Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected computer? Lost admin rights and cant change permissions


  • This topic is locked This topic is locked
44 replies to this topic

#1 coukan

coukan

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 20 July 2014 - 03:12 PM

Dont know what to do, really. Lost a lot of admin rights and says permission is not granted to a lot of places on my computer. Mostly just "Access is denied" When trying to move certain things to my desktop, documents, or other common areas.

 

`

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207  BrowserJavaVersion: 10.65.2
Run by Ethan at 13:09:05 on 2014-07-20
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8174.5202 [GMT -7:00]
.
AV: Bitdefender Antivirus *Enabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
SP: Bitdefender Antispyware *Enabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
C:\Windows\system32\viakaraokesrv.exe
C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Ethan\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe
C:\Users\Ethan\AppData\Roaming\Spotify\spotify.exe
C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\taskeng.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe
BHO: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
uRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
uRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
uRun: [Spotify Web Helper] "C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [AdobeBridge] <no file>
mRun: [Cpu Level Up help] "C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
dRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
dRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\Users\Ethan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: Interfaces\{3BF2F54C-C6D7-4BDD-8593-95A24F019D65} : DHCPNameServer = 7.254.254.254
TCP: Interfaces\{832C33FF-ACE1-4727-B76A-55CD824BF8B7} : NameServer = 75.75.75.75,75.75.76.76
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = about:blank
x64-BHO: Bitdefender Wallet : {09F58E74-42B4-4D70-BA26-35FC954E7A17} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender\bdagent.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2013-7-13 893440]
R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-10-10 150256]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2013-7-13 93600]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2013-7-13 103504]
R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2013-7-13 76944]
R2 AsSysCtrlService;ASUS System Control Service;C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe [2013-7-12 96896]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-4-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-4-11 1764992]
R2 DisplayFusionService;DisplayFusionService;C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [2013-10-21 1498000]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-4-15 377616]
R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-6-26 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-10-28 21055432]
R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\System32\drivers\RtNdPt60.sys [2013-7-12 32544]
R2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2013-7-13 94624]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-6-26 413128]
R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [2013-10-16 67320]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2013-7-12 27760]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]
R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2013-7-13 261056]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2013-7-13 635392]
R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-6-26 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-6-26 40392]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-7-12 677480]
R3 ScpVBus;Scp Virtual Bus Driver;C:\Windows\System32\drivers\ScpVBus.sys [2014-5-10 39168]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2014-7-12 31232]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2013-7-12 2182768]
R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);C:\Windows\System32\drivers\RtVlan620.sys [2013-7-12 32360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-6-23 2524496]
S2 InspIRCd;InspIRCd Daemon;C:\Program Files (x86)\InspIRCd\inspircd.exe [2013-2-12 717824]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 bdfwfpf_pc;bdfwfpf_pc;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2013-7-13 121928]
S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2013-7-13 82824]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-11 111616]
S3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\System32\drivers\lvpopf64.sys [2009-10-7 271640]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2009-10-7 327704]
S3 LVUVC64;Logitech QuickCam Fusion(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2009-10-7 6379288]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2014-5-10 121416]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-7-12 20992]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2013-7-12 48416]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtVlan620.sys [2013-7-12 32360]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2013-7-12 48416]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-7-13 59392]
S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2014-7-12 758224]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-7-13 1255736]
S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [2013-8-1 77632]
.
=============== Created Last 30 ================
.
2014-07-20 13:57:31    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0AB9F086-F607-498A-8175-19C70EA52F20}\offreg.dll
2014-07-20 11:42:49    9552976    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-07-20 11:42:37    10924376    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0AB9F086-F607-498A-8175-19C70EA52F20}\mpengine.dll
2014-07-20 07:47:36    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-17 10:01:22    --------    d-----w-    C:\Windows\Migration
2014-07-17 07:39:20    --------    d-----w-    C:\Program Files (x86)\WinPcap
2014-07-17 07:39:09    --------    d-----w-    C:\Program Files (x86)\Cain
2014-07-17 03:05:24    2871808    ----a-w-    C:\Windows\explorer_edit_w7upfc.exe
2014-07-17 03:05:24    2871808    ----a-w-    C:\Windows\explorer_backup_w7upfc.exe
2014-07-17 03:05:24    2792960    ----a-w-    C:\Windows\explorer.exe
2014-07-17 03:05:24    --------    d-----w-    C:\Windows\w7upfc
2014-07-17 02:23:17    1865728    ----a-w-    C:\Windows\System32\ExplorerFrame.dll
2014-07-17 02:20:50    4955648    ----a-w-    C:\Windows\System32\authui.dll
2014-07-12 22:28:32    31232    ----a-w-    C:\Windows\System32\drivers\tap0901t.sys
2014-07-12 22:28:32    --------    d-----w-    C:\Users\Ethan\AppData\Roaming\Tunngle
2014-07-12 22:28:32    --------    d-----w-    C:\ProgramData\Tunngle
2014-07-12 22:28:31    --------    d-----w-    C:\Program Files (x86)\Tunngle
2014-07-12 17:48:07    --------    d-----w-    C:\Users\Ethan\AppData\Local\Adobe
2014-07-12 00:06:46    --------    d-----w-    C:\Program Files (x86)\LogMeIn Hamachi
2014-07-08 00:05:56    --------    d-----w-    C:\Program Files\Android
2014-06-27 23:40:50    715038    ----a-w-    C:\Windows\unins000.exe
2014-06-27 23:40:50    216064    ----a-w-    C:\Windows\SysWow64\lagarith.dll
2014-06-27 23:40:50    148992    ----a-w-    C:\Windows\System32\lagarith.dll
2014-06-27 23:36:05    --------    d-----w-    C:\Users\Ethan\AppData\Local\Dxtory Software
2014-06-27 23:36:03    3673600    ----a-w-    C:\Windows\System32\DxtoryCodec64.dll
2014-06-27 23:36:02    3166720    ----a-w-    C:\Windows\SysWow64\DxtoryCodec.dll
2014-06-27 23:35:59    --------    d-----w-    C:\Program Files (x86)\Dxtory Software
2014-06-27 02:30:28    1715176    ----a-w-    C:\Windows\System32\nvspbridge64.dll
2014-06-27 02:30:28    1291232    ----a-w-    C:\Windows\SysWow64\nvspbridge.dll
2014-06-27 02:19:43    --------    d-----w-    C:\Program Files\Sony
2014-06-27 02:18:06    601432    ----a-w-    C:\Windows\SysWow64\nvStreaming.exe
2014-06-27 02:01:59    --------    d-----w-    C:\Users\Ethan\AppData\Roaming\OBS
2014-06-27 02:01:56    --------    d-----w-    C:\Program Files\OBS
2014-06-27 02:01:54    --------    d-----w-    C:\Program Files (x86)\OBS
2014-06-25 23:53:57    --------    d-----w-    C:\Users\Ethan\AppData\Local\Skype
2014-06-25 07:53:42    --------    d-----w-    C:\Users\Ethan\AppData\Roaming\Bigasoft Total Video Converter 4
2014-06-25 07:53:36    --------    d-----w-    C:\Program Files (x86)\Bigasoft
2014-06-25 07:23:19    --------    d-----w-    C:\Program Files (x86)\VideoLAN
2014-06-25 06:58:34    --------    d-----w-    C:\ProgramData\PMS
2014-06-25 06:58:16    --------    d-----w-    C:\Program Files (x86)\PS3 Media Server
2014-06-24 01:21:15    --------    d-----w-    C:\Users\Ethan\AppData\Local\PunkBuster
2014-06-23 19:46:04    --------    d-----w-    C:\Program Files (x86)\PFConfig
.
==================== Find3M  ====================
.
2014-07-13 06:16:18    111928    ----a-w-    C:\Windows\SysWow64\PnkBstrB.exe
2014-07-12 00:06:23    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-12 00:06:23    699056    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-30 02:09:33    519168    ----a-w-    C:\Windows\System32\aepdu.dll
2014-06-30 02:04:49    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-06-19 01:06:55    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-06-19 01:06:24    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-06-19 00:42:57    548352    ----a-w-    C:\Windows\System32\vbscript.dll
2014-06-19 00:42:49    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-06-19 00:41:52    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-06-19 00:41:16    83968    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-06-19 00:24:30    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-06-19 00:24:12    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-06-19 00:23:53    752640    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-06-19 00:14:28    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-18 23:59:04    38400    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-06-18 23:56:37    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-06-18 23:51:38    5721088    ----a-w-    C:\Windows\System32\jscript9.dll
2014-06-18 23:38:40    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-06-18 23:37:23    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-06-18 23:36:35    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35:55    62464    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-06-18 23:27:45    1249280    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-06-18 23:27:07    2040832    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-06-18 23:23:27    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-06-18 23:22:40    592896    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-06-18 23:06:10    32256    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58:27    2266112    ----a-w-    C:\Windows\System32\wininet.dll
2014-06-18 22:52:18    4254720    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-06-18 22:46:23    1068032    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45:59    1964544    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-06-18 22:13:59    1791488    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-06-18 02:18:30    692736    ----a-w-    C:\Windows\System32\osk.exe
2014-06-18 01:51:32    646144    ----a-w-    C:\Windows\SysWow64\osk.exe
2014-06-18 01:10:36    3157504    ----a-w-    C:\Windows\System32\win32k.sys
2014-06-11 08:57:41    31520    ----a-w-    C:\Windows\System32\nvhdap64.dll
2014-06-11 08:57:41    197408    ----a-w-    C:\Windows\System32\drivers\nvhda64v.sys
2014-06-11 08:57:41    1515296    ----a-w-    C:\Windows\System32\nvhdagenco6420103.dll
2014-06-06 10:10:34    624128    ----a-w-    C:\Windows\System32\qedit.dll
2014-06-06 09:44:17    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-05-30 08:08:52    210944    ----a-w-    C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49    86528    ----a-w-    C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47    340992    ----a-w-    C:\Windows\System32\schannel.dll
2014-05-30 08:08:41    314880    ----a-w-    C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41    307200    ----a-w-    C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31    22016    ----a-w-    C:\Windows\System32\credssp.dll
2014-05-30 07:52:51    172032    ----a-w-    C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49    65536    ----a-w-    C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45    247808    ----a-w-    C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41    220160    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40    259584    ----a-w-    C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30    17408    ----a-w-    C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52    497152    ----a-w-    C:\Windows\System32\drivers\afd.sys
2014-05-29 23:07:51    1122312    ----a-w-    C:\Windows\SysWow64\nvspcap.dll
2014-05-29 23:07:38    1279480    ----a-w-    C:\Windows\System32\nvspcap64.dll
2014-05-20 01:25:42    6769096    ----a-w-    C:\Windows\System32\nvcpl.dll
2014-05-20 01:25:42    3514144    ----a-w-    C:\Windows\System32\nvsvc64.dll
2014-05-20 01:25:39    927520    ----a-w-    C:\Windows\System32\nvvsvc.exe
2014-05-20 01:25:38    62808    ----a-w-    C:\Windows\System32\nvshext.dll
2014-05-20 01:25:38    387528    ----a-w-    C:\Windows\System32\nvmctray.dll
2014-05-14 23:49:42    3774821    ----a-w-    C:\Windows\System32\nvcoproc.bin
2014-05-08 09:32:02    1112064    ----a-w-    C:\Windows\System32\rdpcorets.dll
2014-04-25 02:34:59    801280    ----a-w-    C:\Windows\System32\usp10.dll
2014-04-25 02:06:17    626688    ----a-w-    C:\Windows\SysWow64\usp10.dll
.
============= FINISH: 13:09:25.59 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,904 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:44 AM

Posted 21 July 2014 - 09:22 AM

Hello and Welcome on board ,

my Name is Machiavelli and I will assist you with your problem.
If you booted into safe mode on your computer then print my instructions!
I'm in the 'Malware Staff Team' and will provide you with advice:

To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.

Below are a few tips:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
 

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 coukan

coukan
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 22 July 2014 - 06:36 PM

Here you go, sorry for the wait

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by Ethan (administrator) on EVEREST on 22-07-2014 16:33:26
Running from C:\Users\Ethan\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Spotify Ltd) C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(KoshyJohn.com) C:\Users\Ethan\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe
(Spotify Ltd) C:\Users\Ethan\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
() C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1743088 2014-05-22] (Bitdefender)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-29] (NVIDIA Corporation)
HKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-06-23] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\.DEFAULT\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-22] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-22] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-05-22] (Bitdefender)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-07-18] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-22] (Bitdefender)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-22] (Bitdefender)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-05-22] (Bitdefender)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Spotify Web Helper] => C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-12] (Spotify Ltd)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Memory Cleaner] => C:\Users\Ethan\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe [791560 2013-02-03] (KoshyJohn.com)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Spotify] => C:\Users\Ethan\AppData\Roaming\Spotify\spotify.exe [6162488 2014-07-12] (Spotify Ltd)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [BitTorrent] => C:\Users\Ethan\AppData\Roaming\BitTorrent\BitTorrent.exe [1274456 2014-07-12] (BitTorrent Inc.)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\MountPoints2: {3c63b06e-eb85-11e2-b292-e1a78403f041} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\MountPoints2: {b39f1a76-f408-11e2-9e47-60a44cabec45} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2792960 2011-02-24] (Microsoft Corporation) <==== ATTENTION
Startup: C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: __SafeBox1 -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: __SafeBox2 -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: __SafeBox3 -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: __SafeBox4 -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x54563051957FCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Bitdefender Wallet  -> {09F58E74-42B4-4D70-BA26-35FC954E7A17} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{832C33FF-ACE1-4727-B76A-55CD824BF8B7}: [NameServer]75.75.75.75,75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Classic Theme Restorer - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-10]
FF Extension: Firebug - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\firebug@software.joehewitt.com.xpi [2013-12-11]
FF Extension: MEGA - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\firefox@mega.co.nz.xpi [2014-06-27]
FF Extension: Execute JS - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\{7067a92c-1db4-4e5e-869c-25f841287f8b}.xpi [2013-12-11]
FF Extension: Adblock Plus - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-10]
FF Extension: Greasemonkey - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-07-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-11]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman [2013-07-13]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext

