Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Missing Icons after ComboFix


  • This topic is locked This topic is locked
57 replies to this topic

#1 itsDANNY

itsDANNY

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:36 PM

Posted 14 July 2014 - 01:38 AM

Hi,

 

I had an issue where I was unable to read/write files on C drive, and I had tried manually applying the permissions (only to encounter: Access denied error prompts) and then using GrantPerms, etc, to no avail.

So today after the above did not go well, I used ComboFix (as a last resort, especially since i assumed this had something to do with malware) with no expert guidance (never had an issue using it myself for the last 5 years).

 

However, after restarting my computer, a few select applications/shortcuts had missing icons that look like this:

https://hostr.co/file/970/Bh0VhnY6jJdT/icon.png

 

I then went into the Add or Remove programs in the Control Panel, to the same result:

https://hostr.co/file/970/1lOOmL22BCsH/blanks.png

 

Those white blank icons (notice they are all over the place which they weren't prior to all of this) were so prevalent, I knew something was up and initiated a system restore (which did not complete successfully - had something to do with not being able to restore a Mozilla Firefox profile - don't think it's anything significant).

 

So... after the system restore, it changed nothing... still have blank icons.

 

What is more of a problem to me is that if I try to uninstall these 'blank icon'ed applications, they result in this:

https://hostr.co/file/970/2x8KESAMlv7j/error.png

 

 

It also appear in the Start Menu and on the Desktop, basically evreywhere, but most of them (all that I have tried) run properly even though their icons are blank or messed up, so I'm not exactly sure what's up...

1. Getting back their icons

2. Fixing that uninstaller issue

 

Any ideas on what to do now?

 

(Note that ComboFix did not fix the issue at hand either, what I did after ComboFix and prior to the system restore, is change permissions to the temp folder (the folder that still had the problems of not  being able to write/read) and then it mysteriously worked... I could read/write anything from that folder... and this is also another reason why I opted for the System Restore because ComboFix basically didn't do anything)

 

Thanks for the help

 

 

EDIT:

I can only assume this is due to the corruption of the Windows Registry...

DDS & Attach files are as attached

ComboFix log is also attached.

Attached Files


Edited by itsDANNY, 14 July 2014 - 03:01 AM.


BC AdBot (Login to Remove)

 


#2 itsDANNY

itsDANNY
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:36 PM

Posted 14 July 2014 - 02:31 AM

I'm also experiencing other sporadic issues that weren't occurring before with Internet Explorer and I've tried reinstalling etc, to no avail. I could only assume it is related to this situation.

 

I am starting to feel inclined to back everything up, format the hard drive and perform a fresh reinstall if this issue cannot be resolved as soon as possible.

 

Just a note, the issue I explained in the OP was ignored for the last 7 months and I only now had the time to deal with it now since it wasn't THAT irritating. That is, instead of downloading / executing files off of the C drive or %temp% folder, I would change the location to another partition (D:\) and that would work fine.

 

So... my point is that perhaps I shouldn't have gone too far (and used ComboFix) without proper guidance even though I've never experienced problems in the past, not exactly sure what happened this time...

 

In the meantime any help is appreciated...


Edited by itsDANNY, 14 July 2014 - 04:41 AM.


#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:36 AM

Posted 19 July 2014 - 01:40 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/540874 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 itsDANNY

itsDANNY
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:36 PM

Posted 19 July 2014 - 03:40 AM

1. Done.

2. dds.txt is as attached.

3. No, might be awhile until I find it somewhere in the house...

4. Thank you. I appreciate it.

Attached Files

  • Attached File  dds.txt   22.32KB   2 downloads

Edited by itsDANNY, 19 July 2014 - 03:40 AM.


#5 itsDANNY

itsDANNY
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:36 PM

Posted 20 July 2014 - 11:07 PM

Does anyone think they will be able to resolve this issue? I've observed that many others have received responses from the team, however I am stuck here with an automated response. Would appreciate any acknowledgment thanks.



#6 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:12:36 PM

Posted 21 July 2014 - 09:22 AM

Hello itsDANNY and welcome to BleepingComputer! :)

 

My name is Sirawit and I'm here to help you.

 

Please note that I'm currently in training and my fixes need to be check for approval first, that may delay our fix a bit, but I will normally reply back in 24 hours.

 

If I don't reply after 2 days, feel free to PM me. :)

==========================================================================

Some points for you to keep in mind:

  • Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Do not attach logs or use code boxes, just copy and paste the text.
  • Periodically update me on the condition of your computer, and provide detail in every post.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end with some additional information on how to stay malware-free.
  • Lastly, I would like to remind you that most members here are volunteers, and sometimes "real life" can get in the way of our malware hunt. I will notify you if I know I will need to be away for longer than 48 hours.

==========================================================================

 

 

Going over your logs I noticed that you have uTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so viaStart > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.

Farbar Recovery Scan Tool (FRST)

  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop.
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should.
  • Double click the icon.
  • Click Yes to the disclaimer.
  • Make sure the Addition.txt box is checked.
  • Click Scan and allow the program to run.
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen.
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply

Thank you.


Edited by Sirawit, 22 July 2014 - 12:56 AM.

If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#7 itsDANNY

itsDANNY
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:36 PM

Posted 21 July 2014 - 07:27 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by DANNY (administrator) on DANNY-PC on 22-07-2014 10:08:33
Running from C:\Users\DANNY\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
() D:\Program Files\MSI Afterburner\MSIAfterburner.exe
() D:\Program Files\MSI Afterburner\Bundle\OSDServer\RTSS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Malwarebytes Corporation) D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SoftPerfect Research) D:\Program Files\NetWorx\networx.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Users\DANNY\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(MYOB Technology Pty Ltd) C:\Program Files (x86)\MYOB\AccountRight\Servers\Huxley.Library.WindowsService.exe
() D:\Program Files\Razer\DeathAdder\razerhid.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) D:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(RealNetworks, Inc.) C:\Program Files (x86)\real\realplayer\Update\realsched.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
() D:\Program Files\Razer\DeathAdder\razertra.exe
(Razer Inc.) D:\Program Files\Razer\DeathAdder\razerofa.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() D:\Program Files\Razer\DeathAdder\vdDaemon.exe
(MYOB Technology Pty Ltd) C:\Program Files (x86)\MYOB\AccountRight\2013.5\AU\Huxley.Server.WindowsService.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(MYOB Technology Pty Ltd) C:\Program Files (x86)\MYOB\AccountRight\Servers\Huxley.ServerLocator.WindowsService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) D:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Farbar) C:\Users\DANNY\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NetWorx] => D:\Program Files\NetWorx\networx.exe [4757904 2012-10-11] (SoftPerfect Research)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DeathAdder] => D:\Program Files\Razer\DeathAdder\razerhid.exe [248832 2012-01-14] ()
HKLM-x32\...\Run: [PlusService] => C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe [802304 2012-09-24] (Yuna Software)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5019360 2012-11-03] (FNet Co., Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-27] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2014-05-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => D:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Z-Series Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [735744 2013-02-27] (Creative Technology Ltd)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2452779513-1753906608-20643603-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-2452779513-1753906608-20643603-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-2452779513-1753906608-20643603-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2452779513-1753906608-20643603-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2452779513-1753906608-20643603-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2452779513-1753906608-20643603-1000\...\Run: [SkyDrive] => C:\Users\DANNY\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-05-15] (Microsoft Corporation)
HKU\S-1-5-21-2452779513-1753906608-20643603-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2452779513-1753906608-20643603-1000\...\Run: [CTRegRun] => C:\Windows\CTRegRun.EXE [53248 2006-10-06] (Creative Technology Ltd )
HKU\S-1-5-21-2452779513-1753906608-20643603-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3872080 2013-04-25] (Microsoft Corporation)
HKU\S-1-5-21-2452779513-1753906608-20643603-1000\...\Run: [fastclean] => "C:\Program Files (x86)\FastClean PRO\fastcleanpro.exe"
Startup: C:\Users\DANNY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-AU
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo7.com.au/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\DANNY\AppData\Roaming\Mozilla\Firefox\Profiles\xw1kxlj3.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www.yahoo7.com.au
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Extension: Battlefield Heroes Updater - C:\Users\DANNY\AppData\Roaming\Mozilla\Firefox\Profiles\xw1kxlj3.default\Extensions\battlefieldheroespatcher@ea.com [2012-11-03]
FF Extension: Battlefield Play4Free - C:\Users\DANNY\AppData\Roaming\Mozilla\Firefox\Profiles\xw1kxlj3.default\Extensions\battlefieldplay4free@ea.com [2012-11-03]
FF Extension: NetVideoHunter - C:\Users\DANNY\AppData\Roaming\Mozilla\Firefox\Profiles\xw1kxlj3.default\Extensions\netvideohunter@netvideohunter.com [2013-12-02]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\DANNY\AppData\Roaming\Mozilla\Firefox\Profiles\xw1kxlj3.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012-11-03]
FF Extension: Aero Fox XL - C:\Users\DANNY\AppData\Roaming\Mozilla\Firefox\Profiles\xw1kxlj3.default\Extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66} [2012-11-03]
FF Extension: Tamper Data - C:\Users\DANNY\AppData\Roaming\Mozilla\Firefox\Profiles\xw1kxlj3.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947} [2012-11-03]
FF Extension: Gradient iCool - C:\Users\DANNY\AppData\Roaming\Mozilla\Firefox\Profiles\xw1kxlj3.default\Extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66} [2012-11-03]
FF Extension: Copy Urls Expert - C:\Users\DANNY\AppData\Roaming\Mozilla\Firefox\Profiles\xw1kxlj3.default\Extensions\copy-urls-expert@kashiif-gmail.com.xpi [2012-11-03]
FF Extension: Firebug - C:\Users\DANNY\AppData\Roaming\Mozilla\Firefox\Profiles\xw1kxlj3.default\Extensions\firebug@software.joehewitt.com.xpi [2012-11-03]
FF Extension: ReloadEvery - C:\Users\DANNY\AppData\Roaming\Mozilla\Firefox\Profiles\xw1kxlj3.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2012-11-03]
FF Extension: Adblock Plus - C:\Users\DANNY\AppData\Roaming\Mozilla\Firefox\Profiles\xw1kxlj3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-02]
FF Extension: Net Usage Item - C:\Users\DANNY\AppData\Roaming\Mozilla\Firefox\Profiles\xw1kxlj3.default\Extensions\{DA1B0AB5-7DD3-4066-BC2A-64AABBDD0A8B}.xpi [2012-11-03]
FF Extension: DownThemAll! - C:\Users\DANNY\AppData\Roaming\Mozilla\Firefox\Profiles\xw1kxlj3.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-11-03]
FF Extension: Greasemonkey - C:\Users\DANNY\AppData\Roaming\Mozilla\Firefox\Profiles\xw1kxlj3.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-11-03]
FF Extension: User Agent Switcher - C:\Users\DANNY\AppData\Roaming\Mozilla\Firefox\Profiles\xw1kxlj3.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2012-11-03]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - D:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - D:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-11-13]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-05-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-07-17]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - D:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR HomePage:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - D:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - D:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - D:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - D:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - D:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - D:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - D:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Extension: (Google Docs) - C:\Users\DANNY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-26]
CHR Extension: (Google Drive) - C:\Users\DANNY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\DANNY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (YouTube) - C:\Users\DANNY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-26]
CHR Extension: (Google Search) - C:\Users\DANNY\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-26]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\DANNY\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-07-26]
CHR Extension: (Insightly) - C:\Users\DANNY\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkopngnjabiaaibfkfgjhgdfpoholppn [2013-07-26]
CHR Extension: (RealDownloader) - C:\Users\DANNY\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-01-26]
CHR Extension: (Google Wallet) - C:\Users\DANNY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-27]
CHR Extension: (Gmail) - C:\Users\DANNY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

