Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Extremely resiliant popup malware automatically downloading files.


  • This topic is locked This topic is locked
8 replies to this topic

#1 Jsag

Jsag

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:01 PM

Posted 10 June 2014 - 06:02 PM

Pretty much tried everything I can think of to clean it off.. it's not even showing on malware bytes scans anymore. I can get rid of it for a few hours, and it just comes right back. Another person's computer on my same network is having the same popups, as well. In each case, it redirects to a spoof site and automatically downloads "Flash updates", which, of course, I delete, but it just constantly goes there and downloads them whenever I try to open a new browser tab, or refresh one that is open. I've attached some images, as well as a DDS log. Reinstalling chrome and IE, resetting to default settings, clearing out temp files, and resetting proxy/registry data via windows all in one repair has done nothing except given me an hour or two of peace and quiet, before it starts again. This even effects my steam browser. Just browsing the store will cause the popups. I've seen quite a few recent posts on this forum with this very same Malware.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16545  BrowserJavaVersion: 10.60.2
Run by Jason at 18:57:32 on 2014-06-10
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.12272.7811 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Ad-Aware Antivirus *Disabled/Outdated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
SP: Ad-Aware Antivirus *Disabled/Outdated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\ehome\ehRecvr.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe
C:\Program Files (x86)\corsair\M95 Mouse\M95Hid.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\corsair\Corsair Headset Software\HeadsetControlPanel.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\corsair\M95 Mouse\CorsTra.exe
C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUI.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k defragsvc
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4320&r=17360514e806p0435v125k4681r265
mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4320&r=17360514e806p0435v125k4681r265
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
BHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [Hotkey Utility] C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [Gateway Photo Frame] C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe -A
mRun: [Corsair Duke] C:\Program Files (x86)\Corsair\M95 Mouse\M95Hid.exe
mRun: [Corsair Headset Software] "C:\Program Files (x86)\Corsair\Corsair Headset Software\HeadsetControlPanel.exe" /minimized
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [IdentityCardFUB] C:\Windows\oem\IdentityCard\FUB.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Windows\System: UseOEMBackground = dword:1
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 107.170.189.30 107.170.160.59 66.153.162.98
TCP: Interfaces\{162020B0-A398-48DC-A6DB-576F5C4A1A05} : DHCPNameServer = 168.95.1.1
TCP: Interfaces\{67B780A1-01DB-4CF5-B8FD-7BF7B465D5B5} : DHCPNameServer = 199.182.166.168 199.182.166.169 66.153.162.98
TCP: Interfaces\{84DDE807-CAC9-4516-80D3-2C0424995BAC} : DHCPNameServer = 107.170.189.30 107.170.160.59 66.153.162.98
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
x64-Run: [AdAwareTray] "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe"
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2010-4-12 235312]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2014/05/31 07:48:42];C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [2010-2-8 146928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-4-17 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-4-17 344064]
R2 AODDriver4.3;AODDriver4.3;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 LavasoftAdAwareService11;Ad-Aware Service 11;C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe [2014-6-3 706864]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2010-4-12 243232]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-12-19 94720]
R3 AVer7231_x64;AVerMedia 7231 capture service;C:\Windows\System32\drivers\AVer7231_x64.sys [2010-4-12 1622528]
R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2013-6-5 1256192]
R3 CorsairAudioFilter;Corsair Audio Filtering Service;C:\Windows\System32\drivers\corsveng2kamd64.sys [2014-2-3 109912]
R3 DUKEMS;Corsair M95 Gaming Mouse;C:\Windows\System32\drivers\DUKEMS.sys [2014-5-20 25600]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
R3 LVUVC64;Logitech HD Webcam C270(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-4-12 346144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-3-11 133928]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2014-6-10 31800]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-1-3 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-2 1255736]
.
=============== Created Last 30 ================
.
2014-06-10 18:50:55 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-06-10 18:45:56 -------- d-----w- C:\FRST
2014-06-10 18:37:10 10702536 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{612B698C-31FD-44AA-92A1-A3A19E1C2EC6}\mpengine.dll
2014-06-10 18:33:24 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Local\CrashDumps
2014-06-10 18:16:24 -------- d-----w- C:\RegBackup
2014-06-10 17:25:17 1031560 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5C9034DA-F142-47D7-B4CE-0ABC057EA865}\gapaengine.dll
2014-06-10 17:22:47 10702536 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-10 16:41:48 -------- d-----w- C:\ProgramData\RogueKiller
2014-06-10 16:41:44 128728 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-10 05:48:32 12872 ----a-w- C:\Windows\System32\bootdelete.exe
2014-06-10 05:37:31 -------- d-----w- C:\ProgramData\HitmanPro
2014-06-10 05:30:50 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Local\VS Revo Group
2014-06-10 05:30:46 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys
2014-06-10 05:30:46 -------- d-----w- C:\ProgramData\VS Revo Group
2014-06-10 05:30:44 -------- d-----w- C:\Program Files\VS Revo Group
2014-06-10 05:24:55 -------- d-sh--w- C:\$RECYCLE.BIN
2014-06-09 21:16:11 -------- d-----w- C:\Windows\ERUNT
2014-06-09 13:25:09 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Roaming\LavasoftStatistics
2014-06-09 04:36:25 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-09 04:35:05 92888 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-08 23:50:25 98816 ----a-w- C:\Windows\sed.exe
2014-06-08 23:50:25 256000 ----a-w- C:\Windows\PEV.exe
2014-06-08 23:50:25 208896 ----a-w- C:\Windows\MBR.exe
2014-06-08 19:30:39 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-06-08 19:30:02 -------- d-----w- C:\AdwCleaner
2014-06-08 19:29:27 -------- d-----w- C:\Program Files\Enigma Software Group
2014-06-08 19:29:08 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-08 13:08:49 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Roaming\Malwarebytes
2014-06-06 12:42:40 10702536 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{38C117D9-57AA-41D7-87B4-1E8F7663D5FA}\mpengine.dll
2014-06-05 07:55:28 -------- d-s---w- C:\Windows\System32\CompatTel
2014-06-05 07:37:51 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-06-05 07:37:51 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-06-05 07:37:51 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-06-05 07:37:50 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-06-05 07:31:44 -------- d-----w- C:\Windows\Migration
2014-06-05 07:20:11 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-06-05 07:20:11 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2014-06-05 04:18:41 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Roaming\Applian FLV and Media Player
2014-06-04 18:24:50 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2014-06-04 07:00:37 -------- d-----w- C:\Windows\System32\SPReview
2014-06-04 02:58:17 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Local\ElevatedDiagnostics
2014-06-03 14:39:14 469256 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\968169c81cf7f3915\InstallManager_WLE_WLE.exe
2014-06-03 14:39:01 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8f7124ae1cf7f390b\MeshBetaRemover.exe
2014-06-03 14:38:53 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8a9701be1cf7f3908\DSETUP.dll
2014-06-03 14:38:53 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8a9701be1cf7f3908\DXSETUP.exe
2014-06-03 14:38:53 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8a9701be1cf7f3908\dsetup32.dll
2014-06-03 14:38:30 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Local\Windows Live
2014-06-01 01:04:19 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Local\SecondLife
2014-05-31 21:10:57 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Roaming\dekovir
2014-05-31 19:55:14 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Local\http___www.julien-manici
2014-05-31 19:53:11 -------- d-----w- C:\Program Files (x86)\Julien MANICI
2014-05-31 17:18:00 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Local\Skype
2014-05-31 13:08:54 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Local\AMD
2014-05-31 13:08:42 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Local\ATI
2014-05-31 13:07:52 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Roaming\library_dir
2014-05-31 13:07:05 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Roaming\Raptr
2014-05-31 13:07:02 -------- d-----w- C:\Program Files (x86)\AMD AVT
2014-05-31 13:06:31 -------- d-----w- C:\ProgramData\AMD
2014-05-31 13:05:57 -------- d-----w- C:\Program Files\AMD
2014-05-31 13:05:11 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2014-05-31 12:40:14 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Local\Windforge
2014-05-31 12:40:04 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Roaming\minmaxgames
2014-05-31 12:39:48 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Roaming\omerta
2014-05-31 12:39:47 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Roaming\com.radialgames.monsterlovesyou
2014-05-31 12:39:44 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Roaming\com.northwaygames.incredipede
2014-05-31 12:29:50 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Local\Logitech
2014-05-31 12:28:38 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Roaming\Logishrd
2014-05-31 12:20:30 1193267 ----a-w- C:\Windows\unins001.exe
2014-05-31 12:20:29 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Roaming\Corsair Software
2014-05-31 12:20:04 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Local\Programs
2014-05-31 12:16:44 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Local\IOI
2014-05-31 11:54:19 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Local\Google
2014-05-31 11:51:24 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Local\Diagnostics
2014-05-31 11:46:40 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Roaming\OEM
2014-05-31 11:40:06 -------- d-----w- C:\Users\Jason.Jason-PC\AppData\Local\VirtualStore
2014-05-31 10:56:41 -------- d-----w- C:\Backup
2014-05-22 01:28:02 -------- d-----w- C:\Program Files\Common Files\Logitech
2014-05-20 21:54:14 1192831 ----a-w- C:\Windows\unins002.exe
2014-05-20 21:53:09 25600 ----a-w- C:\Windows\System32\drivers\DUKEMS.sys
2014-05-20 21:33:07 -------- d-----w- C:\found.002
2014-05-20 21:02:58 1192831 ----a-w- C:\Windows\unins000.exe
2014-05-20 20:52:16 -------- d-----w- C:\Program Files (x86)\corsair
.
==================== Find3M  ====================
.
2014-06-10 19:07:01 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-10 19:07:01 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-04 07:37:56 175616 ----a-w- C:\Windows\System32\msclmd.dll
2014-06-04 07:37:56 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2014-05-31 11:47:40 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2014-05-31 11:47:40 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2014-05-31 11:47:40 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2014-05-11 01:17:25 622004 ----a-w- C:\Windows\System32\cc_20140510_211625.reg
2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-04-22 21:29:20 389240 ----a-w- C:\Windows\System32\drivers\Trufos.sys
2014-04-18 02:43:06 78432 ----a-w- C:\Windows\System32\atimpc64.dll
2014-04-18 02:43:06 78432 ----a-w- C:\Windows\System32\amdpcom64.dll
2014-04-18 02:43:04 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2014-04-18 02:43:04 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2014-04-18 02:43:00 143304 ----a-w- C:\Windows\System32\atiuxp64.dll
2014-04-18 02:42:58 126336 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2014-04-18 02:42:58 117584 ----a-w- C:\Windows\System32\atiu9p64.dll
2014-04-18 02:42:56 99520 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2014-04-18 02:42:54 1343272 ----a-w- C:\Windows\System32\aticfx64.dll
2014-04-18 02:42:52 1117184 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2014-04-18 02:42:48 10335208 ----a-w- C:\Windows\System32\atidxx64.dll
2014-04-18 02:42:46 8866928 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2014-04-18 02:42:40 6796592 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2014-04-18 02:42:36 6799688 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2014-04-18 02:42:30 7520200 ----a-w- C:\Windows\System32\atiumd6a.dll
2014-04-18 02:42:28 8010968 ----a-w- C:\Windows\System32\atiumd64.dll
2014-04-18 02:39:06 274656 ----a-w- C:\Windows\System32\drivers\amdacpksd.sys
2014-04-18 02:36:46 15376384 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2014-04-18 02:33:02 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll
2014-04-18 02:28:30 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll
2014-04-18 02:23:08 231424 ----a-w- C:\Windows\System32\clinfo.exe
2014-04-18 02:22:58 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe
2014-04-18 02:22:58 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe
2014-04-18 02:22:56 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe
2014-04-18 02:22:56 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe
2014-04-18 02:22:54 98816 ----a-w- C:\Windows\System32\OpenVideo64.dll
2014-04-18 02:22:48 83456 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2014-04-18 02:22:42 86528 ----a-w- C:\Windows\System32\OVDecode64.dll
2014-04-18 02:22:38 73216 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2014-04-18 02:22:32 28685824 ----a-w- C:\Windows\System32\amdocl64.dll
2014-04-18 02:19:54 24107520 ----a-w- C:\Windows\SysWow64\amdocl.dll
2014-04-18 02:17:28 65024 ----a-w- C:\Windows\System32\OpenCL.dll
2014-04-18 02:17:24 58880 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-04-18 02:13:30 127488 ----a-w- C:\Windows\System32\mantle64.dll
2014-04-18 02:13:10 113664 ----a-w- C:\Windows\SysWow64\mantle32.dll
2014-04-18 02:12:54 27907584 ----a-w- C:\Windows\System32\atio6axx.dll
2014-04-18 02:12:48 5442048 ----a-w- C:\Windows\System32\amdmantle64.dll
2014-04-18 01:58:32 4358656 ----a-w- C:\Windows\SysWow64\amdmantle32.dll
2014-04-18 01:51:44 23409152 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2014-04-18 01:46:34 368128 ----a-w- C:\Windows\System32\atiapfxx.exe
2014-04-18 01:46:26 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
2014-04-18 01:46:24 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2014-04-18 01:46:18 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
2014-04-18 01:46:18 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2014-04-18 01:46:04 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll
2014-04-18 01:45:56 91136 ----a-w- C:\Windows\System32\mantleaxl64.dll
2014-04-18 01:45:46 85504 ----a-w- C:\Windows\SysWow64\mantleaxl32.dll
2014-04-18 01:42:52 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2014-04-18 01:33:06 48128 ----a-w- C:\Windows\System32\amdmmcl6.dll
2014-04-18 01:33:02 37888 ----a-w- C:\Windows\SysWow64\amdmmcl.dll
2014-04-18 01:30:14 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2014-04-18 01:30:02 31232 ----a-w- C:\Windows\System32\atimuixx.dll
2014-04-18 01:29:54 586240 ----a-w- C:\Windows\System32\atieclxx.exe
2014-04-18 01:29:24 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2014-04-18 01:28:30 190976 ----a-w- C:\Windows\System32\atitmm64.dll
2014-04-18 01:21:30 806912 ----a-w- C:\Windows\System32\coinst_14.100.dll
2014-04-18 01:09:20 1177600 ----a-w- C:\Windows\System32\atiadlxx.dll
2014-04-18 01:09:00 848896 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2014-04-18 01:07:54 75264 ----a-w- C:\Windows\System32\atig6pxx.dll
2014-04-18 01:07:46 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2014-04-18 01:07:46 69632 ----a-w- C:\Windows\System32\atiglpxx.dll
2014-04-18 01:07:36 146944 ----a-w- C:\Windows\System32\atig6txx.dll
2014-04-18 01:07:20 133632 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2014-04-18 01:07:06 638976 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2014-04-18 01:04:24 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-02 10:13:11 0 ----a-w- C:\Windows\ativpsrm.bin
2014-04-01 02:46:48 130712 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2014-04-01 02:46:48 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-03-24 15:10:10 65536 ----a-w- C:\Windows\ICE_JNIRegistry.dll
.
============= FINISH: 19:01:21.72 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,523 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:01 PM