==================== Services (Whitelisted) =================

R2 AsSysCtrlService; C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-27] (Bitdefender)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [1498000 2013-04-26] (Binary Fortress Software)
S2 InspIRCd; C:\Program Files (x86)\InspIRCd\inspircd.exe [717824 2013-02-12] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-07-13] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-08-01] (Bitdefender)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2013-10-21] (Microsoft Corporation) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-16] (Bitdefender)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1526800 2014-05-22] (Bitdefender)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-05] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2014-01-27] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2014-01-27] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2014-05-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-10-10] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-13] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-10] (BitDefender LLC)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-10] (BitDefender S.R.L.)
R3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN620.sys [32360 2011-09-16] (Realtek Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-22 16:33 - 2014-07-22 16:33 - 00021658 _____ () C:\Users\Ethan\Desktop\FRST.txt
2014-07-22 16:33 - 2014-07-22 16:33 - 00000000 ____D () C:\FRST
2014-07-22 16:32 - 2014-07-22 16:33 - 02090496 _____ (Farbar) C:\Users\Ethan\Desktop\FRST64.exe
2014-07-20 21:35 - 2014-07-20 21:38 - 00000000 ____D () C:\Users\Ethan\Downloads\Extreme Injector v3.3 - by master131_mpgh.net
2014-07-20 21:35 - 2014-07-20 21:35 - 00983840 _____ () C:\Users\Ethan\Downloads\Extreme Injector v3.3 - by master131_mpgh.net.rar
2014-07-20 16:57 - 2014-07-20 19:07 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\TS3Client
2014-07-20 16:57 - 2014-07-20 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-07-20 16:57 - 2014-07-20 16:57 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-07-20 16:56 - 2014-07-20 16:56 - 27337256 _____ (TeamSpeak Systems GmbH) C:\Users\Ethan\Downloads\TeamSpeak3-Client-win32-3.0.15.1.exe
2014-07-20 00:47 - 2014-07-20 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-20 00:47 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-20 00:47 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-20 00:47 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-20 00:47 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-20 00:46 - 2014-07-20 00:47 - 00004460 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-20 00:45 - 2014-07-20 00:45 - 00918440 _____ (Oracle Corporation) C:\Users\Ethan\Downloads\JavaSetup7u65.exe
2014-07-19 21:36 - 2014-07-20 23:01 - 00000000 ____D () C:\Users\Ethan\Documents\unturned saves
2014-07-17 15:37 - 2014-07-17 15:48 - 325224491 _____ () C:\Users\Ethan\Downloads\nazi_zombie_legion.exe
2014-07-17 00:39 - 2014-07-17 01:01 - 00000000 ____D () C:\Program Files (x86)\Cain
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cain
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-07-17 00:37 - 2014-07-17 00:38 - 08244106 _____ () C:\Users\Ethan\Downloads\ca_setup.exe
2014-07-16 20:05 - 2014-07-16 20:05 - 00000000 ____D () C:\Windows\w7upfc
2014-07-16 20:05 - 2014-07-16 20:05 - 00000000 ____D () C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer
2014-07-16 20:05 - 2014-07-16 20:04 - 00452830 _____ () C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer.zip
2014-07-16 20:05 - 2011-02-24 23:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer_edit_w7upfc.exe
2014-07-16 20:05 - 2011-02-24 23:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer_backup_w7upfc.exe
2014-07-16 20:05 - 2011-02-24 23:19 - 02792960 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-07-16 20:04 - 2014-07-16 20:04 - 00757808 _____ ( ) C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer.exe
2014-07-16 20:04 - 2014-07-16 20:04 - 00000000 ____D () C:\Users\Ethan\Downloads\windows_8_8_1_theme_for_windows_7_by_mare_m-d59vtny
2014-07-16 19:50 - 2014-07-16 19:50 - 00889416 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotNetFx40_Full_setup(1).exe
2014-07-16 19:49 - 2014-07-16 19:49 - 00266065 _____ () C:\Users\Ethan\Downloads\dotnetfx_cleanup_tool.zip
2014-07-16 19:39 - 2014-07-16 19:39 - 00879096 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\NetFxRepairTool.exe
2014-07-16 19:35 - 2014-07-16 19:36 - 00278528 _____ (Coder for Life) C:\Users\Ethan\Downloads\Win7BootUpdaterCmd.exe
2014-07-16 19:34 - 2014-07-16 19:35 - 52070032 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotnetfx45_full_x86_x64.exe
2014-07-16 19:23 - 2013-09-23 08:10 - 01865728 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-07-16 19:20 - 2013-11-14 08:36 - 04955648 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-07-16 18:26 - 2014-07-16 18:26 - 00248259 _____ () C:\Users\Ethan\Downloads\tweakslogon.zip
2014-07-15 20:39 - 2014-07-15 20:40 - 00000000 ____D () C:\Users\Ethan\Documents\youtube stuff
2014-07-15 20:37 - 2014-07-15 20:37 - 00002717 _____ () C:\Users\Ethan\AppData\Local\recently-used.xbel
2014-07-15 20:12 - 2014-07-15 20:12 - 23634108 _____ () C:\Users\Ethan\Downloads\windows_8_8_1_theme_for_windows_7_by_mare_m-d59vtny.7z
2014-07-14 10:19 - 2014-07-14 10:23 - 356929140 _____ () C:\Users\Ethan\Downloads\Mini-Labor v1.2.exe
2014-07-13 13:37 - 2014-07-13 13:48 - 192548009 _____ () C:\Users\Ethan\Downloads\Rise.exe
2014-07-12 16:08 - 2014-07-12 16:10 - 139435890 _____ () C:\Users\Ethan\Downloads\ILS_Lets_Go_Home_v3.0.exe
2014-07-12 15:28 - 2014-07-19 21:36 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-07-12 15:28 - 2014-07-12 15:42 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Tunngle
2014-07-12 15:28 - 2014-07-12 15:42 - 00000000 ____D () C:\ProgramData\Tunngle
2014-07-12 15:28 - 2014-07-12 15:29 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-07-12 15:28 - 2014-07-12 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-07-12 15:28 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\Windows\system32\Drivers\tap0901t.sys
2014-07-12 15:00 - 2014-07-12 15:00 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\Ethan\Downloads\Tunngle_Setup_v4.5.1.4b.exe
2014-07-12 11:31 - 2014-07-12 11:32 - 121350839 _____ () C:\Users\Ethan\Downloads\nazi_zombie_kamchatka.exe
2014-07-12 10:48 - 2014-07-12 10:48 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Adobe
2014-07-11 21:49 - 2014-07-11 21:51 - 43221185 _____ () C:\Users\Ethan\Downloads\Textures_and_Sounds_mod.zip
2014-07-11 17:14 - 2014-07-11 17:14 - 05538818 _____ (Activision Blizzard, Inc.) C:\Users\Ethan\Downloads\CoDWaW LanFixed.exe
2014-07-11 17:06 - 2014-07-11 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-11 17:06 - 2014-07-11 17:06 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-11 16:52 - 2014-07-11 16:53 - 92289769 _____ () C:\Users\Ethan\Downloads\nazi_zombie_minecraft.RAR
2014-07-11 16:16 - 2014-06-29 19:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-11 16:16 - 2014-06-29 19:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-11 16:16 - 2014-06-20 13:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-11 16:16 - 2014-06-20 12:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-11 16:16 - 2014-06-18 18:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-11 16:16 - 2014-06-18 18:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-11 16:16 - 2014-06-18 18:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-11 16:16 - 2014-06-18 17:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-11 16:16 - 2014-06-18 17:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-11 16:16 - 2014-06-18 17:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-11 16:16 - 2014-06-18 17:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-11 16:16 - 2014-06-18 17:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-11 16:16 - 2014-06-18 17:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-11 16:16 - 2014-06-18 17:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-11 16:16 - 2014-06-18 17:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-11 16:16 - 2014-06-18 17:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-11 16:16 - 2014-06-18 17:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-11 16:16 - 2014-06-18 17:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-11 16:16 - 2014-06-18 17:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-11 16:16 - 2014-06-18 17:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-11 16:16 - 2014-06-18 17:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-11 16:16 - 2014-06-18 16:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-11 16:16 - 2014-06-18 16:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-11 16:16 - 2014-06-18 16:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-11 16:16 - 2014-06-18 16:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-11 16:16 - 2014-06-18 16:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-11 16:16 - 2014-06-18 16:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-11 16:16 - 2014-06-18 16:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-11 16:16 - 2014-06-18 16:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-11 16:16 - 2014-06-18 16:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-11 16:16 - 2014-06-18 16:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-11 16:16 - 2014-06-18 16:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-11 16:16 - 2014-06-18 16:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-11 16:16 - 2014-06-18 16:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-11 16:16 - 2014-06-18 16:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-11 16:16 - 2014-06-18 16:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-11 16:16 - 2014-06-18 16:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-11 16:16 - 2014-06-18 16:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-11 16:16 - 2014-06-18 16:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-11 16:16 - 2014-06-18 16:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-11 16:16 - 2014-06-18 16:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-11 16:16 - 2014-06-18 16:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-11 16:16 - 2014-06-18 16:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-11 16:16 - 2014-06-18 16:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-11 16:16 - 2014-06-18 15:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-11 16:16 - 2014-06-18 15:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-11 16:16 - 2014-06-18 15:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-11 16:16 - 2014-06-18 15:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-11 16:16 - 2014-06-18 15:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-11 16:16 - 2014-06-18 15:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-11 16:16 - 2014-06-18 15:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-11 16:16 - 2014-06-18 15:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-11 16:16 - 2014-06-18 15:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-11 16:16 - 2014-06-18 15:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-11 16:16 - 2014-06-18 15:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-11 16:16 - 2014-06-18 15:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-11 16:16 - 2014-06-18 15:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-11 16:16 - 2014-06-18 15:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-11 16:16 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-11 16:16 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-11 16:16 - 2014-06-17 18:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-11 16:16 - 2014-06-06 03:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-11 16:16 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-11 16:16 - 2014-06-05 07:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-11 16:16 - 2014-06-05 07:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-11 16:16 - 2014-06-05 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-11 16:16 - 2014-05-29 23:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-07 17:05 - 2014-07-07 17:06 - 00000000 ____D () C:\Program Files\Android
2014-07-07 16:58 - 2014-07-07 17:02 - 370763706 _____ () C:\Users\Ethan\Downloads\adt-bundle-windows-x86_64-20140702.zip
2014-07-07 16:57 - 2014-07-07 17:01 - 448619398 _____ () C:\Users\Ethan\Downloads\hammerhead-kot49h-factory-02006b99.tgz
2014-07-07 16:14 - 2014-07-07 16:14 - 01244053 _____ () C:\Users\Ethan\Downloads\UPDATE-SuperSU-v2.01(1).zip
2014-07-07 16:01 - 2014-07-07 16:01 - 07979609 _____ () C:\Users\Ethan\Downloads\boot.zip
2014-07-07 16:01 - 2014-07-07 16:01 - 01225102 _____ () C:\Users\Ethan\Downloads\SuperSU-v2.00 for Android L.zip
2014-07-07 15:38 - 2014-07-07 15:38 - 09908869 _____ () C:\Users\Ethan\Downloads\CF-Auto-Root-hammerhead-hammerhead-nexus5(1).zip
2014-07-07 15:10 - 2014-07-07 15:13 - 451801880 _____ () C:\Users\Ethan\Downloads\hammerhead-lpv79-preview-ac1d8a8e.tgz
2014-07-07 15:02 - 2014-07-07 16:54 - 00000000 ____D () C:\Users\Ethan\Documents\nexus
2014-07-07 12:43 - 2014-07-07 12:47 - 426983121 _____ () C:\Users\Ethan\Downloads\Overrun 2.2.exe
2014-07-07 12:40 - 2014-07-07 12:43 - 317897730 _____ () C:\Users\Ethan\Downloads\nazi_zombie_sog 1.1.exe
2014-07-05 15:32 - 2014-07-05 15:49 - 427445973 _____ () C:\Users\Ethan\Downloads\zct_arena.exe
2014-07-05 11:56 - 2014-07-05 11:57 - 62696594 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lab935 v2.3.exe
2014-06-28 10:57 - 2014-06-28 10:59 - 126346128 _____ () C:\Users\Ethan\Downloads\zm_owc.exe
2014-06-27 18:21 - 2014-06-27 18:21 - 60301110 _____ () C:\Users\Ethan\Downloads\nazi_zombie_xob.zip
2014-06-27 18:11 - 2014-06-27 18:14 - 217996765 _____ () C:\Users\Ethan\Downloads\nazi_zombie_FarAway(1).exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00715038 _____ () C:\Windows\unins000.exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00443445 _____ ( ) C:\Users\Ethan\Downloads\LagarithSetup_1327.exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00001989 _____ () C:\Windows\unins000.dat
2014-06-27 16:40 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2014-06-27 16:40 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2014-06-27 16:36 - 2014-06-27 16:36 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Dxtory Software
2014-06-27 16:36 - 2014-06-27 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2014-06-27 16:36 - 2011-05-23 23:29 - 03673600 _____ (Dxtory Software) C:\Windows\system32\DxtoryCodec64.dll
2014-06-27 16:36 - 2011-05-23 23:23 - 03166720 _____ (Dxtory Software) C:\Windows\SysWOW64\DxtoryCodec.dll
2014-06-27 16:35 - 2014-06-27 16:35 - 00000000 ____D () C:\Program Files (x86)\Dxtory Software
2014-06-27 16:34 - 2014-06-27 16:35 - 02947057 _____ () C:\Users\Ethan\Downloads\Chocalate Orange Dxtory.rar
2014-06-27 16:08 - 2014-06-27 16:11 - 00005433 _____ () C:\commandlist.txt
2014-06-27 15:56 - 2014-07-11 19:26 - 00001493 _____ () C:\tstamps.log
2014-06-27 14:34 - 2014-06-27 14:35 - 00889416 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotNetFx40_Full_setup.exe
2014-06-26 19:46 - 2014-06-26 19:49 - 00299048 _____ () C:\Users\Ethan\Downloads\Purity Ring - Fineshrine.mp3.sfk
2014-06-26 19:30 - 2014-05-29 16:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-26 19:30 - 2014-05-29 16:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-26 19:19 - 2014-06-26 19:19 - 00000000 ____D () C:\Program Files\Sony
2014-06-26 19:18 - 2014-06-26 19:18 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-26 19:18 - 2014-05-19 16:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-06-26 19:15 - 2014-06-11 01:57 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-06-26 19:15 - 2014-06-11 01:57 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-06-26 19:15 - 2014-06-11 01:57 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-26 19:15 - 2014-05-19 19:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 00492376 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 00416712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 00335704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-06-26 19:15 - 2014-03-31 09:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-26 19:15 - 2014-03-31 09:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-26 19:13 - 2014-06-26 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-06-26 19:11 - 2014-06-26 19:12 - 231400888 _____ (NVIDIA Corporation) C:\Users\Ethan\Downloads\337.88-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-06-26 19:01 - 2014-06-26 20:31 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\OBS
2014-06-26 19:01 - 2014-06-26 19:01 - 08351107 _____ () C:\Users\Ethan\Downloads\OBS_0_625b_Installer.exe
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Program Files\OBS
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-06-26 15:37 - 2014-06-26 15:40 - 169613955 _____ () C:\Users\Ethan\Downloads\nazi_zombie_ndh.zip
2014-06-26 15:36 - 2014-06-26 15:40 - 279809885 _____ () C:\Users\Ethan\Downloads\nazi_zombie_base36.exe
2014-06-26 15:35 - 2014-06-26 15:39 - 158942060 _____ () C:\Users\Ethan\Downloads\nazi_zombie_tomb.exe
2014-06-26 15:34 - 2014-06-26 15:40 - 175421863 _____ () C:\Users\Ethan\Downloads\Ccourtv2.zip
2014-06-26 15:34 - 2014-06-26 15:38 - 113272173 _____ () C:\Users\Ethan\Downloads\nazi_zombie_isolation_ZM.exe
2014-06-26 15:33 - 2014-06-26 15:40 - 299237464 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lost.exe
2014-06-26 15:33 - 2014-06-26 15:37 - 89465890 _____ () C:\Users\Ethan\Downloads\nazi_zombie_madagascar.exe
2014-06-26 14:47 - 2014-06-26 14:51 - 224981775 _____ () C:\Users\Ethan\Downloads\nazi_zombie_slums.exe
2014-06-25 21:01 - 2014-06-25 21:01 - 43867536 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lost1.1.zip
2014-06-25 20:26 - 2014-06-25 20:28 - 161098633 _____ () C:\Users\Ethan\Downloads\Cheese Cube Unlimited v1.0.exe
2014-06-25 19:05 - 2014-06-25 19:05 - 215604028 _____ () C:\Users\Ethan\Downloads\nazi_zombie_silo.exe
2014-06-25 16:53 - 2014-06-25 16:53 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Skype
2014-06-25 16:53 - 2014-06-25 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-25 16:40 - 2014-06-25 16:40 - 00000000 ____D () C:\Users\Ethan\Documents\Activision
2014-06-25 16:13 - 2014-06-25 16:13 - 123616577 _____ () C:\Users\Ethan\Downloads\nazi_zombie_penguin.exe
2014-06-25 14:08 - 2014-06-25 14:09 - 137685111 _____ () C:\Users\Ethan\Downloads\zm_birthday.exe
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bigasoft
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Bigasoft Total Video Converter 4
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Program Files (x86)\Bigasoft
2014-06-25 00:52 - 2014-06-25 00:53 - 16461951 _____ (Bigasoft Corporation ) C:\Users\Ethan\Downloads\b-total-video-converter.exe
2014-06-25 00:23 - 2014-06-26 20:02 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\vlc
2014-06-25 00:23 - 2014-06-25 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-25 00:23 - 2014-06-25 00:23 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-06-25 00:12 - 2014-06-25 00:16 - 24677393 _____ () C:\Users\Ethan\Downloads\vlc-2.1.3-win32.exe
2014-06-24 23:58 - 2014-06-24 23:59 - 00000000 ____D () C:\ProgramData\PMS
2014-06-24 23:58 - 2014-06-24 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
2014-06-24 23:58 - 2014-06-24 23:58 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server
2014-06-24 23:56 - 2014-06-24 23:58 - 54431910 _____ () C:\Users\Ethan\Downloads\pms-1.90.1-setup-full-x64.exe
2014-06-24 02:24 - 2014-06-24 02:27 - 163936044 _____ () C:\Users\Ethan\Downloads\call_of_duty_black_ops_zombies.zip
2014-06-24 02:21 - 2014-06-24 02:22 - 45259180 _____ () C:\Users\Ethan\Downloads\call_of_duty_black_ops_zombies.apk
2014-06-23 18:21 - 2014-06-23 18:21 - 00000000 ____D () C:\Users\Ethan\AppData\Local\PunkBuster
2014-06-23 18:18 - 2014-06-23 18:19 - 361758379 _____ () C:\Users\Ethan\Downloads\nazi_zombie_sr.zip