==================== Services (Whitelisted) =================

R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [112640 2013-07-03] (Creative Technology Ltd)
S4 ekrn; D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [913144 2012-03-07] (ESET)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MYOB AccountRight Library; C:\Program Files (x86)\MYOB\AccountRight\Servers\Huxley.Library.WindowsService.exe [17752 2013-12-10] (MYOB Technology Pty Ltd)
R2 MYOB AccountRight Server 2013.5; C:\Program Files (x86)\MYOB\AccountRight\2013.5\AU\Huxley.Server.WindowsService.exe [15192 2013-12-10] (MYOB Technology Pty Ltd)
R2 MYOB AccountRight Server Locator; C:\Program Files (x86)\MYOB\AccountRight\Servers\Huxley.ServerLocator.WindowsService.exe [16216 2013-12-10] (MYOB Technology Pty Ltd)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-30] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-26] (CACE Technologies, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1060632 2013-07-03] (Creative Technology Ltd)
R3 cthdb; C:\Windows\System32\DRIVERS\cthdb.sys [34072 2013-07-03] (Creative Technology Ltd)
S3 CYUSB; C:\Windows\System32\Drivers\CYUSB.sys [47104 2009-08-10] (Cypress Semiconductor)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-05] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2012-03-14] (ESET)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2013-11-06] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2012-11-03] (FNet Co., Ltd.)
S3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
S3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-26] (CACE Technologies, Inc.)
R3 RTCore64; D:\Program Files\MSI Afterburner\RTCore64.sys [13368 2012-10-30] ()
S3 ALSysIO; \??\C:\Users\DANNY\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 MBfilt; system32\drivers\MBfilt64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-22 10:08 - 2014-07-22 10:08 - 02090496 _____ (Farbar) C:\Users\DANNY\Desktop\FRST64(1).exe
2014-07-22 10:08 - 2014-07-22 10:08 - 00034062 _____ () C:\Users\DANNY\Desktop\FRST.txt
2014-07-21 18:56 - 2014-07-21 23:39 - 00000000 ____D () C:\Users\DANNY\Desktop\Home designs
2014-07-21 00:26 - 2014-07-21 00:26 - 00001338 _____ () C:\Users\DANNY\Desktop\response.txt
2014-07-19 22:49 - 2014-07-19 22:49 - 00002755 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VitalSource Bookshelf.lnk
2014-07-19 22:49 - 2014-07-19 22:49 - 00002749 _____ () C:\Users\Public\Desktop\VitalSource Bookshelf.lnk
2014-07-19 22:49 - 2014-07-19 22:49 - 00002749 _____ () C:\ProgramData\Desktop\VitalSource Bookshelf.lnk
2014-07-19 22:49 - 2014-07-19 22:49 - 00000000 ____D () C:\Program Files (x86)\VitalSource Bookshelf
2014-07-18 19:38 - 2014-07-19 11:26 - 00000840 _____ () C:\Windows\PFRO.log
2014-07-18 19:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-18 19:36 - 2014-07-18 19:38 - 00000000 ____D () C:\AdwCleaner
2014-07-18 19:36 - 2014-07-18 19:36 - 01354223 _____ () C:\Users\DANNY\Desktop\adwcleaner_3.216.exe
2014-07-18 19:30 - 2014-07-18 20:25 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-07-18 19:29 - 2014-07-18 19:29 - 00076432 _____ (AppWork GmbH) C:\Users\DANNY\Desktop\WebInstaller.exe
2014-07-18 19:24 - 2014-07-18 19:24 - 00000000 ___RD () C:\Users\DANNY\Desktop\acro_rd_dir
2014-07-18 19:24 - 2014-07-18 19:23 - 00000512 ___HT () C:\Users\DANNY\Desktop\etilqs_FPK3HoVgI8owXCo
2014-07-18 19:24 - 2014-07-18 10:08 - 00000000 ____D () C:\Users\DANNY\Desktop\Acrobat Distiller 11
2014-07-18 19:24 - 2014-07-18 10:06 - 00032768 ___HT () C:\Users\DANNY\Desktop\etilqs_JeSioMiPSzA13hQ
2014-07-18 19:24 - 2014-07-18 10:06 - 00000512 ___HT () C:\Users\DANNY\Desktop\etilqs_JRdEfM77o4anihI
2014-07-18 19:24 - 2014-07-16 13:36 - 00034868 _____ () C:\Users\DANNY\Desktop\datAA29.tmp
2014-07-18 19:24 - 2014-07-16 13:36 - 00034584 _____ () C:\Users\DANNY\Desktop\datA8EF.tmp
2014-07-18 19:24 - 2014-07-16 13:36 - 00034040 _____ () C:\Users\DANNY\Desktop\datA9AB.tmp
2014-07-18 19:24 - 2014-07-16 13:36 - 00031436 _____ () C:\Users\DANNY\Desktop\datAB43.tmp
2014-07-18 19:24 - 2014-07-14 17:40 - 00000000 ___RD () C:\Users\DANNY\Desktop\acrord32_sbx
2014-07-18 19:24 - 2014-07-14 17:18 - 00000000 _____ () C:\Users\DANNY\Desktop\CVR32E3.tmp
2014-07-18 19:24 - 2014-07-14 17:18 - 00000000 _____ () C:\Users\DANNY\Desktop\CVR32E2.tmp
2014-07-18 19:24 - 2014-07-14 16:54 - 00000366 _____ () C:\Users\DANNY\Desktop\AUCHECK_PARSER.txt
2014-07-18 01:30 - 2014-01-03 17:35 - 15743744 _____ () C:\Users\DANNY\Documents\2014-01-03_17-34-27.wav
2014-07-16 20:48 - 2014-07-16 20:48 - 00014403 _____ () C:\Users\DANNY\Desktop\hijackthis.log
2014-07-16 20:47 - 2014-07-16 20:47 - 00000000 ____D () C:\Users\DANNY\Downloads\tdsskiller (1)
2014-07-16 20:47 - 2014-07-10 12:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\DANNY\Desktop\TDSSKiller.exe
2014-07-16 20:46 - 2014-07-16 20:46 - 04161313 _____ () C:\Users\DANNY\Downloads\tdsskiller (1).zip
2014-07-16 19:51 - 2014-07-16 19:53 - 02178040 _____ () C:\Users\DANNY\Downloads\view.4t2tr52.partial
2014-07-16 18:46 - 2014-07-16 19:57 - 00000000 ____D () C:\Users\DANNY\Downloads\Files
2014-07-16 15:48 - 2014-07-16 15:49 - 00000000 ____D () C:\Users\DANNY\Downloads\lexvix
2014-07-16 10:30 - 2014-07-16 10:30 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-07-15 09:21 - 2014-07-22 09:12 - 00000896 _____ () C:\Windows\setupact.log
2014-07-15 09:21 - 2014-07-15 09:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-14 17:35 - 2014-07-19 18:38 - 00022853 _____ () C:\Users\DANNY\Desktop\dds.txt
2014-07-14 17:35 - 2014-07-14 17:35 - 00011682 _____ () C:\Users\DANNY\Desktop\attach.txt
2014-07-14 17:34 - 2014-07-14 17:34 - 00688992 ____R (Swearware) C:\Users\DANNY\Desktop\dds.com
2014-07-14 17:08 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-07-14 17:07 - 2014-07-14 17:07 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-14 17:07 - 2014-07-14 17:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-14 17:07 - 2014-07-14 17:07 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-14 17:07 - 2014-07-14 17:07 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-14 17:07 - 2014-07-14 17:07 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-07-14 17:07 - 2014-07-14 17:07 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-07-14 17:07 - 2014-07-14 17:07 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-07-14 17:07 - 2014-07-14 17:07 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-07-14 17:07 - 2014-07-14 17:07 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-07-14 17:07 - 2014-07-14 17:07 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-07-14 17:07 - 2014-07-14 17:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00000738 _____ () C:\Users\DANNY\Desktop\Rebuild_Icon_Cache.bat
2014-07-14 17:04 - 2014-07-14 17:04 - 55915216 _____ (Microsoft Corporation) C:\Users\DANNY\Desktop\IE11-Windows6.1-x64-en-us.exe
2014-07-14 15:52 - 2014-07-14 15:52 - 00000000 ____D () C:\Program Files (x86)\Scribble
2014-07-14 15:46 - 2014-07-14 16:02 - 00000972 _____ () C:\Users\DANNY\Desktop\unhide.txt
2014-07-14 15:46 - 2014-07-14 15:46 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\DANNY\Desktop\unhide.exe
2014-07-14 15:38 - 2014-07-14 15:38 - 00004341 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-14 15:24 - 2014-07-14 15:24 - 00035938 _____ () C:\ComboFix.txt
2014-07-14 15:07 - 2011-06-26 16:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-14 15:07 - 2010-11-08 03:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-14 15:07 - 2009-04-20 14:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-14 15:07 - 2000-08-31 10:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-14 15:07 - 2000-08-31 10:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-14 15:07 - 2000-08-31 10:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-14 15:07 - 2000-08-31 10:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-14 15:07 - 2000-08-31 10:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-14 15:06 - 2014-07-14 15:06 - 05220073 ____R (Swearware) C:\Users\DANNY\Desktop\ComboFix.exe
2014-07-14 14:56 - 2014-07-22 10:08 - 00000000 ____D () C:\FRST
2014-07-14 14:56 - 2014-07-14 14:56 - 02086912 _____ (Farbar) C:\Users\DANNY\Desktop\FRST64.exe
2014-07-14 14:40 - 2014-07-14 14:40 - 00918952 _____ (Oracle Corporation) C:\Users\DANNY\Desktop\jxpiinstall.exe
2014-07-14 14:38 - 2014-07-14 14:38 - 00854390 _____ () C:\Users\DANNY\Desktop\SecurityCheck.exe
2014-07-14 13:47 - 2014-07-14 13:47 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2F67427F.sys
2014-07-13 11:33 - 2014-07-13 11:33 - 07715234 _____ () C:\Users\DANNY\Downloads\ZHU-Faded-Remix-Ft.-Sean-Dee.mp3 (1).zip
2014-07-13 11:31 - 2014-07-13 11:31 - 07715234 _____ () C:\Users\DANNY\Downloads\ZHU-Faded-Remix-Ft.-Sean-Dee.mp3.zip
2014-07-13 11:28 - 2014-07-13 11:29 - 00000000 ____D () C:\Users\DANNY\Downloads\DafuQ! EDM Playlist Vol. 18 April 2014
2014-07-11 22:22 - 2014-07-11 22:22 - 13163064 _____ () C:\Users\DANNY\Desktop\JustKiddingFilms & OliviaThai Explained.mp4
2014-07-11 21:04 - 2014-07-11 21:04 - 08761249 _____ () C:\Users\DANNY\Desktop\Ty Dolla $ign - Or Nah (feat. The Weeknd, Wiz Khalifa and DJ Mustard) [Remix].m4a
