AppData\Local\Deployment
2014-03-26 16:05 - 2013-10-06 17:28 - 00000000 ____D () C:\Users\Dan\AppData\Local\Battle.net
2014-03-26 16:04 - 2013-11-03 19:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-26 16:01 - 2013-09-23 22:01 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Skype
2014-03-26 16:00 - 2013-08-14 22:53 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-26 13:04 - 2013-08-14 20:05 - 01278285 _____ () C:\Windows\WindowsUpdate.log
2014-03-26 13:00 - 2014-03-18 22:10 - 00154248 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2014-03-26 13:00 - 2014-03-18 22:10 - 00115168 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2014-03-26 13:00 - 2014-03-18 22:10 - 00105320 _____ (Webroot) C:\Windows\system32\WRusr.dll
2014-03-26 11:15 - 2014-01-08 19:07 - 00004942 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Dan-PC-Dan Dan-PC
2014-03-26 11:10 - 2009-07-14 00:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-26 11:10 - 2009-07-14 00:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-26 11:03 - 2014-03-10 21:36 - 00000000 ____D () C:\ProgramData\Origin
2014-03-26 11:03 - 2013-08-16 13:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-26 11:02 - 2013-11-04 23:22 - 00000000 ____D () C:\Users\Dan\AppData\Local\LogMeIn Hamachi
2014-03-26 11:02 - 2013-08-25 22:05 - 00000043 _____ () C:\Windows\MezzmoMediaServer.INI
2014-03-26 11:02 - 2009-07-14 00:51 - 00072065 _____ () C:\Windows\setupact.log
2014-03-26 11:00 - 2014-03-10 21:36 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-26 11:00 - 2013-08-14 22:53 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-26 11:00 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-26 10:59 - 2013-08-15 16:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-26 10:59 - 2013-08-14 22:55 - 00279444 _____ () C:\Windows\system32\oodbs.lor
2014-03-26 02:00 - 2013-08-18 18:56 - 00000000 ____D () C:\Users\Dan\AppData\Local\Adobe
2014-03-25 03:47 - 2013-08-14 22:24 - 00000000 ____D () C:\Users\Dan
2014-03-24 16:17 - 2014-03-22 12:42 - 00070104 _____ () C:\Users\Dan\Downloads\FRST.txt
2014-03-24 16:16 - 2014-03-20 17:09 - 00001892 _____ () C:\Users\Dan\Downloads\SystemLook.txt
2014-03-24 15:40 - 2010-11-20 23:47 - 00226864 _____ () C:\Windows\PFRO.log
2014-03-24 15:38 - 2014-03-24 15:38 - 00000000 ____D () C:\Users\Dan\AppData\Local\Torch
2014-03-24 15:33 - 2014-03-24 15:33 - 00001230 _____ () C:\Users\Dan\Desktop\Revo Uninstaller.lnk
2014-03-24 15:33 - 2014-03-24 15:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-24 15:32 - 2014-03-24 15:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dan\Downloads\revosetup.exe
2014-03-22 12:45 - 2014-03-22 12:43 - 00050236 _____ () C:\Users\Dan\Downloads\Addition.txt
2014-03-22 12:42 - 2014-03-22 12:41 - 02157056 _____ (Farbar) C:\Users\Dan\Desktop\FRST64.exe
2014-03-22 12:41 - 2014-03-22 12:41 - 00294568 _____ (VLCPlayer) C:\Users\Dan\Downloads\Software_Update__CD5MTCD4349_e9200236-2219-424b-8c20-8e981f2bc976_v4ISNMVD7HS7V8EA0S2501DUHP_0_0_0.exe
2014-03-22 01:22 - 2013-08-15 02:25 - 00000000 ____D () C:\Program Files (x86)\Heroes of Newerth
2014-03-21 15:47 - 2014-02-19 01:52 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-20 22:27 - 2014-03-20 22:26 - 00831962 _____ () C:\Users\Dan\Downloads\powerpoint for presentation.pptx
2014-03-20 17:08 - 2014-03-20 17:08 - 00165376 _____ () C:\Users\Dan\Downloads\SystemLook_x64.exe
2014-03-20 13:17 - 2014-03-20 13:17 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-20 13:17 - 2014-03-20 13:17 - 00000000 ____D () C:\Users\Dan\AppData\Local\Skype
2014-03-20 13:17 - 2013-09-23 22:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-20 13:17 - 2013-09-23 22:01 - 00000000 ____D () C:\ProgramData\Skype