==================== One Month Modified Files and Folders =======

2014-07-22 16:33 - 2014-07-22 16:33 - 00021658 _____ () C:\Users\Ethan\Desktop\FRST.txt
2014-07-22 16:33 - 2014-07-22 16:33 - 00000000 ____D () C:\FRST
2014-07-22 16:33 - 2014-07-22 16:32 - 02090496 _____ (Farbar) C:\Users\Ethan\Desktop\FRST64.exe
2014-07-22 16:28 - 2013-07-13 13:43 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-22 16:20 - 2013-09-12 16:52 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Spotify
2014-07-22 16:20 - 2013-07-13 19:02 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Skype
2014-07-22 02:29 - 2013-07-12 23:22 - 01940326 _____ () C:\Windows\WindowsUpdate.log
2014-07-21 05:51 - 2013-10-10 14:25 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Spotify
2014-07-20 23:01 - 2014-07-19 21:36 - 00000000 ____D () C:\Users\Ethan\Documents\unturned saves
2014-07-20 21:38 - 2014-07-20 21:35 - 00000000 ____D () C:\Users\Ethan\Downloads\Extreme Injector v3.3 - by master131_mpgh.net
2014-07-20 21:35 - 2014-07-20 21:35 - 00983840 _____ () C:\Users\Ethan\Downloads\Extreme Injector v3.3 - by master131_mpgh.net.rar
2014-07-20 19:07 - 2014-07-20 16:57 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\TS3Client
2014-07-20 16:57 - 2014-07-20 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-07-20 16:57 - 2014-07-20 16:57 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-07-20 16:56 - 2014-07-20 16:56 - 27337256 _____ (TeamSpeak Systems GmbH) C:\Users\Ethan\Downloads\TeamSpeak3-Client-win32-3.0.15.1.exe
2014-07-20 15:34 - 2013-10-29 17:34 - 00024473 _____ () C:\Windows\setupact.log
2014-07-20 02:26 - 2009-07-13 21:45 - 00016560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 02:26 - 2009-07-13 21:45 - 00016560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 00:47 - 2014-07-20 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-20 00:47 - 2014-07-20 00:46 - 00004460 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-20 00:47 - 2013-10-18 07:04 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-20 00:47 - 2013-07-13 12:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-20 00:45 - 2014-07-20 00:45 - 00918440 _____ (Oracle Corporation) C:\Users\Ethan\Downloads\JavaSetup7u65.exe
2014-07-19 21:36 - 2014-07-12 15:28 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-07-18 21:47 - 2013-07-18 18:24 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\PFStaticIP
2014-07-18 21:06 - 2013-07-13 12:26 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-18 20:29 - 2009-07-13 22:13 - 00782578 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-18 20:28 - 2013-09-23 20:17 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\BitTorrent
2014-07-18 20:26 - 2013-08-09 18:54 - 00000000 ____D () C:\Users\Ethan\AppData\Local\LogMeIn Hamachi
2014-07-18 20:23 - 2013-07-12 23:42 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-18 20:23 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-18 20:21 - 2013-07-13 11:33 - 00533968 _____ () C:\Windows\PFRO.log
2014-07-18 03:01 - 2013-07-13 00:19 - 00774700 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-17 15:48 - 2014-07-17 15:37 - 325224491 _____ () C:\Users\Ethan\Downloads\nazi_zombie_legion.exe
2014-07-17 12:33 - 2009-07-13 21:45 - 00475888 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-17 01:01 - 2014-07-17 00:39 - 00000000 ____D () C:\Program Files (x86)\Cain
2014-07-17 00:59 - 2013-07-12 23:55 - 00123704 _____ () C:\Users\Ethan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cain
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-07-17 00:38 - 2014-07-17 00:37 - 08244106 _____ () C:\Users\Ethan\Downloads\ca_setup.exe
2014-07-16 20:05 - 2014-07-16 20:05 - 00000000 ____D () C:\Windows\w7upfc
2014-07-16 20:05 - 2014-07-16 20:05 - 00000000 ____D () C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer
2014-07-16 20:04 - 2014-07-16 20:05 - 00452830 _____ () C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer.zip
2014-07-16 20:04 - 2014-07-16 20:04 - 00757808 _____ ( ) C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer.exe
2014-07-16 20:04 - 2014-07-16 20:04 - 00000000 ____D () C:\Users\Ethan\Downloads\windows_8_8_1_theme_for_windows_7_by_mare_m-d59vtny
2014-07-16 20:01 - 2013-07-25 11:49 - 00000000 ____D () C:\Users\Ethan\Documents\all of it
2014-07-16 19:56 - 2014-01-15 21:21 - 00000000 ____D () C:\Users\Ethan\AppData\Local\CrashDumps
2014-07-16 19:50 - 2014-07-16 19:50 - 00889416 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotNetFx40_Full_setup(1).exe
2014-07-16 19:49 - 2014-07-16 19:49 - 00266065 _____ () C:\Users\Ethan\Downloads\dotnetfx_cleanup_tool.zip
2014-07-16 19:39 - 2014-07-16 19:39 - 00879096 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\NetFxRepairTool.exe
2014-07-16 19:36 - 2014-07-16 19:35 - 00278528 _____ (Coder for Life) C:\Users\Ethan\Downloads\Win7BootUpdaterCmd.exe
2014-07-16 19:35 - 2014-07-16 19:34 - 52070032 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotnetfx45_full_x86_x64.exe
2014-07-16 18:26 - 2014-07-16 18:26 - 00248259 _____ () C:\Users\Ethan\Downloads\tweakslogon.zip
2014-07-15 20:40 - 2014-07-15 20:39 - 00000000 ____D () C:\Users\Ethan\Documents\youtube stuff
2014-07-15 20:38 - 2013-10-21 18:53 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\DisplayFusion
2014-07-15 20:37 - 2014-07-15 20:37 - 00002717 _____ () C:\Users\Ethan\AppData\Local\recently-used.xbel
2014-07-15 20:37 - 2014-05-10 21:29 - 00000000 ____D () C:\Users\Ethan\AppData\Local\gtk-2.0
2014-07-15 20:37 - 2014-05-10 21:19 - 00000000 ____D () C:\Users\Ethan\.gimp-2.8
2014-07-15 20:12 - 2014-07-15 20:12 - 23634108 _____ () C:\Users\Ethan\Downloads\windows_8_8_1_theme_for_windows_7_by_mare_m-d59vtny.7z
2014-07-15 13:35 - 2013-08-06 19:47 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Audacity
2014-07-14 10:23 - 2014-07-14 10:19 - 356929140 _____ () C:\Users\Ethan\Downloads\Mini-Labor v1.2.exe
2014-07-13 13:48 - 2014-07-13 13:37 - 192548009 _____ () C:\Users\Ethan\Downloads\Rise.exe
2014-07-12 23:16 - 2013-07-13 16:21 - 00111928 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-12 16:10 - 2014-07-12 16:08 - 139435890 _____ () C:\Users\Ethan\Downloads\ILS_Lets_Go_Home_v3.0.exe
2014-07-12 15:42 - 2014-07-12 15:28 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Tunngle
2014-07-12 15:42 - 2014-07-12 15:28 - 00000000 ____D () C:\ProgramData\Tunngle
2014-07-12 15:29 - 2014-07-12 15:28 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-07-12 15:28 - 2014-07-12 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-07-12 15:00 - 2014-07-12 15:00 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\Ethan\Downloads\Tunngle_Setup_v4.5.1.4b.exe
2014-07-12 13:31 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-07-12 11:32 - 2014-07-12 11:31 - 121350839 _____ () C:\Users\Ethan\Downloads\nazi_zombie_kamchatka.exe
2014-07-12 10:49 - 2013-09-23 20:18 - 00000813 _____ () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-07-12 10:48 - 2014-07-12 10:48 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Adobe
2014-07-12 10:42 - 2014-05-06 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-12 10:42 - 2009-07-14 00:46 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-12 10:42 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-12 10:42 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-11 23:36 - 2013-07-14 00:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 23:34 - 2013-07-13 00:40 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-11 21:51 - 2014-07-11 21:49 - 43221185 _____ () C:\Users\Ethan\Downloads\Textures_and_Sounds_mod.zip
2014-07-11 19:26 - 2014-06-27 15:56 - 00001493 _____ () C:\tstamps.log
2014-07-11 17:14 - 2014-07-11 17:14 - 05538818 _____ (Activision Blizzard, Inc.) C:\Users\Ethan\Downloads\CoDWaW LanFixed.exe
2014-07-11 17:06 - 2014-07-11 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-11 17:06 - 2014-07-11 17:06 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-11 17:06 - 2013-07-13 12:26 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-11 17:06 - 2013-07-13 12:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-11 17:06 - 2013-07-13 12:26 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-11 16:53 - 2014-07-11 16:52 - 92289769 _____ () C:\Users\Ethan\Downloads\nazi_zombie_minecraft.RAR
2014-07-11 03:02 - 2014-07-20 00:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-20 00:47 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-20 00:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-20 00:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-07 17:30 - 2014-06-05 21:57 - 00000000 ____D () C:\Users\Ethan\.android
2014-07-07 17:06 - 2014-07-07 17:05 - 00000000 ____D () C:\Program Files\Android
2014-07-07 17:02 - 2014-07-07 16:58 - 370763706 _____ () C:\Users\Ethan\Downloads\adt-bundle-windows-x86_64-20140702.zip
2014-07-07 17:01 - 2014-07-07 16:57 - 448619398 _____ () C:\Users\Ethan\Downloads\hammerhead-kot49h-factory-02006b99.tgz
2014-07-07 16:54 - 2014-07-07 15:02 - 00000000 ____D () C:\Users\Ethan\Documents\nexus
2014-07-07 16:49 - 2014-06-05 22:20 - 00000000 ____D () C:\Users\Ethan\Documents\Android bleep
2014-07-07 16:14 - 2014-07-07 16:14 - 01244053 _____ () C:\Users\Ethan\Downloads\UPDATE-SuperSU-v2.01(1).zip
2014-07-07 16:06 - 2013-07-12 23:24 - 00000000 ____D () C:\Users\Ethan\AppData\Local\VirtualStore
2014-07-07 16:01 - 2014-07-07 16:01 - 07979609 _____ () C:\Users\Ethan\Downloads\boot.zip
2014-07-07 16:01 - 2014-07-07 16:01 - 01225102 _____ () C:\Users\Ethan\Downloads\SuperSU-v2.00 for Android L.zip
2014-07-07 15:38 - 2014-07-07 15:38 - 09908869 _____ () C:\Users\Ethan\Downloads\CF-Auto-Root-hammerhead-hammerhead-nexus5(1).zip
2014-07-07 15:13 - 2014-07-07 15:10 - 451801880 _____ () C:\Users\Ethan\Downloads\hammerhead-lpv79-preview-ac1d8a8e.tgz
2014-07-07 12:47 - 2014-07-07 12:43 - 426983121 _____ () C:\Users\Ethan\Downloads\Overrun 2.2.exe
2014-07-07 12:43 - 2014-07-07 12:40 - 317897730 _____ () C:\Users\Ethan\Downloads\nazi_zombie_sog 1.1.exe
2014-07-05 15:49 - 2014-07-05 15:32 - 427445973 _____ () C:\Users\Ethan\Downloads\zct_arena.exe
2014-07-05 11:57 - 2014-07-05 11:56 - 62696594 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lab935 v2.3.exe
2014-06-29 19:09 - 2014-07-11 16:16 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-29 19:04 - 2014-07-11 16:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-28 10:59 - 2014-06-28 10:57 - 126346128 _____ () C:\Users\Ethan\Downloads\zm_owc.exe
2014-06-27 18:21 - 2014-06-27 18:21 - 60301110 _____ () C:\Users\Ethan\Downloads\nazi_zombie_xob.zip
2014-06-27 18:14 - 2014-06-27 18:11 - 217996765 _____ () C:\Users\Ethan\Downloads\nazi_zombie_FarAway(1).exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00715038 _____ () C:\Windows\unins000.exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00443445 _____ ( ) C:\Users\Ethan\Downloads\LagarithSetup_1327.exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00001989 _____ () C:\Windows\unins000.dat
2014-06-27 16:36 - 2014-06-27 16:36 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Dxtory Software
2014-06-27 16:36 - 2014-06-27 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2014-06-27 16:35 - 2014-06-27 16:35 - 00000000 ____D () C:\Program Files (x86)\Dxtory Software
2014-06-27 16:35 - 2014-06-27 16:34 - 02947057 _____ () C:\Users\Ethan\Downloads\Chocalate Orange Dxtory.rar
2014-06-27 16:11 - 2014-06-27 16:08 - 00005433 _____ () C:\commandlist.txt
2014-06-27 14:35 - 2014-06-27 14:34 - 00889416 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotNetFx40_Full_setup.exe
2014-06-26 20:31 - 2014-06-26 19:01 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\OBS
2014-06-26 20:02 - 2014-06-25 00:23 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\vlc
2014-06-26 19:49 - 2014-06-26 19:46 - 00299048 _____ () C:\Users\Ethan\Downloads\Purity Ring - Fineshrine.mp3.sfk
2014-06-26 19:30 - 2013-07-12 23:42 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-26 19:25 - 2014-01-15 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-06-26 19:22 - 2013-07-12 23:42 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-26 19:19 - 2014-06-26 19:19 - 00000000 ____D () C:\Program Files\Sony
2014-06-26 19:19 - 2014-01-15 21:49 - 00000000 ____D () C:\ProgramData\Sony
2014-06-26 19:19 - 2014-01-15 21:14 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Sony
2014-06-26 19:19 - 2013-11-12 18:13 - 00000000 ____D () C:\Users\Ethan\AppData\Local\NVIDIA Corporation
2014-06-26 19:19 - 2013-07-13 12:19 - 00000000 ____D () C:\Users\Ethan\AppData\Local\NVIDIA
2014-06-26 19:18 - 2014-06-26 19:18 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-26 19:18 - 2013-07-12 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-26 19:18 - 2013-07-12 23:42 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-26 19:13 - 2014-06-26 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-06-26 19:12 - 2014-06-26 19:11 - 231400888 _____ (NVIDIA Corporation) C:\Users\Ethan\Downloads\337.88-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-06-26 19:12 - 2013-10-21 18:46 - 00000000 ____D () C:\Users\Ethan\Documents\Torrents
2014-06-26 19:01 - 2014-06-26 19:01 - 08351107 _____ () C:\Users\Ethan\Downloads\OBS_0_625b_Installer.exe
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Program Files\OBS
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-06-26 15:40 - 2014-06-26 15:37 - 169613955 _____ () C:\Users\Ethan\Downloads\nazi_zombie_ndh.zip
2014-06-26 15:40 - 2014-06-26 15:36 - 279809885 _____ () C:\Users\Ethan\Downloads\nazi_zombie_base36.exe
2014-06-26 15:40 - 2014-06-26 15:34 - 175421863 _____ () C:\Users\Ethan\Downloads\Ccourtv2.zip
2014-06-26 15:40 - 2014-06-26 15:33 - 299237464 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lost.exe
2014-06-26 15:39 - 2014-06-26 15:35 - 158942060 _____ () C:\Users\Ethan\Downloads\nazi_zombie_tomb.exe
2014-06-26 15:38 - 2014-06-26 15:34 - 113272173 _____ () C:\Users\Ethan\Downloads\nazi_zombie_isolation_ZM.exe
2014-06-26 15:37 - 2014-06-26 15:33 - 89465890 _____ () C:\Users\Ethan\Downloads\nazi_zombie_madagascar.exe
2014-06-26 14:51 - 2014-06-26 14:47 - 224981775 _____ () C:\Users\Ethan\Downloads\nazi_zombie_slums.exe
2014-06-25 21:24 - 2013-07-13 19:02 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-25 21:24 - 2013-07-13 19:02 - 00000000 ____D () C:\ProgramData\Skype
2014-06-25 21:15 - 2013-07-25 13:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-25 21:01 - 2014-06-25 21:01 - 43867536 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lost1.1.zip
2014-06-25 20:28 - 2014-06-25 20:26 - 161098633 _____ () C:\Users\Ethan\Downloads\Cheese Cube Unlimited v1.0.exe
2014-06-25 19:05 - 2014-06-25 19:05 - 215604028 _____ () C:\Users\Ethan\Downloads\nazi_zombie_silo.exe
2014-06-25 16:53 - 2014-06-25 16:53 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Skype
2014-06-25 16:53 - 2014-06-25 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-25 16:40 - 2014-06-25 16:40 - 00000000 ____D () C:\Users\Ethan\Documents\Activision
2014-06-25 16:13 - 2014-06-25 16:13 - 123616577 _____ () C:\Users\Ethan\Downloads\nazi_zombie_penguin.exe
2014-06-25 14:09 - 2014-06-25 14:08 - 137685111 _____ () C:\Users\Ethan\Downloads\zm_birthday.exe
2014-06-25 12:25 - 2014-05-10 19:11 - 00000000 ____D () C:\Users\Ethan\Documents\DS4
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bigasoft
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Bigasoft Total Video Converter 4
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Program Files (x86)\Bigasoft
2014-06-25 00:53 - 2014-06-25 00:52 - 16461951 _____ (Bigasoft Corporation ) C:\Users\Ethan\Downloads\b-total-video-converter.exe
2014-06-25 00:23 - 2014-06-25 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-25 00:23 - 2014-06-25 00:23 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-06-25 00:16 - 2014-06-25 00:12 - 24677393 _____ () C:\Users\Ethan\Downloads\vlc-2.1.3-win32.exe
2014-06-24 23:59 - 2014-06-24 23:58 - 00000000 ____D () C:\ProgramData\PMS
2014-06-24 23:58 - 2014-06-24 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
2014-06-24 23:58 - 2014-06-24 23:58 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server
2014-06-24 23:58 - 2014-06-24 23:56 - 54431910 _____ () C:\Users\Ethan\Downloads\pms-1.90.1-setup-full-x64.exe
2014-06-24 02:27 - 2014-06-24 02:24 - 163936044 _____ () C:\Users\Ethan\Downloads\call_of_duty_black_ops_zombies.zip
2014-06-24 02:22 - 2014-06-24 02:21 - 45259180 _____ () C:\Users\Ethan\Downloads\call_of_duty_black_ops_zombies.apk
2014-06-23 18:21 - 2014-06-23 18:21 - 00000000 ____D () C:\Users\Ethan\AppData\Local\PunkBuster
2014-06-23 18:19 - 2014-06-23 18:18 - 361758379 _____ () C:\Users\Ethan\Downloads\nazi_zombie_sr.zip
2014-06-23 12:46 - 2013-07-18 18:24 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com

Files to move or delete:
====================
C:\Users\Ethan\7z.dll
C:\Users\Ethan\fceux.exe
C:\Users\Ethan\jagex_cl_oldschool_LIVE.dat
C:\Users\Ethan\jagex_cl_runescape_LIVE.dat
C:\Users\Ethan\jagex_cl_runescape_LIVE1.dat
C:\Users\Ethan\lua5.1.dll
C:\Users\Ethan\lua51.dll
C:\Users\Ethan\random.dat


Some content of TEMP:
====================
C:\Users\Ethan\AppData\Local\Temp\jna431875319602554335.dll
C:\Users\Ethan\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Ethan\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Ethan\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Ethan\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2014-07-16 20:05] - [2011-02-24 23:19] - 2792960 ____A (Microsoft Corporation) 41A129F1CF1DED0B5A95235082D65ED8

C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-18 00:55

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2014
Ran by Ethan at 2014-07-22 16:34:11
Running from C:\Users\Ethan\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 2.00.02 - )
Android Commander version 0.7.9.11 (HKLM-x32\...\Android Commander_is1) (Version: 0.7.9.11 - )
Any Video Converter 5.0.7 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.5.2 - CrystalIdea Software, Inc.)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AutoHotkey 1.1.13.00 (HKLM\...\AutoHotkey) (Version: 1.1.13.00 - Lexikos)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Bigasoft Total Video Converter 4.2.9.5283 (HKLM-x32\...\{A72CE741-1F32-4D79-BFFB-A714375C678D}_is1) (Version:  - Bigasoft Corporation)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.13.0.551 - Bitdefender)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32241 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bruteforce Save Data (HKLM-x32\...\Bruteforce Save Data) (Version:  - )
Cain & Abel 4.9.56 (HKLM-x32\...\Cain & Abel 4.9.56) (Version:  - )
Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version:  - Treyarch)
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
Camtasia Studio 8 (HKLM-x32\...\{BFA04EE0-8240-4667-8D53-45496A901C33}) (Version: 8.1.2.1327 - TechSmith Corporation)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{25881143-7B3A-46FA-B093-85C24957D08E}) (Version:  - Microsoft)
DisplayFusion 5.0.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 5.0.1.0 - Binary Fortress Software)
Dxtory version 2.0.119 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.119 - Dxtory Software)
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.03.03 - )
Fallout New Vegas (HKLM-x32\...\Fallout New Vegas_is1) (Version:  - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
InspIRCd (HKLM-x32\...\InspIRCd) (Version: 2.0.13 - InspIRCd Development Team)
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
iZotope Vinyl (HKLM-x32\...\iZotope Vinyl_is1) (Version: 1.61 - iZotope, Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
Macro Scheduler Trial (HKLM-x32\...\Macro Scheduler Trial) (Version: 14.0.13 - MJT Net Ltd)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Magic Set Editor 2.0.0 (HKLM-x32\...\Magic Set Editor 2_is1) (Version:  - )
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
Miro Video Converter (HKLM-x32\...\Miro Video Converter) (Version: 0.8.0 - Participatory Culture Foundation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.1 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PFConfig 1.0.296 (HKLM-x32\...\PFConfig) (Version: 1.0.296 - Portforward.com)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Portal (HKLM-x32\...\Portal) (Version:  - )
Portforward Static IP Address 1.0.47 (HKLM-x32\...\Portforward Static IP Address) (Version: 1.0.47 - Portforward.com)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0.1 r2151 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.00.0000 - Realtek)
RollerCoaster Tycoon 2 Triple Thrill Pack (HKLM-x32\...\{4C5D15D2-5351-4F05-A96E-56C20554F977}) (Version: 1.00.000 - )
Rollercoaster Tycoon 2 UCES (HKLM-x32\...\{D4B8AFAB-FB39-11D7-9D43-000A735D259C}) (Version:  - The UCES Team)
RollerCoaster Tycoon 2: Time Twister (HKLM-x32\...\{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604}) (Version: 1.00.000 - )
RollerCoaster Tycoon 2: Wacky Worlds (HKLM-x32\...\{B1AD83A0-DC92-41E3-B111-E9472349768C}) (Version:  - )
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
UnrealIRCd3.2.10.1 (HKLM-x32\...\UnrealIRCd_is1) (Version:  - UnrealIRCd Team)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A784BEFA-1BAB-4285-9F90-7D1A40A72DF8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C5241E8F-37A5-40EC-90DD-FF1400818C4B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{388C807E-766E-47FB-A671-53B8387FCA78}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2768004) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3F417A4-0DC5-489E-8196-90D9D9BC3B4B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2768004) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3F417A4-0DC5-489E-8196-90D9D9BC3B4B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2768004) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{59ED2EAA-9515-4E76-931C-BCD57DE2C6AB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726961) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0316FE0-38FC-4F3E-81FA-8B51BB649901}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C74BC9C1-46D0-4406-A003-119C5F2BC240}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{068372FB-7EAF-463F-8074-77AB35BB13E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E911A320-7B4A-4383-82D2-007375B27EC2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8449754F-577E-4EC3-B9D4-108395B1680E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0C0A2F4A-757C-4F10-935F-508E1A2D4719}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{377DC0D5-A062-496A-ADE2-6D204B498DD8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{CA55F6DA-492F-434B-9B65-9A42C35F3FDC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{CC676278-5E9E-432E-9BB5-DDF0FFE04549}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810014) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2734238-16FF-4398-B1CF-79B8FCFA5347}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810014) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2734238-16FF-4398-B1CF-79B8FCFA5347}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810017) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C885717B-8871-49EF-BB8D-8BBC9EAB9CE0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810017) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{4F1CF52B-BF19-486D-B692-8470F6C96B57}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810017) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C885717B-8871-49EF-BB8D-8BBC9EAB9CE0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810018) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B994622E-A0EB-4A78-96EF-9718A90F0A22}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810018) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B994622E-A0EB-4A78-96EF-9718A90F0A22}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817320) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4389523F-DE1F-474A-995D-480F66809567}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817320) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4389523F-DE1F-474A-995D-480F66809567}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2760334) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D9F8079D-BA75-47BC-ABAB-018F64771EA1}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2760334) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D9F8079D-BA75-47BC-ABAB-018F64771EA1}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2810015) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{87043757-94A9-4E24-9E4E-3E3F8BAFFDBA}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2810015) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{651756C4-8C82-456F-AA16-B413A01237E6}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E158EB9F-E6CC-49E2-A098-2C6DF0D6B42B}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2727013) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D6543BBD-68C5-4EF7-A8EF-A87E6602B063}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2767865) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1B725639-E58D-4759-AEF3-C5F41BDB2A1F}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2767865) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1B725639-E58D-4759-AEF3-C5F41BDB2A1F}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2810019) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{CDE51B41-3CDC-4CB2-B695-FBCD375C3885}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2810019) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{CDE51B41-3CDC-4CB2-B695-FBCD375C3885}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{54960E56-266C-417A-85F5-4769614C2694}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2768007) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BEF4A15A-E1CC-41A1-AAA8-23E0711219F0}) (Version:  - Microsoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.00 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XChat 2 (remove only) (HKLM-x32\...\xchat) (Version:  - )
XSplit Broadcaster (HKLM-x32\...\{6459F338-FE52-4034-BCA7-74772DA0F24D}) (Version: 1.3.1403.1202 - SplitMediaLabs)

==================== Restore Points  =========================

17-07-2014 04:19:03 Scheduled Checkpoint
17-07-2014 10:00:10 Windows Update
18-07-2014 10:00:10 Windows Update
20-07-2014 07:46:02 Installed Java 7 Update 65
22-07-2014 09:28:58 Windows Update

==================== Hosts content: ==========================

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1BB4737F-E06C-4BC9-8752-5A4DBA72A6D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {50036CBB-409B-4231-A889-27F6EE3A2ACA} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2012-01-03] (ASUSTek Computer Inc.)
Task: {65C61FAA-601E-465C-9289-3D6B0C95F5A6} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => C:\Program Files\ASUS\Ai Suite\CpuLevelUpHookLaunch.exe [2009-12-28] ()
Task: {75A85249-B987-49BE-98F0-1E605929CB11} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {8322B4C9-9E3C-43DE-9A6A-654C034F1118} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\ProgramData\ASUS\AASP\1.02.00\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {9C89D8DA-AFF3-48D6-96C5-6DBD2946C260} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {ABB8FC95-5464-4A6F-8AC7-1926B077743E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-11] (Adobe Systems Incorporated)
Task: {B833200D-891B-41FA-81B8-FAF509347600} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?