2014-07-11 15:17 - 2014-07-11 15:17 - 00584189 _____ () C:\Users\DANNY\Documents\because of youu435.wma
2014-07-11 15:16 - 2014-07-11 15:16 - 00368669 _____ () C:\Users\DANNY\Documents\becauseeeeeee.wma
2014-07-11 15:15 - 2014-07-11 15:15 - 00611129 _____ () C:\Users\DANNY\Documents\because of youuu1.wma
2014-07-11 15:11 - 2014-07-11 15:11 - 00211519 _____ () C:\Users\DANNY\Documents\testttttttttt.wma
2014-07-11 15:09 - 2014-07-11 15:09 - 00157639 _____ () C:\Users\DANNY\Documents\testttt.wma
2014-07-11 13:42 - 2014-07-11 13:42 - 00000000 ____D () C:\ProgramData\Creative
2014-07-11 13:41 - 2014-07-11 13:41 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-07-11 13:41 - 2014-07-11 13:41 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-07-11 13:41 - 2014-07-11 13:41 - 00123480 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-07-11 13:41 - 2014-07-11 13:41 - 00109144 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-07-11 13:41 - 2014-07-11 13:41 - 00002321 _____ () C:\Users\Public\Desktop\Creative Product Registration.lnk
2014-07-11 13:41 - 2014-07-11 13:41 - 00002321 _____ () C:\ProgramData\Desktop\Creative Product Registration.lnk
2014-07-11 13:41 - 2014-04-25 16:33 - 01898496 _____ (Creative) C:\Windows\system32\Sens_oal.dll
2014-07-11 13:41 - 2014-04-25 16:29 - 01609728 _____ (Creative) C:\Windows\SysWOW64\Sens_oal.dll
2014-07-11 13:41 - 2006-10-06 14:17 - 00053248 _____ (Creative Technology Ltd ) C:\Windows\Ctregrun.exe
2014-07-11 13:41 - 2003-06-12 23:25 - 00007062 _____ () C:\Windows\SysWOW64\audiopid.vxd
2014-07-11 13:40 - 2014-07-11 13:40 - 00000000 ____D () C:\Users\Public\Creative
2014-07-11 13:40 - 2014-07-11 13:40 - 00000000 ____D () C:\Program Files\Creative
2014-07-11 13:40 - 2012-11-26 17:19 - 00005687 _____ () C:\Windows\SysWOW64\CTOPT352.cat
2014-07-11 13:40 - 2012-11-26 16:52 - 00005783 _____ () C:\Windows\system32\CTOPT352.cat
2014-07-11 13:40 - 2012-08-13 14:51 - 00183808 _____ (Creative Technology Ltd) C:\Windows\system32\CTOPT352.dll
2014-07-11 13:40 - 2012-08-13 14:51 - 00167424 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\CTOPT352.dll
2014-07-11 13:40 - 2010-10-04 15:20 - 00088576 _____ (Creative Technology Ltd) C:\Windows\system32\CTOPT399.dll
2014-07-11 13:40 - 2010-10-04 15:20 - 00079360 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\CTOPT399.dll
2014-07-11 13:40 - 2010-10-03 14:54 - 00005594 _____ () C:\Windows\system32\CTOPT399.cat
2014-07-11 13:40 - 2010-10-03 14:48 - 00005498 _____ () C:\Windows\SysWOW64\CTOPT399.cat
2014-07-11 13:40 - 2008-12-22 20:13 - 00061440 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\CTChkAud.dll
2014-07-11 13:40 - 2008-12-22 20:13 - 00049664 _____ (Creative Technology Ltd) C:\Windows\system32\CTChkAud.dll
2014-07-11 13:40 - 2006-12-05 13:53 - 00042496 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\AddCat.exe
2014-07-11 13:40 - 2006-12-05 13:53 - 00042496 _____ (Creative Technology Ltd.) C:\Windows\system32\AddCat.exe
2014-07-11 13:39 - 2012-04-02 15:51 - 00004850 _____ () C:\Windows\cthdaENG.reg
2014-07-11 13:25 - 2014-06-18 03:09 - 155091320 _____ (Creative Technology Ltd) C:\Users\DANNY\Desktop\SBZxR_CD_LD_1_00_24.exe
2014-07-10 16:22 - 2014-07-10 16:22 - 00637744 _____ () C:\Users\DANNY\Desktop\videovine.mp4
2014-07-10 16:00 - 2014-07-10 16:00 - 00000000 ____D () C:\Users\DANNY\Downloads\Vicetone & Tony Igy - Astronomia 2014
2014-07-10 15:59 - 2014-07-10 15:59 - 21269690 _____ () C:\Users\DANNY\Downloads\Vicetone & Tony Igy - Astronomia 2014.zip
2014-07-10 13:28 - 2014-07-10 16:36 - 00000805 _____ () C:\Users\Public\Default.Sound.Gadget.CONFIG.bat
2014-07-10 13:28 - 2012-10-29 19:08 - 00114176 _____ (NirSoft) C:\Windows\DefaultSoundCMD.exe
2014-07-10 01:00 - 2014-07-21 01:53 - 00003010 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2014-06-30 12:28 - 2014-07-21 16:36 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-06-30 12:28 - 2014-06-30 12:29 - 00000000 ____D () C:\Users\DANNY\Documents\Battlefield 3
2014-06-30 12:28 - 2014-06-30 12:28 - 00000000 ____D () C:\Users\DANNY\AppData\Local\PunkBuster
2014-06-30 12:28 - 2014-06-30 12:28 - 00000000 ____D () C:\Users\DANNY\AppData\Local\ESN
2014-06-30 12:27 - 2014-06-30 12:27 - 00000000 ____D () C:\ProgramData\EA Core
2014-06-30 12:23 - 2014-06-30 12:23 - 00000849 _____ () C:\Users\Public\Desktop\Battlefield 3.lnk
2014-06-30 12:23 - 2014-06-30 12:23 - 00000849 _____ () C:\ProgramData\Desktop\Battlefield 3.lnk
2014-06-30 12:23 - 2014-06-30 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-06-30 12:22 - 2014-07-21 16:36 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-30 12:22 - 2014-07-21 16:36 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-30 12:22 - 2014-06-30 12:34 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-30 12:22 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-06-30 12:22 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-06-30 12:22 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-06-30 12:22 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-06-30 12:22 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-06-30 12:22 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-06-30 12:22 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-06-30 12:22 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-06-30 12:22 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-06-30 12:22 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-06-30 12:22 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-06-30 12:22 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-06-30 12:22 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-06-30 12:22 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-06-30 12:22 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-06-30 12:22 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-06-30 12:22 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-06-30 12:22 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-06-30 12:22 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-06-30 12:22 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-06-30 12:22 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-06-30 12:22 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-06-30 12:22 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-06-30 12:22 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-06-30 12:22 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-06-30 12:22 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-06-30 12:22 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-06-30 12:22 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-06-30 12:22 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-06-30 12:22 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-06-30 12:22 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-06-30 12:22 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-06-30 12:22 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-06-30 12:22 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-06-30 12:22 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-06-30 12:22 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-06-30 12:22 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-06-30 12:22 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-06-30 12:22 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-06-30 12:22 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-06-30 12:22 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-06-30 12:22 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-06-30 12:22 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-06-30 12:22 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-06-30 12:22 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-06-30 12:22 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-06-30 12:22 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-06-30 12:22 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-06-30 12:22 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-06-30 12:22 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-06-30 12:22 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-06-30 12:22 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-06-30 12:22 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-06-30 12:22 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-06-30 12:22 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-06-30 12:22 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-06-30 12:22 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-06-30 12:22 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-06-30 12:22 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-06-30 12:22 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-06-30 12:22 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-06-30 12:22 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-06-30 12:22 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-06-30 12:22 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-06-30 12:22 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-06-30 