Posted 13 June 2014 - 09:07 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Clean the Java Cache. Tutorial here.
http://www.java.com/en/download/help/plugin_cache.xml
<<<>>>

Empty flash cache.
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html
<<<>>>

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#3 Jsag

Jsag
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:01 PM

Posted 13 June 2014 - 06:05 PM

Still getting them just as frequently, whenever I open a new tab, click in a tab, etc. If I turn Scriptsafe addon for google chrome on, it prevents them from happening in google chrome (But not in steam, which uses your web browser for the store and other net browsing services), but also prevents me from watching netflix or anything like that.
 
 
# AdwCleaner v3.212 - Report created 13/06/2014 at 19:03:52
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jason - JASON-PC
# Running from : C:\Users\Jason.Jason-PC\Downloads\adwcleaner_3.212 (2).exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AppDataLow\Software\adawarebp
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16545
 
 
-\\ Google Chrome v35.0.1916.153
 
*************************
 
AdwCleaner[R3].txt - [611 octets] - [13/06/2014 19:03:52]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [670 octets] ##########
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
Ran by Jason (administrator) on JASON-PC on 13-06-2014 19:14:27
Running from C:\Users\Jason.Jason-PC\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
(Acer Group) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
(IOI) C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe
(Corsair Components  Inc) C:\Program Files (x86)\corsair\M95 Mouse\M95Hid.exe
(Corsair Components, Inc.) C:\Program Files (x86)\corsair\Corsair Headset Software\HeadsetControlPanel.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Corsair Components  Inc) C:\Program Files (x86)\corsair\M95 Mouse\CorsTra.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft) C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUI.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ehome\ehrec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Jason.Jason-PC\Downloads\FRST64 (2).exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10396440 2014-04-14] (Logitech Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe [7715160 2014-06-03] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe [563744 2010-03-25] ()
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-24] (Symantec Corporation)
HKLM-x32\...\Run: [Gateway Photo Frame] => C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe [124416 2009-07-20] (IOI)
HKLM-x32\...\Run: [Corsair Duke] => C:\Program Files (x86)\Corsair\M95 Mouse\M95Hid.exe [1771520 2013-08-15] (Corsair Components  Inc)
HKLM-x32\...\Run: [Corsair Headset Software] => C:\Program Files (x86)\Corsair\Corsair Headset Software\HeadsetControlPanel.exe [3167544 2014-02-12] (Corsair Components, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\RunOnce: [IdentityCardFUB] - C:\Windows\oem\IdentityCard\FUB.exe [227872 2009-10-08] ()
HKU\S-1-5-21-3021804043-2976222400-1849095238-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Genie.lnk
ShortcutTarget: NETGEAR WNDA3100v2 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4320&r=17360514e806p0435v125k4681r265
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4320&r=17360514e806p0435v125k4681r265
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 64.251.13.6 162.243.207.106 66.153.162.98
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
 
Chrome: 
=======
CHR Extension: (Google Drive) - C:\Users\Jason.Jason-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jason.Jason-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-31]
CHR Extension: (YouTube) - C:\Users\Jason.Jason-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-31]
CHR Extension: (Google Search) - C:\Users\Jason.Jason-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-31]
CHR Extension: (Google Wallet) - C:\Users\Jason.Jason-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-31]
CHR Extension: (ScriptSafe) - C:\Users\Jason.Jason-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2014-06-10]
CHR Extension: (Gmail) - C:\Users\Jason.Jason-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-31]
 