==================== Loaded Modules (whitelisted) =============

2013-07-13 15:18 - 2013-06-19 12:45 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2013-07-13 15:18 - 2013-06-25 14:22 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2013-07-13 15:18 - 2011-11-14 20:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2013-07-13 15:18 - 2013-06-25 14:22 - 00004608 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2014-06-18 01:46 - 2014-06-18 01:46 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00046_020\ashttpbr.mdl
2014-06-18 01:46 - 2014-06-18 01:46 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00046_020\ashttpdsp.mdl
2014-06-18 01:46 - 2014-06-18 01:46 - 02599584 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00046_020\ashttpph.mdl
2014-06-18 01:46 - 2014-06-18 01:46 - 01322896 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00046_020\ashttprbl.mdl
2013-07-12 23:42 - 2014-05-19 18:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-03-19 22:27 - 2013-03-19 22:27 - 08864936 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-06-18 08:24 - 2012-06-18 08:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-07-13 16:21 - 2013-07-13 16:21 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-07-13 15:18 - 2013-03-25 16:16 - 01117920 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
2013-10-10 16:54 - 2014-07-12 10:48 - 00601144 _____ () C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-13 15:18 - 2014-03-27 04:21 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2013-09-12 16:53 - 2014-07-12 10:48 - 36966968 _____ () C:\Users\Ethan\AppData\Roaming\Spotify\Data\libcef.dll
2014-07-12 10:48 - 2014-07-12 10:48 - 00867896 _____ () C:\Users\Ethan\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2013-10-10 16:54 - 2014-07-12 10:48 - 00886840 _____ () C:\Users\Ethan\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-10-10 16:54 - 2014-07-12 10:48 - 00108600 _____ () C:\Users\Ethan\AppData\Roaming\Spotify\Data\libegl.dll
2014-01-03 04:03 - 2014-01-03 04:03 - 07816192 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
2014-01-03 04:03 - 2014-01-03 04:03 - 00188416 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-52.dll
2014-01-03 04:03 - 2014-01-03 04:03 - 01425920 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
2014-01-03 04:03 - 2014-01-03 04:03 - 00336896 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
2014-01-03 04:03 - 2014-01-03 04:03 - 00096256 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
2013-03-19 22:27 - 2013-03-19 22:27 - 08864912 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-06-11 01:44 - 2014-06-11 01:44 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-21 14:27 - 2014-07-11 17:53 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-05-08 17:14 - 2014-07-11 17:53 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-21 14:27 - 2014-07-11 17:53 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-02-13 19:04 - 2014-07-11 17:53 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2013-07-01 08:20 - 2014-06-26 15:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-21 14:27 - 2014-07-15 19:28 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-21 14:27 - 2014-04-28 17:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2013-07-09 17:56 - 2014-07-15 19:28 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-07-09 13:45 - 2014-05-01 16:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-07-11 16:35 - 2014-07-11 16:35 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Ethan\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\337.88-desktop-win8-win7-winvista-64bit-english-whql.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\AC07911_setup.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\adb-setup-1.3.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\b-total-video-converter.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\ca_setup.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\Cheese Cube Unlimited v1.0.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\CoDWaW LanFixed.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\dotNetFx40_Full_setup(1).exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\dotNetFx40_Full_setup.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\dotnetfx45_full_x86_x64.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\gimp-2.8.10-setup.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\ILS_Lets_Go_Home_v3.0.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\iTunes64Setup.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\iZotope_Vinyl_Setup_v1_73b(1).exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\iZotope_Vinyl_Setup_v1_73b.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\JavaSetup7u65.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\LagarithSetup_1327.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\Mini-Labor v1.2.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\nazi_zombie_base36.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\nazi_zombie_FarAway(1).exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\nazi_zombie_isolation_ZM.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\nazi_zombie_kamchatka.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\nazi_zombie_lab935 v2.3.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\nazi_zombie_legion.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\nazi_zombie_lost.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\nazi_zombie_madagascar.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\nazi_zombie_penguin.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\nazi_zombie_silo.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\nazi_zombie_slums.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\nazi_zombie_sog 1.1.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\nazi_zombie_tomb.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\NetFxRepairTool.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\OBS_0_625b_Installer.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\Overrun 2.2.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\pms-1.90.1-setup-full-x64.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\Rise.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\TeamSpeak3-Client-win32-3.0.15.1.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\Tunngle_Setup_v4.5.1.4b.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\vlc-2.1.3-win32.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\Win7BootUpdaterCmd.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\zct_arena.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\zm_birthday.exe:BDU
AlternateDataStreams: C:\Users\Ethan\Downloads\zm_owc.exe:BDU

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^Users^Ethan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BitTorrent => "C:\Users\Ethan\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: Turbo Key => "C:\Program Files\ASUS\Turbo Key\TurboKey.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/18/2014 03:18:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37128114

Error: (07/18/2014 03:18:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 37128114

Error: (07/18/2014 03:18:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/18/2014 03:18:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37112514

Error: (07/18/2014 03:18:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 37112514

Error: (07/18/2014 03:18:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/18/2014 03:18:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37096913

Error: (07/18/2014 03:18:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 37096913

Error: (07/18/2014 03:18:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/18/2014 03:18:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37081313


System errors:
=============
Error: (07/18/2014 08:24:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error:
%%1053

Error: (07/18/2014 08:24:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect.

Error: (07/18/2014 08:23:28 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The InspIRCd Daemon service terminated with service-specific error %%5.

Error: (07/18/2014 01:01:32 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The InspIRCd Daemon service terminated with service-specific error %%5.

Error: (07/17/2014 00:51:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (07/17/2014 00:51:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (07/17/2014 00:33:17 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The InspIRCd Daemon service terminated with service-specific error %%5.

Error: (07/16/2014 07:25:46 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The InspIRCd Daemon service terminated with service-specific error %%5.

Error: (07/16/2014 07:25:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:48:27 PM on ‎7/‎16/‎2014 was unexpected.

Error: (07/16/2014 02:22:06 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.


Microsoft Office Sessions:
=========================
Error: (07/18/2014 03:18:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37128114

Error: (07/18/2014 03:18:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 37128114

Error: (07/18/2014 03:18:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/18/2014 03:18:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37112514

Error: (07/18/2014 03:18:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 37112514

Error: (07/18/2014 03:18:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/18/2014 03:18:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37096913

Error: (07/18/2014 03:18:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 37096913

Error: (07/18/2014 03:18:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/18/2014 03:18:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37081313


==================== Memory info ===========================

Percentage of memory in use: 39%
Total physical RAM: 8174.12 MB
Available physical RAM: 4932.91 MB
Total Pagefile: 16346.41 MB
Available Pagefile: 11582.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:682.47 GB) NTFS
Drive e: (Backup) (Fixed) (Total:74.44 GB) (Free:45.79 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: F643DB86)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: 41AB2316)
Partition 1: (Not Active) - (Size=55 MB) - (Type=DE)
Partition 2: (Active) - (Size=74 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 75 GB) (Disk ID: 41AB2100)
Partition 1: (Active) - (Size=74 GB) - (Type=83)

==================== End Of Log ============================



#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,904 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:44 AM

Posted 22 July 2014 - 11:47 PM

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 coukan

coukan
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 23 July 2014 - 12:33 AM

Thanks for the help so far, I really appreciate it\

 

# AdwCleaner v3.216 - Report created 22/07/2014 at 21:52:02
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Ethan - EVEREST
# Running from : C:\Users\Ethan\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
Folder Found : C:\Program Files (x86)\SearchProtect
Folder Found : C:\Users\Ethan\AppData\Local\SearchProtect

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\SweetIM
Key Found : [x64] HKCU\Software\Ask.com
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\SweetIM
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\Software\SweetIM
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1900 octets] - [22/07/2014 21:52:02]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1960 octets] ##########
 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/22/2014
Scan Time: 10:00:50 PM
Logfile: malware log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.03.04.09
Rootkit Database: v2014.02.20.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Ethan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 246853
Time Elapsed: 11 min, 58 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 3
HackTool.Agent.DC, C:\$Recycle.Bin\S-1-5-21-2547204307-2080740806-2093863390-1000\$RDIGMER.rar, Quarantined, [87f630aec4b611257c5e5c1fc53c58a8],
HackTool.Agent.DC, C:\$Recycle.Bin\S-1-5-21-2547204307-2080740806-2093863390-1000\$ROLBD9G.rar, Quarantined, [1b624d916c0eec4a6c6e3f3cbc4517e9],
HackTool.Agent.DC, C:\Users\Ethan\Downloads\Extreme Injector v3.3 - by master131_mpgh.net.rar, Quarantined, [b1cc27b7b2c88aac0cce9be04bb6f50b],

Physical Sectors: 0
(No malicious items detected)


(end)

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Ethan on Tue 07/22/2014 at 22:17:17.52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Ethan\AppData\Roaming\mozilla\firefox\profiles\dc7u7nle.default\minidumps [77 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 07/22/2014 at 22:27:49.20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by Ethan (administrator) on EVEREST on 22-07-2014 22:32:01
Running from C:\Users\Ethan\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Spotify Ltd) C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Ethan\AppData\Roaming\Spotify\spotify.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(KoshyJohn.com) C:\Users\Ethan\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\seccenter.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1743088 2014-05-22] (Bitdefender)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-29] (NVIDIA Corporation)
HKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKU\.DEFAULT\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-22] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-22] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-05-22] (Bitdefender)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-07-18] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-22] (Bitdefender)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-22] (Bitdefender)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-05-22] (Bitdefender)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Spotify Web Helper] => C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-12] (Spotify Ltd)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Memory Cleaner] => C:\Users\Ethan\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe [791560 2013-02-03] (KoshyJohn.com)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Spotify] => C:\Users\Ethan\AppData\Roaming\Spotify\spotify.exe [6162488 2014-07-12] (Spotify Ltd)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [BitTorrent] => C:\Users\Ethan\AppData\Roaming\BitTorrent\BitTorrent.exe [1274456 2014-07-12] (BitTorrent Inc.)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\MountPoints2: {3c63b06e-eb85-11e2-b292-e1a78403f041} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\MountPoints2: {b39f1a76-f408-11e2-9e47-60a44cabec45} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2792960 2011-02-24] (Microsoft Corporation) <==== ATTENTION
Startup: C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: __SafeBox1 -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: __SafeBox2 -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: __SafeBox3 -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: __SafeBox4 -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x54563051957FCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Bitdefender Wallet  -> {09F58E74-42B4-4D70-BA26-35FC954E7A17} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{832C33FF-ACE1-4727-B76A-55CD824BF8B7}: [NameServer]75.75.75.75,75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Classic Theme Restorer - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-10]
FF Extension: Firebug - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\firebug@software.joehewitt.com.xpi [2013-12-11]
FF Extension: MEGA - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\firefox@mega.co.nz.xpi [2014-06-27]
FF Extension: Execute JS - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\{7067a92c-1db4-4e5e-869c-25f841287f8b}.xpi [2013-12-11]
FF Extension: Adblock Plus - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-10]
FF Extension: Greasemonkey - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-07-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-11]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman [2013-07-13]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext

==================== Services (Whitelisted) =================

R2 AsSysCtrlService; C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-27] (Bitdefender)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [1498000 2013-04-26] (Binary Fortress Software)
S2 InspIRCd; C:\Program Files (x86)\InspIRCd\inspircd.exe [717824 2013-02-12] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-07-13] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-08-01] (Bitdefender)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2013-10-21] (Microsoft Corporation) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-16] (Bitdefender)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1526800 2014-05-22] (Bitdefender)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-05] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2014-01-27] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2014-01-27] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2014-05-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-10-10] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-13] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-10] (BitDefender LLC)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-10] (BitDefender S.R.L.)
R3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN620.sys [32360 2011-09-16] (Realtek Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-22 22:32 - 2014-07-22 22:32 - 00022255 _____ () C:\Users\Ethan\Desktop\FRST.txt
2014-07-22 22:27 - 2014-07-22 22:27 - 00001033 _____ () C:\Users\Ethan\Desktop\JRT.txt
2014-07-22 22:17 - 2014-07-22 22:17 - 00000000 ____D () C:\Windows\ERUNT
2014-07-22 22:15 - 2014-07-22 22:16 - 01016261 _____ (Thisisu) C:\Users\Ethan\Desktop\JRT.exe
2014-07-22 22:00 - 2014-07-22 22:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-22 21:59 - 2014-07-22 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 21:59 - 2014-07-22 21:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-22 21:59 - 2014-07-22 21:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-22 21:59 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-22 21:59 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-22 21:59 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-22 21:58 - 2014-07-22 21:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ethan\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-22 21:56 - 2014-07-22 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-22 21:56 - 2014-07-22 21:56 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-22 21:52 - 2014-07-22 21:53 - 00000000 ____D () C:\AdwCleaner
2014-07-22 17:05 - 2014-06-12 17:19 - 00609056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-07-22 17:02 - 2014-06-12 19:59 - 01890264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434043.dll
2014-07-22 17:02 - 2014-06-12 19:59 - 01542088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434043.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 13911928 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 13824408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 11272544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 11211224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 04248520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 03989464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 00946120 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 00909256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 00902616 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 00869336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 00391456 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-07-22 17:02 - 2014-06-12 19:47 - 31512352 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-22 17:02 - 2014-06-12 19:47 - 24198616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-22 17:02 - 2014-06-12 19:47 - 17553032 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-22 17:02 - 2014-06-12 19:47 - 12860888 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-22 17:02 - 2014-06-12 19:47 - 00502048 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-07-22 17:02 - 2014-06-12 19:47 - 00417568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-07-22 17:02 - 2014-06-12 19:46 - 22994392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-22 17:02 - 2014-06-12 19:46 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-22 17:02 - 2014-06-12 19:46 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-22 17:02 - 2014-06-12 19:46 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-22 17:02 - 2014-06-12 19:46 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-22 17:02 - 2014-06-12 19:46 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-22 17:02 - 2014-06-12 19:46 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-07-22 16:33 - 2014-07-22 22:32 - 00000000 ____D () C:\FRST
2014-07-22 16:32 - 2014-07-22 16:33 - 02090496 _____ (Farbar) C:\Users\Ethan\Desktop\FRST64.exe
2014-07-20 21:35 - 2014-07-20 21:38 - 00000000 ____D () C:\Users\Ethan\Downloads\Extreme Injector v3.3 - by master131_mpgh.net
2014-07-20 16:57 - 2014-07-20 19:07 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\TS3Client
2014-07-20 16:57 - 2014-07-20 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-07-20 16:57 - 2014-07-20 16:57 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-07-20 16:56 - 2014-07-20 16:56 - 27337256 _____ (TeamSpeak Systems GmbH) C:\Users\Ethan\Downloads\TeamSpeak3-Client-win32-3.0.15.1.exe
2014-07-20 00:47 - 2014-07-20 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-20 00:47 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-20 00:47 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-20 00:47 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-20 00:47 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-20 00:46 - 2014-07-20 00:47 - 00004460 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-20 00:45 - 2014-07-20 00:45 - 00918440 _____ (Oracle Corporation) C:\Users\Ethan\Downloads\JavaSetup7u65.exe
2014-07-19 21:36 - 2014-07-20 23:01 - 00000000 ____D () C:\Users\Ethan\Documents\unturned saves
2014-07-17 15:37 - 2014-07-17 15:48 - 325224491 _____ () C:\Users\Ethan\Downloads\nazi_zombie_legion.exe
2014-07-17 00:39 - 2014-07-17 01:01 - 00000000 ____D () C:\Program Files (x86)\Cain
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cain
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-07-17 00:37 - 2014-07-17 00:38 - 08244106 _____ () C:\Users\Ethan\Downloads\ca_setup.exe
2014-07-16 20:05 - 2014-07-16 20:05 - 00000000 ____D () C:\Windows\w7upfc
2014-07-16 20:05 - 2014-07-16 20:05 - 00000000 ____D () C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer
2014-07-16 20:05 - 2014-07-16 20:04 - 00452830 _____ () C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer.zip
2014-07-16 20:05 - 2011-02-24 23:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer_edit_w7upfc.exe
2014-07-16 20:05 - 2011-02-24 23:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer_backup_w7upfc.exe
2014-07-16 20:05 - 2011-02-24 23:19 - 02792960 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-07-16 20:04 - 2014-07-16 20:04 - 00757808 _____ ( ) C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer.exe
2014-07-16 20:04 - 2014-07-16 20:04 - 00000000 ____D () C:\Users\Ethan\Downloads\windows_8_8_1_theme_for_windows_7_by_mare_m-d59vtny
2014-07-16 19:50 - 2014-07-16 19:50 - 00889416 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotNetFx40_Full_setup(1).exe
2014-07-16 19:49 - 2014-07-16 19:49 - 00266065 _____ () C:\Users\Ethan\Downloads\dotnetfx_cleanup_tool.zip
2014-07-16 19:39 - 2014-07-16 19:39 - 00879096 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\NetFxRepairTool.exe
2014-07-16 19:35 - 2014-07-16 19:36 - 00278528 _____ (Coder for Life) C:\Users\Ethan\Downloads\Win7BootUpdaterCmd.exe
2014-07-16 19:34 - 2014-07-16 19:35 - 52070032 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotnetfx45_full_x86_x64.exe
2014-07-16 19:23 - 2013-09-23 08:10 - 01865728 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-07-16 19:20 - 2013-11-14 08:36 - 04955648 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-07-16 18:26 - 2014-07-16 18:26 - 00248259 _____ () C:\Users\Ethan\Downloads\tweakslogon.zip
2014-07-15 20:39 - 2014-07-15 20:40 - 00000000 ____D () C:\Users\Ethan\Documents\youtube stuff
2014-07-15 20:37 - 2014-07-15 20:37 - 00002717 _____ () C:\Users\Ethan\AppData\Local\recently-used.xbel
2014-07-15 20:12 - 2014-07-15 20:12 - 23634108 _____ () C:\Users\Ethan\Downloads\windows_8_8_1_theme_for_windows_7_by_mare_m-d59vtny.7z
2014-07-14 10:19 - 2014-07-14 10:23 - 356929140 _____ () C:\Users\Ethan\Downloads\Mini-Labor v1.2.exe
2014-07-13 13:37 - 2014-07-13 13:48 - 192548009 _____ () C:\Users\Ethan\Downloads\Rise.exe
2014-07-12 16:08 - 2014-07-12 16:10 - 139435890 _____ () C:\Users\Ethan\Downloads\ILS_Lets_Go_Home_v3.0.exe
2014-07-12 15:28 - 2014-07-19 21:36 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-07-12 15:28 - 2014-07-12 15:42 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Tunngle
2014-07-12 15:28 - 2014-07-12 15:42 - 00000000 ____D () C:\ProgramData\Tunngle
2014-07-12 15:28 - 2014-07-12 15:29 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-07-12 15:28 - 2014-07-12 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-07-12 15:28 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\Windows\system32\Drivers\tap0901t.sys
2014-07-12 15:00 - 2014-07-12 15:00 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\Ethan\Downloads\Tunngle_Setup_v4.5.1.4b.exe
2014-07-12 11:31 - 2014-07-12 11:32 - 121350839 _____ () C:\Users\Ethan\Downloads\nazi_zombie_kamchatka.exe
2014-07-12 10:48 - 2014-07-12 10:48 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Adobe
2014-07-11 21:49 - 2014-07-11 21:51 - 43221185 _____ () C:\Users\Ethan\Downloads\Textures_and_Sounds_mod.zip
2014-07-11 17:14 - 2014-07-11 17:14 - 05538818 _____ (Activision Blizzard, Inc.) C:\Users\Ethan\Downloads\CoDWaW LanFixed.exe
2014-07-11 16:52 - 2014-07-11 16:53 - 92289769 _____ () C:\Users\Ethan\Downloads\nazi_zombie_minecraft.RAR
2014-07-11 16:16 - 2014-06-29 19:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-11 16:16 - 2014-06-29 19:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-11 16:16 - 2014-06-20 13:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-11 16:16 - 2014-06-20 12:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-11 16:16 - 2014-06-18 18:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-11 16:16 - 2014-06-18 18:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-11 16:16 - 2014-06-18 18:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-11 16:16 - 2014-06-18 17:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-11 16:16 - 2014-06-18 17:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-11 16:16 - 2014-06-18 17:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-11 16:16 - 2014-06-18 17:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-11 16:16 - 2014-06-18 17:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-11 16:16 - 2014-06-18 17:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-11 16:16 - 2014-06-18 17:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-11 16:16 - 2014-06-18 17:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-11 16:16 - 2014-06-18 17:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-11 16:16 - 2014-06-18 17:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-11 16:16 - 2014-06-18 17:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-11 16:16 - 2014-06-18 17:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-11 16:16 - 2014-06-18 17:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-11 16:16 - 2014-06-18 17:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-11 16:16 - 2014-06-18 16:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-11 16:16 - 2014-06-18 16:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-11 16:16 - 2014-06-18 16:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-11 16:16 - 2014-06-18 16:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-11 16:16 - 2014-06-18 16:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-11 16:16 - 2014-06-18 16:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-11 16:16 - 2014-06-18 16:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-11 16:16 - 2014-06-18 16:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-11 16:16 - 2014-06-18 16:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-11 16:16 - 2014-06-18 16:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-11 16:16 - 2014-06-18 16:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-11 16:16 - 2014-06-18 16:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-11 16:16 - 2014-06-18 16:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-11 16:16 - 2014-06-18 16:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-11 16:16 - 2014-06-18 16:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-11 16:16 - 2014-06-18 16:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-11 16:16 - 2014-06-18 16:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-11 16:16 - 2014-06-18 16:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-11 16:16 - 2014-06-18 16:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-11 16:16 - 2014-06-18 16:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-11 16:16 - 2014-06-18 16:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-11 16:16 - 2014-06-18 16:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-11 16:16 - 2014-06-18 16:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-11 16:16 - 2014-06-18 15:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-11 16:16 - 2014-06-18 15:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-11 16:16 - 2014-06-18 15:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-11 16:16 - 2014-06-18 15:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-11 16:16 - 2014-06-18 15:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-11 16:16 - 2014-06-18 15:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-11 16:16 - 2014-06-18 15:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-11 16:16 - 2014-06-18 15:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-11 16:16 - 2014-06-18 15:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-11 16:16 - 2014-06-18 15:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-11 16:16 - 2014-06-18 15:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-11 16:16 - 2014-06-18 15:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-11 16:16 - 2014-06-18 15:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-11 16:16 - 2014-06-18 15:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-11 16:16 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-11 16:16 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-11 16:16 - 2014-06-17 18:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-11 16:16 - 2014-06-06 03:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-11 16:16 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-11 16:16 - 2014-06-05 07:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-11 16:16 - 2014-06-05 07:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-11 16:16 - 2014-06-05 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-11 16:16 - 2014-05-29 23:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-07 17:05 - 2014-07-07 17:06 - 00000000 ____D () C:\Program Files\Android
2014-07-07 16:58 - 2014-07-07 17:02 - 370763706 _____ () C:\Users\Ethan\Downloads\adt-bundle-windows-x86_64-20140702.zip
2014-07-07 16:57 - 2014-07-07 17:01 - 448619398 _____ () C:\Users\Ethan\Downloads\hammerhead-kot49h-factory-02006b99.tgz
2014-07-07 16:14 - 2014-07-07 16:14 - 01244053 _____ () C:\Users\Ethan\Downloads\UPDATE-SuperSU-v2.01(1).zip
2014-07-07 16:01 - 2014-07-07 16:01 - 07979609 _____ () C:\Users\Ethan\Downloads\boot.zip
2014-07-07 16:01 - 2014-07-07 16:01 - 01225102 _____ () C:\Users\Ethan\Downloads\SuperSU-v2.00 for Android L.zip
2014-07-07 15:38 - 2014-07-07 15:38 - 09908869 _____ () C:\Users\Ethan\Downloads\CF-Auto-Root-hammerhead-hammerhead-nexus5(1).zip
2014-07-07 15:10 - 2014-07-07 15:13 - 451801880 _____ () C:\Users\Ethan\Downloads\hammerhead-lpv79-preview-ac1d8a8e.tgz
2014-07-07 15:02 - 2014-07-07 16:54 - 00000000 ____D () C:\Users\Ethan\Documents\nexus
2014-07-07 12:43 - 2014-07-07 12:47 - 426983121 _____ () C:\Users\Ethan\Downloads\Overrun 2.2.exe
2014-07-07 12:40 - 2014-07-07 12:43 - 317897730 _____ () C:\Users\Ethan\Downloads\nazi_zombie_sog 1.1.exe
2014-07-05 15:32 - 2014-07-05 15:49 - 427445973 _____ () C:\Users\Ethan\Downloads\zct_arena.exe
2014-07-05 11:56 - 2014-07-05 11:57 - 62696594 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lab935 v2.3.exe
2014-06-28 10:57 - 2014-06-28 10:59 - 126346128 _____ () C:\Users\Ethan\Downloads\zm_owc.exe
2014-06-27 18:21 - 2014-06-27 18:21 - 60301110 _____ () C:\Users\Ethan\Downloads\nazi_zombie_xob.zip
2014-06-27 18:11 - 2014-06-27 18:14 - 217996765 _____ () C:\Users\Ethan\Downloads\nazi_zombie_FarAway(1).exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00715038 _____ () C:\Windows\unins000.exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00443445 _____ ( ) C:\Users\Ethan\Downloads\LagarithSetup_1327.exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00001989 _____ () C:\Windows\unins000.dat
2014-06-27 16:40 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2014-06-27 16:40 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2014-06-27 16:36 - 2014-06-27 16:36 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Dxtory Software
2014-06-27 16:36 - 2014-06-27 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2014-06-27 16:36 - 2011-05-23 23:29 - 03673600 _____ (Dxtory Software) C:\Windows\system32\DxtoryCodec64.dll
2014-06-27 16:36 - 2011-05-23 23:23 - 03166720 _____ (Dxtory Software) C:\Windows\SysWOW64\DxtoryCodec.dll
2014-06-27 16:35 - 2014-06-27 16:35 - 00000000 ____D () C:\Program Files (x86)\Dxtory Software
2014-06-27 16:34 - 2014-06-27 16:35 - 02947057 _____ () C:\Users\Ethan\Downloads\Chocalate Orange Dxtory.rar
2014-06-27 16:08 - 2014-06-27 16:11 - 00005433 _____ () C:\commandlist.txt
2014-06-27 15:56 - 2014-07-11 19:26 - 00001493 _____ () C:\tstamps.log
2014-06-27 14:34 - 2014-06-27 14:35 - 00889416 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotNetFx40_Full_setup.exe
2014-06-26 19:46 - 2014-06-26 19:49 - 00299048 _____ () C:\Users\Ethan\Downloads\Purity Ring - Fineshrine.mp3.sfk
2014-06-26 19:30 - 2014-05-29 16:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-26 19:30 - 2014-05-29 16:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-26 19:19 - 2014-06-26 19:19 - 00000000 ____D () C:\Program Files\Sony
2014-06-26 19:18 - 2014-06-26 19:18 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-26 19:15 - 2014-05-19 19:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-26 19:15 - 2014-03-31 09:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-26 19:15 - 2014-03-31 09:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-26 19:13 - 2014-06-26 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-06-26 19:11 - 2014-06-26 19:12 - 231400888 _____ (NVIDIA Corporation) C:\Users\Ethan\Downloads\337.88-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-06-26 19:01 - 2014-06-26 20:31 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\OBS
2014-06-26 19:01 - 2014-06-26 19:01 - 08351107 _____ () C:\Users\Ethan\Downloads\OBS_0_625b_Installer.exe
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Program Files\OBS
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-06-26 15:37 - 2014-06-26 15:40 - 169613955 _____ () C:\Users\Ethan\Downloads\nazi_zombie_ndh.zip
2014-06-26 15:36 - 2014-06-26 15:40 - 279809885 _____ () C:\Users\Ethan\Downloads\nazi_zombie_base36.exe
2014-06-26 15:35 - 2014-06-26 15:39 - 158942060 _____ () C:\Users\Ethan\Downloads\nazi_zombie_tomb.exe
2014-06-26 15:34 - 2014-06-26 15:40 - 175421863 _____ () C:\Users\Ethan\Downloads\Ccourtv2.zip
2014-06-26 15:34 - 2014-06-26 15:38 - 113272173 _____ () C:\Users\Ethan\Downloads\nazi_zombie_isolation_ZM.exe
2014-06-26 15:33 - 2014-06-26 15:40 - 299237464 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lost.exe
2014-06-26 15:33 - 2014-06-26 15:37 - 89465890 _____ () C:\Users\Ethan\Downloads\nazi_zombie_madagascar.exe
2014-06-26 14:47 - 2014-06-26 14:51 - 224981775 _____ () C:\Users\Ethan\Downloads\nazi_zombie_slums.exe
2014-06-25 21:01 - 2014-06-25 21:01 - 43867536 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lost1.1.zip
2014-06-25 20:26 - 2014-06-25 20:28 - 161098633 _____ () C:\Users\Ethan\Downloads\Cheese Cube Unlimited v1.0.exe
2014-06-25 19:05 - 2014-06-25 19:05 - 215604028 _____ () C:\Users\Ethan\Downloads\nazi_zombie_silo.exe
2014-06-25 16:53 - 2014-06-25 16:53 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Skype
2014-06-25 16:53 - 2014-06-25 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-25 16:40 - 2014-06-25 16:40 - 00000000 ____D () C:\Users\Ethan\Documents\Activision
2014-06-25 16:13 - 2014-06-25 16:13 - 123616577 _____ () C:\Users\Ethan\Downloads\nazi_zombie_penguin.exe
2014-06-25 14:08 - 2014-06-25 14:09 - 137685111 _____ () C:\Users\Ethan\Downloads\zm_birthday.exe
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bigasoft
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Bigasoft Total Video Converter 4
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Program Files (x86)\Bigasoft
2014-06-25 00:52 - 2014-06-25 00:53 - 16461951 _____ (Bigasoft Corporation ) C:\Users\Ethan\Downloads\b-total-video-converter.exe
2014-06-25 00:23 - 2014-06-26 20:02 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\vlc
2014-06-25 00:23 - 2014-06-25 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-25 00:23 - 2014-06-25 00:23 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-06-25 00:12 - 2014-06-25 00:16 - 24677393 _____ () C:\Users\Ethan\Downloads\vlc-2.1.3-win32.exe
2014-06-24 23:58 - 2014-06-24 23:59 - 00000000 ____D () C:\ProgramData\PMS
2014-06-24 23:58 - 2014-06-24 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
2014-06-24 23:58 - 2014-06-24 23:58 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server
2014-06-24 23:56 - 2014-06-24 23:58 - 54431910 _____ () C:\Users\Ethan\Downloads\pms-1.90.1-setup-full-x64.exe
2014-06-24 02:24 - 2014-06-24 02:27 - 163936044 _____ () C:\Users\Ethan\Downloads\call_of_duty_black_ops_zombies.zip
2014-06-24 02:21 - 2014-06-24 02:22 - 45259180 _____ () C:\Users\Ethan\Downloads\call_of_duty_black_ops_zombies.apk
2014-06-23 18:21 - 2014-06-23 18:21 - 00000000 ____D () C:\Users\Ethan\AppData\Local\PunkBuster
2014-06-23 18:18 - 2014-06-23 18:19 - 361758379 _____ () C:\Users\Ethan\Downloads\nazi_zombie_sr.zip