12:22 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-06-30 12:22 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-06-30 12:22 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-06-30 12:22 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-06-30 12:22 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-06-30 12:22 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-06-30 12:22 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-06-30 12:22 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-06-30 12:22 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-06-30 12:22 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-06-30 12:22 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-06-30 12:22 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-06-30 12:22 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-06-30 12:22 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-06-30 12:22 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-06-30 12:22 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-06-30 12:22 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-06-30 12:22 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-06-30 12:22 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-06-30 12:22 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-06-30 12:22 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-06-30 12:22 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-06-30 12:22 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-06-30 12:22 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-06-30 12:22 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-06-30 12:22 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-06-30 12:22 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-06-30 12:22 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-06-30 12:22 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-06-30 12:22 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-06-30 12:22 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-06-30 12:22 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-06-30 12:22 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-06-30 12:22 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-06-30 12:22 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-06-30 12:22 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-06-30 12:22 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-06-30 12:22 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-06-30 12:22 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-06-30 12:22 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-06-30 12:22 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-06-30 12:22 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-06-30 12:22 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-06-30 12:22 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-06-30 12:22 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-06-30 12:22 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-06-30 12:22 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-06-30 12:22 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-06-30 12:22 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-06-30 12:22 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-06-30 12:22 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-06-30 12:22 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-06-30 12:22 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-06-30 12:22 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-06-30 12:22 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-06-30 12:22 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-06-30 12:22 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-06-30 12:22 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-06-30 12:22 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-06-30 12:22 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-06-30 12:22 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-06-30 12:22 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-06-30 12:22 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-06-30 12:22 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-06-30 12:22 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-06-30 12:22 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-06-30 12:22 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-06-30 12:22 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-06-30 12:22 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-06-30 12:22 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-06-30 12:22 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-06-30 12:22 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-06-30 12:22 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-06-30 12:22 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-06-30 12:22 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-06-30 12:22 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-06-30 12:22 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-06-30 12:22 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-06-30 12:22 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-06-30 12:22 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-06-30 12:22 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-06-30 12:22 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-06-30 12:22 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-06-30 12:22 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-06-30 12:22 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-06-30 12:22 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-06-30 12:22 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-06-30 12:22 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-06-30 12:22 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-06-30 12:22 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-06-30 12:22 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-06-30 12:22 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-06-30 12:22 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-06-30 12:22 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-06-30 12:22 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-06-30 12:22 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-06-30 12:22 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-06-30 12:22 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-06-30 12:22 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-06-30 12:22 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-06-30 12:22 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-06-30 12:22 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-06-30 12:22 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-06-30 12:22 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-06-30 12:22 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-06-30 12:22 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-06-30 12:22 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-06-30 12:22 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-06-30 12:22 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-06-30 12:22 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-06-30 12:22 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-06-30 12:22 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-06-30 12:22 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-06-30 12:22 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-06-30 12:22 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-06-30 00:19 - 2014-06-30 00:20 - 00000000 ____D () C:\Users\DANNY\Downloads\Hurt Me Tomorrow - Single
2014-06-29 22:29 - 2014-07-21 11:59 - 00000000 ____D () C:\ProgramData\Origin
2014-06-29 22:29 - 2014-06-30 12:27 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-06-29 22:29 - 2014-06-30 12:03 - 00000000 ____D () C:\Users\DANNY\AppData\Local\Origin
2014-06-29 22:29 - 2014-06-30 12:02 - 00000000 ____D () C:\Users\DANNY\AppData\Roaming\Origin
2014-06-29 22:29 - 2014-06-29 22:29 - 00000662 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-06-29 22:29 - 2014-06-29 22:29 - 00000662 _____ () C:\ProgramData\Desktop\Origin.lnk
2014-06-29 22:29 - 2014-06-29 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-06-29 18:41 - 2014-06-29 18:41 - 01744548 _____ () C:\Users\DANNY\Downloads\Your scanned documents.zip
2014-06-25 10:44 - 2014-06-25 10:44 - 00001481 _____ () C:\Users\DANNY\Desktop\psychoanalysis lyrics.txt
2014-06-24 12:38 - 2014-06-24 12:38 - 04110491 _____ () C:\Users\DANNY\Desktop\Faceboo444k.mp4
2014-06-23 22:59 - 2014-06-23 22:59 - 23276341 _____ () C:\Users\DANNY\Desktop\The Weekly Bar Hop Psychoanalysis by Ald Produced by MKSB.mp4
2014-06-23 17:39 - 2014-06-23 17:43 - 00000000 ____D () C:\Users\DANNY\Downloads\Poldoore - The Day Off (2014)
2014-06-23 09:50 - 2014-06-23 09:51 - 00000000 ____D () C:\Users\DANNY\Downloads\Otis Redding - Dock of The Bay - 1992 [MP3 @ 320] (oan)
2014-06-22 00:51 - 2014-06-28 15:43 - 00000000 ____D () C:\Users\DANNY\Downloads\The Beautiful Country [2004] Eng + Multisub