2014-03-20 13:11 - 2014-03-20 13:05 - 00000000 ____D () C:\AdwCleaner
2014-03-20 13:05 - 2014-03-20 13:05 - 01950720 _____ () C:\Users\Dan\Downloads\AdwCleaner.exe
2014-03-19 12:12 - 2014-03-19 12:11 - 00000000 ____D () C:\Users\Dan\Desktop\logss
2014-03-19 12:11 - 2014-03-19 12:11 - 00027323 _____ () C:\Users\Dan\Desktop\dds.txt
2014-03-19 12:11 - 2014-03-19 12:11 - 00012725 _____ () C:\Users\Dan\Desktop\attach.txt
2014-03-19 12:09 - 2014-03-19 12:09 - 00688992 ____R (Swearware) C:\Users\Dan\Downloads\dds.com
2014-03-19 12:01 - 2014-03-19 12:01 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-19 12:01 - 2013-11-03 19:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-19 12:01 - 2013-11-03 19:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-19 12:01 - 2013-11-03 19:22 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-19 10:13 - 2014-03-18 22:10 - 00000000 ____D () C:\Users\Dan\AppData\Local\lptmp1890866352
2014-03-19 10:11 - 2013-09-07 20:11 - 00000000 ____D () C:\Windows\AutoKMS
2014-03-18 23:01 - 2014-03-18 22:59 - 00000000 ____D () C:\Users\Dan\Downloads\Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD
2014-03-18 23:00 - 2014-03-18 23:00 - 00001075 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Malwarebytes
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-18 23:00 - 2014-03-18 23:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-18 22:59 - 2014-03-18 22:59 - 00000354 _____ () C:\Users\Dan\Downloads\Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD [IPT].torrent
2014-03-18 22:59 - 2014-03-18 22:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dan\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-18 22:58 - 2014-03-18 22:56 - 296354328 _____ () C:\Users\Dan\Downloads\SEP_12_1_RU2_64bit.exe
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (3).1_RU2_(64bit).torrent
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (2).1_RU2_(64bit)
2014-03-18 22:56 - 2014-03-18 22:56 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12 (1).1_RU2_(64bit)
2014-03-18 22:55 - 2014-03-18 22:55 - 00011756 _____ () C:\Users\Dan\Downloads\_Norton_AntiVirus_Endpoint_Protection_12.1_RU2_(64bit)
2014-03-18 22:32 - 2014-03-18 22:32 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack (2).torrent
2014-03-18 22:32 - 2014-03-18 22:32 - 00000000 ____D () C:\Users\Dan\Downloads\Webroot SecureAnywhere Complete 2013 [KaranPc]
2014-03-18 22:31 - 2014-03-18 22:31 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack (1).torrent
2014-03-18 22:10 - 2014-03-18 22:10 - 00000000 ____D () C:\Program Files\Webroot
2014-03-18 22:06 - 2014-03-18 22:06 - 00007410 _____ () C:\Users\Dan\Downloads\Webroot_SecureAnywhere_Complete_2013___Crack.torrent
2014-03-18 21:14 - 2014-03-18 21:14 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-03-18 16:58 - 2014-03-18 16:58 - 00000000 ____D () C:\Users\Dan\Desktop\Tor Browser
2014-03-18 16:58 - 2014-03-18 16:57 - 22892386 _____ () C:\Users\Dan\Downloads\torbrowser-install-3.5.2.1_en-US.exe
2014-03-18 16:38 - 2013-09-07 19:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-17 15:10 - 2014-03-17 15:10 - 01075264 _____ (OR Interactive Ltd) C:\Users\Dan\Downloads\IDM2.exe
2014-03-15 13:29 - 2014-03-14 16:51 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\iFunbox_UserCache
2014-03-15 13:21 - 2014-03-15 13:21 - 00000850 _____ () C:\Users\Dan\Desktop\ipa01348_Hack.rar
2014-03-15 13:21 - 2014-03-15 13:19 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Guest
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Dan\AppData\Local\Packages