==================== Services (Whitelisted) =================
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe [706864 2014-06-03] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R3 AVer7231_x64; C:\Windows\System32\DRIVERS\AVer7231_x64.sys [1622528 2009-08-24] (AVerMedia TECHNOLOGIES, Inc.)
R3 CorsairAudioFilter; C:\Windows\System32\DRIVERS\corsveng2kamd64.sys [109912 2014-02-03] (Corsair Components, Inc.)
R3 DUKEMS; C:\Windows\System32\drivers\DUKEMS.sys [25600 2012-08-16] ( )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S1 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [146928 2010-02-08] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-13 19:12 - 2014-06-13 19:14 - 02081792 _____ (Farbar) C:\Users\Jason.Jason-PC\Downloads\FRST64 (2).exe
2014-06-13 19:05 - 2014-06-13 19:05 - 02081792 _____ (Farbar) C:\Users\Jason.Jason-PC\Downloads\FRST64 (1).exe
2014-06-13 19:03 - 2014-06-13 19:03 - 01333465 _____ () C:\Users\Jason.Jason-PC\Downloads\adwcleaner_3.212 (2).exe
2014-06-10 19:01 - 2014-06-10 19:01 - 00026346 _____ () C:\Users\Jason.Jason-PC\Desktop\dds.txt
2014-06-10 19:01 - 2014-06-10 19:01 - 00010085 _____ () C:\Users\Jason.Jason-PC\Desktop\attach.txt
2014-06-10 18:55 - 2014-06-10 18:55 - 00688992 ____R (Swearware) C:\Users\Jason.Jason-PC\Downloads\dds.com
2014-06-10 18:52 - 2014-06-10 18:52 - 00854378 _____ () C:\Users\Jason.Jason-PC\Downloads\SecurityCheck.exe
2014-06-10 18:52 - 2014-06-10 18:52 - 00415744 _____ (Farbar) C:\Users\Jason.Jason-PC\Downloads\FSS.exe
2014-06-10 14:55 - 2014-06-10 14:56 - 00918672 _____ (Google Inc.) C:\Users\Jason.Jason-PC\Downloads\ChromeSetup.exe
2014-06-10 14:53 - 2014-06-10 14:53 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Oracle
2014-06-10 14:52 - 2014-06-10 14:54 - 00041466 _____ () C:\Users\Jason.Jason-PC\Downloads\Addition.txt
2014-06-10 14:50 - 2014-06-10 14:50 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-10 14:50 - 2014-06-10 14:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-10 14:50 - 2014-06-10 14:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-10 14:50 - 2014-06-10 14:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-10 14:46 - 2014-06-13 19:14 - 00014153 _____ () C:\Users\Jason.Jason-PC\Downloads\FRST.txt
2014-06-10 14:45 - 2014-06-13 19:14 - 00000000 ____D () C:\FRST
2014-06-10 14:45 - 2014-06-10 14:45 - 02080768 _____ (Farbar) C:\Users\Jason.Jason-PC\Downloads\FRST64.exe
2014-06-10 14:45 - 2014-06-10 14:45 - 00918952 _____ (Oracle Corporation) C:\Users\Jason.Jason-PC\Downloads\chromeinstall-7u60.exe
2014-06-10 14:33 - 2014-06-13 19:10 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\CrashDumps
2014-06-10 14:17 - 2014-06-10 14:17 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-JASON-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-06-10 14:16 - 2014-06-10 14:16 - 00000000 ____D () C:\RegBackup
2014-06-10 14:15 - 2014-06-10 14:15 - 00000000 ____D () C:\Users\Jason.Jason-PC\Desktop\Tweaking.com - Windows Repair
2014-06-10 13:20 - 2014-06-10 13:21 - 13829304 _____ (Microsoft Corporation) C:\Users\Jason.Jason-PC\Downloads\mseinstall.exe
2014-06-10 12:41 - 2014-06-10 12:41 - 03388580 _____ () C:\Users\Jason.Jason-PC\Downloads\tweaking.com_windows_repair_aio.zip
2014-06-10 12:41 - 2014-06-10 12:41 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-10 12:41 - 2014-06-10 12:41 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-10 12:39 - 2014-06-10 12:40 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Jason.Jason-PC\Downloads\mbar-1.07.0.1012.exe
2014-06-10 12:39 - 2014-06-10 12:40 - 05245952 _____ () C:\Users\Jason.Jason-PC\Downloads\RogueKillerX64.exe
2014-06-10 01:57 - 2014-06-10 01:57 - 01333465 _____ () C:\Users\Jason.Jason-PC\Downloads\adwcleaner_3.212 (1).exe
2014-06-10 01:55 - 2014-06-10 01:55 - 00702688 _____ () C:\Users\Jason.Jason-PC\Downloads\adwcleaner-3-210-en.exe
2014-06-10 01:48 - 2014-06-10 01:48 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-06-10 01:37 - 2014-06-10 01:48 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-06-10 01:36 - 2014-06-10 01:37 - 10971424 _____ (SurfRight B.V.) C:\Users\Jason.Jason-PC\Downloads\HitmanPro_x64.exe
2014-06-10 01:30 - 2014-06-10 01:30 - 00001084 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-06-10 01:30 - 2014-06-10 01:30 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\VS Revo Group
2014-06-10 01:30 - 2014-06-10 01:30 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-06-10 01:30 - 2014-06-10 01:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-06-10 01:30 - 2014-06-10 01:30 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-06-10 01:30 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-06-10 01:29 - 2014-06-10 01:30 - 10619688 _____ (VS Revo Group ) C:\Users\Jason.Jason-PC\Downloads\RevoUninProSetup.exe
2014-06-10 01:24 - 2014-06-10 01:24 - 00025008 _____ () C:\ComboFix.txt
2014-06-10 01:24 - 2014-06-10 01:24 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-10 01:24 - 2014-06-10 01:24 - 00000000 ____D () C:\Users\Jason\AppData\Local\temp
2014-06-10 01:24 - 2014-06-10 01:24 - 00000000 ____D () C:\Users\Jason Sager\AppData\Local\temp
2014-06-10 01:24 - 2014-06-10 01:24 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-10 01:24 - 2014-06-10 01:24 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-10 01:24 - 2014-06-10 01:24 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-09 20:15 - 2014-06-09 20:15 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\7 Days To Die
2014-06-09 17:24 - 2014-06-09 17:24 - 01333465 _____ () C:\Users\Jason.Jason-PC\Downloads\AdwCleaner.exe
2014-06-09 17:22 - 2014-06-09 17:22 - 00000800 _____ () C:\Users\Jason.Jason-PC\Desktop\JRT.txt
2014-06-09 17:16 - 2014-06-09 17:16 - 00000000 ____D () C:\Windows\ERUNT
2014-06-09 17:15 - 2014-06-09 17:15 - 01016261 _____ (Thisisu) C:\Users\Jason.Jason-PC\Downloads\JRT.exe
2014-06-09 17:12 - 2014-06-09 17:13 - 42379297 _____ () C:\Users\Jason.Jason-PC\Downloads\Movie on 4-21-14 at 7.24 PM copy.mov
2014-06-09 17:10 - 2014-06-09 17:10 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Lavasoft
2014-06-09 09:25 - 2014-06-09 09:25 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\LavasoftStatistics
2014-06-09 09:21 - 2014-06-09 09:21 - 01707144 _____ () C:\Users\Jason.Jason-PC\Downloads\Adaware_Installer.exe
2014-06-09 00:40 - 2009-06-10 17:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140609-004018.backup
2014-06-09 00:36 - 2014-06-10 13:08 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-09 00:35 - 2014-06-10 13:08 - 00000000 ____D () C:\Users\Jason.Jason-PC\Desktop\mbar
2014-06-09 00:35 - 2014-06-10 12:41 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-08 19:50 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-08 19:50 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-08 19:50 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-08 19:50 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-08 19:50 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-08 19:50 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-08 19:50 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-08 19:50 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-08 19:48 - 2014-06-10 01:24 - 00000000 ____D () C:\Qoobox
2014-06-08 19:48 - 2014-06-10 01:23 - 00000000 ____D () C:\Windows\erdnt
2014-06-08 19:48 - 2014-06-10 01:01 - 05205915 ____R (Swearware) C:\Users\Jason.Jason-PC\Downloads\ComboFix.exe
2014-06-08 15:30 - 2014-06-13 19:05 - 00000000 ____D () C:\AdwCleaner
2014-06-08 15:30 - 2014-06-08 15:30 - 00000000 _____ () C:\autoexec.bat
2014-06-08 15:30 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-08 15:29 - 2014-06-10 01:29 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-08 15:29 - 2014-06-08 15:29 - 01333465 _____ () C:\Users\Jason.Jason-PC\Downloads\adwcleaner_3.212.exe
2014-06-08 15:29 - 2014-06-08 15:29 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-08 15:26 - 2014-06-08 15:26 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Jason.Jason-PC\Downloads\SpyHunter-Installer.exe
2014-06-08 09:08 - 2014-06-08 09:08 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Malwarebytes
2014-06-06 22:06 - 2014-06-06 22:07 - 17276616 _____ (Logitech ) C:\Users\Jason.Jason-PC\Downloads\lgs510_x64.exe
2014-06-06 03:10 - 2014-06-06 03:10 - 770923578 _____ () C:\Windows\MEMORY.DMP
2014-06-06 03:10 - 2014-06-06 03:10 - 00344632 _____ () C:\Windows\Minidump\060614-54397-01.dmp
2014-06-05 14:57 - 2014-06-05 14:57 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Google
2014-06-05 03:55 - 2014-06-05 03:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-05 03:37 - 2013-05-10 01:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-06-05 03:37 - 2013-05-10 01:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-06-05 03:37 - 2013-05-10 00:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-06-05 03:37 - 2013-05-10 00:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-06-05 03:27 - 2014-06-06 03:05 - 00013985 _____ () C:\Windows\IE11_main.log
2014-06-05 03:20 - 2014-05-05 20:46 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-05 03:20 - 2014-05-05 20:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-05 03:20 - 2014-05-05 20:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-05 03:20 - 2014-05-05 19:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-05 03:20 - 2014-05-05 19:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-05 03:20 - 2014-05-05 19:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-05 00:18 - 2014-06-05 00:19 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Applian FLV and Media Player
2014-06-05 00:17 - 2014-06-05 01:04 - 1632534079 _____ () C:\Users\Jason.Jason-PC\Downloads\ff05092014-part-3.mov
2014-06-05 00:17 - 2014-06-05 01:01 - 1347970725 _____ () C:\Users\Jason.Jason-PC\Downloads\ff05092014-pre-show.mov
2014-06-04 23:22 - 2014-06-05 00:13 - 1691630312 _____ () C:\Users\Jason.Jason-PC\Downloads\ff05092014-part-1.mp4
2014-06-04 23:22 - 2014-06-05 00:12 - 1631299319 _____ () C:\Users\Jason.Jason-PC\Downloads\ff05092014-part-2.mov
2014-06-04 14:25 - 2014-05-09 02:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-04 14:25 - 2014-05-09 02:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-04 14:25 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-04 14:25 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-04 14:25 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-04 14:25 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-06-04 14:25 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-06-04 14:25 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-06-04 14:25 - 2013-12-31 19:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-06-04 14:25 - 2013-12-31 19:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-06-04 14:25 - 2013-12-05 22:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-04 14:25 - 2013-12-05 22:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-04 14:25 - 2013-12-05 22:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-04 14:25 - 2013-12-05 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-04 14:25 - 2013-12-03 22:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-06-04 14:25 - 2013-12-03 22:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-06-04 14:25 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-06-04 14:25 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-06-04 14:25 - 2013-12-03 22:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-06-04 14:25 - 2013-12-03 22:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-06-04 14:25 - 2013-12-03 22:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-06-04 14:25 - 2013-12-03 22:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-06-04 14:25 - 2013-12-03 22:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-06-04 14:25 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-06-04 14:25 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-06-04 14:25 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-06-04 14:25 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-06-04 14:25 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-06-04 14:25 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-06-04 14:25 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-06-04 14:25 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-06-04 14:25 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-06-04 14:25 - 2013-11-26 21:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-06-04 14:25 - 2013-11-26 21:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-06-04 14:25 - 2013-11-26 21:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-06-04 14:25 - 2013-11-26 21:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-06-04 14:25 - 2013-11-26 21:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-06-04 14:25 - 2013-11-26 21:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-06-04 14:25 - 2013-11-26 21:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-06-04 14:25 - 2013-11-11 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-06-04 14:25 - 2013-11-11 22:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-06-04 14:25 - 2013-10-29 22:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-06-04 14:25 - 2013-10-29 22:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-06-04 14:25 - 2013-10-18 22:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-06-04 14:25 - 2013-10-18 21:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-06-04 14:25 - 2013-10-05 16:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-06-04 14:25 - 2013-10-05 15:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-06-04 14:25 - 2013-10-03 22:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-06-04 14:25 - 2013-10-03 22:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-06-04 14:25 - 2013-10-03 22:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-06-04 14:25 - 2013-10-03 22:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-06-04 14:25 - 2013-10-03 21:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-06-04 14:25 - 2013-10-03 21:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-06-04 14:25 - 2013-10-03 21:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-06-04 14:25 - 2013-10-03 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-06-04 14:25 - 2013-09-27 21:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-04 14:25 - 2013-08-04 22:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-06-04 14:25 - 2013-07-04 08:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-06-04 14:25 - 2013-07-04 07:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-06-04 14:25 - 2013-06-06 01:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-06-04 14:25 - 2013-06-06 01:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-06-04 14:25 - 2013-06-06 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-06-04 14:25 - 2013-06-06 01:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-06-04 14:25 - 2013-06-06 00:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-06-04 14:25 - 2013-06-06 00:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-06-04 14:25 - 2013-06-06 00:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-06-04 14:25 - 2013-06-05 23:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-06-04 14:25 - 2013-06-05 23:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-06-04 14:25 - 2013-06-05 23:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-06-04 14:25 - 2013-03-19 01:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-06-04 14:24 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-04 14:24 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-04 14:24 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-04 14:24 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-04 14:24 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-04 14:24 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-04 14:24 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-04 14:24 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-04 14:24 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-04 14:24 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-04 14:24 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-06-04 14:24 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-04 14:24 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-04 14:24 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-04 14:24 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-06-04 14:24 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-04 14:24 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-04 14:24 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-06-04 14:24 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-04 14:24 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-04 14:24 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-04 14:24 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-06-04 14:24 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-06-04 14:24 