==================== One Month Modified Files and Folders =======

2014-07-22 10:08 - 2014-07-22 10:08 - 02090496 _____ (Farbar) C:\Users\DANNY\Desktop\FRST64(1).exe
2014-07-22 10:08 - 2014-07-22 10:08 - 00034062 _____ () C:\Users\DANNY\Desktop\FRST.txt
2014-07-22 10:08 - 2014-07-14 14:56 - 00000000 ____D () C:\FRST
2014-07-22 09:56 - 2012-11-03 16:29 - 00000000 ____D () C:\Users\DANNY\AppData\Roaming\Skype
2014-07-22 09:34 - 2014-04-05 11:45 - 00004956 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DANNY-PC-DANNY DANNY-PC
2014-07-22 09:22 - 2013-07-26 22:44 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-22 09:19 - 2009-07-14 14:45 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-22 09:19 - 2009-07-14 14:45 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-22 09:17 - 2014-03-28 22:08 - 01251599 _____ () C:\Windows\WindowsUpdate.log
2014-07-22 09:17 - 2009-07-14 15:13 - 00006170 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-22 09:14 - 2014-06-01 18:03 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-07-22 09:14 - 2014-03-17 20:24 - 00000000 ___RD () C:\Users\DANNY\OneDrive
2014-07-22 09:13 - 2012-11-03 18:21 - 00000000 ____D () C:\Users\DANNY\Tracing
2014-07-22 09:12 - 2014-07-15 09:21 - 00000896 _____ () C:\Windows\setupact.log
2014-07-22 09:12 - 2013-07-26 22:44 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-22 09:12 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-21 23:39 - 2014-07-21 18:56 - 00000000 ____D () C:\Users\DANNY\Desktop\Home designs
2014-07-21 16:36 - 2014-06-30 12:28 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-21 16:36 - 2014-06-30 12:22 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-21 16:36 - 2014-06-30 12:22 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-07-21 14:47 - 2012-12-23 23:44 - 00000000 ____D () C:\Users\DANNY\AppData\Local\CrashDumps
2014-07-21 11:59 - 2014-06-29 22:29 - 00000000 ____D () C:\ProgramData\Origin
2014-07-21 01:53 - 2014-07-10 01:00 - 00003010 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2014-07-21 01:09 - 2012-11-03 16:57 - 00000000 ____D () C:\Users\DANNY\AppData\Roaming\uTorrent
2014-07-21 00:26 - 2014-07-21 00:26 - 00001338 _____ () C:\Users\DANNY\Desktop\response.txt
2014-07-20 11:16 - 2009-07-14 14:45 - 05151816 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-19 22:49 - 2014-07-19 22:49 - 00002755 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VitalSource Bookshelf.lnk
2014-07-19 22:49 - 2014-07-19 22:49 - 00002749 _____ () C:\Users\Public\Desktop\VitalSource Bookshelf.lnk
2014-07-19 22:49 - 2014-07-19 22:49 - 00002749 _____ () C:\ProgramData\Desktop\VitalSource Bookshelf.lnk
2014-07-19 22:49 - 2014-07-19 22:49 - 00000000 ____D () C:\Program Files (x86)\VitalSource Bookshelf
2014-07-19 22:49 - 2012-11-03 16:04 - 00122112 _____ () C:\Users\DANNY\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-19 18:38 - 2014-07-14 17:35 - 00022853 _____ () C:\Users\DANNY\Desktop\dds.txt
2014-07-19 12:24 - 2013-07-26 22:45 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-19 12:24 - 2013-07-26 22:45 - 00002183 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2014-07-19 11:26 - 2014-07-18 19:38 - 00000840 _____ () C:\Windows\PFRO.log
2014-07-18 20:25 - 2014-07-18 19:30 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-07-18 20:23 - 2014-05-11 14:40 - 00000000 ____D () C:\Users\DANNY\AppData\Roaming\vlc
2014-07-18 19:38 - 2014-07-18 19:36 - 00000000 ____D () C:\AdwCleaner
2014-07-18 19:36 - 2014-07-18 19:36 - 01354223 _____ () C:\Users\DANNY\Desktop\adwcleaner_3.216.exe
2014-07-18 19:29 - 2014-07-18 19:29 - 00076432 _____ (AppWork GmbH) C:\Users\DANNY\Desktop\WebInstaller.exe
2014-07-18 19:24 - 2014-07-18 19:24 - 00000000 ___RD () C:\Users\DANNY\Desktop\acro_rd_dir
2014-07-18 19:23 - 2014-07-18 19:24 - 00000512 ___HT () C:\Users\DANNY\Desktop\etilqs_FPK3HoVgI8owXCo
2014-07-18 10:08 - 2014-07-18 19:24 - 00000000 ____D () C:\Users\DANNY\Desktop\Acrobat Distiller 11
2014-07-18 10:06 - 2014-07-18 19:24 - 00032768 ___HT () C:\Users\DANNY\Desktop\etilqs_JeSioMiPSzA13hQ
2014-07-18 10:06 - 2014-07-18 19:24 - 00000512 ___HT () C:\Users\DANNY\Desktop\etilqs_JRdEfM77o4anihI
2014-07-16 20:48 - 2014-07-16 20:48 - 00014403 _____ () C:\Users\DANNY\Desktop\hijackthis.log
2014-07-16 20:47 - 2014-07-16 20:47 - 00000000 ____D () C:\Users\DANNY\Downloads\tdsskiller (1)
2014-07-16 20:46 - 2014-07-16 20:46 - 04161313 _____ () C:\Users\DANNY\Downloads\tdsskiller (1).zip
2014-07-16 19:57 - 2014-07-16 18:46 - 00000000 ____D () C:\Users\DANNY\Downloads\Files
2014-07-16 19:53 - 2014-07-16 19:51 - 02178040 _____ () C:\Users\DANNY\Downloads\view.4t2tr52.partial
2014-07-16 15:49 - 2014-07-16 15:48 - 00000000 ____D () C:\Users\DANNY\Downloads\lexvix
2014-07-16 13:36 - 2014-07-18 19:24 - 00034868 _____ () C:\Users\DANNY\Desktop\datAA29.tmp
2014-07-16 13:36 - 2014-07-18 19:24 - 00034584 _____ () C:\Users\DANNY\Desktop\datA8EF.tmp
2014-07-16 13:36 - 2014-07-18 19:24 - 00034040 _____ () C:\Users\DANNY\Desktop\datA9AB.tmp
2014-07-16 13:36 - 2014-07-18 19:24 - 00031436 _____ () C:\Users\DANNY\Desktop\datAB43.tmp
2014-07-16 10:30 - 2014-07-16 10:30 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-07-15 13:24 - 2012-11-06 15:08 - 00000000 ____D () C:\Users\DANNY\AppData\Roaming\Media Player Classic
2014-07-15 09:21 - 2014-07-15 09:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-14 19:49 - 2012-11-04 07:48 - 00000000 ____D () C:\Windows\Panther
2014-07-14 17:40 - 2014-07-18 19:24 - 00000000 ___RD () C:\Users\DANNY\Desktop\acrord32_sbx
2014-07-14 17:35 - 2014-07-14 17:35 - 00011682 _____ () C:\Users\DANNY\Desktop\attach.txt
2014-07-14 17:34 - 2014-07-14 17:34 - 00688992 ____R (Swearware) C:\Users\DANNY\Desktop\dds.com
2014-07-14 17:18 - 2014-07-18 19:24 - 00000000 _____ () C:\Users\DANNY\Desktop\CVR32E3.tmp
2014-07-14 17:18 - 2014-07-18 19:24 - 00000000 _____ () C:\Users\DANNY\Desktop\CVR32E2.tmp
2014-07-14 17:18 - 2012-11-03 17:45 - 00001413 _____ () C:\Users\DANNY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-14 17:16 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-14 17:07 - 2014-07-14 17:07 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-14 17:07 - 2014-07-14 17:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-14 17:07 - 2014-07-14 17:07 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-14 17:07 - 2014-07-14 17:07 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-14 17:07 - 2014-07-14 17:07 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-07-14 17:07 - 2014-07-14 17:07 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-07-14 17:07 - 2014-07-14 17:07 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-07-14 17:07 - 2014-07-14 17:07 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-07-14 17:07 - 2014-07-14 17:07 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-07-14 17:07 - 2014-07-14 17:07 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-07-14 17:07 - 2014-07-14 17:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-14 17:07 - 2014-07-14 17:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-14 17:07 - 2014-07-14 17:07 - 00000738 _____ () C:\Users\DANNY\Desktop\Rebuild_Icon_Cache.bat
2014-07-14 17:04 - 2014-07-14 17:04 - 55915216 _____ (Microsoft Corporation) C:\Users\DANNY\Desktop\IE11-Windows6.1-x64-en-us.exe
