Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need Help Fully Cleaning Computer


  • This topic is locked This topic is locked
6 replies to this topic

#1 Danny50

Danny50

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:39 AM

Posted 10 June 2014 - 07:10 PM

Hello. Recently, my computer has been very slow and unresponsive. I download a lot of garbage on it, and I have gone through and deleted some stuff. Despite this, I am still worried about the state of my computer. I would like to completely clean it of all malware, adware, etc. that may be affecting it.

 

One thing I know for sure might be causing problems is an extension I have on Google Chrome called "Removetheadapp", which is apparently some sort of virus.

 

Here are the logs, though:

 

DDS:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.51.2
Run by Daniel at 20:01:08 on 2014-06-10
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4044.1978 [GMT -4:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\EscSvc64.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\spool\drivers\x64\3\E_YATIIVE.EXE
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\x64\3\E_YATIIVE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-2530 Series"
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
StartupFolder: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rIGoK.exe
uPolicies-Explorer: TaskbarNoNotification = dword:1
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{750A0779-6D7A-462A-A5F5-7612BAE70AAB} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{750A0779-6D7A-462A-A5F5-7612BAE70AAB}\75F4751263430353 : DHCPNameServer = 64.233.217.2 64.233.217.3
TCP: Interfaces\{750A0779-6D7A-462A-A5F5-7612BAE70AAB}\A4F6379666F637B696 : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{750A0779-6D7A-462A-A5F5-7612BAE70AAB}\E4544574541425 : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-mStart Page = hxxp://www.google.com
x64-BHO: RemoveTheAdApp: {421880D1-C9DD-F61E-F9CE-2A0023FE4AD3} - LocalServer32 - <no file>
x64-BHO: grrEatsaver: {4FE1DEA1-C985-3F90-679F-8D5FE64CA0B3} - LocalServer32 - <no file>
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll
x64-BHO: YoutubeAdblocker: {AAE426F7-6264-E09A-F641-6931B2F2B2E4} - LocalServer32 - <no file>
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {6032497A-4479-462B-ADB8-A0A372BB9A23} - msiexec /fu {6032497A-4479-462B-ADB8-A0A372BB9A23} /qn
.
============= SERVICES / DRIVERS ===============
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2012-5-10 608864]
R2 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2014-1-25 135824]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-8-26 260424]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-8-10 197536]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-1-17 13592]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-1-17 2424424]
R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-5-30 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-5-30 860472]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-1-17 2656280]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2014-3-2 169752]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-3-2 342528]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-5-30 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-5-30 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-5-30 63704]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2012-1-17 1145448]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-1-11 49152]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-8 111616]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-1-17 339048]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-17 539240]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-6-1 1255736]
.
=============== Created Last 30 ================
.
2014-06-10 23:49:50 -------- d-sh--w- C:\$RECYCLE.BIN
2014-06-10 23:43:08 98816 ----a-w- C:\Windows\sed.exe
2014-06-10 23:43:08 256000 ----a-w- C:\Windows\PEV.exe
2014-06-10 23:43:08 208896 ----a-w- C:\Windows\MBR.exe
2014-06-10 23:42:49 -------- d-s---w- C:\ComboFix
2014-06-10 23:19:58 -------- d-----w- C:\zoek_backup
2014-06-10 23:07:14 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-06-10 23:06:22 -------- d-----w- C:\AdwCleaner
2014-06-10 22:47:27 -------- d-sh--w- C:\Users\Daniel\AppData\Local\EmieUserList
2014-06-10 22:47:27 -------- d-sh--w- C:\Users\Daniel\AppData\Local\EmieSiteList
2014-06-10 22:02:41 10702536 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8591A499-00A9-4D68-AAC0-B4E0D84E18A4}\mpengine.dll
2014-06-05 11:15:21 -------- d-s---w- C:\Windows\System32\CompatTel
2014-06-04 18:14:05 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-06-04 18:14:05 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-06-04 18:14:04 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-06-04 18:14:03 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-06-02 12:13:53 0 ----a-w- C:\Windows\SysWow64\shoA818.tmp
2014-06-01 00:49:59 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-06-01 00:49:59 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-06-01 00:30:16 0 ----a-w- C:\Windows\SysWow64\sho6C14.tmp
2014-05-31 18:55:11 -------- d-----w- C:\Windows\Migration
2014-05-31 17:27:28 -------- d-----w- C:\Windows\System32\MRT
2014-05-31 10:09:46 736952 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2014-05-31 10:09:25 2876528 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2014-05-31 10:08:53 42168 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2014-05-31 10:08:50 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-05-31 01:37:00 335360 ----a-w- C:\Windows\System32\msieftp.dll
2014-05-31 01:37:00 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2014-05-31 01:36:46 224256 ----a-w- C:\Windows\System32\wintrust.dll
2014-05-31 01:36:45 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2014-05-31 01:36:09 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2014-05-31 01:36:09 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2014-05-31 01:36:08 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-05-31 01:36:06 633856 ----a-w- C:\Windows\System32\comctl32.dll
2014-05-31 01:36:05 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2014-05-31 01:35:53 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2014-05-31 01:35:52 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2014-05-31 01:35:52 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2014-05-31 01:35:52 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2014-05-31 01:35:52 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2014-05-31 01:35:52 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2014-05-31 01:35:31 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-31 01:35:31 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-31 01:34:33 484864 ----a-w- C:\Windows\System32\wer.dll
2014-05-31 01:34:33 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-05-31 01:34:29 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2014-05-31 01:33:40 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2014-05-31 01:33:40 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2014-05-31 01:33:28 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-05-31 01:33:28 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-05-31 01:31:33 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-05-31 01:31:32 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-05-31 01:31:32 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-05-31 01:31:32 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-05-31 01:29:52 41472 ----a-w- C:\Windows\System32\lpk.dll
2014-05-31 01:28:59 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll
2014-05-31 01:27:09 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-05-31 01:27:09 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-05-31 01:27:08 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-05-31 01:27:08 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-05-31 01:27:03 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-05-31 01:27:02 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-05-31 01:26:33 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2014-05-31 01:26:33 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
2014-05-31 01:26:32 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2014-05-31 01:26:31 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll
2014-05-31 01:26:31 2048 ----a-w- C:\Windows\System32\iologmsg.dll
2014-05-31 01:04:49 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2014-05-31 01:04:49 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2014-05-31 01:04:47 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2014-05-31 01:04:47 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2014-05-31 01:04:47 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2014-05-31 01:04:47 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2014-05-31 01:04:46 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2014-05-31 01:04:44 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2014-05-30 21:59:49 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-30 21:59:33 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-30 21:59:33 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-30 21:59:33 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-30 21:59:33 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-30 21:43:28 -------- d-----w- C:\Program Files\CCleaner
2014-05-17 20:38:55 -------- d-----w- C:\Users\Daniel\AppData\Local\MEpochLauncher
2014-05-17 20:38:55 -------- d-----w- C:\mods
2014-05-16 12:56:24 1619632 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\OGL.DLL
.
==================== Find3M  ====================
.
2014-05-14 20:25:24 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 20:25:24 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-12 14:28:05 0 ----a-w- C:\Windows\SysWow64\sho4508.tmp
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-01 02:46:48 130712 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2014-04-01 02:46:48 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-03-31 13:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-03-27 02:04:39 0 ----a-w- C:\Windows\SysWow64\shoD9A7.tmp
2014-01-15 02:39:04 3041792 ----a-w- C:\Program Files (x86)\GS.Enabler
2014-01-15 02:39:04 2759168 ----a-w- C:\Program Files (x86)\GS_x64.Enabler
.
============= FINISH: 20:03:18.84 ===============
 