==================== One Month Modified Files and Folders =======

2014-07-22 22:32 - 2014-07-22 22:32 - 00022255 _____ () C:\Users\Ethan\Desktop\FRST.txt
2014-07-22 22:32 - 2014-07-22 16:33 - 00000000 ____D () C:\FRST
2014-07-22 22:30 - 2014-07-22 22:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-22 22:27 - 2014-07-22 22:27 - 00001033 _____ () C:\Users\Ethan\Desktop\JRT.txt
2014-07-22 22:17 - 2014-07-22 22:17 - 00000000 ____D () C:\Windows\ERUNT
2014-07-22 22:16 - 2014-07-22 22:15 - 01016261 _____ (Thisisu) C:\Users\Ethan\Desktop\JRT.exe
2014-07-22 22:06 - 2013-07-13 12:26 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-22 22:02 - 2009-07-13 22:13 - 00782578 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-22 22:01 - 2009-07-13 21:45 - 00016560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-22 22:01 - 2009-07-13 21:45 - 00016560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-22 21:59 - 2014-07-22 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 21:59 - 2014-07-22 21:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-22 21:59 - 2014-07-22 21:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-22 21:59 - 2013-10-29 17:34 - 00024968 _____ () C:\Windows\setupact.log
2014-07-22 21:59 - 2013-09-23 20:17 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\BitTorrent
2014-07-22 21:59 - 2013-07-12 23:22 - 02012726 _____ () C:\Windows\WindowsUpdate.log
2014-07-22 21:58 - 2014-07-22 21:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ethan\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-22 21:58 - 2013-09-12 16:52 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Spotify
2014-07-22 21:57 - 2013-10-10 14:25 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Spotify
2014-07-22 21:57 - 2013-08-09 18:54 - 00000000 ____D () C:\Users\Ethan\AppData\Local\LogMeIn Hamachi
2014-07-22 21:56 - 2014-07-22 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-22 21:56 - 2014-07-22 21:56 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-22 21:55 - 2013-07-12 23:42 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-22 21:55 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-22 21:54 - 2013-07-13 11:33 - 00534668 _____ () C:\Windows\PFRO.log
2014-07-22 21:53 - 2014-07-22 21:52 - 00000000 ____D () C:\AdwCleaner
2014-07-22 21:50 - 2013-07-13 19:02 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Skype
2014-07-22 17:06 - 2013-07-12 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-22 17:06 - 2013-07-12 23:42 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-22 17:04 - 2013-07-12 23:42 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-22 16:53 - 2013-07-13 13:43 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-22 16:33 - 2014-07-22 16:32 - 02090496 _____ (Farbar) C:\Users\Ethan\Desktop\FRST64.exe
2014-07-20 23:01 - 2014-07-19 21:36 - 00000000 ____D () C:\Users\Ethan\Documents\unturned saves
2014-07-20 21:38 - 2014-07-20 21:35 - 00000000 ____D () C:\Users\Ethan\Downloads\Extreme Injector v3.3 - by master131_mpgh.net
2014-07-20 19:07 - 2014-07-20 16:57 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\TS3Client
2014-07-20 16:57 - 2014-07-20 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-07-20 16:57 - 2014-07-20 16:57 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-07-20 16:56 - 2014-07-20 16:56 - 27337256 _____ (TeamSpeak Systems GmbH) C:\Users\Ethan\Downloads\TeamSpeak3-Client-win32-3.0.15.1.exe
2014-07-20 00:47 - 2014-07-20 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-20 00:47 - 2014-07-20 00:46 - 00004460 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-20 00:47 - 2013-10-18 07:04 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-20 00:47 - 2013-07-13 12:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-20 00:45 - 2014-07-20 00:45 - 00918440 _____ (Oracle Corporation) C:\Users\Ethan\Downloads\JavaSetup7u65.exe
2014-07-19 21:36 - 2014-07-12 15:28 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-07-18 21:47 - 2013-07-18 18:24 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\PFStaticIP
2014-07-18 03:01 - 2013-07-13 00:19 - 00774700 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-17 15:48 - 2014-07-17 15:37 - 325224491 _____ () C:\Users\Ethan\Downloads\nazi_zombie_legion.exe
2014-07-17 12:33 - 2009-07-13 21:45 - 00475888 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-17 01:01 - 2014-07-17 00:39 - 00000000 ____D () C:\Program Files (x86)\Cain
2014-07-17 00:59 - 2013-07-12 23:55 - 00123704 _____ () C:\Users\Ethan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cain
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-07-17 00:38 - 2014-07-17 00:37 - 08244106 _____ () C:\Users\Ethan\Downloads\ca_setup.exe
2014-07-16 20:05 - 2014-07-16 20:05 - 00000000 ____D () C:\Windows\w7upfc
2014-07-16 20:05 - 2014-07-16 20:05 - 00000000 ____D () C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer
2014-07-16 20:04 - 2014-07-16 20:05 - 00452830 _____ () C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer.zip
2014-07-16 20:04 - 2014-07-16 20:04 - 00757808 _____ ( ) C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer.exe
2014-07-16 20:04 - 2014-07-16 20:04 - 00000000 ____D () C:\Users\Ethan\Downloads\windows_8_8_1_theme_for_windows_7_by_mare_m-d59vtny
2014-07-16 20:01 - 2013-07-25 11:49 - 00000000 ____D () C:\Users\Ethan\Documents\all of it
2014-07-16 19:56 - 2014-01-15 21:21 - 00000000 ____D () C:\Users\Ethan\AppData\Local\CrashDumps
2014-07-16 19:50 - 2014-07-16 19:50 - 00889416 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotNetFx40_Full_setup(1).exe
2014-07-16 19:49 - 2014-07-16 19:49 - 00266065 _____ () C:\Users\Ethan\Downloads\dotnetfx_cleanup_tool.zip
2014-07-16 19:39 - 2014-07-16 19:39 - 00879096 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\NetFxRepairTool.exe
2014-07-16 19:36 - 2014-07-16 19:35 - 00278528 _____ (Coder for Life) C:\Users\Ethan\Downloads\Win7BootUpdaterCmd.exe
2014-07-16 19:35 - 2014-07-16 19:34 - 52070032 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotnetfx45_full_x86_x64.exe
2014-07-16 18:26 - 2014-07-16 18:26 - 00248259 _____ () C:\Users\Ethan\Downloads\tweakslogon.zip
2014-07-15 20:40 - 2014-07-15 20:39 - 00000000 ____D () C:\Users\Ethan\Documents\youtube stuff
2014-07-15 20:38 - 2013-10-21 18:53 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\DisplayFusion
2014-07-15 20:37 - 2014-07-15 20:37 - 00002717 _____ () C:\Users\Ethan\AppData\Local\recently-used.xbel
2014-07-15 20:37 - 2014-05-10 21:29 - 00000000 ____D () C:\Users\Ethan\AppData\Local\gtk-2.0
2014-07-15 20:37 - 2014-05-10 21:19 - 00000000 ____D () C:\Users\Ethan\.gimp-2.8
2014-07-15 20:12 - 2014-07-15 20:12 - 23634108 _____ () C:\Users\Ethan\Downloads\windows_8_8_1_theme_for_windows_7_by_mare_m-d59vtny.7z
2014-07-15 13:35 - 2013-08-06 19:47 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Audacity
2014-07-14 10:23 - 2014-07-14 10:19 - 356929140 _____ () C:\Users\Ethan\Downloads\Mini-Labor v1.2.exe
2014-07-13 13:48 - 2014-07-13 13:37 - 192548009 _____ () C:\Users\Ethan\Downloads\Rise.exe
2014-07-12 23:16 - 2013-07-13 16:21 - 00111928 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-12 16:10 - 2014-07-12 16:08 - 139435890 _____ () C:\Users\Ethan\Downloads\ILS_Lets_Go_Home_v3.0.exe
2014-07-12 15:42 - 2014-07-12 15:28 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Tunngle
2014-07-12 15:42 - 2014-07-12 15:28 - 00000000 ____D () C:\ProgramData\Tunngle
2014-07-12 15:29 - 2014-07-12 15:28 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-07-12 15:28 - 2014-07-12 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-07-12 15:00 - 2014-07-12 15:00 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\Ethan\Downloads\Tunngle_Setup_v4.5.1.4b.exe
2014-07-12 13:31 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-07-12 11:32 - 2014-07-12 11:31 - 121350839 _____ () C:\Users\Ethan\Downloads\nazi_zombie_kamchatka.exe
2014-07-12 10:49 - 2013-09-23 20:18 - 00000813 _____ () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-07-12 10:48 - 2014-07-12 10:48 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Adobe
2014-07-12 10:42 - 2014-05-06 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-12 10:42 - 2009-07-14 00:46 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-12 10:42 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-12 10:42 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-11 23:36 - 2013-07-14 00:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 23:34 - 2013-07-13 00:40 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-11 21:51 - 2014-07-11 21:49 - 43221185 _____ () C:\Users\Ethan\Downloads\Textures_and_Sounds_mod.zip
2014-07-11 19:26 - 2014-06-27 15:56 - 00001493 _____ () C:\tstamps.log
2014-07-11 17:14 - 2014-07-11 17:14 - 05538818 _____ (Activision Blizzard, Inc.) C:\Users\Ethan\Downloads\CoDWaW LanFixed.exe
2014-07-11 17:06 - 2013-07-13 12:26 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-11 17:06 - 2013-07-13 12:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-11 17:06 - 2013-07-13 12:26 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-11 16:53 - 2014-07-11 16:52 - 92289769 _____ () C:\Users\Ethan\Downloads\nazi_zombie_minecraft.RAR
2014-07-11 03:02 - 2014-07-20 00:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-20 00:47 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-20 00:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-20 00:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-07 17:30 - 2014-06-05 21:57 - 00000000 ____D () C:\Users\Ethan\.android
2014-07-07 17:06 - 2014-07-07 17:05 - 00000000 ____D () C:\Program Files\Android
2014-07-07 17:02 - 2014-07-07 16:58 - 370763706 _____ () C:\Users\Ethan\Downloads\adt-bundle-windows-x86_64-20140702.zip
2014-07-07 17:01 - 2014-07-07 16:57 - 448619398 _____ () C:\Users\Ethan\Downloads\hammerhead-kot49h-factory-02006b99.tgz
2014-07-07 16:54 - 2014-07-07 15:02 - 00000000 ____D () C:\Users\Ethan\Documents\nexus
2014-07-07 16:49 - 2014-06-05 22:20 - 00000000 ____D () C:\Users\Ethan\Documents\Android bleep
2014-07-07 16:14 - 2014-07-07 16:14 - 01244053 _____ () C:\Users\Ethan\Downloads\UPDATE-SuperSU-v2.01(1).zip
2014-07-07 16:06 - 2013-07-12 23:24 - 00000000 ____D () C:\Users\Ethan\AppData\Local\VirtualStore
2014-07-07 16:01 - 2014-07-07 16:01 - 07979609 _____ () C:\Users\Ethan\Downloads\boot.zip
2014-07-07 16:01 - 2014-07-07 16:01 - 01225102 _____ () C:\Users\Ethan\Downloads\SuperSU-v2.00 for Android L.zip
2014-07-07 15:38 - 2014-07-07 15:38 - 09908869 _____ () C:\Users\Ethan\Downloads\CF-Auto-Root-hammerhead-hammerhead-nexus5(1).zip
2014-07-07 15:13 - 2014-07-07 15:10 - 451801880 _____ () C:\Users\Ethan\Downloads\hammerhead-lpv79-preview-ac1d8a8e.tgz
2014-07-07 12:47 - 2014-07-07 12:43 - 426983121 _____ () C:\Users\Ethan\Downloads\Overrun 2.2.exe
2014-07-07 12:43 - 2014-07-07 12:40 - 317897730 _____ () C:\Users\Ethan\Downloads\nazi_zombie_sog 1.1.exe
2014-07-05 15:49 - 2014-07-05 15:32 - 427445973 _____ () C:\Users\Ethan\Downloads\zct_arena.exe
2014-07-05 11:57 - 2014-07-05 11:56 - 62696594 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lab935 v2.3.exe
2014-06-29 19:09 - 2014-07-11 16:16 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-29 19:04 - 2014-07-11 16:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-28 10:59 - 2014-06-28 10:57 - 126346128 _____ () C:\Users\Ethan\Downloads\zm_owc.exe
2014-06-27 18:21 - 2014-06-27 18:21 - 60301110 _____ () C:\Users\Ethan\Downloads\nazi_zombie_xob.zip
2014-06-27 18:14 - 2014-06-27 18:11 - 217996765 _____ () C:\Users\Ethan\Downloads\nazi_zombie_FarAway(1).exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00715038 _____ () C:\Windows\unins000.exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00443445 _____ ( ) C:\Users\Ethan\Downloads\LagarithSetup_1327.exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00001989 _____ () C:\Windows\unins000.dat
2014-06-27 16:36 - 2014-06-27 16:36 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Dxtory Software
2014-06-27 16:36 - 2014-06-27 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2014-06-27 16:35 - 2014-06-27 16:35 - 00000000 ____D () C:\Program Files (x86)\Dxtory Software
2014-06-27 16:35 - 2014-06-27 16:34 - 02947057 _____ () C:\Users\Ethan\Downloads\Chocalate Orange Dxtory.rar
2014-06-27 16:11 - 2014-06-27 16:08 - 00005433 _____ () C:\commandlist.txt
2014-06-27 14:35 - 2014-06-27 14:34 - 00889416 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotNetFx40_Full_setup.exe
2014-06-26 20:31 - 2014-06-26 19:01 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\OBS
2014-06-26 20:02 - 2014-06-25 00:23 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\vlc
2014-06-26 19:49 - 2014-06-26 19:46 - 00299048 _____ () C:\Users\Ethan\Downloads\Purity Ring - Fineshrine.mp3.sfk
2014-06-26 19:25 - 2014-01-15 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-06-26 19:22 - 2013-07-12 23:42 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-26 19:19 - 2014-06-26 19:19 - 00000000 ____D () C:\Program Files\Sony
2014-06-26 19:19 - 2014-01-15 21:49 - 00000000 ____D () C:\ProgramData\Sony
2014-06-26 19:19 - 2014-01-15 21:14 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Sony
2014-06-26 19:19 - 2013-11-12 18:13 - 00000000 ____D () C:\Users\Ethan\AppData\Local\NVIDIA Corporation
2014-06-26 19:19 - 2013-07-13 12:19 - 00000000 ____D () C:\Users\Ethan\AppData\Local\NVIDIA
2014-06-26 19:18 - 2014-06-26 19:18 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-26 19:13 - 2014-06-26 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-06-26 19:12 - 2014-06-26 19:11 - 231400888 _____ (NVIDIA Corporation) C:\Users\Ethan\Downloads\337.88-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-06-26 19:12 - 2013-10-21 18:46 - 00000000 ____D () C:\Users\Ethan\Documents\Torrents
2014-06-26 19:01 - 2014-06-26 19:01 - 08351107 _____ () C:\Users\Ethan\Downloads\OBS_0_625b_Installer.exe
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Program Files\OBS
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-06-26 15:40 - 2014-06-26 15:37 - 169613955 _____ () C:\Users\Ethan\Downloads\nazi_zombie_ndh.zip
2014-06-26 15:40 - 2014-06-26 15:36 - 279809885 _____ () C:\Users\Ethan\Downloads\nazi_zombie_base36.exe
2014-06-26 15:40 - 2014-06-26 15:34 - 175421863 _____ () C:\Users\Ethan\Downloads\Ccourtv2.zip
2014-06-26 15:40 - 2014-06-26 15:33 - 299237464 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lost.exe
2014-06-26 15:39 - 2014-06-26 15:35 - 158942060 _____ () C:\Users\Ethan\Downloads\nazi_zombie_tomb.exe
2014-06-26 15:38 - 2014-06-26 15:34 - 113272173 _____ () C:\Users\Ethan\Downloads\nazi_zombie_isolation_ZM.exe
2014-06-26 15:37 - 2014-06-26 15:33 - 89465890 _____ () C:\Users\Ethan\Downloads\nazi_zombie_madagascar.exe
2014-06-26 14:51 - 2014-06-26 14:47 - 224981775 _____ () C:\Users\Ethan\Downloads\nazi_zombie_slums.exe
2014-06-25 21:24 - 2013-07-13 19:02 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-25 21:24 - 2013-07-13 19:02 - 00000000 ____D () C:\ProgramData\Skype
2014-06-25 21:15 - 2013-07-25 13:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-25 21:01 - 2014-06-25 21:01 - 43867536 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lost1.1.zip
2014-06-25 20:28 - 2014-06-25 20:26 - 161098633 _____ () C:\Users\Ethan\Downloads\Cheese Cube Unlimited v1.0.exe
2014-06-25 19:05 - 2014-06-25 19:05 - 215604028 _____ () C:\Users\Ethan\Downloads\nazi_zombie_silo.exe
2014-06-25 16:53 - 2014-06-25 16:53 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Skype
2014-06-25 16:53 - 2014-06-25 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-25 16:40 - 2014-06-25 16:40 - 00000000 ____D () C:\Users\Ethan\Documents\Activision
2014-06-25 16:13 - 2014-06-25 16:13 - 123616577 _____ () C:\Users\Ethan\Downloads\nazi_zombie_penguin.exe
2014-06-25 14:09 - 2014-06-25 14:08 - 137685111 _____ () C:\Users\Ethan\Downloads\zm_birthday.exe
2014-06-25 12:25 - 2014-05-10 19:11 - 00000000 ____D () C:\Users\Ethan\Documents\DS4
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bigasoft
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Bigasoft Total Video Converter 4
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Program Files (x86)\Bigasoft
2014-06-25 00:53 - 2014-06-25 00:52 - 16461951 _____ (Bigasoft Corporation ) C:\Users\Ethan\Downloads\b-total-video-converter.exe
2014-06-25 00:23 - 2014-06-25 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-25 00:23 - 2014-06-25 00:23 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-06-25 00:16 - 2014-06-25 00:12 - 24677393 _____ () C:\Users\Ethan\Downloads\vlc-2.1.3-win32.exe
2014-06-24 23:59 - 2014-06-24 23:58 - 00000000 ____D () C:\ProgramData\PMS
2014-06-24 23:58 - 2014-06-24 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
2014-06-24 23:58 - 2014-06-24 23:58 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server
2014-06-24 23:58 - 2014-06-24 23:56 - 54431910 _____ () C:\Users\Ethan\Downloads\pms-1.90.1-setup-full-x64.exe
2014-06-24 02:27 - 2014-06-24 02:24 - 163936044 _____ () C:\Users\Ethan\Downloads\call_of_duty_black_ops_zombies.zip
2014-06-24 02:22 - 2014-06-24 02:21 - 45259180 _____ () C:\Users\Ethan\Downloads\call_of_duty_black_ops_zombies.apk
2014-06-23 18:21 - 2014-06-23 18:21 - 00000000 ____D () C:\Users\Ethan\AppData\Local\PunkBuster
2014-06-23 18:19 - 2014-06-23 18:18 - 361758379 _____ () C:\Users\Ethan\Downloads\nazi_zombie_sr.zip
2014-06-23 12:46 - 2013-07-18 18:24 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com

Files to move or delete:
====================
C:\Users\Ethan\7z.dll
C:\Users\Ethan\fceux.exe
C:\Users\Ethan\jagex_cl_oldschool_LIVE.dat
C:\Users\Ethan\jagex_cl_runescape_LIVE.dat
C:\Users\Ethan\jagex_cl_runescape_LIVE1.dat
C:\Users\Ethan\lua5.1.dll
C:\Users\Ethan\lua51.dll
C:\Users\Ethan\random.dat


Some content of TEMP:
====================
C:\Users\Ethan\AppData\Local\Temp\jna431875319602554335.dll
C:\Users\Ethan\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Ethan\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Ethan\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Ethan\AppData\Local\Temp\nvStInst.exe
C:\Users\Ethan\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2014-07-16 20:05] - [2011-02-24 23:19] - 2792960 ____A (Microsoft Corporation) 41A129F1CF1DED0B5A95235082D65ED8

C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-18 00:55

==================== End Of Log ============================



#6 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,904 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:44 AM

Posted 23 July 2014 - 06:07 AM

HackTool.Agent.DC, C:\Users\Ethan\Downloads\Extreme Injector v3.3 - by master131_mpgh.net.rar, Quarantined, [b1cc27b7b2c88aac0cce9be04bb6f50b],

What's this?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#7 coukan

coukan
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 23 July 2014 - 12:54 PM

I thought it was supposed to inject .DLL files into games so I could do certain things. I deleted it awhile ago, but the problems didn't start until a day or two after I ran it.

#8 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,904 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:44 AM

Posted 23 July 2014 - 01:56 PM

# AdwCleaner v3.216 - Report created 22/07/2014 at 21:52:02
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Ethan - EVEREST
# Running from : C:\Users\Ethan\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
Folder Found : C:\Program Files (x86)\SearchProtect
Folder Found : C:\Users\Ethan\AppData\Local\SearchProtect

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\SweetIM
Key Found : [x64] HKCU\Software\Ask.com
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\SweetIM
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\Software\SweetIM
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\prefs.js ]


Please delete the items which AdwCleaner found.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#9 coukan

coukan
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 23 July 2014 - 02:17 PM

None of these files appear to be there, incliding the registry keys. I tried running regedit as an admin (and it happened to allow me to do so), and the files on the C drive arent there either, even with hidden files shown.



#10 coukan

coukan
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 23 July 2014 - 02:19 PM

Also, reran a scan with ADWCleaner. The files arent shown in the log. Perhaps ADW deleted them already?



#11 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,904 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:44 AM

Posted 23 July 2014 - 02:23 PM

There are a few files I would like you to upload to VirusTotal for scanning and analysis. Please follow the instructions below.

  • Please upload the files to virustotal
  • To do this click on Choose file.
  • When the window opens copy (ctrl+c) and paste(ctrl+v) the following line into the filename.

C:\Windows\explorer.exe

  • Click Open.
  • Click the Scan It! button.
  • If file already analysed window will appear, click on reanalyse button.
  • When scan finishes, post the link to result (you can copy it from address bar in your browser) in your next message.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#12 coukan

coukan
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 23 July 2014 - 03:44 PM

Here is the link, nothing is detected.

https://www.virustotal.com/en/file/285ecac8fcb25dd62d3abba28302d6f3fef8e1a6ae13c3c6360574aa30e205dd/analysis/1406148030/



#13 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,904 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:44 AM