2014-07-14 16:54 - 2014-07-18 19:24 - 00000366 _____ () C:\Users\DANNY\Desktop\AUCHECK_PARSER.txt
2014-07-14 16:04 - 2012-12-15 12:08 - 00000000 ____D () C:\Windows\pss
2014-07-14 16:02 - 2014-07-14 15:46 - 00000972 _____ () C:\Users\DANNY\Desktop\unhide.txt
2014-07-14 15:52 - 2014-07-14 15:52 - 00000000 ____D () C:\Program Files (x86)\Scribble
2014-07-14 15:46 - 2014-07-14 15:46 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\DANNY\Desktop\unhide.exe
2014-07-14 15:41 - 2013-09-14 19:39 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-14 15:38 - 2014-07-14 15:38 - 00004341 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-14 15:38 - 2013-09-14 19:38 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-14 15:33 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\IME
2014-07-14 15:25 - 2013-04-16 09:01 - 00000000 ____D () C:\Qoobox
2014-07-14 15:24 - 2014-07-14 15:24 - 00035938 _____ () C:\ComboFix.txt
2014-07-14 15:23 - 2009-07-14 12:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-14 15:22 - 2013-01-13 01:23 - 00000000 ____D () C:\Users\DANNY\Desktop\School bro
2014-07-14 15:06 - 2014-07-14 15:06 - 05220073 ____R (Swearware) C:\Users\DANNY\Desktop\ComboFix.exe
2014-07-14 14:56 - 2014-07-14 14:56 - 02086912 _____ (Farbar) C:\Users\DANNY\Desktop\FRST64.exe
2014-07-14 14:40 - 2014-07-14 14:40 - 00918952 _____ (Oracle Corporation) C:\Users\DANNY\Desktop\jxpiinstall.exe
2014-07-14 14:38 - 2014-07-14 14:38 - 00854390 _____ () C:\Users\DANNY\Desktop\SecurityCheck.exe
2014-07-14 13:47 - 2014-07-14 13:47 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2F67427F.sys
2014-07-14 13:47 - 2014-02-22 19:57 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-13 11:33 - 2014-07-13 11:33 - 07715234 _____ () C:\Users\DANNY\Downloads\ZHU-Faded-Remix-Ft.-Sean-Dee.mp3 (1).zip
2014-07-13 11:31 - 2014-07-13 11:31 - 07715234 _____ () C:\Users\DANNY\Downloads\ZHU-Faded-Remix-Ft.-Sean-Dee.mp3.zip
2014-07-13 11:29 - 2014-07-13 11:28 - 00000000 ____D () C:\Users\DANNY\Downloads\DafuQ! EDM Playlist Vol. 18 April 2014
2014-07-13 09:02 - 2014-03-26 19:47 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-13 09:02 - 2014-03-26 19:47 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-07-13 09:02 - 2014-03-26 19:47 - 00001090 _____ () C:\ProgramData\Desktop\TeamViewer 9.lnk
2014-07-11 22:22 - 2014-07-11 22:22 - 13163064 _____ () C:\Users\DANNY\Desktop\JustKiddingFilms & OliviaThai Explained.mp4
2014-07-11 21:04 - 2014-07-11 21:04 - 08761249 _____ () C:\Users\DANNY\Desktop\Ty Dolla $ign - Or Nah (feat. The Weeknd, Wiz Khalifa and DJ Mustard) [Remix].m4a
2014-07-11 19:35 - 2012-11-19 18:04 - 00000000 ____D () C:\Users\DANNY\AppData\Roaming\foobar2000
2014-07-11 13:42 - 2014-07-11 13:42 - 00000000 ____D () C:\ProgramData\Creative
2014-07-11 13:41 - 2014-07-11 13:41 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-07-11 13:41 - 2014-07-11 13:41 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-07-11 13:41 - 2014-07-11 13:41 - 00123480 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-07-11 13:41 - 2014-07-11 13:41 - 00109144 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-07-11 13:41 - 2014-07-11 13:41 - 00002321 _____ () C:\Users\Public\Desktop\Creative Product Registration.lnk
2014-07-11 13:41 - 2014-07-11 13:41 - 00002321 _____ () C:\ProgramData\Desktop\Creative Product Registration.lnk
2014-07-11 13:41 - 2012-11-03 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2014-07-11 13:41 - 2012-11-03 16:11 - 00000000 ____D () C:\Program Files (x86)\Creative
2014-07-11 13:41 - 2012-11-03 12:59 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information
2014-07-11 13:40 - 2014-07-11 13:40 - 00000000 ____D () C:\Users\Public\Creative
2014-07-11 13:40 - 2014-07-11 13:40 - 00000000 ____D () C:\Program Files\Creative
2014-07-11 13:40 - 2012-11-03 16:12 - 00000219 ____R () C:\Windows\ctfile.rfc
2014-07-11 13:25 - 2012-11-03 12:59 - 00000000 ____D () C:\Program Files (x86)\Temp
2014-07-10 20:20 - 2013-03-24 20:34 - 00001456 _____ () C:\Users\DANNY\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-07-10 20:18 - 2014-06-11 11:54 - 00000000 ____D () C:\Users\DANNY\AppData\Local\Adobe
2014-07-10 16:36 - 2014-07-10 13:28 - 00000805 _____ () C:\Users\Public\Default.Sound.Gadget.CONFIG.bat
2014-07-10 16:22 - 2014-07-10 16:22 - 00637744 _____ () C:\Users\DANNY\Desktop\videovine.mp4
2014-07-10 12:38 - 2014-07-16 20:47 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\DANNY\Desktop\TDSSKiller.exe
2014-07-10 12:38 - 2014-06-11 11:47 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\DANNY\Downloads\TDSSKiller.exe
2014-07-07 18:11 - 2014-05-19 16:05 - 00000000 ____D () C:\Users\DANNY\Desktop\Scholarship receipt
2014-07-04 17:53 - 2014-04-05 15:09 - 00000000 ____D () C:\Users\DANNY\AppData\Roaming\DAEMON Tools Lite
2014-07-04 16:19 - 2014-03-09 20:56 - 00000000 ____D () C:\Users\DANNY\Downloads\Dash Berlin & Alexander Popov feat. Jonathan Mendelsohn - Steal You Away
2014-07-04 11:52 - 2014-07-04 11:52 - 07400639 _____ () C:\Users\DANNY\Desktop\Mr. Probz - Waves (Robin Schulz Radio Edit).m4a
2014-06-30 12:34 - 2014-06-30 12:22 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-30 12:29 - 2014-06-30 12:28 - 00000000 ____D () C:\Users\DANNY\Documents\Battlefield 3
2014-06-30 12:28 - 2014-06-30 12:28 - 00000000 ____D () C:\Users\DANNY\AppData\Local\PunkBuster
2014-06-30 12:28 - 2014-06-30 12:28 - 00000000 ____D () C:\Users\DANNY\AppData\Local\ESN
2014-06-30 12:27 - 2014-06-30 12:27 - 00000000 ____D () C:\ProgramData\EA Core
2014-06-30 12:27 - 2014-06-29 22:29 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-06-30 12:23 - 2014-06-30 12:23 - 00000849 _____ () C:\Users\Public\Desktop\Battlefield 3.lnk
2014-06-30 12:23 - 2014-06-30 12:23 - 00000849 _____ () C:\ProgramData\Desktop\Battlefield 3.lnk
2014-06-30 12:23 - 2014-06-30 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-06-30 12:23 - 2009-07-14 15:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-30 12:03 - 2014-06-29 22:29 - 00000000 ____D () C:\Users\DANNY\AppData\Local\Origin
2014-06-30 12:02 - 2014-06-29 22:29 - 00000000 ____D () C:\Users\DANNY\AppData\Roaming\Origin
2014-06-30 00:20 - 2014-06-30 00:19 - 00000000 ____D () C:\Users\DANNY\Downloads\Hurt Me Tomorrow - Single
2014-06-29 22:29 - 2014-06-29 22:29 - 00000662 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-06-29 22:29 - 2014-06-29 22:29 - 00000662 _____ () C:\ProgramData\Desktop\Origin.lnk
2014-06-29 22:29 - 2014-06-29 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-06-29 18:41 - 2014-06-29 18:41 - 01744548 _____ () C:\Users\DANNY\Downloads\Your scanned documents.zip
2014-06-28 15:43 - 2014-06-22 00:51 - 00000000 ____D () C:\Users\DANNY\Downloads\The Beautiful Country [2004] Eng + Multisub
2014-06-25 10:44 - 2014-06-25 10:44 - 00001481 _____ () C:\Users\DANNY\Desktop\psychoanalysis lyrics.txt
2014-06-24 12:38 - 2014-06-24 12:38 - 04110491 _____ () C:\Users\DANNY\Desktop\Faceboo444k.mp4
2014-06-23 22:59 - 2014-06-23 22:59 - 23276341 _____ () C:\Users\DANNY\Desktop\The Weekly Bar Hop Psychoanalysis by Ald Produced by MKSB.mp4
2014-06-23 17:43 - 2014-06-23 17:39 - 00000000 ____D () C:\Users\DANNY\Downloads\Poldoore - The Day Off (2014)
2014-06-22 01:16 - 2014-06-21 22:05 - 00000000 ____D () C:\ProgramData\PMS