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Dan\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-03-15 13:20 - 2014-03-15 13:20 - 00000000 ____D () C:\Users\Administrator
2014-03-15 13:20 - 2013-08-14 22:53 - 00000000 ____D () C:\Users\Dan\AppData\Local\Google
2014-03-15 13:19 - 2014-03-15 13:19 - 00341792 _____ (SnowApp) C:\Users\Dan\Downloads\Download_Manager-ipa01348_Hack.rar.exe
2014-03-15 13:06 - 2013-08-14 22:53 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-15 02:06 - 2014-03-15 02:03 - 67135709 _____ () C:\Users\Dan\Downloads\metal_slug_x.ipa
2014-03-14 22:01 - 2014-03-14 22:01 - 00000239 _____ () C:\Users\Dan\Desktop\Hotel.txt
2014-03-14 17:26 - 2014-03-14 17:26 - 00000000 ____D () C:\Users\Dan\Desktop\New folder
2014-03-14 17:24 - 2014-03-14 17:24 - 00000379 _____ () C:\Users\Dan\Downloads\TWD2.zip
2014-03-14 17:19 - 2014-03-14 17:19 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-03-14 17:18 - 2014-03-14 17:18 - 00376256 _____ () C:\Users\Dan\Downloads\7zip.exe
2014-03-14 16:55 - 2014-03-14 16:49 - 524460180 _____ () C:\Users\Dan\Downloads\walking_dead_the_game_season_2.ipa
2014-03-14 16:51 - 2014-03-14 16:51 - 00001022 _____ () C:\Users\Public\Desktop\iFunbox.lnk
2014-03-14 16:51 - 2014-03-14 16:51 - 00000000 ____D () C:\Program Files (x86)\i-Funbox DevTeam
2014-03-14 16:49 - 2014-03-14 16:49 - 15043804 _____ ( ) C:\Users\Dan\Downloads\ifunbox_setup.exe
2014-03-13 20:06 - 2013-10-21 22:07 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-13 12:24 - 2009-07-14 01:13 - 00786558 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-13 12:22 - 2009-07-14 00:45 - 05018064 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 12:17 - 2013-08-22 00:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 12:17 - 2013-08-22 00:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 12:00 - 2009-07-13 22:34 - 00000478 _____ () C:\Windows\win.ini
2014-03-12 12:02 - 2014-01-29 16:43 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-03-11 19:48 - 2013-10-16 21:10 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-03-11 17:04 - 2014-03-11 17:04 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-11 12:49 - 2013-08-14 22:51 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-11 12:38 - 2014-02-14 12:53 - 00000000 ____D () C:\Users\Dan\AppData\Local\NVIDIA
2014-03-11 12:27 - 2014-03-10 21:39 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\Origin
2014-03-11 01:33 - 2014-03-11 01:33 - 00000000 ____D () C:\Users\Dan\Documents\Respawn
2014-03-11 01:33 - 2014-03-10 21:39 - 00000000 ____D () C:\Users\Dan\AppData\Local\Origin
2014-03-11 01:33 - 2014-03-10 21:36 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-03-11 01:05 - 2014-03-11 01:05 - 00001144 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-03-11 00:14 - 2013-08-14 23:13 - 00116253 _____ () C:\Windows\DirectX.log
2014-03-10 21:56 - 2014-03-10 21:41 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-10 21:36 - 2014-03-10 21:36 - 00000945 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-03-10 21:36 - 2014-01-10 18:07 - 00000000 ____D () C:\Users\Dan\Desktop\Whatbox
2014-03-10 21:34 - 2014-03-10 21:33 - 17009704 _____ (Electronic Arts, Inc.) C:\Users\Dan\Downloads\OriginThinSetup.exe
2014-03-10 14:57 - 2013-12-08 01:06 - 00002246 _____ () C:\Users\Dan\Desktop\AC4BFSP.exe - Shortcut.lnk
2014-03-10 14:54 - 2014-03-10 14:54 - 08936675 _____ () C:\Users\Dan\Desktop\Outlook (1).zip
2014-03-10 11:54 - 2014-03-10 14:56 - 00000025 ____N () C:\Users\Dan\Desktop\ATT00004
2014-03-10 11:54 - 2014-03-10 14:56 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00003
2014-03-10 11:54 - 2014-03-10 14:56 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00002