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-04 14:24 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-04 14:24 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-04 14:24 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-04 14:24 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-04 14:24 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-04 14:24 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-04 14:24 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-04 14:24 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-04 14:24 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-04 14:24 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-04 14:24 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-04 14:24 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-04 14:24 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-04 14:24 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-04 14:24 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-04 14:24 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-04 14:24 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-04 14:24 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-04 14:24 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-04 14:24 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-04 14:24 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-04 14:24 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-06-04 14:24 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-06-04 14:24 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-04 14:24 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-06-04 14:24 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-06-04 14:24 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-06-04 14:24 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-06-04 14:24 - 2014-02-03 22:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-04 14:24 - 2014-02-03 22:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-04 14:24 - 2014-02-03 22:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-06-04 14:24 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-06-04 14:24 - 2014-02-03 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-06-04 14:24 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-06-04 14:24 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-06-04 14:24 - 2014-01-23 22:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-06-04 14:24 - 2013-11-26 07:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-04 14:24 - 2013-10-11 22:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-06-04 14:24 - 2013-10-11 22:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-06-04 14:24 - 2013-10-11 22:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-06-04 14:24 - 2013-10-11 22:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-06-04 14:24 - 2013-10-11 22:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-06-04 14:24 - 2013-10-11 22:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-06-04 14:24 - 2013-10-11 22:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-06-04 14:24 - 2013-10-11 22:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-06-04 14:24 - 2013-10-11 22:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-06-04 14:24 - 2013-10-11 21:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-06-04 14:24 - 2013-10-11 21:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-06-04 14:24 - 2013-10-11 21:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-06-04 14:24 - 2013-10-11 21:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-06-04 14:24 - 2013-10-02 22:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-04 14:24 - 2013-10-02 22:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-04 14:24 - 2013-09-24 22:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-06-04 14:24 - 2013-09-24 21:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-06-04 14:24 - 2013-09-07 22:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-04 14:24 - 2013-09-07 22:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-06-04 14:24 - 2013-09-07 22:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-06-04 14:24 - 2013-08-28 22:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-06-04 14:24 - 2013-08-28 22:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-06-04 14:24 - 2013-08-28 22:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-06-04 14:24 - 2013-08-28 21:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-06-04 14:24 - 2013-08-28 21:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-06-04 14:24 - 2013-08-28 21:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-06-04 14:24 - 2013-08-27 21:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-06-04 14:24 - 2013-08-27 05:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-04 14:24 - 2013-08-27 05:01 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-04 14:24 - 2013-08-27 04:21 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-04 14:24 - 2013-08-01 22:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 21:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-06-04 14:24 - 2013-08-01 20:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-06-04 14:24 - 2013-08-01 20:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 20:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 20:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 20:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-06-04 14:24 - 2013-08-01 08:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-06-04 14:24 - 2013-07-25 22:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-06-04 14:24 - 2013-07-25 21:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-06-04 14:24 - 2013-07-20 06:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-04 14:24 - 2013-07-20 06:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-04 14:24 - 2013-07-12 06:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-06-04 14:24 - 2013-07-04 08:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-06-04 14:24 - 2013-07-04 08:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-06-04 14:24 - 2013-07-04 08:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-06-04 14:24 - 2013-07-04 07:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-06-04 14:24 - 2013-07-04 07:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-06-04 14:24 - 2013-07-04 06:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-06-04 14:24 - 2013-07-03 00:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-06-04 14:24 - 2013-07-03 00:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-06-04 14:24 - 2013-06-25 18:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-06-04 14:24 - 2013-04-10 02:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-06-04 14:24 - 2011-02-03 07:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-06-04 03:00 - 2014-06-04 03:00 - 00000000 ____D () C:\Windows\system32\SPReview
2014-06-03 10:38 - 2014-06-03 10:38 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\Windows Live
2014-06-03 10:35 - 2014-06-03 10:35 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-03 10:35 - 2014-06-03 10:35 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-03 10:35 - 2014-06-03 10:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-03 10:35 - 2014-06-03 10:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-03 10:35 - 2014-06-03 10:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-03 10:35 - 2014-06-03 10:35 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-03 10:35 - 2014-06-03 10:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-03 10:35 - 2014-06-03 10:35 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-03 10:35 - 2014-06-03 10:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-03 10:35 - 2014-06-03 10:35 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-03 10:35 - 2014-06-03 10:35 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-03 10:35 - 2014-06-03 10:35 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-03 10:35 - 2014-06-03 10:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-03 10:35 - 2014-06-03 10:35 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-02 03:10 - 2014-06-02 03:10 - 00291788 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-06-02 03:09 - 2014-06-03 10:35 - 00010353 _____ () C:\Windows\IE9_main.log
2014-06-02 03:09 - 2014-06-02 03:09 - 00291930 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-05-31 21:04 - 2014-06-03 10:47 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\SecondLife
2014-05-31 21:04 - 2014-05-31 21:04 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\SecondLife
2014-05-31 17:10 - 2014-05-31 17:10 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\dekovir
2014-05-31 15:55 - 2014-05-31 15:55 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\http___www.julien-manici
2014-05-31 15:53 - 2014-05-31 15:53 - 00003107 _____ () C:\Users\Jason.Jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Logon Background Changer.lnk
2014-05-31 15:53 - 2014-05-31 15:53 - 00000000 ____D () C:\Program Files (x86)\Julien MANICI
2014-05-31 15:49 - 2014-05-31 15:49 - 00795217 _____ () C:\Users\Jason.Jason-PC\Downloads\Win7LogonBackgroundChanger_1_5_2.zip
2014-05-31 15:14 - 2014-05-31 15:14 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\PlanetExplorers
2014-05-31 13:24 - 2014-05-31 13:24 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Adobe
2014-05-31 13:18 - 2014-05-31 13:18 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\Skype
2014-05-31 13:17 - 2014-06-13 19:14 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Skype
2014-05-31 13:17 - 2014-05-31 13:17 - 01677440 _____ (Skype Technologies S.A.) C:\Users\Jason.Jason-PC\Downloads\SkypeSetup.exe
2014-05-31 13:17 - 2014-05-31 13:17 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-05-31 13:16 - 2014-05-31 13:16 - 00003270 _____ () C:\Windows\System32\Tasks\{7C061458-63B3-4BCF-9530-B0C75649A73C}
2014-05-31 09:08 - 2014-05-31 09:08 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\ATI
2014-05-31 09:08 - 2014-05-31 09:08 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\ATI
2014-05-31 09:08 - 2014-05-31 09:08 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\AMD
2014-05-31 09:08 - 2014-05-31 09:08 - 00000000 ____D () C:\ProgramData\ATI
2014-05-31 09:07 - 2014-06-08 15:28 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Raptr
2014-05-31 09:07 - 2014-05-31 09:07 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\library_dir
2014-05-31 09:07 - 2014-05-31 09:07 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-05-31 09:06 - 2014-05-31 09:07 - 00000000 ____D () C:\ProgramData\AMD
2014-05-31 09:06 - 2014-05-31 09:06 - 00067160 _____ () C:\Windows\SysWOW64\CCCInstall_201405310906584960.log
2014-05-31 09:06 - 2014-05-31 09:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-05-31 09:05 - 2014-05-31 09:05 - 00000000 ____D () C:\Program Files\AMD
2014-05-31 09:05 - 2014-05-31 09:05 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-05-31 08:57 - 2014-05-31 09:01 - 269338400 _____ (AMD Inc.) C:\Users\Jason.Jason-PC\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-05-31 08:41 - 2014-05-31 08:41 - 00791552 _____ (AMD) C:\Users\Jason.Jason-PC\Downloads\amddriverdownloader.exe
2014-05-31 08:40 - 2014-06-08 20:49 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\Windforge
2014-05-31 08:40 - 2014-05-31 08:40 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\minmaxgames
2014-05-31 08:39 - 2014-05-31 08:39 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\omerta
2014-05-31 08:39 - 2014-05-31 08:39 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\com.radialgames.monsterlovesyou
2014-05-31 08:39 - 2014-05-31 08:39 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\com.northwaygames.incredipede
2014-05-31 08:35 - 2014-05-31 08:35 - 00007593 _____ () C:\Users\Jason.Jason-PC\AppData\Local\Resmon.ResmonCfg
2014-05-31 08:29 - 2014-05-31 08:29 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\Logitech
2014-05-31 08:28 - 2014-05-31 08:28 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Logitech
2014-05-31 08:28 - 2014-05-31 08:28 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Logishrd
2014-05-31 08:23 - 2014-05-31 08:24 - 62122112 _____ (Logitech Inc.) C:\Users\Jason.Jason-PC\Downloads\LGS_8.53.154_x64_Logitech.exe
2014-05-31 08:22 - 2014-05-31 08:23 - 07218589 _____ () C:\Users\Jason.Jason-PC\Downloads\CorsairHeadsetSetupRelease2026.zip
2014-05-31 08:20 - 2014-05-31 08:20 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Corsair Software
2014-05-31 08:20 - 2014-05-31 08:19 - 01193267 _____ () C:\Windows\unins001.exe
2014-05-31 08:16 - 2014-05-31 08:16 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\IOI
2014-05-31 07:54 - 2014-06-10 14:56 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\Google
2014-05-31 07:54 - 2014-05-31 07:54 - 00000020 _____ () C:\Windows\Ìõh
2014-05-31 07:49 - 2014-05-31 07:49 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gateway Photo Frame
2014-05-31 07:48 - 2014-05-31 07:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
2014-05-31 07:46 - 2014-06-03 23:14 - 00001420 _____ () C:\Users\Jason.Jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-31 07:46 - 2014-05-31 07:46 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\OEM
2014-05-31 07:45 - 2014-06-03 23:14 - 00001454 _____ () C:\Users\Jason.Jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-31 07:44 - 2014-06-05 08:05 - 00000000 ___RD () C:\Users\Jason.Jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-31 07:44 - 2014-06-05 08:05 - 00000000 ___RD () C:\Users\Jason.Jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-31 07:42 - 2014-06-13 19:00 - 00003364 _____ () C:\Windows\System32\Tasks\Gateway Registration Data Sending
2014-05-31 07:42 - 2014-06-13 19:00 - 00000356 _____ () C:\Windows\Tasks\Gateway Registration Data Sending.job
2014-05-31 07:41 - 2014-06-10 14:32 - 00068328 _____ () C:\Users\Jason.Jason-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-31 07:40 - 2014-05-31 07:40 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\VirtualStore
2014-05-31 07:39 - 2014-06-13 19:21 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\Temp
2014-05-31 07:39 - 2014-05-31 07:44 - 00000000 ____D () C:\Users\Jason.Jason-PC
2014-05-31 07:39 - 2014-05-31 07:39 - 00000020 ___SH () C:\Users\Jason.Jason-PC\ntuser.ini
2014-05-31 07:39 - 2012-07-17 15:31 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Macromedia
2014-05-31 07:39 - 2012-01-02 14:56 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\Microsoft Help
2014-05-31 07:39 - 2009-07-14 00:54 - 00000000 ___RD () C:\Users\Jason.Jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-31 07:39 - 2009-07-14 00:49 - 00000000 ___RD () C:\Users\Jason.Jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-31 07:34 - 2014-06-13 19:05 - 01221873 _____ () C:\Windows\WindowsUpdate.log
2014-05-31 06:56 - 2014-05-31 07:01 - 00000000 ____D () C:\Backup
2014-05-30 22:49 - 2014-05-31 07:48 - 00000000 ____D () C:\Users\Jason\Desktop\Species ALRE 0.6.1
2014-05-30 22:47 - 2014-05-30 22:49 - 80787865 _____ () C:\Users\Jason\Downloads\Species 0.6.1 (Alpha).zip
2014-05-30 22:46 - 2014-05-30 22:46 - 07671808 _____ () C:\Users\Jason\Downloads\xnafx31_redist.msi
2014-05-23 16:26 - 2014-05-31 07:13 - 00000000 ____D () C:\Users\Jason\AppData\Local\Game Dev Tycoon - Steam
2014-05-21 23:47 - 2014-05-21 23:47 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\Egosoft
2014-05-21 21:28 - 2014-05-21 21:28 - 00000000 ____D () C:\Program Files\Logitech
2014-05-21 21:28 - 2014-05-21 21:28 - 00000000 ____D () C:\Program Files\Common Files\Logitech
2014-05-21 21:26 - 2014-05-21 21:26 - 17276616 _____ (Logitech ) C:\Users\Jason\Downloads\lgs510_x64.exe
2014-05-20 17:54 - 2014-05-20 17:54 - 01192831 _____ () C:\Windows\unins002.exe
2014-05-20 17:54 - 2014-05-20 17:54 - 00010733 _____ () C:\Windows\unins002.dat
2014-05-20 17:53 - 2014-05-31 08:24 - 00090210 _____ () C:\Windows\unins001.dat
2014-05-20 17:53 - 2014-05-20 17:53 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Corsair Software
2014-05-20 17:53 - 2012-08-16 11:47 - 00025600 _____ ( ) C:\Windows\system32\Drivers\DUKEMS.sys
2014-05-20 17:50 - 2014-05-20 17:52 - 32059221 _____ () C:\Users\Jason\Downloads\M95-setup-091913.zip
2014-05-20 17:33 - 2014-05-20 17:33 - 00000000 ____D () C:\found.002
2014-05-20 17:02 - 2014-05-20 17:02 - 01192831 _____ () C:\Windows\unins000.exe
2014-05-20 16:53 - 2014-05-31 08:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corsair
2014-05-20 16:52 - 2014-05-31 08:27 - 00000000 ____D () C:\Program Files (x86)\corsair
2014-05-20 16:52 - 2014-05-20 17:02 - 00027407 _____ () C:\Windows\unins000.dat
2014-05-20 16:51 - 2014-05-20 16:51 - 00984323 _____ () C:\Users\Jason\Downloads\M90110211v108.zip
2014-05-20 16:38 - 2014-05-31 08:24 - 00039538 _____ () C:\Windows\DPINST.LOG
2014-05-20 16:36 - 2014-05-20 16:36 - 32175200 _____ () C:\Users\Jason\Downloads\M90-setup-060513.zip
 