 
ATTACH:
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 5/30/2013 11:04:32 PM
System Uptime: 6/10/2014 7:48:35 PM (1 hours ago)
.
Motherboard: Hewlett-Packard |  | 1695
Processor: Intel® Core™ i3-2350M CPU @ 2.30GHz | CPU1 | 782/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 441 GiB total, 286.602 GiB free.
D: is FIXED (NTFS) - 21 GiB total, 2.246 GiB free.
E: is FIXED (FAT32) - 4 GiB total, 1.074 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek PCIe FE Family Controller
Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_1695103C&REV_05\4&1ED16DDE&0&00E4
Manufacturer: Realtek
Name: Realtek PCIe FE Family Controller
PNP Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_1695103C&REV_05\4&1ED16DDE&0&00E4
Service: RTL8167
.
==== System Restore Points ===================
.
RP127: 6/1/2014 7:00:16 PM - Windows Backup
RP134: 6/2/2014 12:08:55 PM - Removed Delta Force Xtreme 2
RP128: 6/2/2014 2:39:55 PM - Windows Update
RP129: 6/4/2014 1:03:29 PM - Windows Update
RP131: 6/5/2014 4:22:50 PM - Windows Modules Installer
RP132: 6/5/2014 4:25:40 PM - Windows Modules Installer
RP133: 6/6/2014 8:11:49 PM - Removed Ventrilo Client
RP135: 6/8/2014 1:00:24 PM - Windows Update
RP136: 6/8/2014 7:00:21 PM - Windows Backup
RP137: 6/10/2014 7:21:58 PM - zoek.exe restore point
RP138: 6/10/2014 7:28:03 PM - Removed Microsoft .NET Framework 1.1
RP139: 6/10/2014 7:30:59 PM - Windows Live Essentials
RP140: 6/10/2014 7:31:46 PM - WLSetup
RP141: 6/10/2014 7:46:15 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader X (10.1.0) MUI
Adobe Shockwave Player 12.1
Arma 2
Arma 2: Operation Arrowhead
Arma 2: Operation Arrowhead Beta
Arma 3
Arma: Cold War Assault
AuthenTec TrueAPI
BitTorrent
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Counter-Strike
Counter-Strike: Condition Zero
Counter-Strike: Global Offensive
Counter-Strike: Source
DayZ Commander
Download Navigator
EPSON Connect version 1.0
Epson Customer Participation
Epson Event Manager
Epson FAX Utility
EPSON Scan
EPSON WF-2530 Series Printer Uninstall
EpsonNet Print
ESU for Microsoft Windows 7 SP1
Fraps (remove only)
Garry's Mod
Google Chrome
Google Update Helper
Hewlett-Packard ACLM.NET v1.2.1.1
HP Application Assistant
HP Auto
HP Client Services
HP Customer Experience Enhancements
HP Documentation
HP Games
HP Launch Box
HP On Screen Display
HP Power Manager
HP Product Detection
HP Quick Launch
HP QuickWeb
HP Recovery Manager
HP Security Assistant
HP Setup
HP Setup Manager
HP SimplePass PE 2012
HP Software Framework
HP Support Assistant
IDT Audio
Intel® Control Center
Intel® Identity Protection Technology 1.1.2.0
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® SDK for OpenCL - CPU Only Runtime Package
Java 7 Update 51
Java Auto Updater
League of Legends
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 4.5.1
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Click-to-Run 2010
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Starter 2010 - English
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 3.1
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA PhysX
opensource
PlayReady PC Runtime x86
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
REALTEK Wireless LAN Driver
RuneScape Launcher 1.2.3
Rust
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2878236) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition 
Security Update for Microsoft Office Word 2007 (KB2878237) 32-Bit Edition 
Steam
swMSM
TeamSpeak 3 Client
Ubisoft Game Launcher
Unity
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VIP Access SDK (1.0.1.2) 
Windows Live Mesh ActiveX Control for Remote Connections
WinRAR 4.20 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
6/9/2014 8:56:49 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000050 (0xfffffa8181590450, 0x0000000000000000, 0xfffff80002cfbea5, 0x0000000000000005). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 060914-21996-01.
6/9/2014 7:29:05 PM, Error: Service Control Manager [7031]  - The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/9/2014 4:01:50 PM, Error: Service Control Manager [7043]  - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
6/9/2014 4:01:33 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HomeGroupListener service.
6/8/2014 8:14:48 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Biometric Service service to connect.
6/8/2014 8:14:48 AM, Error: Service Control Manager [7000]  - The Windows Biometric Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
6/5/2014 7:24:45 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 10 for Windows 7 for x64-based Systems (KB2953522).
6/5/2014 7:24:45 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 10 for Windows 7 for x64-based Systems (KB2909210).
6/5/2014 7:24:45 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2936068).
6/5/2014 7:24:45 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2925418).
6/5/2014 4:23:13 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.
6/3/2014 4:15:42 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2929755).
6/3/2014 4:15:42 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2862152).
6/3/2014 4:15:42 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2835361).
6/3/2014 4:15:42 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2834886).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2928562).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2913431).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2908783).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2888049).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2882822).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2868116).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2846960).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2836943).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2929961).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2922229).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2912390).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2892074).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2876331).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2876284).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2875783).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2871997).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2868626).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2868623).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2864202).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2862973).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2861855).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2835364).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2803821).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2911501).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2861191).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2832414).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2925418).
6/3/2014 4:15:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB2900986).
6/3/2014 3:36:57 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
.
==== End Of File ===========================
 
 
 
 
Thank you in advance for any help!

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:39 AM

Posted 13 June 2014 - 09:25 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

--RogueKiller--
  • Download & SAVE to your Desktop For 32bit system or For 64bit system
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
=======

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#3 Danny50

Danny50
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:39 AM

Posted 13 June 2014 - 01:54 PM

RogueKiller V9.0.2.0 (x64) [Jun  3 2014] by Adlice Software
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Daniel [Admin rights]
Mode : Remove -- Date : 06/13/2014  14:39:46
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 20 ¤¤¤
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1  -> NOT SELECTED
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1  -> NOT SELECTED
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-1964121988-1201492864-1587720841-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1  -> NOT SELECTED
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-1964121988-1201492864-1587720841-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1  -> NOT SELECTED
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1  -> NOT SELECTED
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1  -> NOT SELECTED
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:13828  -> NOT SELECTED
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:13828  -> NOT SELECTED
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:13828  -> NOT SELECTED
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:13828  -> NOT SELECTED
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-1964121988-1201492864-1587720841-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | disableregistrytools : 0  -> NOT SELECTED
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-1964121988-1201492864-1587720841-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | disableregistrytools : 0  -> NOT SELECTED
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0  -> NOT SELECTED
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0  -> NOT SELECTED
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0  -> NOT SELECTED
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0  -> NOT SELECTED
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1964121988-1201492864-1587720841-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRun : 0  -> NOT SELECTED
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1964121988-1201492864-1587720841-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRun : 0  -> NOT SELECTED
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> NOT SELECTED
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> NOT SELECTED
 
¤¤¤ Scheduled tasks : 5 ¤¤¤
[Suspicious.Path] \\GC_Informer -- "%LOCALAPPDATA%\GCC\Controller.exe" (--Informer) -> DELETED
[Suspicious.Path] \\GC_Scheduler -- "%LOCALAPPDATA%\GCC\Controller.exe" -> DELETED
[Suspicious.Path] \\TidyNetwork Update -- C:\Users\Daniel\AppData\Local\TidyNetwork\petnupdate.exe (CID=Amonetize5 Name=TidyNetwork NAME="TidyNetwork" AUTOGUID={8BB6D0B0-B8B0-3850-FDF4-90893220C4C1}) -> DELETED
[Suspicious.Path] \\{ACA6DF73-62E1-4622-A31F-248C781C0370} -- C:\Windows\system32\pcalua.exe (-a C:\Users\Daniel\Downloads\sa-mp-0.3a-install.exe -d C:\Users\Daniel\Downloads) -> DELETED
[Suspicious.Path] \Microsoft\Windows\Maintenance\UP_Scheduler -- "%LOCALAPPDATA%\GCC\Controller.exe" (--Update) -> DELETED
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ HOSTS File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 api.crashtastic.com 
 