2014-03-10 11:54 - 2014-03-10 14:56 - 00000006 ____N () C:\Users\Dan\Desktop\ATT00001
2014-03-10 02:35 - 2013-09-08 23:56 - 00000000 ____D () C:\Users\Dan\AppData\Roaming\vlc
2014-03-10 01:31 - 2014-03-10 01:30 - 00018218 _____ () C:\Users\Dan\Downloads\True.Detective.S01E08.HDTV.XviD-EVO [IPT].torrent
2014-03-07 20:34 - 2014-03-07 20:34 - 00016832 _____ () C:\Users\Dan\Downloads\Knights of Badassdom 1080p WEBRip - BLiTZCRiEG.torrent
2014-03-07 19:39 - 2014-03-07 19:39 - 00041673 _____ () C:\Users\Dan\Downloads\7E8DE931C0C54EB96523C698F5D030894561B404.torrent
2014-03-07 19:39 - 2014-03-07 19:39 - 00025493 _____ () C:\Users\Dan\Downloads\42DBE12D91EFBC1396292F521B5655091DAEC399.torrent
2014-03-07 19:36 - 2014-03-07 19:17 - 00000000 ____D () C:\Users\Dan\Downloads\Delivery Man (2013) 720p BluRay + Subtitles [GlowGaze.Com]
2014-03-07 19:18 - 2014-03-07 19:18 - 00028853 _____ () C:\Users\Dan\Downloads\D7A9AD75F0FC10C92F3CC8186888617A059E0411.torrent
2014-03-07 19:15 - 2014-03-07 19:15 - 00322272 _____ (HostIt) C:\Users\Dan\Downloads\Delivery Man (2013) 720p BluRay.exe
2014-03-07 19:15 - 2014-03-07 19:15 - 00024836 _____ () C:\Users\Dan\Downloads\67EC9A7B5A839F8C085DC0CDD2B7094B3F75D3B0.torrent
2014-03-07 16:19 - 2014-03-07 16:19 - 00000006 _____ () C:\Users\Dan\Desktop\Confirmation.txt
2014-03-07 15:04 - 2014-03-07 15:04 - 00002061 _____ () C:\Users\Dan\Desktop\Classicshapewear.txt
2014-03-07 15:04 - 2014-03-07 15:04 - 00000000 _____ () C:\Users\Dan\Desktop\New Text Document.txt
2014-03-07 13:20 - 2014-03-07 13:05 - 00000000 ____D () C:\Program Files (x86)\Southpark Stick of Truth
2014-03-07 13:20 - 2013-08-19 08:58 - 00000000 ____D () C:\Users\Dan\Documents\My Games
2014-03-07 13:14 - 2014-03-07 13:14 - 00001020 _____ () C:\Users\Public\Desktop\Southpark Stick of Truth.lnk
2014-03-07 04:16 - 2014-03-07 04:16 - 00091040 _____ () C:\Users\Dan\Downloads\Southpark.Stick.Of.Truth-RELOADED.torrent
2014-03-04 20:10 - 2013-08-30 22:15 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-03-04 10:35 - 2014-03-11 12:46 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 10:35 - 2014-03-11 12:46 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-04 10:35 - 2014-03-11 12:46 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-04 10:35 - 2013-12-16 00:38 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 10:35 - 2013-08-15 16:04 - 00062408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-04 10:35 - 2013-08-15 16:04 - 00054216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-04 10:35 - 2013-08-15 16:03 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 09:06 - 2013-08-15 16:04 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 09:06 - 2013-08-15 16:04 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 09:05 - 2013-08-15 16:04 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-04 09:05 - 2013-08-15 16:04 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 09:05 - 2013-08-15 16:04 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 09:05 - 2013-08-15 16:04 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-04 07:32 - 2014-03-11 12:49 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-01 13:21 - 2013-08-14 22:22 - 00778680 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-01 02:05 - 2014-03-12 23:06 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 01:17 - 2014-03-12 23:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 01:16 - 2014-03-12 23:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 00:58 - 2014-03-12 23:06 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 00:52 - 2014-03-12 23:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 00:51 - 2014-03-12 23:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 00:42 - 2014-03-12 23:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 00:40 - 2014-03-12 23:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 00:37 - 2014-03-12 23:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 00:33 - 2014-03-12 23:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 00:33 - 2014-03-12 23:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 00:32 - 2014-03-12 23:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 00:30 - 2014-03-12 23:06 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 00:23 - 2014-03-12 23:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 00:17 - 2014-03-12 23:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 00:11 - 2014-03-12 23:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 00:02 - 2014-03-12 23:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-28 23:54 - 2014-03-12 23:06 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-28 23:52 - 2014-03-12 23:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-28 23:51 - 2014-03-12 23:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-28 23:47 - 2014-03-12 23:06 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 23:43 - 2014-03-12 23:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-28 23:43 - 2014-03-12 23:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-28 23:42 - 2014-03-12 23:06 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-28 23:40 - 2014-03-12 23:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-28 23:38 - 2014-03-12 23:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 23:37 - 2014-03-12 23:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-28 23:35 - 2014-03-12 23:06 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-28 23:18 - 2014-03-12 23:06 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-28 23:16 - 2014-03-12 23:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-28 23:14 - 2014-03-12 23:06 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-12 23:06 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-12 23:06 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 23:00 - 2014-03-12 23:06 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 22:57 - 2014-03-12 23:06 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 22:38 - 2014-03-12 23:06 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-12 23:06 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 22:32 - 2014-02-28 22:32 - 00015788 _____ () C:\Users\Dan\Downloads\Addendum A Daniel Quintero.odt
2014-02-28 22:27 - 2014-03-12 23:06 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-12 23:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-12 23:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-27 23:51 - 2014-02-27 23:48 - 00000000 ____D () C:\Users\Dan\Desktop\New River Invoices
2014-02-27 23:45 - 2014-02-27 23:45 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-25 00:57 - 2014-02-25 00:57 - 37422682 _____ () C:\Users\Dan\Downloads\Tchaikovsky Violin Concerto.m4a
2014-02-24 22:40 - 2014-02-24 22:40 - 89261384 _____ () C:\Users\Dan\Downloads\Scheherazade.m4a
2014-02-24 02:15 - 2014-02-24 02:15 - 16620912 _____ () C:\Users\Dan\Downloads\evasi0n7-win-1.0.6-01f65fec4d42d76b3f35eda49f7450b2cfa88ff7.zip
2014-02-24 00:09 - 2014-02-24 00:09 - 00057682 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E11.720p.HDTV.x264-2HD.torrent
2014-02-24 00:07 - 2014-02-24 00:07 - 00057251 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E10.720p.HDTV.x264-REMARKABLE.torrent
2014-02-24 00:07 - 2014-02-24 00:07 - 00040886 _____ () C:\Users\Dan\Downloads\The.Walking.Dead.S04E11.HDTV.x264-2HD.torrent
 