==================== One Month Modified Files and Folders =======
 
2014-06-13 19:21 - 2014-05-31 07:39 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\Temp
2014-06-13 19:19 - 2014-06-10 14:46 - 00014153 _____ () C:\Users\Jason.Jason-PC\Downloads\FRST.txt
2014-06-13 19:18 - 2012-01-02 02:21 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-13 19:17 - 2014-05-31 07:34 - 01221873 _____ () C:\Windows\WindowsUpdate.log
2014-06-13 19:15 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-13 19:15 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-13 19:14 - 2014-06-13 19:12 - 02081792 _____ (Farbar) C:\Users\Jason.Jason-PC\Downloads\FRST64 (2).exe
2014-06-13 19:14 - 2014-06-10 14:45 - 00000000 ____D () C:\FRST
2014-06-13 19:14 - 2014-05-31 13:17 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Skype
2014-06-13 19:12 - 2014-05-10 21:00 - 00002312 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-06-13 19:10 - 2014-06-10 14:33 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\CrashDumps
2014-06-13 19:08 - 2012-01-02 02:21 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-13 19:06 - 2010-04-12 05:11 - 00183364 _____ () C:\Windows\PFRO.log
2014-06-13 19:06 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-13 19:06 - 2009-07-14 00:51 - 00028976 _____ () C:\Windows\setupact.log
2014-06-13 19:05 - 2014-06-13 19:05 - 02081792 _____ (Farbar) C:\Users\Jason.Jason-PC\Downloads\FRST64 (1).exe
2014-06-13 19:05 - 2014-06-08 15:30 - 00000000 ____D () C:\AdwCleaner
2014-06-13 19:03 - 2014-06-13 19:03 - 01333465 _____ () C:\Users\Jason.Jason-PC\Downloads\adwcleaner_3.212 (2).exe
2014-06-13 19:02 - 2012-01-02 02:21 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-13 19:00 - 2014-05-31 07:42 - 00003364 _____ () C:\Windows\System32\Tasks\Gateway Registration Data Sending
2014-06-13 19:00 - 2014-05-31 07:42 - 00000356 _____ () C:\Windows\Tasks\Gateway Registration Data Sending.job
2014-06-13 18:38 - 2014-04-02 05:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-12 15:44 - 2013-06-27 19:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-10 19:01 - 2014-06-10 19:01 - 00026346 _____ () C:\Users\Jason.Jason-PC\Desktop\dds.txt
2014-06-10 19:01 - 2014-06-10 19:01 - 00010085 _____ () C:\Users\Jason.Jason-PC\Desktop\attach.txt
2014-06-10 18:55 - 2014-06-10 18:55 - 00688992 ____R (Swearware) C:\Users\Jason.Jason-PC\Downloads\dds.com
2014-06-10 18:52 - 2014-06-10 18:52 - 00854378 _____ () C:\Users\Jason.Jason-PC\Downloads\SecurityCheck.exe
2014-06-10 18:52 - 2014-06-10 18:52 - 00415744 _____ (Farbar) C:\Users\Jason.Jason-PC\Downloads\FSS.exe
2014-06-10 15:07 - 2014-04-02 05:30 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-10 15:07 - 2012-08-21 20:47 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-10 15:07 - 2012-08-21 20:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-10 14:59 - 2012-10-16 10:48 - 00002226 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-10 14:57 - 2012-01-02 02:21 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-10 14:57 - 2012-01-02 02:21 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-10 14:56 - 2014-06-10 14:55 - 00918672 _____ (Google Inc.) C:\Users\Jason.Jason-PC\Downloads\ChromeSetup.exe
2014-06-10 14:56 - 2014-05-31 07:54 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\Google
2014-06-10 14:54 - 2014-06-10 14:52 - 00041466 _____ () C:\Users\Jason.Jason-PC\Downloads\Addition.txt
2014-06-10 14:54 - 2010-04-12 05:08 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-10 14:53 - 2014-06-10 14:53 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Oracle
2014-06-10 14:51 - 2014-03-07 16:41 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-10 14:50 - 2014-06-10 14:50 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-10 14:50 - 2014-06-10 14:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-10 14:50 - 2014-06-10 14:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-10 14:50 - 2014-06-10 14:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-10 14:45 - 2014-06-10 14:45 - 02080768 _____ (Farbar) C:\Users\Jason.Jason-PC\Downloads\FRST64.exe
2014-06-10 14:45 - 2014-06-10 14:45 - 00918952 _____ (Oracle Corporation) C:\Users\Jason.Jason-PC\Downloads\chromeinstall-7u60.exe
2014-06-10 14:32 - 2014-05-31 07:41 - 00068328 _____ () C:\Users\Jason.Jason-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-10 14:31 - 2009-07-14 03:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-06-10 14:29 - 2009-07-14 00:45 - 00308808 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-10 14:26 - 2009-07-13 22:34 - 00000439 _____ () C:\Windows\win.ini
2014-06-10 14:17 - 2014-06-10 14:17 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-JASON-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-06-10 14:16 - 2014-06-10 14:16 - 00000000 ____D () C:\RegBackup
2014-06-10 14:15 - 2014-06-10 14:15 - 00000000 ____D () C:\Users\Jason.Jason-PC\Desktop\Tweaking.com - Windows Repair
2014-06-10 13:23 - 2012-03-17 14:10 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-06-10 13:22 - 2012-09-26 03:02 - 00002124 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-10 13:22 - 2012-05-01 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-10 13:22 - 2012-03-17 14:10 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-10 13:21 - 2014-06-10 13:20 - 13829304 _____ (Microsoft Corporation) C:\Users\Jason.Jason-PC\Downloads\mseinstall.exe
2014-06-10 13:18 - 2009-07-13 22:34 - 00000768 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_763
2014-06-10 13:08 - 2014-06-09 00:36 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-10 13:08 - 2014-06-09 00:35 - 00000000 ____D () C:\Users\Jason.Jason-PC\Desktop\mbar
2014-06-10 12:41 - 2014-06-10 12:41 - 03388580 _____ () C:\Users\Jason.Jason-PC\Downloads\tweaking.com_windows_repair_aio.zip
2014-06-10 12:41 - 2014-06-10 12:41 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-10 12:41 - 2014-06-10 12:41 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-10 12:41 - 2014-06-09 00:35 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-10 12:40 - 2014-06-10 12:39 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Jason.Jason-PC\Downloads\mbar-1.07.0.1012.exe
2014-06-10 12:40 - 2014-06-10 12:39 - 05245952 _____ () C:\Users\Jason.Jason-PC\Downloads\RogueKillerX64.exe
2014-06-10 01:57 - 2014-06-10 01:57 - 01333465 _____ () C:\Users\Jason.Jason-PC\Downloads\adwcleaner_3.212 (1).exe
2014-06-10 01:55 - 2014-06-10 01:55 - 00702688 _____ () C:\Users\Jason.Jason-PC\Downloads\adwcleaner-3-210-en.exe
2014-06-10 01:48 - 2014-06-10 01:48 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-06-10 01:48 - 2014-06-10 01:37 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-06-10 01:37 - 2014-06-10 01:36 - 10971424 _____ (SurfRight B.V.) C:\Users\Jason.Jason-PC\Downloads\HitmanPro_x64.exe
2014-06-10 01:35 - 2010-04-12 05:04 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-06-10 01:30 - 2014-06-10 01:30 - 00001084 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-06-10 01:30 - 2014-06-10 01:30 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\VS Revo Group
2014-06-10 01:30 - 2014-06-10 01:30 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-06-10 01:30 - 2014-06-10 01:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-06-10 01:30 - 2014-06-10 01:30 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-06-10 01:30 - 2014-06-10 01:29 - 10619688 _____ (VS Revo Group ) C:\Users\Jason.Jason-PC\Downloads\RevoUninProSetup.exe
2014-06-10 01:29 - 2014-06-08 15:29 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-10 01:24 - 2014-06-10 01:24 - 00025008 _____ () C:\ComboFix.txt
2014-06-10 01:24 - 2014-06-10 01:24 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-10 01:24 - 2014-06-10 01:24 - 00000000 ____D () C:\Users\Jason\AppData\Local\temp
2014-06-10 01:24 - 2014-06-10 01:24 - 00000000 ____D () C:\Users\Jason Sager\AppData\Local\temp
2014-06-10 01:24 - 2014-06-10 01:24 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-10 01:24 - 2014-06-10 01:24 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-10 01:24 - 2014-06-10 01:24 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-10 01:24 - 2014-06-08 19:48 - 00000000 ____D () C:\Qoobox
2014-06-10 01:24 - 2013-06-22 19:57 - 00000000 ____D () C:\Users\Jason Sager
2014-06-10 01:24 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-06-10 01:23 - 2014-06-08 19:48 - 00000000 ____D () C:\Windows\erdnt
2014-06-10 01:21 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-10 01:12 - 2012-01-02 02:01 - 00000000 ____D () C:\ProgramData\Temp
2014-06-10 01:01 - 2014-06-08 19:48 - 05205915 ____R (Swearware) C:\Users\Jason.Jason-PC\Downloads\ComboFix.exe
2014-06-09 20:15 - 2014-06-09 20:15 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\7 Days To Die
2014-06-09 17:39 - 2009-07-14 01:13 - 00787984 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-09 17:37 - 2010-04-12 05:09 - 00000000 ____D () C:\ProgramData\Norton
2014-06-09 17:24 - 2014-06-09 17:24 - 01333465 _____ () C:\Users\Jason.Jason-PC\Downloads\AdwCleaner.exe
2014-06-09 17:22 - 2014-06-09 17:22 - 00000800 _____ () C:\Users\Jason.Jason-PC\Desktop\JRT.txt
2014-06-09 17:16 - 2014-06-09 17:16 - 00000000 ____D () C:\Windows\ERUNT
2014-06-09 17:15 - 2014-06-09 17:15 - 01016261 _____ (Thisisu) C:\Users\Jason.Jason-PC\Downloads\JRT.exe
2014-06-09 17:13 - 2014-06-09 17:12 - 42379297 _____ () C:\Users\Jason.Jason-PC\Downloads\Movie on 4-21-14 at 7.24 PM copy.mov
2014-06-09 17:10 - 2014-06-09 17:10 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Lavasoft
2014-06-09 09:25 - 2014-06-09 09:25 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\LavasoftStatistics
2014-06-09 09:24 - 2014-05-10 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-06-09 09:21 - 2014-06-09 09:21 - 01707144 _____ () C:\Users\Jason.Jason-PC\Downloads\Adaware_Installer.exe
2014-06-08 20:49 - 2014-05-31 08:40 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\Windforge
2014-06-08 15:30 - 2014-06-08 15:30 - 00000000 _____ () C:\autoexec.bat
2014-06-08 15:29 - 2014-06-08 15:29 - 01333465 _____ () C:\Users\Jason.Jason-PC\Downloads\adwcleaner_3.212.exe
2014-06-08 15:29 - 2014-06-08 15:29 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-08 15:28 - 2014-05-31 09:07 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Raptr
2014-06-08 15:28 - 2014-04-02 06:32 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-06-08 15:28 - 2010-04-12 04:51 - 00000000 ____D () C:\ProgramData\WildTangent
2014-06-08 15:28 - 2010-04-12 04:51 - 00000000 ____D () C:\Program Files (x86)\Gateway Games
2014-06-08 15:28 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-08 15:26 - 2014-06-08 15:26 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Jason.Jason-PC\Downloads\SpyHunter-Installer.exe
2014-06-08 09:08 - 2014-06-08 09:08 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Malwarebytes
2014-06-06 22:16 - 2013-10-03 00:08 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\StarCitizen
2014-06-06 22:11 - 2012-09-17 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-06-06 22:07 - 2014-06-06 22:06 - 17276616 _____ (Logitech ) C:\Users\Jason.Jason-PC\Downloads\lgs510_x64.exe
2014-06-06 03:10 - 2014-06-06 03:10 - 770923578 _____ () C:\Windows\MEMORY.DMP
2014-06-06 03:10 - 2014-06-06 03:10 - 00344632 _____ () C:\Windows\Minidump\060614-54397-01.dmp
2014-06-06 03:10 - 2012-01-02 12:57 - 00000000 ____D () C:\Windows\Minidump
2014-06-06 03:05 - 2014-06-05 03:27 - 00013985 _____ () C:\Windows\IE11_main.log
2014-06-06 03:00 - 2012-01-04 00:00 - 00780106 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-05 14:57 - 2014-06-05 14:57 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Google
2014-06-05 08:05 - 2014-05-31 07:44 - 00000000 ___RD () C:\Users\Jason.Jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-05 08:05 - 2014-05-31 07:44 - 00000000 ___RD () C:\Users\Jason.Jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-05 05:18 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-06-05 03:55 - 2014-06-05 03:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-05 03:55 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-06-05 03:55 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-05 03:55 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-05 01:04 - 2014-06-05 00:17 - 1632534079 _____ () C:\Users\Jason.Jason-PC\Downloads\ff05092014-part-3.mov