¤¤¤ Antirootkit : 0 ¤¤¤
 
¤¤¤ Web browsers : 17 ¤¤¤
[FIREFX:Addon] co9zkuzl.default : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> DELETED
[FIREFX:Addon] co9zkuzl.default : SNT [035jh14@sow-nqs.com] -> DELETED
[FIREFX:Addon] co9zkuzl.default : SearchNewTab [b5yvvff@ahuoa-ueee.net] -> DELETED
[FIREFX:Addon] co9zkuzl.default : greatSavoer [gbkdpieikd@hj-gg.org] -> DELETED
[FIREFX:Addon] co9zkuzl.default : YoutubeAdblocker [i.eomqk@aoizyldh.net] -> DELETED
[FIREFX:Addon] co9zkuzl.default : DownLoad Keeeper [opvamlseyn@sjfxcosvc.co.uk] -> DELETED
[FIREFX:Addon] co9zkuzl.default : Download keeper [yuaeo@qkdyii.com] -> DELETED
[FIREFX:Addon] co9zkuzl.default : HP Detect [{ab91efd4-6975-4081-8552-1b3922ed79e2}] -> DELETED
[FIREFX:Addon] co9zkuzl.default : RemoveTheAdApp [oa0svl@lameaarwl.com] -> DELETED
[FIREFX:Addon] co9zkuzl.default : Applon Support [jid1-RYwhP9dQdGfXkQ@jetpack] -> DELETED
[FIREFX:Addon] co9zkuzl.default : ExstrAiSavings [rieea@xrsc-.co.uk] -> DELETED
[FIREFX:Addon] co9zkuzl.default : COupEExtension [om-ro4eue@bxrzaam.co.uk] -> DELETED
[CHROME:Addon] Default : AdBlock [gighmmpiobklfepjocnamgkkbiglidom] -> DELETED
[CHROME:Addon] Default : YouTube Customizer (by Adblock Plus) [gmddkphkkipkepkllomhcbooojhhhcpa] -> ERROR [2]
[CHROME:Addon] Default : Don't Starve [hiledapehlkhdehbhppgmekfalnlfajc] -> ERROR [2]
[CHROME:Addon] Default : RemoveTheAdApp [kloooljbedpkkieegddhijmganmkkgkn] -> ERROR [2]
[CHROME:Addon] Default : Google Wallet [nmmhkkegccagdldgiimedpiccmgmieda] -> ERROR [2]
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547550A9E384 +++++
--- User ---
[MBR] 1025064fea93cb60678244dbac03055a
[BSP] f14c94c0966b95c562524789f0c80f95 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 451371 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 924817408 | Size: 21305 MB
3 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 968450048 | Size: 4063 MB
User = LL1 ... OK
User != LL2 ... KO!
--- LL2 ---
[MBR] dd4267478cedffe255db12ab87dc707a
[BSP] f14c94c0966b95c562524789f0c80f95 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 77824 MB
1 - [XXXXXX] FAT16 (0x6) [VISIBLE] Offset (sectors): 159793152 | Size: 4000 MB
2 - [ACTIVE] FAT16 (0x6) [VISIBLE] Offset (sectors): 167985152 | Size: 2000 MB
3 - [XXXXXX] FAT16 (0x6) [VISIBLE] Offset (sectors): 172081152 | Size: 20000 MB
 
 
============================================
RKreport_SCN_06132014_143632.log
 
 
# AdwCleaner v3.212 - Report created 13/06/2014 at 14:43:37
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Daniel - DANIEL-HP
# Running from : C:\Users\Daniel\Downloads\adwcleaner_3.212.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
-\\ Mozilla Firefox v
 
[ File : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\co9zkuzl.default\prefs.js ]
 
 
-\\ Google Chrome v32.0.1700.102
 
*************************
 
AdwCleaner[R0].txt - [12810 octets] - [10/06/2014 19:06:24]
AdwCleaner[R1].txt - [1415 octets] - [13/06/2014 14:41:50]
AdwCleaner[S0].txt - [12719 octets] - [10/06/2014 19:07:31]
AdwCleaner[S1].txt - [1267 octets] - [13/06/2014 14:43:37]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1327 octets] ##########
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2014 02
Ran by Daniel at 2014-06-13 14:49:02
Running from C:\Users\Daniel\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Arma 2 (HKLM-x32\...\Steam App 33900) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version:  - )
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version:  - Bohemia Interactive)
AuthenTec TrueAPI (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.1.31141 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DayZ Commander (HKLM-x32\...\{99C28455-E285-4639-B4C6-9F747C0C3D4C}) (Version: 0.92.90 - Dotjosh Studios)
Download Navigator (HKLM-x32\...\{3A3A3B34-6EA2-4031-8580-D66D29533E89}) (Version: 3.4.0 - SEIKO EPSON CORPORATION)
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.30.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WF-2530 Series Printer Uninstall (HKLM\...\EPSON WF-2530 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Application Assistant (HKLM\...\{6032497A-4479-462B-ADB8-A0A372BB9A23}) (Version: 1.0.409.3882 - Hewlett-Packard)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{3D5C7E0E-AEC0-40EB-99D3-C40469738040}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{9CAB2212-0732-4827-8EC4-61D8EF0AA65B}) (Version: 1.0.11 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (HKLM\...\{562608FE-2051-4488-BF22-8CE4C03046AC}) (Version: 1.0.12 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP SimplePass PE 2012 (HKLM-x32\...\{423FBEB8-21C6-4720-A8DA-B19B06FDB607}) (Version: 5.3.1.7 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{962CB079-85E6-405F-8704-1C62365AE46F}) (Version: 4.5.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3223 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.84 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
VIP Access SDK (1.0.1.2)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.2 - Symantec Inc.)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
 
==================== Restore Points  =========================
 
01-06-2014 23:00:16 Windows Backup
02-06-2014 16:08:55 Removed Delta Force Xtreme 2
02-06-2014 18:39:55 Windows Update
04-06-2014 17:03:29 Windows Update
05-06-2014 20:22:50 Windows Modules Installer
05-06-2014 20:25:40 Windows Modules Installer
07-06-2014 00:11:49 Removed Ventrilo Client
08-06-2014 17:00:24 Windows Update
08-06-2014 23:00:21 Windows Backup
10-06-2014 23:21:58 zoek.exe restore point
10-06-2014 23:28:03 Removed Microsoft .NET Framework 1.1
10-06-2014 23:30:59 Windows Live Essentials
10-06-2014 23:31:46 WLSetup
10-06-2014 23:46:15 Windows Update
13-06-2014 18:19:25 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2013-12-14 00:50 - 00000856 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 api.crashtastic.com 
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {04C61470-C1A8-405A-AEE7-16B037C8C364} - \BrowserDefendert No Task File <==== ATTENTION
Task: {0B7FDDDC-AF90-4822-B705-EEC89D5BCE4F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-31] (Google Inc.)
Task: {3FA5D081-3061-4B20-BEDE-A1810FADCEEC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {57BAE21B-FFDE-43F2-BDDD-9B209AE25979} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {5D679BC1-6B86-47D6-A258-1580EEB7A37C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {793DC0AA-4CF7-45AE-8A55-097FD76F66CD} - System32\Tasks\HPCeeScheduleForDaniel => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {7EB08B16-A6E2-44FA-831D-3D96B8394CD6} - System32\Tasks\{8B1D06C1-6932-41B9-B455-48613BED62F6} => Iexplore.exe http://ui.skype.com/ui/0/5.5.0.117.324/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {9C93B431-9A67-4640-B3D3-21105EB6B522} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {A89B98D7-1B2F-4B69-8860-929835D65BF5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)
Task: {AC41A125-36AA-4011-8048-09CFAC8A5029} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {C692E696-7D68-4B7D-8249-03CB3BCB3CB8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {D03A10C0-CC7B-44D7-B132-EBBD82110E68} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {F82F89DC-B3C5-42D6-B8F2-45F23B21E7C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-31] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EasyUpdate-S-5737674165.job => c:\programdata\quickset\easyupdate\EasyUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDaniel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-08-21 22:47 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2013-08-21 22:47 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2011-08-09 11:44 - 2011-08-09 11:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-21 17:53 - 2014-04-29 20:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-05-02 23:34 - 2014-04-29 20:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-21 17:53 - 2014-04-29 20:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-05-02 23:34 - 2014-04-29 20:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-05-02 23:34 - 2014-05-16 21:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-21 17:53 - 2014-05-29 13:37 - 02139840 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-21 17:53 - 2014-04-28 20:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2014-05-02 23:34 - 2014-05-29 13:36 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-05-02 23:34 - 2014-05-01 19:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-05-02 23:34 - 2013-06-14 19:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2014-05-02 23:34 - 2013-06-14 19:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2014-05-02 23:34 - 2013-06-14 19:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2009-07-13 17:03 - 2009-07-13 21:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2014-06-05 07:33 - 2014-06-05 07:33 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\367540c92c2004ff2c6695778fed5dd6\IsdiInterop.ni.dll
2012-01-17 14:45 - 2011-05-20 14:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
 
==================== Faulty Device Manager Devices =============
 
Name: Realtek PCIe FE Family Controller
Description: Realtek PCIe FE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/13/2014 02:45:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/13/2014 02:30:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17041, time stamp: 0x53180888
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xd60
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (06/13/2014 02:25:25 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: A connection with the server could not be established
 
Error: (06/13/2014 02:15:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/10/2014 07:59:18 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: A connection with the server could not be established
 
Error: (06/10/2014 07:49:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/10/2014 07:44:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CF4445.3XE, version: 6.1.7601.17514, time stamp: 0x4ce798e5
Faulting module name: CF4445.3XE, version: 6.1.7601.17514, time stamp: 0x4ce798e5
Exception code: 0xc0000005
Fault offset: 0x00000000000010f9
Faulting process id: 0x15c0
Faulting application start time: 0xCF4445.3XE0
Faulting application path: CF4445.3XE1
Faulting module path: CF4445.3XE2
Report Id: CF4445.3XE3
 
Error: (06/10/2014 07:42:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 0.0.0.0, time stamp: 0x4e06cfe8
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00030fdf
Faulting process id: 0x8e8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (06/10/2014 07:42:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 0.0.0.0, time stamp: 0x4e06cfe8
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00030fdf
Faulting process id: 0xc5c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (06/10/2014 07:42:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 0.0.0.0, time stamp: 0x4e06cfe8
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00030fdf
Faulting process id: 0xd34
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
 
System errors:
=============
Error: (06/10/2014 06:54:03 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:53:01 PM on ‎6/‎10/‎2014 was unexpected.
 