Some content of TEMP:
====================
C:\Users\Dan\AppData\Local\Temp\7z.dll
C:\Users\Dan\AppData\Local\Temp\7z.exe
C:\Users\Dan\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Dan\AppData\Local\Temp\bassmod.dll
C:\Users\Dan\AppData\Local\Temp\bdbrowser_setup-19095018_608-4_6_0_36411-4430.exe
C:\Users\Dan\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Dan\AppData\Local\Temp\Bundle.exe
C:\Users\Dan\AppData\Local\Temp\conduitchecker.exe
C:\Users\Dan\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Dan\AppData\Local\Temp\FreemakeVideoConverter_4.1.2.1.exe
C:\Users\Dan\AppData\Local\Temp\Garritan_ARIA_Player.exe
C:\Users\Dan\AppData\Local\Temp\Garritan_Instruments_for_Finale.exe
C:\Users\Dan\AppData\Local\Temp\Installer.exe
C:\Users\Dan\AppData\Local\Temp\install_flash_player_11_plugin.exe
C:\Users\Dan\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\Dan\AppData\Local\Temp\MMFontSetup.exe
C:\Users\Dan\AppData\Local\Temp\nsa5657.exe
C:\Users\Dan\AppData\Local\Temp\nsbFC9.exe
C:\Users\Dan\AppData\Local\Temp\nsbFF04.exe
C:\Users\Dan\AppData\Local\Temp\nseBAD3.exe
C:\Users\Dan\AppData\Local\Temp\nskC072.exe
C:\Users\Dan\AppData\Local\Temp\nsl2F66.exe
C:\Users\Dan\AppData\Local\Temp\nsl33AD.exe
C:\Users\Dan\AppData\Local\Temp\nsu97D9.exe
C:\Users\Dan\AppData\Local\Temp\nsu9F2C.exe
C:\Users\Dan\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dan\AppData\Local\Temp\nvStInst.exe
C:\Users\Dan\AppData\Local\Temp\OnlineWeatherSetup.exe
C:\Users\Dan\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Dan\AppData\Local\Temp\ose00000.exe
C:\Users\Dan\AppData\Local\Temp\Quarantine.exe
C:\Users\Dan\AppData\Local\Temp\QuickShare1.exe
C:\Users\Dan\AppData\Local\Temp\SendMsg.dll
C:\Users\Dan\AppData\Local\Temp\setup__1811.exe
C:\Users\Dan\AppData\Local\Temp\SPStub.exe
C:\Users\Dan\AppData\Local\Temp\SRLDetectionLibrary5455906133374909923.dll
C:\Users\Dan\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Dan\AppData\Local\Temp\tbVisu.dll
C:\Users\Dan\AppData\Local\Temp\tbWhit.dll
C:\Users\Dan\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Dan\AppData\Local\Temp\utt3A0F.tmp.exe
C:\Users\Dan\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Dan\AppData\Local\Temp\vcredist_x86_2008_sp1.exe
C:\Users\Dan\AppData\Local\Temp\_is757B.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-20 00:20
 
==================== End Of Log ============================


#13 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:31 AM

Posted 28 March 2014 - 01:29 PM

Hi Dquinte2,

 

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters
    tds2.jpg
  • Check Loaded ModulesVerify Driver Digital Signature, and Detect TDLFS file system
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now
    2012081514h0118.png
  • Click Start Scan and allow the scan process to run
    tds4-1.jpg
  • If threats are detected select Skip or Cure (if available) for all of them unless otherwise instructed.
    ***Do NOT select Delete!
  • Click Continue
    tds6.jpg
  • Click Reboot computer
  • Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply.

 

--------------

To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • TDSSKiller log

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#14 Dquinte2

Dquinte2
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 01 April 2014 - 10:42 AM

Hello, 

 

I cannot paste the log for some reason. Everytime I paste and hit "post"... (I have tried this multiple times) the website times out in addition when I try to attach it, it says the file is too big cannot attach.



#15 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:31 AM

Posted 01 April 2014 - 12:06 PM

Hi Dquinte2,

 

Upload the log here, and copy the url link into your next reply.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users