2014-06-05 01:01 - 2014-06-05 00:17 - 1347970725 _____ () C:\Users\Jason.Jason-PC\Downloads\ff05092014-pre-show.mov
2014-06-05 00:19 - 2014-06-05 00:18 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Applian FLV and Media Player
2014-06-05 00:13 - 2014-06-04 23:22 - 1691630312 _____ () C:\Users\Jason.Jason-PC\Downloads\ff05092014-part-1.mp4
2014-06-05 00:12 - 2014-06-04 23:22 - 1631299319 _____ () C:\Users\Jason.Jason-PC\Downloads\ff05092014-part-2.mov
2014-06-04 03:43 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-06-04 03:43 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-06-04 03:43 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-06-04 03:43 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-06-04 03:43 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-06-04 03:43 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-06-04 03:43 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-06-04 03:43 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-06-04 03:43 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-06-04 03:43 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-06-04 03:43 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-06-04 03:43 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-06-04 03:43 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-06-04 03:43 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-06-04 03:43 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\servicing
2014-06-04 03:43 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-06-04 03:42 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sppui
2014-06-04 03:42 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-06-04 03:42 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-06-04 03:42 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-06-04 03:42 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-06-04 03:42 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-06-04 03:42 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-06-04 03:37 - 2009-07-13 22:36 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2014-06-04 03:37 - 2009-07-13 22:36 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2014-06-04 03:00 - 2014-06-04 03:00 - 00000000 ____D () C:\Windows\system32\SPReview
2014-06-03 23:14 - 2014-05-31 07:46 - 00001420 _____ () C:\Users\Jason.Jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-06-03 23:14 - 2014-05-31 07:45 - 00001454 _____ () C:\Users\Jason.Jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-03 23:03 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-03 22:58 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-03 15:15 - 2014-04-15 14:34 - 00341296 _____ () C:\Windows\DirectX.log
2014-06-03 10:47 - 2014-05-31 21:04 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\SecondLife
2014-06-03 10:45 - 2013-03-29 00:02 - 00001164 _____ () C:\Users\Public\Desktop\Second Life Viewer.lnk
2014-06-03 10:41 - 2012-06-04 20:37 - 00001381 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2014-06-03 10:41 - 2012-06-04 20:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-06-03 10:40 - 2012-06-04 20:36 - 00002493 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-06-03 10:38 - 2014-06-03 10:38 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\Windows Live
2014-06-03 10:35 - 2014-06-03 10:35 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-03 10:35 - 2014-06-03 10:35 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-03 10:35 - 2014-06-03 10:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-03 10:35 - 2014-06-03 10:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-03 10:35 - 2014-06-03 10:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-03 10:35 - 2014-06-03 10:35 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-03 10:35 - 2014-06-03 10:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-03 10:35 - 2014-06-03 10:35 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-03 10:35 - 2014-06-03 10:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-03 10:35 - 2014-06-03 10:35 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-03 10:35 - 2014-06-03 10:35 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-03 10:35 - 2014-06-03 10:35 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-03 10:35 - 2014-06-03 10:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-03 10:35 - 2014-06-03 10:35 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-03 10:35 - 2014-06-03 10:35 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-03 10:35 - 2014-06-02 03:09 - 00010353 _____ () C:\Windows\IE9_main.log
2014-06-03 10:34 - 2013-08-15 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-03 03:27 - 2010-04-12 04:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-02 03:29 - 2013-03-14 03:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-02 03:29 - 2010-04-12 05:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-06-02 03:10 - 2014-06-02 03:10 - 00291788 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-06-02 03:09 - 2014-06-02 03:09 - 00291930 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-06-02 03:05 - 2013-03-14 03:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-31 21:04 - 2014-05-31 21:04 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\SecondLife
2014-05-31 17:10 - 2014-05-31 17:10 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\dekovir
2014-05-31 15:55 - 2014-05-31 15:55 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\http___www.julien-manici
2014-05-31 15:53 - 2014-05-31 15:53 - 00003107 _____ () C:\Users\Jason.Jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Logon Background Changer.lnk
2014-05-31 15:53 - 2014-05-31 15:53 - 00000000 ____D () C:\Program Files (x86)\Julien MANICI
2014-05-31 15:49 - 2014-05-31 15:49 - 00795217 _____ () C:\Users\Jason.Jason-PC\Downloads\Win7LogonBackgroundChanger_1_5_2.zip
2014-05-31 15:14 - 2014-05-31 15:14 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\PlanetExplorers
2014-05-31 13:24 - 2014-05-31 13:24 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Adobe
2014-05-31 13:18 - 2014-05-31 13:18 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\Skype
2014-05-31 13:17 - 2014-05-31 13:17 - 01677440 _____ (Skype Technologies S.A.) C:\Users\Jason.Jason-PC\Downloads\SkypeSetup.exe
2014-05-31 13:17 - 2014-05-31 13:17 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-05-31 13:17 - 2012-02-08 16:38 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-31 13:17 - 2012-02-08 16:38 - 00000000 ____D () C:\ProgramData\Skype
2014-05-31 13:17 - 2010-04-12 04:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-31 13:16 - 2014-05-31 13:16 - 00003270 _____ () C:\Windows\System32\Tasks\{7C061458-63B3-4BCF-9530-B0C75649A73C}
2014-05-31 09:08 - 2014-05-31 09:08 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\ATI
2014-05-31 09:08 - 2014-05-31 09:08 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\ATI
2014-05-31 09:08 - 2014-05-31 09:08 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\AMD
2014-05-31 09:08 - 2014-05-31 09:08 - 00000000 ____D () C:\ProgramData\ATI
2014-05-31 09:07 - 2014-05-31 09:07 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\library_dir
2014-05-31 09:07 - 2014-05-31 09:07 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-05-31 09:07 - 2014-05-31 09:06 - 00000000 ____D () C:\ProgramData\AMD
2014-05-31 09:06 - 2014-05-31 09:06 - 00067160 _____ () C:\Windows\SysWOW64\CCCInstall_201405310906584960.log
2014-05-31 09:06 - 2014-05-31 09:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-05-31 09:06 - 2014-04-02 05:40 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-05-31 09:05 - 2014-05-31 09:05 - 00000000 ____D () C:\Program Files\AMD
2014-05-31 09:05 - 2014-05-31 09:05 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-05-31 09:01 - 2014-05-31 08:57 - 269338400 _____ (AMD Inc.) C:\Users\Jason.Jason-PC\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-05-31 08:53 - 2012-11-29 22:16 - 00036682 _____ () C:\Windows\system32\lvcoinst.log
2014-05-31 08:41 - 2014-05-31 08:41 - 00791552 _____ (AMD) C:\Users\Jason.Jason-PC\Downloads\amddriverdownloader.exe
2014-05-31 08:40 - 2014-05-31 08:40 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\minmaxgames
2014-05-31 08:39 - 2014-05-31 08:39 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\omerta
2014-05-31 08:39 - 2014-05-31 08:39 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\com.radialgames.monsterlovesyou
2014-05-31 08:39 - 2014-05-31 08:39 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\com.northwaygames.incredipede
2014-05-31 08:35 - 2014-05-31 08:35 - 00007593 _____ () C:\Users\Jason.Jason-PC\AppData\Local\Resmon.ResmonCfg
2014-05-31 08:29 - 2014-05-31 08:29 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\Logitech
2014-05-31 08:29 - 2013-06-22 20:14 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-05-31 08:28 - 2014-05-31 08:28 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Logitech
2014-05-31 08:28 - 2014-05-31 08:28 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Logishrd
2014-05-31 08:27 - 2014-05-20 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corsair
2014-05-31 08:27 - 2014-05-20 16:52 - 00000000 ____D () C:\Program Files (x86)\corsair
2014-05-31 08:24 - 2014-05-31 08:23 - 62122112 _____ (Logitech Inc.) C:\Users\Jason.Jason-PC\Downloads\LGS_8.53.154_x64_Logitech.exe
2014-05-31 08:24 - 2014-05-20 17:53 - 00090210 _____ () C:\Windows\unins001.dat
2014-05-31 08:24 - 2014-05-20 16:38 - 00039538 _____ () C:\Windows\DPINST.LOG
2014-05-31 08:23 - 2014-05-31 08:22 - 07218589 _____ () C:\Users\Jason.Jason-PC\Downloads\CorsairHeadsetSetupRelease2026.zip
2014-05-31 08:22 - 2009-03-12 05:30 - 00000000 ____D () C:\Windows\LP
2014-05-31 08:20 - 2014-05-31 08:20 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Corsair Software
2014-05-31 08:19 - 2014-05-31 08:20 - 01193267 _____ () C:\Windows\unins001.exe
2014-05-31 08:19 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-05-31 08:18 - 2009-07-14 01:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-05-31 08:18 - 2009-07-14 01:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-05-31 08:16 - 2014-05-31 08:16 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\IOI
2014-05-31 08:12 - 2010-04-12 05:12 - 00013241 _____ () C:\Windows\Patch.log
2014-05-31 08:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2014-05-31 08:01 - 2014-01-04 13:35 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\Inquisitor_SaveGames
2014-05-31 08:01 - 2013-01-20 23:01 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\Might & Magic Heroes VI
2014-05-31 08:01 - 2012-12-06 00:38 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\Guild Wars 2
2014-05-31 08:01 - 2012-12-05 03:02 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\intrusion2
2014-05-31 08:01 - 2012-04-26 21:54 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\majesty2
2014-05-31 08:01 - 2012-04-19 14:45 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\Mount&Blade Warband
2014-05-31 08:01 - 2012-02-02 03:13 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\Mount&Blade With Fire and Sword
2014-05-31 08:01 - 2012-01-07 00:31 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\My Cheat Tables
2014-05-31 08:00 - 2012-11-30 22:23 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\Endless Space
2014-05-31 07:59 - 2012-01-02 01:56 - 00000000 ____D () C:\Users\Jason
2014-05-31 07:58 - 2013-05-17 23:19 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\Eador
2014-05-31 07:58 - 2012-07-17 00:14 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\Bandicam
2014-05-31 07:58 - 2012-04-21 04:00 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\Diablo III