Error: (06/10/2014 04:24:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:23:59 PM on ‎6/‎10/‎2014 was unexpected.
 
Error: (06/09/2014 08:56:49 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000050 (0xfffffa8181590450, 0x0000000000000000, 0xfffff80002cfbea5, 0x0000000000000005)C:\Windows\MEMORY.DMP060914-21996-01
 
Error: (06/09/2014 08:56:40 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:55:14 PM on ‎6/‎9/‎2014 was unexpected.
 
Error: (06/09/2014 07:29:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (06/09/2014 07:19:07 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:18:04 PM on ‎6/‎9/‎2014 was unexpected.
 
Error: (06/09/2014 04:01:50 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
 
Error: (06/09/2014 04:01:33 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HomeGroupListener service.
 
Error: (06/08/2014 08:14:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Biometric Service service failed to start due to the following error: 
%%1053
 
Error: (06/08/2014 08:14:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Biometric Service service to connect.
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Percentage of memory in use: 45%
Total physical RAM: 4043.86 MB
Available physical RAM: 2193.03 MB
Total Pagefile: 8085.9 MB
Available Pagefile: 6281 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:440.79 GB) (Free:285.05 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:20.81 GB) (Free:2.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.07 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6F916D90)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=441 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
 
==================== End Of Log ============================
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
Ran by Daniel (administrator) on DANIEL-HP on 13-06-2014 14:46:23
Running from C:\Users\Daniel\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIVE.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [42808 2011-06-27] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-07] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-12] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1964121988-1201492864-1587720841-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1964121988-1201492864-1587720841-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-1964121988-1201492864-1587720841-1000\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-1964121988-1201492864-1587720841-1000\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1964121988-1201492864-1587720841-1000\...\MountPoints2: {5465ec05-c9b7-11e2-a1b8-806e6f6e6963} - F:\setup.exe
AppInit_DLLs: C:\PROGRA~2\GS_X64~1.ENA => C:\Program Files (x86)\GS_x64.Enabler [2759168 2014-01-14] ()
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rIGoK.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: RemoveTheAdApp - {421880D1-C9DD-F61E-F9CE-2A0023FE4AD3} -  No File
BHO: grrEatsaver - {4FE1DEA1-C985-3F90-679F-8D5FE64CA0B3} -  No File
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll (HP)
BHO: YoutubeAdblocker - {AAE426F7-6264-E09A-F641-6931B2F2B2E4} -  No File
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll (HP)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Hosts: 127.0.0.1 api.crashtastic.com 
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\co9zkuzl.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Daniel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2014-05-03]
 
Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (No Name) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgncjofhnhdhedgidaagmabobbbkdcmk [2014-01-14]
CHR HKCU\...\Chrome\Extension: [abdkniaobnpabjjmlnkhgleeacekgdda] - C:\Users\Daniel\AppData\Local\CRE\abdkniaobnpabjjmlnkhgleeacekgdda.crx [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [abdkniaobnpabjjmlnkhgleeacekgdda] - C:\Users\Daniel\AppData\Local\CRE\abdkniaobnpabjjmlnkhgleeacekgdda.crx [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [bngibkggpllkmjmopgjeebamjnocjdhm] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2259\ch\MediaViewV1alpha2259.crx [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-01-11] () [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
S2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
 