Files to move or delete:
====================
C:\Users\Public\Default.Sound.Gadget.CONFIG.bat


Some content of TEMP:
====================
C:\Users\DANNY\AppData\Local\temp\JDSetup130501494037702600.exe
C:\Users\DANNY\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 19:14

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2014
Ran by DANNY at 2014-07-22 10:09:34
Running from C:\Users\DANNY\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET NOD32 Antivirus 5.2 (Disabled - Out of date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 5.2 (Disabled - Out of date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - BitTorrent Inc.)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Agent Ransack x64 (HKLM\...\{58C0AC50-8FA1-4A95-AEC6-5B2727E5CC6A}) (Version: 7.0.820.1 - Mythicsoft Ltd)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ASRock eXtreme Tuner v0.1.181 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.29 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version:  - ASRock Inc.)
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Core Temp 1.0 RC4 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.62 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation)
DiskCheckup v3.1 (HKLM-x32\...\DiskCheckup_is1) (Version: 3.1.1005 - PassMark Software)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
ESET NOD32 Antivirus (HKLM\...\{5972F3C3-5563-47D2-BEE3-1AFEBDD17DA2}) (Version: 5.2.9.1 - ESET, spol. s r.o.)
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
focus booster (HKLM-x32\...\com.focusboosterapp.focusbooster.8E5F79C899747AD22E21DB62AA496926DA6BBC64.1) (Version: 1.2 - The Memphis Agency)
focus booster (x32 Version: 1.2 - The Memphis Agency) Hidden
foobar2000 v1.1.16 (HKLM-x32\...\foobar2000) (Version: 1.1.16 - Peter Pawlowski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HD Tune Pro 5.00 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
Hex Workshop v6.7 (HKLM\...\{A47DAFC0-AF57-4462-BD40-B3F02F33CB40}) (Version: 6.7.3.5308 - BreakPoint Software)
Hideman (HKLM-x32\...\Hideman) (Version:  - )
Hostr for Windows (HKLM\...\MJPA.Hostr-for-windows_is1) (Version: 0.6.9 - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
K-Lite Codec Pack 9.4.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.4.0 - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaInfo 0.7.61 (HKLM\...\MediaInfo) (Version: 0.7.61 - MediaArea.net)
Messenger Plus! 6 (HKLM-x32\...\Messenger Plus!) (Version: 6.00.0.773 - Yuna Software)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Mathematics (64-bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Core Components (x86) ENU  (HKLM-x32\...\{7AC8EF88-D996-4D47-B40C-4DD93E307481}) (Version: 2.1.1648.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Database Providers (x86) ENU  (HKLM-x32\...\{296E293F-C481-4DDE-9ED2-3F79FCF38731}) (Version: 3.1.1648.0 - Microsoft Corporation)
Microsoft Visio MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visio Professional 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MKVToolNix 6.9.1 (32bit) (HKLM-x32\...\MKVToolNix) (Version: 6.9.1 - Moritz Bunkus)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
MSI Afterburner 2.2.5 (HKLM-x32\...\Afterburner) (Version: 2.2.5 - MSI Co., LTD)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MYOB AccountRight Standard 2013.5 AU (HKLM-x32\...\InstallShield_{BBDBA6AC-8BF8-4D47-9BD8-1E24F90310D9}) (Version: 2013.5 - MYOB Technology Pty Ltd)
MYOB AccountRight Standard 2013.5 AU (x32 Version: 2013.5 - MYOB Technology Pty Ltd) Hidden
NetWorx 5.2.5 (HKLM\...\NetWorx_is1) (Version:  - Softperfect Research)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.2 - Notepad++ Team)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PomodoroApp (HKLM-x32\...\{A7CABDD7-AA16-4F7B-AB17-66F32F172208}) (Version: 3.0.0 - None provided)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer DeathAdder™ Mouse (HKLM-x32\...\{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}) (Version: 3.05 - Razer USA Ltd.)
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 404 - MIT Media Lab)
Scratch 2 Offline Editor (x32 Version: 255 - MIT Media Lab) Hidden
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.6 - Seagate Technology)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sound Blaster Z-Series (HKLM-x32\...\{0ACA8614-D5D8-487A-8401-E7EB740627B4}) (Version: 1.00.24 - Creative Technology Limited)
Sound Blaster Z-Series Extras (HKLM-x32\...\{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPER © +Recorder.2013.55 (Mar 7, 2013) version +Recorder.2013. (HKLM-x32\...\{8F3A1F92-C29F-4DF9-8459-B739A4831C69}_is1) (Version: +Recorder.2013.55 - eRightSoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
THX TruStudio (HKLM-x32\...\{AFB907F5-C0E6-4753-8284-DE955EF86AC2}) (Version: 1.00.01 - Creative Technology Limited)
Universal AntiCheat 3 v1.072 R3 (HKLM-x32\...\{99BEB67F-B288-44F5-8B2A-23F5A52FA1AE}_is1) (Version:  - DExUS)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Vegas Pro 12.0 (64-bit) (HKLM\...\{7963F870-6575-11E2-A4D9-F04DA23A5C58}) (Version: 12.0.486 - Sony)
Video Download Capture V4.3.0 (HKLM-x32\...\{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1) (Version: 4.3.0 - Apowersoft)
Video Download Capture V4.3.9 (HKLM\...\{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1) (Version: 4.3.9 - Apowersoft)
VitalSource Bookshelf (HKLM-x32\...\{5d66b7b8-b2f4-460f-9691-4273618e33e1}) (Version: 6.05.0020 - Ingram Content Group)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKCU\...\Warcraft III) (Version:  - )
WC3Banlist (HKLM-x32\...\{F1CBC6F7-D82D-4DC5-B81C-9A14F418593A}_is1) (Version: 3.0 - Knarf)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wireshark 1.10.0 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.0 - The Wireshark developer community, http://www.wireshark.org)
Wolfram CDF Player (M-WIN-D 9.0.1 4092685) (HKLM-x32\...\M-WIN-D 9.0.1 4092685_is1) (Version: 9.0.1 - Wolfram Research, Inc.)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.28 - ASRock Inc.)
Xfire (HKLM-x32\...\Xfire) (Version:  - )

==================== Restore Points  =========================

14-07-2014 07:05:15 Windows Modules Installer
14-07-2014 07:06:25 Windows Modules Installer
18-07-2014 09:30:34 Installed FastClean PRO
18-07-2014 09:35:15 Removed FastClean PRO
19-07-2014 12:48:58 Installed VitalSource Bookshelf.

==================== Hosts content: ==========================

2009-07-14 12:34 - 2014-07-14 15:23 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {01BD7362-A9E8-4F0F-866B-9D0002DA87F8} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2452779513-1753906608-20643603-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {128D5D26-F527-4DD8-9EE3-B265C71B61EE} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2452779513-1753906608-20643603-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {15462B08-0AD6-44DD-9E9C-5034D46CD04A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-26] (Google Inc.)
Task: {172F4E71-2174-4C90-83CF-375D9EFE8319} - System32\Tasks\RTSS => D:\Program Files\MSI Afterburner\Bundle\OSDServer\RTSS.exe [2012-06-20] ()
Task: {1757770A-74A8-41BC-89D5-ABC14A2B562D} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DANNY-PC-DANNY DANNY-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-01-23] (Microsoft Corporation)
Task: {1DA9AE88-AA09-4CF5-B208-7132A33D3D82} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {3C34822E-118F-48AC-A902-68BC5DB69F0D} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-06-01] ()
Task: {516442EC-3955-4285-8E55-4C1C3DA70C8A} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2452779513-1753906608-20643603-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {59E99171-1B97-499D-87B9-615BD6144628} - System32\Tasks\{1D00FEDD-9D23-42DE-A0EC-F76373BFC9E6} => Iexplore.exe http://ui.skype.com/ui/0/6.1.0.129.272/en/abandoninstall?page=tsProgressBar
Task: {5EB70B52-B63D-4DDF-882D-86D100557F5C} - System32\Tasks\{FC816441-D41E-4519-BA5D-D1AF5A67DAC1} => C:\Windows\system32\msiexec.exe [2010-11-20] (Microsoft Corporation)
Task: {955A9884-C9B0-40FD-A2D6-28AC09DE9EDF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A1188DD8-0ADA-42B4-A77B-1852D0699B48} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-25] (Piriform Ltd)
Task: {A1C99599-54E8-4D60-ACB8-869A7294DE52} - System32\Tasks\MSIAfterburner => D:\Program Files\MSI Afterburner\MSIAfterburner.exe [2012-10-30] ()
Task: {BFE5C2FC-C099-470B-94DC-0DD199E14D1B} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2452779513-1753906608-20643603-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {CAE2E5D6-C26B-40EB-B0D8-B66D13DAE8AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-26] (Google Inc.)
Task: {D9026302-B748-459A-9F3C-9F085A0AAE6C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DD73CB3D-1076-40D3-9604-0571CBC744AE} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2452779513-1753906608-20643603-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E0DC5ED6-CCC4-4475-86C3-9B2AB3C5A98E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2452779513-1753906608-20643603-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {EBB10CC6-4BC7-4AB2-95B9-9B70A5BADBAE} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2452779513-1753906608-20643603-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-30 16:11 - 2012-10-30 16:11 - 00408632 _____ () D:\Program Files\MSI Afterburner\MSIAfterburner.exe
2012-06-20 13:55 - 2012-06-20 13:55 - 00164168 _____ () D:\Program Files\MSI Afterburner\Bundle\OSDServer\RTSS.exe
2012-10-01 20:36 - 2012-10-01 20:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-11-03 13:02 - 2012-03-19 17:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-11-03 16:21 - 2011-09-17 11:12 - 00664576 _____ () D:\Program Files\NetWorx\sqlite.dll
2012-11-03 18:28 - 2012-01-14 11:56 - 00248832 _____ () D:\Program Files\Razer\DeathAdder\razerhid.exe
2012-11-03 18:28 - 2011-12-28 15:29 - 00218112 _____ () D:\Program Files\Razer\DeathAdder\razertra.exe
2012-11-03 18:28 - 2011-04-14 10:48 - 01758208 _____ () D:\Program Files\Razer\DeathAdder\vdDaemon.exe
2014-06-30 12:22 - 2014-06-30 12:34 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2012-07-21 16:44 - 2012-07-21 16:44 - 00061440 _____ () D:\Program Files\MSI Afterburner\RTMUI.dll
2012-07-21 16:44 - 2012-07-21 16:44 - 00061440 _____ () D:\Program Files\MSI Afterburner\RTFC.dll
2012-07-21 16:44 - 2012-07-21 16:44 - 00225280 _____ () D:\Program Files\MSI Afterburner\RTCore.dll
2012-07-21 16:44 - 2012-07-21 16:44 - 00147456 _____ () D:\Program Files\MSI Afterburner\RTUI.dll
2012-07-21 16:44 - 2012-07-21 16:44 - 00335872 _____ () D:\Program Files\MSI Afterburner\RTHAL.dll
2011-05-01 01:04 - 2011-05-01 01:04 - 00013312 _____ () D:\Program Files\MSI Afterburner\RTTSH.dll
2012-06-05 02:23 - 2012-06-05 02:23 - 00122880 ____N () D:\Program Files\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll
2012-06-05 01:02 - 2012-06-05 01:02 - 00061440 _____ () D:\Program Files\MSI Afterburner\Bundle\OSDServer\RTFC.dll
2012-06-05 01:02 - 2012-06-05 01:02 - 00147456 _____ () D:\Program Files\MSI Afterburner\Bundle\OSDServer\RTUI.dll
2012-06-05 01:03 - 2012-06-05 01:03 - 00061440 _____ () D:\Program Files\MSI Afterburner\Bundle\OSDServer\RTMUI.dll
2011-05-01 01:04 - 2011-05-01 01:04 - 00013312 _____ () D:\Program Files\MSI Afterburner\Bundle\OSDServer\RTTSH.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-10-01 20:37 - 2012-10-01 20:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-11-03 16:12 - 2009-12-29 15:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2012-11-03 16:12 - 2011-05-19 08:56 - 00190464 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-06-11 12:22 - 2014-06-06 14:38 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: ekrn => 2
MSCONFIG\Services: syncagentsrv => 2
MSCONFIG\startupfolder: C:^Users^DANNY^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^~WRL0003.tmp => C:\Windows\pss\~WRL0003.tmp.Startup
MSCONFIG\startupfolder: C:^Users^DANNY^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^~WRL0005.tmp => C:\Windows\pss\~WRL0005.tmp.Startup
MSCONFIG\startupfolder: C:^Users^DANNY^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^~WRL2719.tmp => C:\Windows\pss\~WRL2719.tmp.Startup
MSCONFIG\startupfolder: C:^Users^DANNY^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^~WRL4091.tmp => C:\Windows\pss\~WRL4091.tmp.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: egui => "D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
MSCONFIG\startupreg: Steam => "D:\Program Files\Steam\steam.exe" -silent
MSCONFIG\startupreg: THX TruStudio NB Settings => "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
MSCONFIG\startupreg: THXCfg64 => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: AMD High Definition Audio Device
Description: AMD High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices
Service: AtiHDAudioService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: High Definition Audio Device
Description: High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/22/2014 09:17:36 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/22/2014 09:17:36 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/21/2014 02:46:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bf3.exe, version: 1.6.0.0, time stamp: 0x511c9356
Faulting module name: d3d11.dll, version: 6.2.9200.16570, time stamp: 0x5153774d
Exception code: 0xc0000005
Fault offset: 0x0008ee8b
Faulting process id: 0x1adc
Faulting application start time: 0xbf3.exe0
Faulting application path: bf3.exe1
Faulting module path: bf3.exe2
Report Id: bf3.exe3