2014-05-31 07:58 - 2012-01-02 02:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2014-05-31 07:58 - 2010-04-12 04:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-05-31 07:54 - 2014-05-31 07:54 - 00000020 _____ () C:\Windows\Ìõh
2014-05-31 07:50 - 2012-01-02 02:04 - 00000000 ____D () C:\Windows\System32\Tasks\Recovery Management
2014-05-31 07:50 - 2012-01-02 02:03 - 00000000 ____D () C:\Windows\OEMTemp
2014-05-31 07:49 - 2014-05-31 07:49 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gateway Photo Frame
2014-05-31 07:49 - 2014-05-09 18:51 - 00000000 ____D () C:\Users\Jason\Desktop\Tor Browser
2014-05-31 07:49 - 2012-07-12 12:02 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\ArmA 2
2014-05-31 07:49 - 2012-02-15 13:05 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\Agot
2014-05-31 07:48 - 2014-05-31 07:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
2014-05-31 07:48 - 2014-05-30 22:49 - 00000000 ____D () C:\Users\Jason\Desktop\Species ALRE 0.6.1
2014-05-31 07:48 - 2014-03-24 09:05 - 00000000 ____D () C:\Users\Jason\Desktop\Dundjinni.Platinum.1.07
2014-05-31 07:48 - 2012-11-09 01:09 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Ventrilo
2014-05-31 07:48 - 2012-05-09 13:03 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\WTablet
2014-05-31 07:48 - 2012-02-01 00:44 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Winamp
2014-05-31 07:48 - 2012-01-02 14:12 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\WinRAR
2014-05-31 07:47 - 2013-12-11 23:20 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\TS3Client
2014-05-31 07:47 - 2013-12-09 17:55 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Template
2014-05-31 07:47 - 2012-11-26 03:12 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\TEdit
2014-05-31 07:47 - 2012-07-12 03:06 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\six-updater
2014-05-31 07:47 - 2012-03-31 23:55 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Trine2
2014-05-31 07:47 - 2012-02-08 16:38 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Skype
2014-05-31 07:47 - 2012-01-03 02:33 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\SystemRequirementsLab
2014-05-31 07:47 - 2012-01-02 02:01 - 00505128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-05-31 07:47 - 2012-01-02 02:01 - 00353576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-05-31 07:47 - 2012-01-02 02:01 - 00029480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2014-05-31 07:46 - 2014-05-31 07:46 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Roaming\OEM
2014-05-31 07:46 - 2010-04-12 05:00 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway
2014-05-31 07:46 - 2009-10-05 16:30 - 00000000 ____D () C:\Windows\DeployWinRE2
2014-05-31 07:44 - 2014-05-31 07:39 - 00000000 ____D () C:\Users\Jason.Jason-PC
2014-05-31 07:44 - 2014-04-02 06:33 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Raptr
2014-05-31 07:44 - 2013-11-27 22:41 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Rogue Legacy
2014-05-31 07:44 - 2012-04-19 01:56 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\OnLive App
2014-05-31 07:43 - 2014-05-10 20:06 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\LavasoftStatistics
2014-05-31 07:43 - 2014-05-07 23:09 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Battle.net
2014-05-31 07:43 - 2014-04-02 06:33 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-05-31 07:43 - 2014-03-24 11:20 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tiled
2014-05-31 07:43 - 2014-03-22 18:42 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\mIRC
2014-05-31 07:43 - 2014-01-02 01:53 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Injustice
2014-05-31 07:43 - 2013-12-10 22:53 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Notepad++
2014-05-31 07:43 - 2013-10-03 00:08 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCitizen
2014-05-31 07:43 - 2013-07-21 18:49 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Omerta
2014-05-31 07:43 - 2013-06-14 21:47 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Awesomium
2014-05-31 07:43 - 2013-05-18 20:17 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UltraEdit
2014-05-31 07:43 - 2013-03-14 04:51 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Galaxy on Fire 2 Full HD
2014-05-31 07:43 - 2013-02-24 02:16 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-05-31 07:43 - 2013-02-11 05:12 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Natural Selection 2
2014-05-31 07:43 - 2013-01-20 23:01 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Might & Magic Heroes VI
2014-05-31 07:43 - 2013-01-06 20:29 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Mumble
2014-05-31 07:43 - 2012-11-26 00:24 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terrafirma
2014-05-31 07:43 - 2012-11-17 21:15 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Katawa Shoujo
2014-05-31 07:43 - 2012-11-09 01:09 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
2014-05-31 07:43 - 2012-10-28 05:17 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\DAEMON Tools Lite
2014-05-31 07:43 - 2012-09-08 23:59 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\DarknessII
2014-05-31 07:43 - 2012-07-17 04:13 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIM for Windows
2014-05-31 07:43 - 2012-07-11 18:38 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2014-05-31 07:43 - 2012-06-21 12:05 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-31 07:43 - 2012-06-14 02:02 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\DarksporeData
2014-05-31 07:43 - 2012-04-19 14:45 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Mount&Blade Warband
2014-05-31 07:43 - 2012-03-23 04:05 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-31 07:43 - 2012-02-17 02:45 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-05-31 07:43 - 2012-02-02 04:09 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Mount&Blade
2014-05-31 07:43 - 2012-02-02 03:47 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\BitTorrent
2014-05-31 07:43 - 2012-02-02 03:13 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Mount&Blade With Fire and Sword
2014-05-31 07:43 - 2012-02-01 00:44 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
2014-05-31 07:43 - 2012-01-30 11:51 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Applian FLV and Media Player
2014-05-31 07:43 - 2012-01-28 01:27 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Veoh Networks, Inc
2014-05-31 07:43 - 2012-01-23 01:09 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\NationRed
2014-05-31 07:43 - 2012-01-12 01:19 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Beat Hazard
2014-05-31 07:43 - 2012-01-08 01:57 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\MoreTerra
2014-05-31 07:43 - 2012-01-03 02:42 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Bioshock2
2014-05-31 07:43 - 2012-01-02 02:03 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gateway Photo Frame
2014-05-31 07:43 - 2012-01-02 01:59 - 00000000 ___RD () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-31 07:43 - 2012-01-02 01:59 - 00000000 ___RD () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-31 07:43 - 2012-01-02 01:56 - 00000000 ___RD () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-31 07:43 - 2012-01-02 01:56 - 00000000 ___RD () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-31 07:43 - 2010-04-12 05:28 - 00000000 ___HD () C:\OEM
2014-05-31 07:42 - 2012-06-20 05:52 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\.minecraft
2014-05-31 07:42 - 2010-04-12 05:12 - 00000000 ____D () C:\ProgramData\OEM
2014-05-31 07:40 - 2014-05-31 07:40 - 00000000 ____D () C:\Users\Jason.Jason-PC\AppData\Local\VirtualStore
2014-05-31 07:40 - 2012-01-02 01:56 - 00000413 _____ () C:\Windows\system32\oem_Get_OS_Language.log
2014-05-31 07:39 - 2014-05-31 07:39 - 00000020 ___SH () C:\Users\Jason.Jason-PC\ntuser.ini
2014-05-31 07:39 - 2012-01-02 01:56 - 00000000 ____D () C:\Recovery
2014-05-31 07:39 - 2010-04-12 05:31 - 00000000 ____D () C:\Windows\Panther
2014-05-31 07:39 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-05-31 07:38 - 2014-05-03 18:09 - 00000000 ____D () C:\Users\Jason\AppData\Local\Windforge
2014-05-31 07:38 - 2014-03-24 09:08 - 00000000 ____D () C:\Users\Jason\AppData\Local\{7148F0A6-6813-11D6-A77B-00B0D0142020}
2014-05-31 07:38 - 2013-03-25 19:18 - 00000000 ____D () C:\Users\Jason\AppData\Local\Warframe
2014-05-31 07:38 - 2012-06-04 20:30 - 00000000 ____D () C:\Users\Jason\AppData\Local\Windows Live
2014-05-31 07:37 - 2013-01-20 23:01 - 00000000 ____D () C:\Users\Jason\AppData\Local\Ubisoft Game Launcher
2014-05-31 07:37 - 2012-07-18 00:03 - 00000000 ____D () C:\Users\Jason\AppData\Local\Skyrim
2014-05-31 07:25 - 2012-11-20 02:22 - 00000000 ____D () C:\Users\Jason\AppData\Local\Microsoft Help
2014-05-31 07:25 - 2012-04-19 03:21 - 00000000 ____D () C:\Users\Jason\AppData\Local\PAYDAY
2014-05-31 07:25 - 2012-01-08 13:04 - 00000000 ____D () C:\Users\Jason\AppData\Local\PMB Files
2014-05-31 07:25 - 2012-01-08 07:51 - 00000000 ____D () C:\Users\Jason\AppData\Local\SecondLife
2014-05-31 07:17 - 2014-04-26 11:21 - 00000000 ____D () C:\Users\Jason\AppData\Local\Hero_Siege
2014-05-31 07:17 - 2013-04-03 01:41 - 00000000 ____D () C:\Users\Jason\AppData\Local\ManyCam
2014-05-31 07:13 - 2014-05-23 16:26 - 00000000 ____D () C:\Users\Jason\AppData\Local\Game Dev Tycoon - Steam
2014-05-31 07:13 - 2013-05-24 21:12 - 00000000 ____D () C:\Users\Jason\AppData\Local\Defiance
2014-05-31 07:13 - 2013-04-04 11:35 - 00000000 ____D () C:\Users\Jason\AppData\Local\dof
2014-05-31 07:13 - 2012-01-08 13:32 - 00000000 ____D () C:\Users\Jason\AppData\Local\FalloutNV
2014-05-31 07:13 - 2012-01-03 02:34 - 00000000 ____D () C:\Users\Jason\AppData\Local\eSupport.com
2014-05-31 07:05 - 2012-02-11 01:02 - 00000000 ____D () C:\Users\Jason\AppData\Local\DDMSettings
2014-05-31 07:03 - 2014-05-07 23:09 - 00000000 ____D () C:\Users\Jason\AppData\Local\Battle.net
2014-05-31 07:03 - 2012-07-12 12:02 - 00000000 ____D () C:\Users\Jason\AppData\Local\ArmA 2 OA
2014-05-31 07:01 - 2014-05-31 06:56 - 00000000 ____D () C:\Backup
2014-05-31 07:01 - 2012-10-03 09:23 - 00000000 ____D () C:\Users\Jason\.towns
2014-05-31 07:01 - 2012-06-16 00:05 - 00000000 ____D () C:\Users\Jason\AppData\Local\adaware
2014-05-30 23:44 - 2012-01-28 01:27 - 00000000 ____D () C:\Program Files (x86)\Giraffic
2014-05-30 22:49 - 2014-05-30 22:47 - 80787865 _____ () C:\Users\Jason\Downloads\Species 0.6.1 (Alpha).zip
2014-05-30 22:46 - 2014-05-30 22:46 - 07671808 _____ () C:\Users\Jason\Downloads\xnafx31_redist.msi
2014-05-30 10:25 - 2012-01-28 01:27 - 00000000 ____D () C:\ProgramData\Giraffic
2014-05-29 16:25 - 2014-05-07 23:08 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-21 23:47 - 2014-05-21 23:47 - 00000000 ____D () C:\Users\Jason.Jason-PC\Documents\Egosoft
2014-05-21 21:37 - 2012-09-17 19:14 - 00000000 ____D () C:\Users\Jason\AppData\Local\Logitech
2014-05-21 21:28 - 2014-05-21 21:28 - 00000000 ____D () C:\Program Files\Logitech
2014-05-21 21:28 - 2014-05-21 21:28 - 00000000 ____D () C:\Program Files\Common Files\Logitech
2014-05-21 21:26 - 2014-05-21 21:26 - 17276616 _____ (Logitech ) C:\Users\Jason\Downloads\lgs510_x64.exe
2014-05-20 17:54 - 2014-05-20 17:54 - 01192831 _____ () C:\Windows\unins002.exe
2014-05-20 17:54 - 2014-05-20 17:54 - 00010733 _____ () C:\Windows\unins002.dat
2014-05-20 17:53 - 2014-05-20 17:53 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Corsair Software
2014-05-20 17:52 - 2014-05-20 17:50 - 32059221 _____ () C:\Users\Jason\Downloads\M95-setup-091913.zip
2014-05-20 17:33 - 2014-05-20 17:33 - 00000000 ____D () C:\found.002
2014-05-20 17:02 - 2014-05-20 17:02 - 01192831 _____ () C:\Windows\unins000.exe
2014-05-20 17:02 - 2014-05-20 16:52 - 00027407 _____ () C:\Windows\unins000.dat
2014-05-20 16:51 - 2014-05-20 16:51 - 00984323 _____ () C:\Users\Jason\Downloads\M90110211v108.zip
2014-05-20 16:36 - 2014-05-20 16:36 - 32175200 _____ () C:\Users\Jason\Downloads\M90-setup-060513.zip
2014-05-14 13:27 - 2012-05-23 02:38 - 00000000 ____D () C:\Program Files (x86)\Diablo III
 