==================== Drivers (Whitelisted) ====================
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-13 14:46 - 2014-06-13 14:47 - 00014227 _____ () C:\Users\Daniel\Downloads\FRST.txt
2014-06-13 14:46 - 2014-06-13 14:46 - 00000000 ____D () C:\FRST
2014-06-13 14:40 - 2014-06-13 14:40 - 00007174 _____ () C:\Users\Daniel\Desktop\RKreport_DEL_06132014_143945.log
2014-06-13 14:23 - 2014-06-13 14:23 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-13 14:21 - 2014-06-13 14:21 - 02081792 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2014-06-13 14:20 - 2014-06-13 14:21 - 01333465 _____ () C:\Users\Daniel\Downloads\adwcleaner_3.212.exe
2014-06-13 14:19 - 2014-06-13 14:19 - 05245952 _____ () C:\Users\Daniel\Downloads\RogueKillerX64.exe
2014-06-10 20:03 - 2014-06-10 20:04 - 00022775 _____ () C:\Users\Daniel\Desktop\dds.txt
2014-06-10 20:03 - 2014-06-10 20:04 - 00019896 _____ () C:\Users\Daniel\Desktop\attach.txt
2014-06-10 20:00 - 2014-06-10 20:00 - 00688992 ____R (Swearware) C:\Users\Daniel\Downloads\dds.com
2014-06-10 19:43 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-10 19:43 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-10 19:43 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-10 19:43 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-10 19:43 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-10 19:43 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-10 19:43 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-10 19:43 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-10 19:42 - 2014-06-10 19:44 - 00000000 ___SD () C:\ComboFix
2014-06-10 19:42 - 2014-06-10 19:42 - 00000000 ____D () C:\Windows\erdnt
2014-06-10 19:42 - 2014-06-10 19:42 - 00000000 ____D () C:\Qoobox
2014-06-10 19:34 - 2014-06-10 19:35 - 05205915 ____R (Swearware) C:\Users\Daniel\Downloads\ComboFix.exe
2014-06-10 19:29 - 2014-06-10 19:29 - 00003216 _____ () C:\Windows\System32\Tasks\{895E4F1D-B0DA-4B0B-9431-E57FF0E3C68F}
2014-06-10 19:21 - 2014-06-10 19:37 - 00081814 _____ () C:\zoek-results.log
2014-06-10 19:20 - 2014-06-10 19:37 - 00000803 _____ () C:\runcheck.txt
2014-06-10 19:20 - 2014-06-10 19:21 - 04095664 _____ () C:\Users\Daniel\Downloads\zoek.zip
2014-06-10 19:19 - 2014-06-10 19:19 - 00000000 ____D () C:\zoek_backup
2014-06-10 19:16 - 2014-06-10 19:16 - 01285120 _____ () C:\Users\Daniel\Downloads\zoek.exe
2014-06-10 19:09 - 2014-06-13 14:44 - 00002216 _____ () C:\Windows\PFRO.log
2014-06-10 19:07 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-10 19:06 - 2014-06-13 14:43 - 00000000 ____D () C:\AdwCleaner
2014-06-10 19:05 - 2014-06-10 19:06 - 01333465 _____ () C:\Users\Daniel\Downloads\AdwCleaner.exe
2014-06-10 18:56 - 2014-06-10 18:56 - 00207880 _____ () C:\Users\Daniel\Documents\cc_20140610_185645.reg
2014-06-10 18:54 - 2014-06-13 14:44 - 00000336 _____ () C:\Windows\setupact.log
2014-06-10 18:54 - 2014-06-10 18:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-10 18:47 - 2014-06-10 18:47 - 00000000 __SHD () C:\Users\Daniel\AppData\Local\EmieUserList
2014-06-10 18:47 - 2014-06-10 18:47 - 00000000 __SHD () C:\Users\Daniel\AppData\Local\EmieSiteList
2014-06-08 13:02 - 2014-03-06 06:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-08 13:02 - 2014-03-06 05:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-08 13:02 - 2014-03-06 05:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-08 13:02 - 2014-03-06 05:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-08 13:02 - 2014-03-06 04:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-08 13:02 - 2014-03-06 04:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-08 13:02 - 2014-03-06 04:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-08 13:02 - 2014-03-06 04:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-08 13:02 - 2014-03-06 04:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-08 13:02 - 2014-03-06 04:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-08 13:02 - 2014-03-06 04:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-08 13:02 - 2014-03-06 04:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-08 13:02 - 2014-03-06 04:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-08 13:02 - 2014-03-06 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-08 13:02 - 2014-03-06 04:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-08 13:02 - 2014-03-06 04:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-08 13:02 - 2014-03-06 04:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-08 13:02 - 2014-03-06 04:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-08 13:02 - 2014-03-06 04:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-08 13:02 - 2014-03-06 04:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-08 13:02 - 2014-03-06 04:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-08 13:02 - 2014-03-06 04:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-08 13:02 - 2014-03-06 03:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-08 13:02 - 2014-03-06 03:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-08 13:02 - 2014-03-06 03:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-08 13:02 - 2014-03-06 03:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-08 13:02 - 2014-03-06 03:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-08 13:02 - 2014-03-06 03:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-08 13:02 - 2014-03-06 03:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-08 13:02 - 2014-03-06 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-08 13:02 - 2014-03-06 03:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-08 13:02 - 2014-03-06 03:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-08 13:02 - 2014-03-06 03:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-08 13:02 - 2014-03-06 03:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-08 13:02 - 2014-03-06 03:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-08 13:02 - 2014-03-06 03:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-08 13:02 - 2014-03-06 03:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-08 13:02 - 2014-03-06 03:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-08 13:02 - 2014-03-06 02:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-08 13:02 - 2014-03-06 02:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-08 13:02 - 2014-03-06 02:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-08 13:02 - 2014-03-06 02:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-08 13:02 - 2014-03-06 02:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-08 13:02 - 2014-03-06 01:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-08 13:02 - 2014-03-06 01:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-08 13:02 - 2014-03-06 01:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-08 13:02 - 2014-03-06 01:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-08 13:02 - 2014-03-06 01:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-08 10:30 - 2014-06-10 19:09 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForDaniel.job
2014-06-08 10:30 - 2014-06-10 18:57 - 00003194 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDaniel
2014-06-06 19:48 - 2014-06-06 19:48 - 00001354 _____ () C:\Users\Daniel\Desktop\DayZ Commander.lnk
2014-06-05 16:28 - 2014-05-08 00:57 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-05 16:28 - 2014-05-08 00:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-05 16:24 - 2014-06-05 16:24 - 00001417 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-05 07:15 - 2014-06-05 07:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-04 14:14 - 2013-05-10 01:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-06-04 14:14 - 2013-05-10 01:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-06-04 14:14 - 2013-05-10 00:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-06-04 14:14 - 2013-05-10 00:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-06-04 13:53 - 2014-06-04 13:53 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-04 13:53 - 2014-06-04 13:53 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-04 13:53 - 2014-06-04 13:53 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-06-04 13:53 - 2014-06-04 13:53 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-04 13:53 - 2014-06-04 13:53 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-06-04 13:53 - 2014-06-04 13:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-02 18:36 - 2014-06-02 18:36 - 00008005 _____ () C:\Users\Daniel\Downloads\FlyMod_V043.zip
2014-06-02 17:02 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-06-02 08:13 - 2014-06-02 08:13 - 00000000 _____ () C:\Windows\SysWOW64\shoA818.tmp
2014-05-31 20:49 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-05-31 20:49 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-05-31 20:30 - 2014-05-31 20:30 - 00000000 _____ () C:\Windows\SysWOW64\sho6C14.tmp
2014-05-31 13:27 - 2014-06-13 14:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-30 21:37 - 2013-10-29 22:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-05-30 21:37 - 2013-10-29 22:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-05-30 21:36 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-30 21:36 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-05-30 21:36 - 2013-12-31 19:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-05-30 21:36 - 2013-12-31 19:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-05-30 21:36 - 2013-11-23 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-05-30 21:36 - 2013-11-23 13:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-05-30 21:36 - 2013-07-09 01:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-05-30 21:36 - 2013-07-09 00:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-05-30 21:36 - 2013-07-04 08:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-05-30 21:36 - 2013-07-04 07:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-05-30 21:35 - 2014-05-09 02:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-30 21:35 - 2014-05-09 02:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-30 21:35 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-30 21:35 - 2013-10-05 16:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-05-30 21:35 - 2013-10-05 15:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-05-30 21:35 - 2013-07-09 01:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-05-30 21:35 - 2013-07-09 01:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-05-30 21:35 - 2013-07-09 00:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-05-30 21:35 - 2013-07-09 00:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-05-30 21:34 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-05-30 21:34 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-05-30 21:34 - 2013-06-25 18:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-05-30 21:33 - 2013-11-11 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-05-30 21:33 - 2013-11-11 22:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-05-30 21:33 - 2013-10-18 22:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-05-30 21:33 - 2013-10-18 21:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-05-30 21:31 - 2013-12-05 22:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-05-30 21:31 - 2013-12-05 22:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-05-30 21:31 - 2013-12-05 22:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-05-30 21:31 - 2013-12-05 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-05-30 21:30 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-30 21:30 - 2013-10-03 22:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-05-30 21:30 - 2013-10-03 22:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-05-30 21:30 - 2013-10-03 22:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-05-30 21:30 - 2013-10-03 22:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-05-30 21:30 - 2013-10-03 21:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-05-30 21:30 - 2013-10-03 21:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-05-30 21:30 - 2013-10-03 21:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-05-30 21:30 - 2013-10-03 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-05-30 21:30 - 2013-09-27 21:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-05-30 21:30 - 2013-08-04 22:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-05-30 21:30 - 2013-07-12 06:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-05-30 21:30 - 2013-07-12 06:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-05-30 21:30 - 2013-07-12 06:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2014-05-30 21:29 - 2013-12-03 22:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-05-30 21:29 - 2013-12-03 22:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-05-30 21:29 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-05-30 21:29 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-05-30 21:29 - 2013-12-03 22:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-05-30 21:29 - 2013-12-03 22:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-05-30 21:29 - 2013-12-03 22:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-05-30 