Posted 23 July 2014 - 11:47 PM

  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#14 coukan

coukan
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 23 July 2014 - 11:52 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014
Ran by Ethan (administrator) on EVEREST on 23-07-2014 21:50:39
Running from C:\bleepingcomputer files
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Spotify Ltd) C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Ethan\AppData\Roaming\Spotify\spotify.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(KoshyJohn.com) C:\Users\Ethan\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
(Activision Blizzard, Inc.) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaW.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1743088 2014-05-22] (Bitdefender)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-29] (NVIDIA Corporation)
HKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKU\.DEFAULT\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-22] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-22] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-05-22] (Bitdefender)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-07-18] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-22] (Bitdefender)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-22] (Bitdefender)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-05-22] (Bitdefender)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Spotify Web Helper] => C:\Users\Ethan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-12] (Spotify Ltd)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Memory Cleaner] => C:\Users\Ethan\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe [791560 2013-02-03] (KoshyJohn.com)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [Spotify] => C:\Users\Ethan\AppData\Roaming\Spotify\spotify.exe [6162488 2014-07-12] (Spotify Ltd)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Run: [BitTorrent] => C:\Users\Ethan\AppData\Roaming\BitTorrent\BitTorrent.exe [1274456 2014-07-12] (BitTorrent Inc.)
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\MountPoints2: {3c63b06e-eb85-11e2-b292-e1a78403f041} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\MountPoints2: {b39f1a76-f408-11e2-9e47-60a44cabec45} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2547204307-2080740806-2093863390-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2792960 2011-02-24] (Microsoft Corporation) <==== ATTENTION
Startup: C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: __SafeBox1 -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: __SafeBox2 -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: __SafeBox3 -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: __SafeBox4 -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x54563051957FCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Bitdefender Wallet  -> {09F58E74-42B4-4D70-BA26-35FC954E7A17} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{832C33FF-ACE1-4727-B76A-55CD824BF8B7}: [NameServer]75.75.75.75,75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Classic Theme Restorer - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-10]
FF Extension: Firebug - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\firebug@software.joehewitt.com.xpi [2013-12-11]
FF Extension: MEGA - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\firefox@mega.co.nz.xpi [2014-06-27]
FF Extension: Stylish - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-07-23]
FF Extension: Execute JS - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\{7067a92c-1db4-4e5e-869c-25f841287f8b}.xpi [2013-12-11]
FF Extension: Adblock Plus - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-10]
FF Extension: Greasemonkey - C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\dc7u7nle.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-07-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-11]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman [2013-07-13]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
R2 AsSysCtrlService; C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-27] (Bitdefender)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [1498000 2013-04-26] (Binary Fortress Software)
S2 InspIRCd; C:\Program Files (x86)\InspIRCd\inspircd.exe [717824 2013-02-12] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-07-13] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-08-01] (Bitdefender)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2013-10-21] (Microsoft Corporation) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-16] (Bitdefender)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1526800 2014-05-22] (Bitdefender)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-05] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2014-01-27] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2014-01-27] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2014-05-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-10-10] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-13] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-10] (BitDefender LLC)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-10] (BitDefender S.R.L.)
R3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN620.sys [32360 2011-09-16] (Realtek Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-23 14:55 - 2014-07-23 14:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
2014-07-23 14:55 - 2014-07-23 14:55 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-07-23 14:54 - 2014-07-23 14:54 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Downloaded Installations
2014-07-23 14:50 - 2014-07-23 14:52 - 31876280 _____ (Advanced Micro Devices, Inc. ) C:\Users\Ethan\Downloads\aod_setup_4.3.1.exe
2014-07-23 14:46 - 2014-07-23 14:51 - 137549537 _____ () C:\Users\Ethan\Downloads\nazi_zombie_forts_v1.1.exe
2014-07-23 13:42 - 2014-07-23 13:44 - 23634108 _____ () C:\Users\Ethan\Downloads\windows_8_8_1_theme_for_windows_7_by_mare_m-d59vtny(1).7z
2014-07-23 12:04 - 2014-07-23 12:05 - 81127052 _____ () C:\Users\Ethan\Downloads\Trench.exe
2014-07-23 12:02 - 2014-07-23 12:02 - 00003556 _____ () C:\Users\Ethan\Documents\AutoHotkey.ahk
2014-07-22 22:43 - 2014-07-23 21:50 - 00000000 ____D () C:\bleepingcomputer files
2014-07-22 22:17 - 2014-07-22 22:17 - 00000000 ____D () C:\Windows\ERUNT
2014-07-22 22:00 - 2014-07-23 19:21 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-22 21:59 - 2014-07-22 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 21:59 - 2014-07-22 21:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-22 21:59 - 2014-07-22 21:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-22 21:59 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-22 21:59 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-22 21:59 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-22 21:58 - 2014-07-22 21:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ethan\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-22 21:56 - 2014-07-22 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-22 21:56 - 2014-07-22 21:56 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-22 21:52 - 2014-07-23 12:18 - 00000000 ____D () C:\AdwCleaner
2014-07-22 17:05 - 2014-06-12 17:19 - 00609056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-07-22 17:02 - 2014-06-12 19:59 - 01890264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434043.dll
2014-07-22 17:02 - 2014-06-12 19:59 - 01542088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434043.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 13911928 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 13824408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 11272544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 11211224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 04248520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 03989464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 00946120 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 00909256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 00902616 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 00869336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 00391456 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-07-22 17:02 - 2014-06-12 19:48 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-07-22 17:02 - 2014-06-12 19:47 - 31512352 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-22 17:02 - 2014-06-12 19:47 - 24198616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-22 17:02 - 2014-06-12 19:47 - 17553032 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-22 17:02 - 2014-06-12 19:47 - 12860888 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-22 17:02 - 2014-06-12 19:47 - 00502048 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-07-22 17:02 - 2014-06-12 19:47 - 00417568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-07-22 17:02 - 2014-06-12 19:46 - 22994392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-22 17:02 - 2014-06-12 19:46 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-22 17:02 - 2014-06-12 19:46 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-22 17:02 - 2014-06-12 19:46 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-22 17:02 - 2014-06-12 19:46 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-22 17:02 - 2014-06-12 19:46 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-22 17:02 - 2014-06-12 19:46 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-07-22 16:33 - 2014-07-23 21:50 - 00000000 ____D () C:\FRST
2014-07-20 21:35 - 2014-07-20 21:38 - 00000000 ____D () C:\Users\Ethan\Downloads\Extreme Injector v3.3 - by master131_mpgh.net
2014-07-20 16:57 - 2014-07-20 19:07 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\TS3Client
2014-07-20 16:57 - 2014-07-20 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-07-20 16:57 - 2014-07-20 16:57 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-07-20 16:56 - 2014-07-20 16:56 - 27337256 _____ (TeamSpeak Systems GmbH) C:\Users\Ethan\Downloads\TeamSpeak3-Client-win32-3.0.15.1.exe
2014-07-20 00:47 - 2014-07-20 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-20 00:47 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-20 00:47 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-20 00:47 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-20 00:47 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-20 00:46 - 2014-07-20 00:47 - 00004460 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-20 00:45 - 2014-07-20 00:45 - 00918440 _____ (Oracle Corporation) C:\Users\Ethan\Downloads\JavaSetup7u65.exe
2014-07-19 21:36 - 2014-07-20 23:01 - 00000000 ____D () C:\Users\Ethan\Documents\unturned saves
2014-07-17 15:37 - 2014-07-17 15:48 - 325224491 _____ () C:\Users\Ethan\Downloads\nazi_zombie_legion.exe
2014-07-17 00:39 - 2014-07-17 01:01 - 00000000 ____D () C:\Program Files (x86)\Cain
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cain
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-07-17 00:37 - 2014-07-17 00:38 - 08244106 _____ () C:\Users\Ethan\Downloads\ca_setup.exe
2014-07-16 20:05 - 2014-07-16 20:05 - 00000000 ____D () C:\Windows\w7upfc
2014-07-16 20:05 - 2014-07-16 20:05 - 00000000 ____D () C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer
2014-07-16 20:05 - 2014-07-16 20:04 - 00452830 _____ () C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer.zip
2014-07-16 20:05 - 2011-02-24 23:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer_edit_w7upfc.exe
2014-07-16 20:05 - 2011-02-24 23:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer_backup_w7upfc.exe
2014-07-16 20:05 - 2011-02-24 23:19 - 02792960 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-07-16 20:04 - 2014-07-16 20:04 - 00757808 _____ ( ) C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer.exe
2014-07-16 20:04 - 2014-07-16 20:04 - 00000000 ____D () C:\Users\Ethan\Downloads\windows_8_8_1_theme_for_windows_7_by_mare_m-d59vtny
2014-07-16 19:50 - 2014-07-16 19:50 - 00889416 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotNetFx40_Full_setup(1).exe
2014-07-16 19:49 - 2014-07-16 19:49 - 00266065 _____ () C:\Users\Ethan\Downloads\dotnetfx_cleanup_tool.zip
2014-07-16 19:39 - 2014-07-16 19:39 - 00879096 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\NetFxRepairTool.exe
2014-07-16 19:35 - 2014-07-16 19:36 - 00278528 _____ (Coder for Life) C:\Users\Ethan\Downloads\Win7BootUpdaterCmd.exe
2014-07-16 19:34 - 2014-07-16 19:35 - 52070032 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotnetfx45_full_x86_x64.exe
2014-07-16 19:23 - 2013-09-23 08:10 - 01865728 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-07-16 19:20 - 2013-11-14 08:36 - 04955648 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-07-16 18:26 - 2014-07-16 18:26 - 00248259 _____ () C:\Users\Ethan\Downloads\tweakslogon.zip
2014-07-15 20:39 - 2014-07-15 20:40 - 00000000 ____D () C:\Users\Ethan\Documents\youtube stuff
2014-07-15 20:37 - 2014-07-15 20:37 - 00002717 _____ () C:\Users\Ethan\AppData\Local\recently-used.xbel
2014-07-15 20:12 - 2014-07-15 20:12 - 23634108 _____ () C:\Users\Ethan\Downloads\windows_8_8_1_theme_for_windows_7_by_mare_m-d59vtny.7z
2014-07-14 10:19 - 2014-07-14 10:23 - 356929140 _____ () C:\Users\Ethan\Downloads\Mini-Labor v1.2.exe
2014-07-13 13:37 - 2014-07-13 13:48 - 192548009 _____ () C:\Users\Ethan\Downloads\Rise.exe
2014-07-12 16:08 - 2014-07-12 16:10 - 139435890 _____ () C:\Users\Ethan\Downloads\ILS_Lets_Go_Home_v3.0.exe
2014-07-12 15:28 - 2014-07-19 21:36 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-07-12 15:28 - 2014-07-12 15:42 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Tunngle
2014-07-12 15:28 - 2014-07-12 15:42 - 00000000 ____D () C:\ProgramData\Tunngle
2014-07-12 15:28 - 2014-07-12 15:29 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-07-12 15:28 - 2014-07-12 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-07-12 15:28 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\Windows\system32\Drivers\tap0901t.sys
2014-07-12 15:00 - 2014-07-12 15:00 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\Ethan\Downloads\Tunngle_Setup_v4.5.1.4b.exe
2014-07-12 11:31 - 2014-07-12 11:32 - 121350839 _____ () C:\Users\Ethan\Downloads\nazi_zombie_kamchatka.exe
2014-07-12 10:48 - 2014-07-23 14:12 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Adobe
2014-07-11 21:49 - 2014-07-11 21:51 - 43221185 _____ () C:\Users\Ethan\Downloads\Textures_and_Sounds_mod.zip
2014-07-11 17:14 - 2014-07-11 17:14 - 05538818 _____ (Activision Blizzard, Inc.) C:\Users\Ethan\Downloads\CoDWaW LanFixed.exe
2014-07-11 16:52 - 2014-07-11 16:53 - 92289769 _____ () C:\Users\Ethan\Downloads\nazi_zombie_minecraft.RAR
2014-07-11 16:16 - 2014-06-29 19:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-11 16:16 - 2014-06-29 19:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-11 16:16 - 2014-06-20 13:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-11 16:16 - 2014-06-20 12:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-11 16:16 - 2014-06-18 18:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-11 16:16 - 2014-06-18 18:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-11 16:16 - 2014-06-18 18:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-11 16:16 - 2014-06-18 17:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-11 16:16 - 2014-06-18 17:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-11 16:16 - 2014-06-18 17:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-11 16:16 - 2014-06-18 17:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-11 16:16 - 2014-06-18 17:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-11 16:16 - 2014-06-18 17:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-11 16:16 - 2014-06-18 17:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-11 16:16 - 2014-06-18 17:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-11 16:16 - 2014-06-18 17:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-11 16:16 - 2014-06-18 17:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-11 16:16 - 2014-06-18 17:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-11 16:16 - 2014-06-18 17:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-11 16:16 - 2014-06-18 17:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-11 16:16 - 2014-06-18 17:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-11 16:16 - 2014-06-18 16:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-11 16:16 - 2014-06-18 16:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-11 16:16 - 2014-06-18 16:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-11 16:16 - 2014-06-18 16:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-11 16:16 - 2014-06-18 16:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-11 16:16 - 2014-06-18 16:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-11 16:16 - 2014-06-18 16:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-11 16:16 - 2014-06-18 16:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-11 16:16 - 2014-06-18 16:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-11 16:16 - 2014-06-18 16:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-11 16:16 - 2014-06-18 16:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-11 16:16 - 2014-06-18 16:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-11 16:16 - 2014-06-18 16:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-11 16:16 - 2014-06-18 16:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-11 16:16 - 2014-06-18 16:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-11 16:16 - 2014-06-18 16:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-11 16:16 - 2014-06-18 16:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-11 16:16 - 2014-06-18 16:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-11 16:16 - 2014-06-18 16:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-11 16:16 - 2014-06-18 16:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-11 16:16 - 2014-06-18 16:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-11 16:16 - 2014-06-18 16:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-11 16:16 - 2014-06-18 16:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-11 16:16 - 2014-06-18 15:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-11 16:16 - 2014-06-18 15:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-11 16:16 - 2014-06-18 15:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-11 16:16 - 2014-06-18 15:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-11 16:16 - 2014-06-18 15:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-11 16:16 - 2014-06-18 15:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-11 16:16 - 2014-06-18 15:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-11 16:16 - 2014-06-18 15:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-11 16:16 - 2014-06-18 15:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-11 16:16 - 2014-06-18 15:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-11 16:16 - 2014-06-18 15:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-11 16:16 - 2014-06-18 15:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-11 16:16 - 2014-06-18 15:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-11 16:16 - 2014-06-18 15:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-11 16:16 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-11 16:16 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-11 16:16 - 2014-06-17 18:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-11 16:16 - 2014-06-06 03:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-11 16:16 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-11 16:16 - 2014-06-05 07:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-11 16:16 - 2014-06-05 07:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-11 16:16 - 2014-06-05 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-11 16:16 - 2014-05-30 01:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-11 16:16 - 2014-05-30 00:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-11 16:16 - 2014-05-29 23:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-07 17:05 - 2014-07-07 17:06 - 00000000 ____D () C:\Program Files\Android
2014-07-07 16:58 - 2014-07-07 17:02 - 370763706 _____ () C:\Users\Ethan\Downloads\adt-bundle-windows-x86_64-20140702.zip
2014-07-07 16:57 - 2014-07-07 17:01 - 448619398 _____ () C:\Users\Ethan\Downloads\hammerhead-kot49h-factory-02006b99.tgz
2014-07-07 16:14 - 2014-07-07 16:14 - 01244053 _____ () C:\Users\Ethan\Downloads\UPDATE-SuperSU-v2.01(1).zip
2014-07-07 16:01 - 2014-07-07 16:01 - 07979609 _____ () C:\Users\Ethan\Downloads\boot.zip
2014-07-07 16:01 - 2014-07-07 16:01 - 01225102 _____ () C:\Users\Ethan\Downloads\SuperSU-v2.00 for Android L.zip
2014-07-07 15:38 - 2014-07-07 15:38 - 09908869 _____ () C:\Users\Ethan\Downloads\CF-Auto-Root-hammerhead-hammerhead-nexus5(1).zip
2014-07-07 15:10 - 2014-07-07 15:13 - 451801880 _____ () C:\Users\Ethan\Downloads\hammerhead-lpv79-preview-ac1d8a8e.tgz
2014-07-07 15:02 - 2014-07-07 16:54 - 00000000 ____D () C:\Users\Ethan\Documents\nexus
2014-07-07 12:43 - 2014-07-07 12:47 - 426983121 _____ () C:\Users\Ethan\Downloads\Overrun 2.2.exe
2014-07-07 12:40 - 2014-07-07 12:43 - 317897730 _____ () C:\Users\Ethan\Downloads\nazi_zombie_sog 1.1.exe
2014-07-05 15:32 - 2014-07-05 15:49 - 427445973 _____ () C:\Users\Ethan\Downloads\zct_arena.exe
2014-07-05 11:56 - 2014-07-05 11:57 - 62696594 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lab935 v2.3.exe
2014-06-28 10:57 - 2014-06-28 10:59 - 126346128 _____ () C:\Users\Ethan\Downloads\zm_owc.exe
2014-06-27 18:21 - 2014-06-27 18:21 - 60301110 _____ () C:\Users\Ethan\Downloads\nazi_zombie_xob.zip
2014-06-27 18:11 - 2014-06-27 18:14 - 217996765 _____ () C:\Users\Ethan\Downloads\nazi_zombie_FarAway(1).exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00715038 _____ () C:\Windows\unins000.exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00443445 _____ ( ) C:\Users\Ethan\Downloads\LagarithSetup_1327.exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00001989 _____ () C:\Windows\unins000.dat
2014-06-27 16:40 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2014-06-27 16:40 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2014-06-27 16:36 - 2014-06-27 16:36 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Dxtory Software
2014-06-27 16:36 - 2014-06-27 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2014-06-27 16:36 - 2011-05-23 23:29 - 03673600 _____ (Dxtory Software) C:\Windows\system32\DxtoryCodec64.dll
2014-06-27 16:36 - 2011-05-23 23:23 - 03166720 _____ (Dxtory Software) C:\Windows\SysWOW64\DxtoryCodec.dll
2014-06-27 16:35 - 2014-06-27 16:35 - 00000000 ____D () C:\Program Files (x86)\Dxtory Software