ZeroAccess:
C:\Users\Jason\AppData\Local\{0b540225-06af-1c3a-8bf9-dc8c69300ac6}
 
Some content of TEMP:
====================
C:\Users\Jason.Jason-PC\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-08 16:30
 
==================== End Of Log ============================

 

Attached Files


Edited by Jsag, 13 June 2014 - 06:24 PM.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,523 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:01 PM

Posted 14 June 2014 - 08:46 AM

--RogueKiller--
  • Download & SAVE to your Desktop For 32bit system or For 64bit system
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
=======


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

SearchScopes: HKLM-x32 - DefaultScope value is missing.
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
C:\Users\Jason\AppData\Local\{0b540225-06af-1c3a-8bf9-dc8c69300ac6}

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

C:\Users\Jason\AppData\Local\{0b540225-06af-1c3a-8bf9-dc8c69300ac6}

---

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Let me know if the problem persists.

#5 Jsag

Jsag
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:01 PM

Posted 14 June 2014 - 06:12 PM

Still getting the popups.
 
 
 

RogueKiller V9.0.2.0 (x64) [Jun  3 2014] by Adlice Software
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Jason [Admin rights]
Mode : Remove -- Date : 06/14/2014  19:09:12
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 0 ¤¤¤
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ HOSTS File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1       localhost
 
¤¤¤ Antirootkit : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EADS-22M2B0 SCSI Disk Device +++++
--- User ---
[MBR] aaceaa56fd9046a049e6a42cade6feb8
[BSP] acb8ae6d0d26393b5abff5341c75f28d : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 16000 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 32770048 | Size: 100 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 32974848 | Size: 937703 MB
User = LL1 ... OK
Error reading LL2 MBR! ([1] Incorrect function. )
 
+++++ PhysicalDrive1: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
 
+++++ PhysicalDrive2: Generic- xD-Picture USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
 
+++++ PhysicalDrive3: Generic- SD/MMC USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
 
+++++ PhysicalDrive4: Generic- MS/MS-Pro/HG USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
 
+++++ PhysicalDrive5: Generic- MicroSD USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
 
 
============================================
RKreport_DEL_06102014_131841.log - RKreport_DEL_06142014_183037.log - RKreport_SCN_06102014_125423.log - RKreport_SCN_06102014_131318.log
RKreport_SCN_06142014_182927.log - RKreport_SCN_06142014_190649.log
 
 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-06-2014 02
Ran by Jason at 2014-06-14 18:33:49 Run:1
Running from C:\Users\Jason.Jason-PC\Desktop\frt
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
C:\Users\Jason\AppData\Local\{0b540225-06af-1c3a-8bf9-dc8c69300ac6}
 
End
*****************
 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
catchme => Service deleted successfully.
C:\Users\Jason\AppData\Local\{0b540225-06af-1c3a-8bf9-dc8c69300ac6} => Moved successfully.
 
==== End of Fixlog ====
 

 Results of screen317's Security Check version 0.99.84  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Microsoft Security Essentials   
Ad-Aware Antivirus              
 Antivirus out of date! (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 60  
 Adobe Flash Player 14.0.0.125  
 Google Chrome 35.0.1916.114  
 Google Chrome 35.0.1916.153  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.2.5952.0\AdAwareService.exe 
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.2.5952.0\AdAwareTray.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 
 


#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,523 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:01 PM

Posted 15 June 2014 - 07:07 AM

Your router may have been compromised.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

How to Secure Your Wireless Router
http://www.ehow.com/how_2253625_secure-wireless-router.html


How To Set Up a Network Router
http://compnetworking.about.com/od/homenetworking/ht/routerconfigure.htm
===

If that fails continue.

Please scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
    Save it to your Desktop.
  • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology

  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • [/LIST


#7 Jsag

Jsag
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:01 PM

Posted 16 June 2014 - 07:07 AM

So far, I, nor the other computer on the network, have not gotten a single pop-up since I reset the router to factory defaults..

 

 

C:\$RECYCLE.BIN\S-1-5-21-3021804043-2976222400-1849095238-1000\$RDKI956.exe a variant of Win32/AdWare.iBryte.AL application cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-3021804043-2976222400-1849095238-1000\$RPKNBYJ.exe Win32/Toolbar.Montiera.B potentially unwanted application deleted - quarantined
C:\$RECYCLE.BIN\S-1-5-21-3021804043-2976222400-1849095238-1000\$RPQLIY4.exe a variant of Win32/AdWare.iBryte.AL application cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-3021804043-2976222400-1849095238-1000\$RPVVBNQ.exe Win32/Toolbar.Montiera.B potentially unwanted application deleted - quarantined
C:\$RECYCLE.BIN\S-1-5-21-3021804043-2976222400-1849095238-1000\$RU8MVO2.exe Win32/AdWare.iBryte.AL application cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-3021804043-2976222400-1849095238-1000\$RUOFP3A.exe a variant of Win32/AdWare.iBryte.AE application cleaned by deleting - quarantined
C:\Backup\Jason\Documents\APNSetup.exe a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Cheat Engine 6.1\cheatengine-i386.exe a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Cheat Engine 6.2\cheatengine-i386.exe a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Cheat Engine 6.2\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\ConduitInstaller_veoh.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\OCSetupHlp.dll Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\Jason\Downloads\rcsetup148.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\Jason.Jason-PC\Downloads\adwcleaner-3-210-en.exe Win32/InstallCore.PD potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI2658.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\Windows\Installer\MSI7458.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined


#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,523 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:01 PM

Posted 16 June 2014 - 08:04 AM

Looking good.

If all is well:

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful add-ons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===

#9 nasdaq

nasdaq

  • Malware Response Team
  • 39,523 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:01 PM

Posted 22 June 2014 - 07:52 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users