21:29 - 2013-12-03 22:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-05-30 21:29 - 2013-12-03 22:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-05-30 21:29 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-05-30 21:29 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-05-30 21:29 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-05-30 21:29 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-05-30 21:29 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-05-30 21:29 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-05-30 21:29 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-05-30 21:29 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-05-30 21:29 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-05-30 21:29 - 2013-11-26 21:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-05-30 21:29 - 2013-11-26 21:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-05-30 21:29 - 2013-11-26 21:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-05-30 21:29 - 2013-11-26 21:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-05-30 21:29 - 2013-11-26 21:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-05-30 21:29 - 2013-11-26 21:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-05-30 21:29 - 2013-11-26 21:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-05-30 21:29 - 2013-07-25 05:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-05-30 21:29 - 2013-07-25 04:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-05-30 21:29 - 2013-07-09 01:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-05-30 21:29 - 2013-07-09 00:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-05-30 21:29 - 2013-07-03 00:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-05-30 21:29 - 2013-07-03 00:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-05-30 21:29 - 2013-06-06 01:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-05-30 21:29 - 2013-06-06 01:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-05-30 21:29 - 2013-06-06 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-05-30 21:29 - 2013-06-06 01:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-05-30 21:29 - 2013-06-06 00:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-05-30 21:29 - 2013-06-06 00:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-05-30 21:29 - 2013-06-06 00:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-05-30 21:29 - 2013-06-05 23:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-05-30 21:29 - 2013-06-05 23:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-05-30 21:29 - 2013-06-05 23:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-05-30 21:28 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-30 21:28 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-30 21:28 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-30 21:28 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-30 21:28 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-30 21:28 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-30 21:28 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-30 21:28 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-30 21:28 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-30 21:28 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-30 21:28 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-30 21:28 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-30 21:28 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-30 21:28 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-30 21:28 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-30 21:28 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-30 21:28 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-30 21:28 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-30 21:28 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-30 21:28 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-30 21:28 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-30 21:28 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-30 21:28 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-30 21:28 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-30 21:28 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-30 21:28 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-30 21:28 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-30 21:28 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-30 21:28 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-30 21:28 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-30 21:28 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-30 21:28 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-30 21:28 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-30 21:28 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-30 21:28 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-30 21:28 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-30 21:28 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-30 21:28 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-30 21:28 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-30 21:28 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-30 21:28 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-30 21:28 - 2013-09-24 22:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-05-30 21:28 - 2013-09-24 21:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-05-30 21:28 - 2013-09-07 22:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-05-30 21:28 - 2013-09-07 22:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-05-30 21:28 - 2013-08-28 22:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-05-30 21:28 - 2013-08-28 22:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-05-30 21:28 - 2013-08-28 22:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-05-30 21:28 - 2013-08-28 21:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-05-30 21:28 - 2013-08-28 21:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-05-30 21:28 - 2013-08-28 21:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-05-30 21:28 - 2013-08-01 22:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-05-30 21:28 - 2013-08-01 22:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-05-30 21:28 - 2013-08-01 21:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-05-30 21:28 - 2013-08-01 20:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-05-30 21:28 - 2013-07-04 08:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-05-30 21:28 - 2013-07-04 08:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-05-30 21:28 - 2013-07-04 08:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-30 21:28 - 2013-07-04 07:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-05-30 21:28 - 2013-07-04 07:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-05-30 21:28 - 2013-07-04 06:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-05-30 21:28 - 2013-06-15 00:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-05-30 21:27 - 2013-12-24 19:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-05-30 21:27 - 2013-12-24 18:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-05-30 21:27 - 2013-11-26 07:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-05-30 21:27 - 2013-11-26 04:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-05-30 21:27 - 2013-11-22 18:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-05-30 21:27 - 2013-09-07 22:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-05-30 21:26 - 2014-02-03 22:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-30 21:26 - 2014-02-03 22:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-30 21:26 - 2014-02-03 22:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-05-30 21:26 - 2014-02-03 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-05-30 21:26 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-30 21:26 - 2013-07-25 22:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-05-30 21:26 - 2013-07-25 21:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-05-30 21:05 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-30 21:05 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-30 21:05 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-30 21:05 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-30 21:05 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-30 21:05 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-30 21:05 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-30 21:05 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-30 21:05 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-30 21:05 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-30 21:05 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-30 21:05 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-05-30 21:05 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-05-30 21:05 - 2014-01-23 22:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-30 21:05 - 2013-10-11 22:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-05-30 21:05 - 2013-10-11 22:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-05-30 21:05 - 2013-10-11 22:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-05-30 21:05 - 2013-10-11 22:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-05-30 21:05 - 2013-10-11 21:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-05-30 21:05 - 2013-10-11 21:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-05-30 21:05 - 2013-10-11 21:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-05-30 21:05 - 2013-10-11 21:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-05-30 21:05 - 2013-10-02 22:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-05-30 21:05 - 2013-10-02 22:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-05-30 21:05 - 2013-08-01 22:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 21:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-05-30 21:05 - 2013-08-01 20:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 20:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 20:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 20:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-05-30 21:05 - 2013-08-01 05:19 - 00984512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-05-30 21:05 - 2013-08-01 05:19 - 00265152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-05-30 21:05 - 2013-07-20 06:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-30 21:05 - 2013-07-20 06:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-30 21:04 - 2013-10-11 22:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-05-30 21:04 - 2013-10-11 22:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-05-30 21:04 - 2013-10-11 22:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-05-30 21:04 - 2013-10-11 22:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-05-30 21:04 - 2013-10-11 22:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-05-30 21:04 - 2013-08-27 21:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-05-30 21:04 - 2013-04-09 19:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-05-30 21:04 - 2013-04-02 18:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-05-30 20:58 - 2014-05-30 20:58 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-30 20:50 - 2014-05-30 20:50 - 00176940 _____ () C:\Users\Daniel\Downloads\BFE.reg
2014-05-30 20:50 - 2014-05-30 20:50 - 00006396 _____ () C:\Users\Daniel\Downloads\MpsSvc.reg
2014-05-30 20:41 - 2014-06-13 14:43 - 01762188 _____ () C:\Windows\WindowsUpdate.log
2014-05-30 20:32 - 2014-05-30 20:36 - 54744235 _____ () C:\Users\Daniel\Downloads\ARMA2OACORFT_Update_162.zip
2014-05-30 17:59 - 2014-06-13 14:45 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-30 17:59 - 2014-05-30 17:59 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-30 17:59 - 2014-05-30 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-30 17:59 - 2014-05-30 17:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-30 17:59 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-30 17:59 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-30 17:59 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-30 17:58 - 2014-05-30 17:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-30 17:43 - 2014-06-10 18:58 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-05-30 17:43 - 2014-05-30 17:43 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-30 17:43 - 2014-05-30 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-05-30 17:43 - 2014-05-30 17:43 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-30 17:42 - 2014-05-30 17:42 - 04748896 _____ (Piriform Ltd) C:\Users\Daniel\Downloads\ccsetup414.exe
2014-05-18 16:52 - 2014-05-30 17:54 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Ventrilo
2014-05-18 16:46 - 2014-05-18 16:47 - 03786512 _____ () C:\Users\Daniel\Downloads\ventrilo-3.0.8-Windows-i386.exe
2014-05-17 16:59 - 2014-05-17 16:59 - 01013422 _____ () C:\Users\Daniel\Downloads\CCGLauncher (1).zip
2014-05-17 16:38 - 2014-05-17 16:38 - 00000000 ____D () C:\Users\Daniel\AppData\Local\MEpochLauncher
2014-05-17 16:38 - 2014-05-17 16:38 - 00000000 ____D () C:\mods
2014-05-17 16:36 - 2014-05-17 16:36 - 01013422 _____ () C:\Users\Daniel\Downloads\CCGLauncher.zip
 