Error: (07/21/2014 10:31:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/21/2014 10:31:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/20/2014 08:12:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/20/2014 08:12:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/20/2014 11:23:13 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/20/2014 11:23:13 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/19/2014 11:31:58 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


System errors:
=============
Error: (07/22/2014 09:26:20 AM) (Source: HTTP) (EventID: 15006) (User: )
Description: \Device\Http\ReqQueue\SystemRoot\System32\LogFiles\HTTPERR\httperr1.log

Error: (07/22/2014 09:12:44 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel Security. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.

Error: (07/22/2014 09:12:44 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel Security. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.

Error: (07/22/2014 09:12:38 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel Security. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.

Error: (07/22/2014 01:15:28 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (07/21/2014 05:22:47 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (07/21/2014 05:13:19 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (07/21/2014 04:36:03 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (07/21/2014 02:54:36 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (07/21/2014 02:47:07 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.


Microsoft Office Sessions:
=========================
Error: (07/22/2014 09:17:36 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (07/22/2014 09:17:36 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (07/21/2014 02:46:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bf3.exe1.6.0.0511c9356d3d11.dll6.2.9200.165705153774dc00000050008ee8b1adc01cfa49e8fe578c2D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exeC:\Windows\system32\d3d11.dllf22f2b89-1091-11e4-830e-bc5ff4583e7a

Error: (07/21/2014 10:31:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (07/21/2014 10:31:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (07/20/2014 08:12:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (07/20/2014 08:12:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (07/20/2014 11:23:13 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (07/20/2014 11:23:13 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (07/19/2014 11:31:58 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000


CodeIntegrity Errors:
===================================
  Date: 2014-07-14 15:22:55.030
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-07-14 15:22:54.978
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-04-16 09:05:34.324
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-04-16 09:05:34.308
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-04-16 08:43:39.321
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes' Anti-Malware\mbampt.exe because the set of per-page image hashes could not be found on the system.

  Date: 2012-11-04 18:34:46.377
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-04 18:34:46.357
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-04 18:34:46.337
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-04 18:34:46.317
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-04 17:24:46.475
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 36%
Total physical RAM: 8087.08 MB
Available physical RAM: 5159.09 MB
Total Pagefile: 8597.26 MB
Available Pagefile: 5078.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:390.62 GB) (Free:20.76 GB) NTFS
Drive d: () (Fixed) (Total:540.79 GB) (Free:314.37 GB) NTFS
Drive f: () (Fixed) (Total:119.63 GB) (Free:0.87 GB) NTFS
Drive g: (Local Disk) (Fixed) (Total:346.12 GB) (Free:51.8 GB) NTFS
Drive h: (15.0.4420.1017) (CDROM) (Total:0.75 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FD60DAFF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=391 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=541 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 5A7F5A7F)
Partition 1: (Active) - (Size=120 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=346 GB) - (Type=OF Extended)

==================== End Of Log ============================



#8 itsDANNY

itsDANNY
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:36 PM

Posted 21 July 2014 - 07:31 PM

Wait a minute... you said:

 

Hello iman1323and welcome to BleepingComputer! :)

 

I am NOT iman1323. Please ensure you are providing me with the correct instructions and to avoid erroneous errors like that in the future.



#9 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:12:36 PM

Posted 21 July 2014 - 11:04 PM

No, the instruction is correct for you. I just forget to edit the name.

I will reply back to you soon.

Thank you.

If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#10 itsDANNY

itsDANNY
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:36 PM

Posted 21 July 2014 - 11:32 PM

Okay, great thank you for letting me know. I look forward to hearing back from you, thanks.

 

Kindest regards,

Danny


Edited by itsDANNY, 21 July 2014 - 11:36 PM.


#11 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:12:36 PM

Posted 22 July 2014 - 01:56 AM

We need to run a fix with FRST:

 

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Please copy text in the quote below, paste it in notepad, and save it with the name fixlist.txt to the same location as FRST
    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
  • HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
    HKU\S-1-5-21-2452779513-1753906608-20643603-1000\...\Run: [fastclean] => "C:\Program Files (x86)\FastClean PRO\fastcleanpro.exe"

  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

==========

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#12 itsDANNY

itsDANNY
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:36 PM

Posted 22 July 2014 - 02:45 AM

Hi, thank you for that. It has been done:

I was definitely aware of 'FastClean PRO', as this spyware was found/installed AFTER I posted the thread and I thought i had exhausted all avenues in eliminating it (TDSSKiller, MBAM), clearly not! I'm sure it will not alleviate the icon issue though and the uninstall issue as well, but I will await your further instructions.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-07-2014
Ran by DANNY at 2014-07-22 17:45:42 Run:1
Running from C:\Users\DANNY\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2452779513-1753906608-20643603-1000\...\Run: [fastclean] => "C:\Program Files (x86)\FastClean PRO\fastcleanpro.exe"
*****************

HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\\Default => Value was restored successfully.
HKU\S-1-5-21-2452779513-1753906608-20643603-1000\Software\Microsoft\Windows\CurrentVersion\Run\\fastclean => value deleted successfully.

==== End of Fixlog ====


Edited by itsDANNY, 22 July 2014 - 02:47 AM.


#13 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:12:36 PM

Posted 23 July 2014 - 05:45 AM

Hi itsDANNY.

 

How is everything running at this point? Do you still get access denied error? Did your icons come back?

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#14 itsDANNY

itsDANNY
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:36 PM

Posted 23 July 2014 - 06:28 AM

Hi Sirawit,

 

I don't mean to come off as rude, but I honestly don't think you have read my thread properly. I have mentioned that the 'access denied error' has been fixed in the OP.

I also mentioned in my previous post that "I'm sure it will not alleviate the icon issue though", and it hasn't - otherwise I would have informed you that it has...

I also mentioned that "I was definitely aware of 'FastClean PRO', as this spyware was found/installed AFTER I posted the thread", which means your simple proposed solution, was not a solution for my issue at all as it is simply unrelated.

I would have hoped that you would have looked into it further and responded to me with another solution, otherwise, no, nothing has been fixed, and I am still here at square 1 since I posted the thread about 9 days ago.

 

If you have any difficulty in understanding my thread, may I ask that you reread the entire thread and/or ask another staff member to assist me. Thank you for your assistance thus far anyway.

 

Warm regards,

Danny


Edited by itsDANNY, 23 July 2014 - 06:32 AM.


#15 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:12:36 PM

Posted 23 July 2014 - 07:22 AM

Hi itsDANNY.

 

Please don't edit your post, since most of the time I view this topic in gmail (slow internet) and if you edit it I will not know what you put in later.

You can just add another post.

 

I will talk with my instructor and will reply soon.

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users