==================== One Month Modified Files and Folders =======
 
2014-06-13 14:47 - 2014-06-13 14:46 - 00014227 _____ () C:\Users\Daniel\Downloads\FRST.txt
2014-06-13 14:47 - 2013-05-30 23:04 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Temp
2014-06-13 14:46 - 2014-06-13 14:46 - 00000000 ____D () C:\FRST
2014-06-13 14:45 - 2014-05-30 17:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-13 14:45 - 2013-05-31 16:39 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-13 14:44 - 2014-06-10 19:09 - 00002216 _____ () C:\Windows\PFRO.log
2014-06-13 14:44 - 2014-06-10 18:54 - 00000336 _____ () C:\Windows\setupact.log
2014-06-13 14:44 - 2013-05-31 16:02 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-13 14:44 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-13 14:43 - 2014-06-10 19:06 - 00000000 ____D () C:\AdwCleaner
2014-06-13 14:43 - 2014-05-30 20:41 - 01762188 _____ () C:\Windows\WindowsUpdate.log
2014-06-13 14:40 - 2014-06-13 14:40 - 00007174 _____ () C:\Users\Daniel\Desktop\RKreport_DEL_06132014_143945.log
2014-06-13 14:31 - 2013-05-31 15:55 - 00000000 ____D () C:\Users\Daniel\AppData\Local\CrashDumps
2014-06-13 14:28 - 2014-05-31 13:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 14:25 - 2013-09-01 15:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-13 14:23 - 2014-06-13 14:23 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-13 14:22 - 2009-07-14 00:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-13 14:22 - 2009-07-14 00:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-13 14:21 - 2014-06-13 14:21 - 02081792 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2014-06-13 14:21 - 2014-06-13 14:20 - 01333465 _____ () C:\Users\Daniel\Downloads\adwcleaner_3.212.exe
2014-06-13 14:21 - 2013-06-22 14:31 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-13 14:19 - 2014-06-13 14:19 - 05245952 _____ () C:\Users\Daniel\Downloads\RogueKillerX64.exe
2014-06-10 20:05 - 2013-05-31 16:02 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-10 20:04 - 2014-06-10 20:03 - 00022775 _____ () C:\Users\Daniel\Desktop\dds.txt
2014-06-10 20:04 - 2014-06-10 20:03 - 00019896 _____ () C:\Users\Daniel\Desktop\attach.txt
2014-06-10 20:00 - 2014-06-10 20:00 - 00688992 ____R (Swearware) C:\Users\Daniel\Downloads\dds.com
2014-06-10 19:48 - 2014-01-20 18:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-10 19:44 - 2014-06-10 19:42 - 00000000 ___SD () C:\ComboFix
2014-06-10 19:42 - 2014-06-10 19:42 - 00000000 ____D () C:\Windows\erdnt
2014-06-10 19:42 - 2014-06-10 19:42 - 00000000 ____D () C:\Qoobox
2014-06-10 19:37 - 2014-06-10 19:21 - 00081814 _____ () C:\zoek-results.log
2014-06-10 19:37 - 2014-06-10 19:20 - 00000803 _____ () C:\runcheck.txt
2014-06-10 19:37 - 2011-10-15 22:48 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-06-10 19:36 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-10 19:35 - 2014-06-10 19:34 - 05205915 ____R (Swearware) C:\Users\Daniel\Downloads\ComboFix.exe
2014-06-10 19:30 - 2013-05-31 15:54 - 00109688 _____ () C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-10 19:29 - 2014-06-10 19:29 - 00003216 _____ () C:\Windows\System32\Tasks\{895E4F1D-B0DA-4B0B-9431-E57FF0E3C68F}
2014-06-10 19:29 - 2013-08-06 12:01 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-06-10 19:29 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-10 19:29 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-06-10 19:26 - 2014-03-02 02:56 - 00000000 ____D () C:\Program Files (x86)\Dorgem
2014-06-10 19:21 - 2014-06-10 19:20 - 04095664 _____ () C:\Users\Daniel\Downloads\zoek.zip
2014-06-10 19:19 - 2014-06-10 19:19 - 00000000 ____D () C:\zoek_backup
2014-06-10 19:16 - 2014-06-10 19:16 - 01285120 _____ () C:\Users\Daniel\Downloads\zoek.exe
2014-06-10 19:09 - 2014-06-08 10:30 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForDaniel.job
2014-06-10 19:07 - 2013-05-30 23:04 - 00000000 ____D () C:\Users\Daniel
2014-06-10 19:06 - 2014-06-10 19:05 - 01333465 _____ () C:\Users\Daniel\Downloads\AdwCleaner.exe
2014-06-10 18:58 - 2014-05-30 17:43 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-10 18:57 - 2014-06-08 10:30 - 00003194 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDaniel
2014-06-10 18:56 - 2014-06-10 18:56 - 00207880 _____ () C:\Users\Daniel\Documents\cc_20140610_185645.reg
2014-06-10 18:54 - 2014-06-10 18:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-10 18:51 - 2013-09-08 09:45 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\BitTorrent
2014-06-10 18:50 - 2014-03-02 03:23 - 00000000 ____D () C:\Windows\Minidump
2014-06-10 18:50 - 2007-01-01 21:25 - 00000000 ____D () C:\Windows\Panther
2014-06-10 18:49 - 2011-10-15 22:51 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-10 18:48 - 2013-07-10 18:57 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Adobe
2014-06-10 18:47 - 2014-06-10 18:47 - 00000000 __SHD () C:\Users\Daniel\AppData\Local\EmieUserList
2014-06-10 18:47 - 2014-06-10 18:47 - 00000000 __SHD () C:\Users\Daniel\AppData\Local\EmieSiteList
2014-06-10 18:45 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-10 16:08 - 2013-08-21 00:46 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Adobe
2014-06-09 18:07 - 2013-06-11 19:42 - 00000000 ____D () C:\Users\Daniel\AppData\Local\ArmA 2 OA
2014-06-09 16:00 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-08 18:21 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-06-08 10:26 - 2013-06-15 15:36 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-06-08 10:26 - 2013-06-01 16:05 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-06-06 19:48 - 2014-06-06 19:48 - 00001354 _____ () C:\Users\Daniel\Desktop\DayZ Commander.lnk
2014-06-06 16:00 - 2009-07-14 01:13 - 00796184 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-05 17:03 - 2014-01-14 22:38 - 00000000 ____D () C:\ProgramData\c855f7ce03fedc47
2014-06-05 16:24 - 2014-06-05 16:24 - 00001417 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-05 16:24 - 2013-05-30 23:08 - 00000000 ___RD () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-05 16:24 - 2013-05-30 23:08 - 00000000 ___RD () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-05 16:24 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-06-05 07:21 - 2009-07-14 00:45 - 00415400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-05 07:15 - 2014-06-05 07:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-05 07:14 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-05 07:14 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-04 13:53 - 2014-06-04 13:53 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-06-04 13:53 - 2014-06-04 13:53 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-04 13:53 - 2014-06-04 13:53 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-04 13:53 - 2014-06-04 13:53 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-06-04 13:53 - 2014-06-04 13:53 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-04 13:53 - 2014-06-04 13:53 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-06-04 13:53 - 2014-06-04 13:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-06-04 13:53 - 2014-06-04 13:53 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-04 13:53 - 2014-06-04 13:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-04 13:03 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-02 18:36 - 2014-06-02 18:36 - 00008005 _____ () C:\Users\Daniel\Downloads\FlyMod_V043.zip
2014-06-02 12:10 - 2014-01-25 21:19 - 00000000 ____D () C:\ProgramData\ABBYY
2014-06-02 12:09 - 2011-10-15 22:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-02 12:07 - 2014-05-03 23:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-02 08:13 - 2014-06-02 08:13 - 00000000 _____ () C:\Windows\SysWOW64\shoA818.tmp
2014-06-02 08:09 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-06-01 21:25 - 2013-07-23 17:15 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\.technic
2014-06-01 13:23 - 2013-06-07 01:08 - 00788798 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-01 13:06 - 2009-07-13 22:34 - 00000478 _____ () C:\Windows\win.ini
2014-05-31 20:30 - 2014-05-31 20:30 - 00000000 _____ () C:\Windows\SysWOW64\sho6C14.tmp
2014-05-31 15:17 - 2013-06-07 01:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-05-31 14:39 - 2013-08-09 02:09 - 00000000 ___RD () C:\Users\Daniel\Desktop\Games
2014-05-31 13:57 - 2013-11-22 18:01 - 00000000 ____D () C:\Users\Daniel\Desktop\Minecraft Launchers
2014-05-31 13:57 - 2013-06-08 15:41 - 02346942 _____ () C:\Users\Daniel\Desktop\TechnicLauncher (1).exe
2014-05-31 13:10 - 2014-01-20 18:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-05-31 09:49 - 2013-07-11 11:05 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\.minecraft
2014-05-30 21:32 - 2013-12-19 17:27 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Skype
2014-05-30 21:32 - 2011-10-15 22:47 - 00000000 ____D () C:\ProgramData\Skype
2014-05-30 21:21 - 2013-06-08 08:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-30 21:21 - 2013-06-08 08:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-30 21:05 - 2013-06-08 08:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-30 20:58 - 2014-05-30 20:58 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-30 20:50 - 2014-05-30 20:50 - 00176940 _____ () C:\Users\Daniel\Downloads\BFE.reg
2014-05-30 20:50 - 2014-05-30 20:50 - 00006396 _____ () C:\Users\Daniel\Downloads\MpsSvc.reg
2014-05-30 20:36 - 2014-05-30 20:32 - 54744235 _____ () C:\Users\Daniel\Downloads\ARMA2OACORFT_Update_162.zip
2014-05-30 18:14 - 2013-12-14 21:45 - 00000000 ____D () C:\Users\Daniel\Desktop\Folder that holds other folders
2014-05-30 18:11 - 2013-07-10 13:58 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Notepad++
2014-05-30 18:11 - 2013-07-10 13:58 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-05-30 18:10 - 2012-01-17 14:55 - 00000000 ____D () C:\ProgramData\Norton
2014-05-30 18:02 - 2013-09-15 23:26 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-05-30 17:59 - 2014-05-30 17:59 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-30 17:59 - 2014-05-30 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-30 17:59 - 2014-05-30 17:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-30 17:59 - 2013-08-10 12:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-30 17:58 - 2014-05-30 17:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-30 17:54 - 2014-05-18 16:52 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Ventrilo
2014-05-30 17:54 - 2014-02-24 18:41 - 00000000 ____D () C:\Program Files (x86)\FixCleanRepair
2014-05-30 17:54 - 2013-09-14 15:28 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
2014-05-30 17:54 - 2013-07-10 12:15 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-05-30 17:53 - 2014-03-16 22:08 - 00000000 ____D () C:\Program Files (x86)\Feudalism_at
2014-05-30 17:52 - 2011-10-15 22:40 - 00000000 ____D () C:\Program Files (x86)\HP Games
2014-05-30 17:52 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-30 17:50 - 2013-07-10 19:26 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\WildTangent
2014-05-30 17:50 - 2011-10-15 22:40 - 00000000 ____D () C:\ProgramData\WildTangent
2014-05-30 17:50 - 2011-10-15 22:40 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-05-30 17:43 - 2014-05-30 17:43 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-30 17:43 - 2014-05-30 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-05-30 17:43 - 2014-05-30 17:43 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-30 17:42 - 2014-05-30 17:42 - 04748896 _____ (Piriform Ltd) C:\Users\Daniel\Downloads\ccsetup414.exe
2014-05-23 17:47 - 2013-12-21 12:07 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Overwolf
2014-05-18 16:47 - 2014-05-18 16:46 - 03786512 _____ () C:\Users\Daniel\Downloads\ventrilo-3.0.8-Windows-i386.exe
2014-05-17 16:59 - 2014-05-17 16:59 - 01013422 _____ () C:\Users\Daniel\Downloads\CCGLauncher (1).zip
2014-05-17 16:38 - 2014-05-17 16:38 - 00000000 ____D () C:\Users\Daniel\AppData\Local\MEpochLauncher
2014-05-17 16:38 - 2014-05-17 16:38 - 00000000 ____D () C:\mods
2014-05-17 16:36 - 2014-05-17 16:36 - 01013422 _____ () C:\Users\Daniel\Downloads\CCGLauncher.zip
2014-05-14 16:25 - 2013-09-01 15:36 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 16:25 - 2013-09-01 15:36 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 16:25 - 2011-10-15 22:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
 
Files to move or delete:
====================
C:\ProgramData\celukfvf.exe
C:\ProgramData\realsched.exe
C:\Users\Daniel\jagex_cl_runescape_LIVE.dat
C:\Users\Daniel\jagex_cl_runescape_LIVE1.dat
C:\Users\Daniel\mkffrtc.exe
C:\Users\Daniel\random.dat
C:\Users\Daniel\realsched.exe
 
 
Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\7za.exe
C:\Users\Daniel\AppData\Local\Temp\hijackthis.exe
C:\Users\Daniel\AppData\Local\Temp\NirCmd.exe
C:\Users\Daniel\AppData\Local\Temp\PEVZ.EXE
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe
C:\Users\Daniel\AppData\Local\Temp\remove.exe
C:\Users\Daniel\AppData\Local\Temp\sed.exe
C:\Users\Daniel\AppData\Local\Temp\shortcut.exe
C:\Users\Daniel\AppData\Local\Temp\swreg.exe
C:\Users\Daniel\AppData\Local\Temp\swxcacls.exe
C:\Users\Daniel\AppData\Local\Temp\wget.exe
C:\Users\Daniel\AppData\Local\Temp\zoek-delete.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-05-31 01:28
 
==================== End Of Log ============================
 


#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:39 AM

Posted 14 June 2014 - 08:05 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start
HKLM-x32\...\Run: [] => [X]
AppInit_DLLs: C:\PROGRA~2\GS_X64~1.ENA => C:\Program Files (x86)\GS_x64.Enabler [2759168 2014-01-14] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: RemoveTheAdApp - {421880D1-C9DD-F61E-F9CE-2A0023FE4AD3} -  No File
BHO: grrEatsaver - {4FE1DEA1-C985-3F90-679F-8D5FE64CA0B3} -  No File
BHO: YoutubeAdblocker - {AAE426F7-6264-E09A-F641-6931B2F2B2E4} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (No Name) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgncjofhnhdhedgidaagmabobbbkdcmk [2014-01-14]
CHR HKCU\...\Chrome\Extension: [abdkniaobnpabjjmlnkhgleeacekgdda] - C:\Users\Daniel\AppData\Local\CRE\abdkniaobnpabjjmlnkhgleeacekgdda.crx [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [bngibkggpllkmjmopgjeebamjnocjdhm] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2259\ch\MediaViewV1alpha2259.crx [2014-01-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
C:\Users\Daniel\mkffrtc.exe
C:\Users\Daniel\random.dat
C:\Users\Daniel\realsched.exe
C:\ProgramData\celukfvf.exe
C:\ProgramData\realsched.exe
C:\Users\Daniel\AppData\Local\Temp\7za.exe
C:\Users\Daniel\AppData\Local\Temp\hijackthis.exe
C:\Users\Daniel\AppData\Local\Temp\NirCmd.exe
C:\Users\Daniel\AppData\Local\Temp\PEVZ.EXE
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe
C:\Users\Daniel\AppData\Local\Temp\remove.exe
C:\Users\Daniel\AppData\Local\Temp\sed.exe
C:\Users\Daniel\AppData\Local\Temp\shortcut.exe
C:\Users\Daniel\AppData\Local\Temp\swreg.exe
C:\Users\Daniel\AppData\Local\Temp\swxcacls.exe
C:\Users\Daniel\AppData\Local\Temp\wget.exe
C:\Users\Daniel\AppData\Local\Temp\zoek-delete.exe

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Let me know what problem persists.

#5 Danny50

Danny50
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:39 AM

Posted 14 June 2014 - 02:06 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-06-2014 02
Ran by Daniel at 2014-06-14 14:38:10 Run:1
Running from C:\Users\Daniel\Desktop\FRST
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
HKLM-x32\...\Run: [] => [X]
AppInit_DLLs: C:\PROGRA~2\GS_X64~1.ENA => C:\Program Files (x86)\GS_x64.Enabler [2759168 2014-01-14] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: RemoveTheAdApp - {421880D1-C9DD-F61E-F9CE-2A0023FE4AD3} -  No File
BHO: grrEatsaver - {4FE1DEA1-C985-3F90-679F-8D5FE64CA0B3} -  No File
BHO: YoutubeAdblocker - {AAE426F7-6264-E09A-F641-6931B2F2B2E4} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (No Name) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgncjofhnhdhedgidaagmabobbbkdcmk [2014-01-14]
CHR HKCU\...\Chrome\Extension: [abdkniaobnpabjjmlnkhgleeacekgdda] - C:\Users\Daniel\AppData\Local\CRE\abdkniaobnpabjjmlnkhgleeacekgdda.crx [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [bngibkggpllkmjmopgjeebamjnocjdhm] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2259\ch\MediaViewV1alpha2259.crx [2014-01-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
C:\Users\Daniel\mkffrtc.exe
C:\Users\Daniel\random.dat
C:\Users\Daniel\realsched.exe
C:\ProgramData\celukfvf.exe
C:\ProgramData\realsched.exe
C:\Users\Daniel\AppData\Local\Temp\7za.exe
C:\Users\Daniel\AppData\Local\Temp\hijackthis.exe
C:\Users\Daniel\AppData\Local\Temp\NirCmd.exe
C:\Users\Daniel\AppData\Local\Temp\PEVZ.EXE
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe
C:\Users\Daniel\AppData\Local\Temp\remove.exe
C:\Users\Daniel\AppData\Local\Temp\sed.exe
C:\Users\Daniel\AppData\Local\Temp\shortcut.exe
C:\Users\Daniel\AppData\Local\Temp\swreg.exe
C:\Users\Daniel\AppData\Local\Temp\swxcacls.exe
C:\Users\Daniel\AppData\Local\Temp\wget.exe
C:\Users\Daniel\AppData\Local\Temp\zoek-delete.exe
 
End
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"C:\PROGRA~2\GS_X64~1.ENA" => Value Data removed successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}' => Key deleted successfully.
'HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{421880D1-C9DD-F61E-F9CE-2A0023FE4AD3}' => Key deleted successfully.
'HKCR\CLSID\{421880D1-C9DD-F61E-F9CE-2A0023FE4AD3}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4FE1DEA1-C985-3F90-679F-8D5FE64CA0B3}' => Key deleted successfully.
'HKCR\CLSID\{4FE1DEA1-C985-3F90-679F-8D5FE64CA0B3}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AAE426F7-6264-E09A-F641-6931B2F2B2E4}' => Key deleted successfully.
'HKCR\CLSID\{AAE426F7-6264-E09A-F641-6931B2F2B2E4}' => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
'HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}'=> Key not found.
'HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922' => Key deleted successfully.
C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll not found.
'HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin' => Key deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
'HKLM\Software\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0' => Key deleted successfully.
C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll not found.
C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgncjofhnhdhedgidaagmabobbbkdcmk directory not found.
'HKCU\SOFTWARE\Google\Chrome\Extensions\abdkniaobnpabjjmlnkhgleeacekgdda' => Key deleted successfully.
"C:\Users\Daniel\AppData\Local\CRE\abdkniaobnpabjjmlnkhgleeacekgdda.crx" => File/Directory not found.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bngibkggpllkmjmopgjeebamjnocjdhm' => Key deleted successfully.
"C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2259\ch\MediaViewV1alpha2259.crx" => File/Directory not found.
'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
clwvd => Service deleted successfully.
lmimirr => Service deleted successfully.
C:\Users\Daniel\mkffrtc.exe => Moved successfully.
C:\Users\Daniel\random.dat => Moved successfully.
C:\Users\Daniel\realsched.exe => Moved successfully.
C:\ProgramData\celukfvf.exe => Moved successfully.
C:\ProgramData\realsched.exe => Moved successfully.
C:\Users\Daniel\AppData\Local\Temp\7za.exe => Moved successfully.
C:\Users\Daniel\AppData\Local\Temp\hijackthis.exe => Moved successfully.
C:\Users\Daniel\AppData\Local\Temp\NirCmd.exe => Moved successfully.
C:\Users\Daniel\AppData\Local\Temp\PEVZ.EXE => Moved successfully.
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Daniel\AppData\Local\Temp\remove.exe => Moved successfully.
C:\Users\Daniel\AppData\Local\Temp\sed.exe => Moved successfully.
C:\Users\Daniel\AppData\Local\Temp\shortcut.exe => Moved successfully.
C:\Users\Daniel\AppData\Local\Temp\swreg.exe => Moved successfully.
C:\Users\Daniel\AppData\Local\Temp\swxcacls.exe => Moved successfully.
C:\Users\Daniel\AppData\Local\Temp\wget.exe => Moved successfully.
C:\Users\Daniel\AppData\Local\Temp\zoek-delete.exe => Moved successfully.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
 
 

 Results of screen317's Security Check version 0.99.84  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 51  
 Java version out of Date! 
 Adobe Flash Player 13.0.0.214  
 Adobe Reader 10.1.0 Adobe Reader out of Date!  
 Google Chrome 32.0.1700.102  
 Google Chrome 32.0.1700.76  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 22% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log`````````````````````` 
 
 
 


#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:39 AM

Posted 15 June 2014 - 07:01 AM

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Latest version is Java JRE 7u60.

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882


If present remove the old version(s) of Java using the Add/Remove Programs applet.

Java 7 Update 51

===

Get the latest version of the Adobe Reader.
http://get.adobe.com/reader/
Before your download I suggest you unckeck the box on the top right "Yes, install McAfee Security Scan Plus - optional" this is not required if you are not a McAfee subscriber. While the installation is in progress you can also deny the installation of any other programs that may be suggested.

When installed remove your old version of the Reader using the Add/Remove Programs applet if present.
<<<>>>

If all is well:

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful add-ons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===

#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:39 AM

Posted 21 June 2014 - 05:46 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users