2014-06-27 16:34 - 2014-06-27 16:35 - 02947057 _____ () C:\Users\Ethan\Downloads\Chocalate Orange Dxtory.rar
2014-06-27 16:08 - 2014-06-27 16:11 - 00005433 _____ () C:\commandlist.txt
2014-06-27 15:56 - 2014-07-11 19:26 - 00001493 _____ () C:\tstamps.log
2014-06-27 14:34 - 2014-06-27 14:35 - 00889416 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotNetFx40_Full_setup.exe
2014-06-26 19:46 - 2014-06-26 19:49 - 00299048 _____ () C:\Users\Ethan\Downloads\Purity Ring - Fineshrine.mp3.sfk
2014-06-26 19:30 - 2014-05-29 16:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-26 19:30 - 2014-05-29 16:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-26 19:19 - 2014-06-26 19:19 - 00000000 ____D () C:\Program Files\Sony
2014-06-26 19:18 - 2014-06-26 19:18 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-26 19:15 - 2014-05-19 19:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-26 19:15 - 2014-05-19 19:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-26 19:15 - 2014-03-31 09:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-26 19:15 - 2014-03-31 09:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-26 19:13 - 2014-06-26 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-06-26 19:11 - 2014-06-26 19:12 - 231400888 _____ (NVIDIA Corporation) C:\Users\Ethan\Downloads\337.88-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-06-26 19:01 - 2014-06-26 20:31 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\OBS
2014-06-26 19:01 - 2014-06-26 19:01 - 08351107 _____ () C:\Users\Ethan\Downloads\OBS_0_625b_Installer.exe
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Program Files\OBS
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-06-26 15:37 - 2014-06-26 15:40 - 169613955 _____ () C:\Users\Ethan\Downloads\nazi_zombie_ndh.zip
2014-06-26 15:36 - 2014-06-26 15:40 - 279809885 _____ () C:\Users\Ethan\Downloads\nazi_zombie_base36.exe
2014-06-26 15:35 - 2014-06-26 15:39 - 158942060 _____ () C:\Users\Ethan\Downloads\nazi_zombie_tomb.exe
2014-06-26 15:34 - 2014-06-26 15:40 - 175421863 _____ () C:\Users\Ethan\Downloads\Ccourtv2.zip
2014-06-26 15:34 - 2014-06-26 15:38 - 113272173 _____ () C:\Users\Ethan\Downloads\nazi_zombie_isolation_ZM.exe
2014-06-26 15:33 - 2014-06-26 15:40 - 299237464 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lost.exe
2014-06-26 15:33 - 2014-06-26 15:37 - 89465890 _____ () C:\Users\Ethan\Downloads\nazi_zombie_madagascar.exe
2014-06-26 14:47 - 2014-06-26 14:51 - 224981775 _____ () C:\Users\Ethan\Downloads\nazi_zombie_slums.exe
2014-06-25 21:01 - 2014-06-25 21:01 - 43867536 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lost1.1.zip
2014-06-25 20:26 - 2014-06-25 20:28 - 161098633 _____ () C:\Users\Ethan\Downloads\Cheese Cube Unlimited v1.0.exe
2014-06-25 19:05 - 2014-06-25 19:05 - 215604028 _____ () C:\Users\Ethan\Downloads\nazi_zombie_silo.exe
2014-06-25 16:53 - 2014-06-25 16:53 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Skype
2014-06-25 16:53 - 2014-06-25 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-25 16:40 - 2014-06-25 16:40 - 00000000 ____D () C:\Users\Ethan\Documents\Activision
2014-06-25 16:13 - 2014-06-25 16:13 - 123616577 _____ () C:\Users\Ethan\Downloads\nazi_zombie_penguin.exe
2014-06-25 14:08 - 2014-06-25 14:09 - 137685111 _____ () C:\Users\Ethan\Downloads\zm_birthday.exe
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bigasoft
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Bigasoft Total Video Converter 4
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Program Files (x86)\Bigasoft
2014-06-25 00:52 - 2014-06-25 00:53 - 16461951 _____ (Bigasoft Corporation ) C:\Users\Ethan\Downloads\b-total-video-converter.exe
2014-06-25 00:23 - 2014-06-26 20:02 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\vlc
2014-06-25 00:23 - 2014-06-25 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-25 00:23 - 2014-06-25 00:23 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-06-25 00:12 - 2014-06-25 00:16 - 24677393 _____ () C:\Users\Ethan\Downloads\vlc-2.1.3-win32.exe
2014-06-24 23:58 - 2014-06-24 23:59 - 00000000 ____D () C:\ProgramData\PMS
2014-06-24 23:58 - 2014-06-24 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
2014-06-24 23:58 - 2014-06-24 23:58 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server
2014-06-24 23:56 - 2014-06-24 23:58 - 54431910 _____ () C:\Users\Ethan\Downloads\pms-1.90.1-setup-full-x64.exe
2014-06-24 02:24 - 2014-06-24 02:27 - 163936044 _____ () C:\Users\Ethan\Downloads\call_of_duty_black_ops_zombies.zip
2014-06-24 02:21 - 2014-06-24 02:22 - 45259180 _____ () C:\Users\Ethan\Downloads\call_of_duty_black_ops_zombies.apk
2014-06-23 18:21 - 2014-06-23 18:21 - 00000000 ____D () C:\Users\Ethan\AppData\Local\PunkBuster
2014-06-23 18:18 - 2014-06-23 18:19 - 361758379 _____ () C:\Users\Ethan\Downloads\nazi_zombie_sr.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-23 21:50 - 2014-07-22 22:43 - 00000000 ____D () C:\bleepingcomputer files
2014-07-23 21:50 - 2014-07-22 16:33 - 00000000 ____D () C:\FRST
2014-07-23 21:06 - 2013-07-13 12:26 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-23 20:14 - 2013-07-13 13:43 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-23 19:39 - 2013-10-29 17:34 - 00025248 _____ () C:\Windows\setupact.log
2014-07-23 19:21 - 2014-07-22 22:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-23 17:37 - 2013-09-12 16:52 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Spotify
2014-07-23 14:55 - 2014-07-23 14:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
2014-07-23 14:55 - 2014-07-23 14:55 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-07-23 14:54 - 2014-07-23 14:54 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Downloaded Installations
2014-07-23 14:52 - 2014-07-23 14:50 - 31876280 _____ (Advanced Micro Devices, Inc. ) C:\Users\Ethan\Downloads\aod_setup_4.3.1.exe
2014-07-23 14:51 - 2014-07-23 14:46 - 137549537 _____ () C:\Users\Ethan\Downloads\nazi_zombie_forts_v1.1.exe
2014-07-23 14:12 - 2014-07-12 10:48 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Adobe
2014-07-23 13:44 - 2014-07-23 13:42 - 23634108 _____ () C:\Users\Ethan\Downloads\windows_8_8_1_theme_for_windows_7_by_mare_m-d59vtny(1).7z
2014-07-23 12:18 - 2014-07-22 21:52 - 00000000 ____D () C:\AdwCleaner
2014-07-23 12:05 - 2014-07-23 12:04 - 81127052 _____ () C:\Users\Ethan\Downloads\Trench.exe
2014-07-23 12:02 - 2014-07-23 12:02 - 00003556 _____ () C:\Users\Ethan\Documents\AutoHotkey.ahk
2014-07-23 05:08 - 2013-07-12 23:22 - 02036053 _____ () C:\Windows\WindowsUpdate.log
2014-07-22 22:17 - 2014-07-22 22:17 - 00000000 ____D () C:\Windows\ERUNT
2014-07-22 22:02 - 2009-07-13 22:13 - 00782578 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-22 22:01 - 2009-07-13 21:45 - 00016560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-22 22:01 - 2009-07-13 21:45 - 00016560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-22 21:59 - 2014-07-22 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 21:59 - 2014-07-22 21:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-22 21:59 - 2014-07-22 21:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-22 21:59 - 2013-09-23 20:17 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\BitTorrent
2014-07-22 21:58 - 2014-07-22 21:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ethan\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-22 21:57 - 2013-10-10 14:25 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Spotify
2014-07-22 21:57 - 2013-08-09 18:54 - 00000000 ____D () C:\Users\Ethan\AppData\Local\LogMeIn Hamachi
2014-07-22 21:56 - 2014-07-22 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-22 21:56 - 2014-07-22 21:56 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-22 21:55 - 2013-07-12 23:42 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-22 21:55 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-22 21:54 - 2013-07-13 11:33 - 00534668 _____ () C:\Windows\PFRO.log
2014-07-22 21:50 - 2013-07-13 19:02 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Skype
2014-07-22 17:06 - 2013-07-12 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-22 17:06 - 2013-07-12 23:42 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-22 17:04 - 2013-07-12 23:42 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-20 23:01 - 2014-07-19 21:36 - 00000000 ____D () C:\Users\Ethan\Documents\unturned saves
2014-07-20 21:38 - 2014-07-20 21:35 - 00000000 ____D () C:\Users\Ethan\Downloads\Extreme Injector v3.3 - by master131_mpgh.net
2014-07-20 19:07 - 2014-07-20 16:57 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\TS3Client
2014-07-20 16:57 - 2014-07-20 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-07-20 16:57 - 2014-07-20 16:57 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-07-20 16:56 - 2014-07-20 16:56 - 27337256 _____ (TeamSpeak Systems GmbH) C:\Users\Ethan\Downloads\TeamSpeak3-Client-win32-3.0.15.1.exe
2014-07-20 00:47 - 2014-07-20 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-20 00:47 - 2014-07-20 00:46 - 00004460 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-20 00:47 - 2013-10-18 07:04 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-20 00:47 - 2013-07-13 12:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-20 00:45 - 2014-07-20 00:45 - 00918440 _____ (Oracle Corporation) C:\Users\Ethan\Downloads\JavaSetup7u65.exe
2014-07-19 21:36 - 2014-07-12 15:28 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-07-18 21:47 - 2013-07-18 18:24 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\PFStaticIP
2014-07-18 03:01 - 2013-07-13 00:19 - 00774700 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-17 15:48 - 2014-07-17 15:37 - 325224491 _____ () C:\Users\Ethan\Downloads\nazi_zombie_legion.exe
2014-07-17 12:33 - 2009-07-13 21:45 - 00475888 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-17 01:01 - 2014-07-17 00:39 - 00000000 ____D () C:\Program Files (x86)\Cain
2014-07-17 00:59 - 2013-07-12 23:55 - 00123704 _____ () C:\Users\Ethan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cain
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
2014-07-17 00:39 - 2014-07-17 00:39 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-07-17 00:38 - 2014-07-17 00:37 - 08244106 _____ () C:\Users\Ethan\Downloads\ca_setup.exe
2014-07-16 20:05 - 2014-07-16 20:05 - 00000000 ____D () C:\Windows\w7upfc
2014-07-16 20:05 - 2014-07-16 20:05 - 00000000 ____D () C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer
2014-07-16 20:04 - 2014-07-16 20:05 - 00452830 _____ () C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer.zip
2014-07-16 20:04 - 2014-07-16 20:04 - 00757808 _____ ( ) C:\Users\Ethan\Downloads\Windows 7 User Picture Frame Changer.exe
2014-07-16 20:04 - 2014-07-16 20:04 - 00000000 ____D () C:\Users\Ethan\Downloads\windows_8_8_1_theme_for_windows_7_by_mare_m-d59vtny
2014-07-16 20:01 - 2013-07-25 11:49 - 00000000 ____D () C:\Users\Ethan\Documents\all of it
2014-07-16 19:56 - 2014-01-15 21:21 - 00000000 ____D () C:\Users\Ethan\AppData\Local\CrashDumps
2014-07-16 19:50 - 2014-07-16 19:50 - 00889416 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotNetFx40_Full_setup(1).exe
2014-07-16 19:49 - 2014-07-16 19:49 - 00266065 _____ () C:\Users\Ethan\Downloads\dotnetfx_cleanup_tool.zip
2014-07-16 19:39 - 2014-07-16 19:39 - 00879096 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\NetFxRepairTool.exe
2014-07-16 19:36 - 2014-07-16 19:35 - 00278528 _____ (Coder for Life) C:\Users\Ethan\Downloads\Win7BootUpdaterCmd.exe
2014-07-16 19:35 - 2014-07-16 19:34 - 52070032 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotnetfx45_full_x86_x64.exe
2014-07-16 18:26 - 2014-07-16 18:26 - 00248259 _____ () C:\Users\Ethan\Downloads\tweakslogon.zip
2014-07-15 20:40 - 2014-07-15 20:39 - 00000000 ____D () C:\Users\Ethan\Documents\youtube stuff
2014-07-15 20:38 - 2013-10-21 18:53 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\DisplayFusion
2014-07-15 20:37 - 2014-07-15 20:37 - 00002717 _____ () C:\Users\Ethan\AppData\Local\recently-used.xbel
2014-07-15 20:37 - 2014-05-10 21:29 - 00000000 ____D () C:\Users\Ethan\AppData\Local\gtk-2.0
2014-07-15 20:37 - 2014-05-10 21:19 - 00000000 ____D () C:\Users\Ethan\.gimp-2.8
2014-07-15 20:12 - 2014-07-15 20:12 - 23634108 _____ () C:\Users\Ethan\Downloads\windows_8_8_1_theme_for_windows_7_by_mare_m-d59vtny.7z
2014-07-15 13:35 - 2013-08-06 19:47 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Audacity
2014-07-14 10:23 - 2014-07-14 10:19 - 356929140 _____ () C:\Users\Ethan\Downloads\Mini-Labor v1.2.exe
2014-07-13 13:48 - 2014-07-13 13:37 - 192548009 _____ () C:\Users\Ethan\Downloads\Rise.exe
2014-07-12 23:16 - 2013-07-13 16:21 - 00111928 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-12 16:10 - 2014-07-12 16:08 - 139435890 _____ () C:\Users\Ethan\Downloads\ILS_Lets_Go_Home_v3.0.exe
2014-07-12 15:42 - 2014-07-12 15:28 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Tunngle
2014-07-12 15:42 - 2014-07-12 15:28 - 00000000 ____D () C:\ProgramData\Tunngle
2014-07-12 15:29 - 2014-07-12 15:28 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-07-12 15:28 - 2014-07-12 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-07-12 15:00 - 2014-07-12 15:00 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\Ethan\Downloads\Tunngle_Setup_v4.5.1.4b.exe
2014-07-12 13:31 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-07-12 11:32 - 2014-07-12 11:31 - 121350839 _____ () C:\Users\Ethan\Downloads\nazi_zombie_kamchatka.exe
2014-07-12 10:49 - 2013-09-23 20:18 - 00000813 _____ () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-07-12 10:42 - 2014-05-06 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-12 10:42 - 2009-07-14 00:46 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-12 10:42 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-12 10:42 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-11 23:36 - 2013-07-14 00:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 23:34 - 2013-07-13 00:40 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-11 21:51 - 2014-07-11 21:49 - 43221185 _____ () C:\Users\Ethan\Downloads\Textures_and_Sounds_mod.zip
2014-07-11 19:26 - 2014-06-27 15:56 - 00001493 _____ () C:\tstamps.log
2014-07-11 17:14 - 2014-07-11 17:14 - 05538818 _____ (Activision Blizzard, Inc.) C:\Users\Ethan\Downloads\CoDWaW LanFixed.exe
2014-07-11 17:06 - 2013-07-13 12:26 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-11 17:06 - 2013-07-13 12:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-11 17:06 - 2013-07-13 12:26 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-11 16:53 - 2014-07-11 16:52 - 92289769 _____ () C:\Users\Ethan\Downloads\nazi_zombie_minecraft.RAR
2014-07-11 03:02 - 2014-07-20 00:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-20 00:47 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-20 00:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-20 00:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-07 17:30 - 2014-06-05 21:57 - 00000000 ____D () C:\Users\Ethan\.android
2014-07-07 17:06 - 2014-07-07 17:05 - 00000000 ____D () C:\Program Files\Android
2014-07-07 17:02 - 2014-07-07 16:58 - 370763706 _____ () C:\Users\Ethan\Downloads\adt-bundle-windows-x86_64-20140702.zip
2014-07-07 17:01 - 2014-07-07 16:57 - 448619398 _____ () C:\Users\Ethan\Downloads\hammerhead-kot49h-factory-02006b99.tgz
2014-07-07 16:54 - 2014-07-07 15:02 - 00000000 ____D () C:\Users\Ethan\Documents\nexus
2014-07-07 16:49 - 2014-06-05 22:20 - 00000000 ____D () C:\Users\Ethan\Documents\Android bleep
2014-07-07 16:14 - 2014-07-07 16:14 - 01244053 _____ () C:\Users\Ethan\Downloads\UPDATE-SuperSU-v2.01(1).zip
2014-07-07 16:06 - 2013-07-12 23:24 - 00000000 ____D () C:\Users\Ethan\AppData\Local\VirtualStore
2014-07-07 16:01 - 2014-07-07 16:01 - 07979609 _____ () C:\Users\Ethan\Downloads\boot.zip
2014-07-07 16:01 - 2014-07-07 16:01 - 01225102 _____ () C:\Users\Ethan\Downloads\SuperSU-v2.00 for Android L.zip
2014-07-07 15:38 - 2014-07-07 15:38 - 09908869 _____ () C:\Users\Ethan\Downloads\CF-Auto-Root-hammerhead-hammerhead-nexus5(1).zip
2014-07-07 15:13 - 2014-07-07 15:10 - 451801880 _____ () C:\Users\Ethan\Downloads\hammerhead-lpv79-preview-ac1d8a8e.tgz
2014-07-07 12:47 - 2014-07-07 12:43 - 426983121 _____ () C:\Users\Ethan\Downloads\Overrun 2.2.exe
2014-07-07 12:43 - 2014-07-07 12:40 - 317897730 _____ () C:\Users\Ethan\Downloads\nazi_zombie_sog 1.1.exe
2014-07-05 15:49 - 2014-07-05 15:32 - 427445973 _____ () C:\Users\Ethan\Downloads\zct_arena.exe
2014-07-05 11:57 - 2014-07-05 11:56 - 62696594 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lab935 v2.3.exe
2014-06-29 19:09 - 2014-07-11 16:16 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-29 19:04 - 2014-07-11 16:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-28 10:59 - 2014-06-28 10:57 - 126346128 _____ () C:\Users\Ethan\Downloads\zm_owc.exe
2014-06-27 18:21 - 2014-06-27 18:21 - 60301110 _____ () C:\Users\Ethan\Downloads\nazi_zombie_xob.zip
2014-06-27 18:14 - 2014-06-27 18:11 - 217996765 _____ () C:\Users\Ethan\Downloads\nazi_zombie_FarAway(1).exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00715038 _____ () C:\Windows\unins000.exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00443445 _____ ( ) C:\Users\Ethan\Downloads\LagarithSetup_1327.exe
2014-06-27 16:40 - 2014-06-27 16:40 - 00001989 _____ () C:\Windows\unins000.dat
2014-06-27 16:36 - 2014-06-27 16:36 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Dxtory Software
2014-06-27 16:36 - 2014-06-27 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2014-06-27 16:35 - 2014-06-27 16:35 - 00000000 ____D () C:\Program Files (x86)\Dxtory Software
2014-06-27 16:35 - 2014-06-27 16:34 - 02947057 _____ () C:\Users\Ethan\Downloads\Chocalate Orange Dxtory.rar
2014-06-27 16:11 - 2014-06-27 16:08 - 00005433 _____ () C:\commandlist.txt
2014-06-27 14:35 - 2014-06-27 14:34 - 00889416 _____ (Microsoft Corporation) C:\Users\Ethan\Downloads\dotNetFx40_Full_setup.exe
2014-06-26 20:31 - 2014-06-26 19:01 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\OBS
2014-06-26 20:02 - 2014-06-25 00:23 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\vlc
2014-06-26 19:49 - 2014-06-26 19:46 - 00299048 _____ () C:\Users\Ethan\Downloads\Purity Ring - Fineshrine.mp3.sfk
2014-06-26 19:25 - 2014-01-15 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-06-26 19:22 - 2013-07-12 23:42 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-26 19:19 - 2014-06-26 19:19 - 00000000 ____D () C:\Program Files\Sony
2014-06-26 19:19 - 2014-01-15 21:49 - 00000000 ____D () C:\ProgramData\Sony
2014-06-26 19:19 - 2014-01-15 21:14 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Sony
2014-06-26 19:19 - 2013-11-12 18:13 - 00000000 ____D () C:\Users\Ethan\AppData\Local\NVIDIA Corporation
2014-06-26 19:19 - 2013-07-13 12:19 - 00000000 ____D () C:\Users\Ethan\AppData\Local\NVIDIA
2014-06-26 19:18 - 2014-06-26 19:18 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-26 19:13 - 2014-06-26 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-06-26 19:12 - 2014-06-26 19:11 - 231400888 _____ (NVIDIA Corporation) C:\Users\Ethan\Downloads\337.88-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-06-26 19:12 - 2013-10-21 18:46 - 00000000 ____D () C:\Users\Ethan\Documents\Torrents
2014-06-26 19:01 - 2014-06-26 19:01 - 08351107 _____ () C:\Users\Ethan\Downloads\OBS_0_625b_Installer.exe
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Program Files\OBS
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-06-26 15:40 - 2014-06-26 15:37 - 169613955 _____ () C:\Users\Ethan\Downloads\nazi_zombie_ndh.zip
2014-06-26 15:40 - 2014-06-26 15:36 - 279809885 _____ () C:\Users\Ethan\Downloads\nazi_zombie_base36.exe
2014-06-26 15:40 - 2014-06-26 15:34 - 175421863 _____ () C:\Users\Ethan\Downloads\Ccourtv2.zip
2014-06-26 15:40 - 2014-06-26 15:33 - 299237464 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lost.exe
2014-06-26 15:39 - 2014-06-26 15:35 - 158942060 _____ () C:\Users\Ethan\Downloads\nazi_zombie_tomb.exe
2014-06-26 15:38 - 2014-06-26 15:34 - 113272173 _____ () C:\Users\Ethan\Downloads\nazi_zombie_isolation_ZM.exe
2014-06-26 15:37 - 2014-06-26 15:33 - 89465890 _____ () C:\Users\Ethan\Downloads\nazi_zombie_madagascar.exe
2014-06-26 14:51 - 2014-06-26 14:47 - 224981775 _____ () C:\Users\Ethan\Downloads\nazi_zombie_slums.exe
2014-06-25 21:24 - 2013-07-13 19:02 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-25 21:24 - 2013-07-13 19:02 - 00000000 ____D () C:\ProgramData\Skype
2014-06-25 21:15 - 2013-07-25 13:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-25 21:01 - 2014-06-25 21:01 - 43867536 _____ () C:\Users\Ethan\Downloads\nazi_zombie_lost1.1.zip
2014-06-25 20:28 - 2014-06-25 20:26 - 161098633 _____ () C:\Users\Ethan\Downloads\Cheese Cube Unlimited v1.0.exe
2014-06-25 19:05 - 2014-06-25 19:05 - 215604028 _____ () C:\Users\Ethan\Downloads\nazi_zombie_silo.exe
2014-06-25 16:53 - 2014-06-25 16:53 - 00000000 ____D () C:\Users\Ethan\AppData\Local\Skype
2014-06-25 16:53 - 2014-06-25 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-25 16:40 - 2014-06-25 16:40 - 00000000 ____D () C:\Users\Ethan\Documents\Activision
2014-06-25 16:13 - 2014-06-25 16:13 - 123616577 _____ () C:\Users\Ethan\Downloads\nazi_zombie_penguin.exe
2014-06-25 14:09 - 2014-06-25 14:08 - 137685111 _____ () C:\Users\Ethan\Downloads\zm_birthday.exe
2014-06-25 12:25 - 2014-05-10 19:11 - 00000000 ____D () C:\Users\Ethan\Documents\DS4
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bigasoft
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Bigasoft Total Video Converter 4
2014-06-25 00:53 - 2014-06-25 00:53 - 00000000 ____D () C:\Program Files (x86)\Bigasoft
2014-06-25 00:53 - 2014-06-25 00:52 - 16461951 _____ (Bigasoft Corporation ) C:\Users\Ethan\Downloads\b-total-video-converter.exe
2014-06-25 00:23 - 2014-06-25 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-25 00:23 - 2014-06-25 00:23 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-06-25 00:16 - 2014-06-25 00:12 - 24677393 _____ () C:\Users\Ethan\Downloads\vlc-2.1.3-win32.exe
2014-06-24 23:59 - 2014-06-24 23:58 - 00000000 ____D () C:\ProgramData\PMS
2014-06-24 23:58 - 2014-06-24 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
2014-06-24 23:58 - 2014-06-24 23:58 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server
2014-06-24 23:58 - 2014-06-24 23:56 - 54431910 _____ () C:\Users\Ethan\Downloads\pms-1.90.1-setup-full-x64.exe
2014-06-24 02:27 - 2014-06-24 02:24 - 163936044 _____ () C:\Users\Ethan\Downloads\call_of_duty_black_ops_zombies.zip
2014-06-24 02:22 - 2014-06-24 02:21 - 45259180 _____ () C:\Users\Ethan\Downloads\call_of_duty_black_ops_zombies.apk
2014-06-23 18:21 - 2014-06-23 18:21 - 00000000 ____D () C:\Users\Ethan\AppData\Local\PunkBuster
2014-06-23 18:19 - 2014-06-23 18:18 - 361758379 _____ () C:\Users\Ethan\Downloads\nazi_zombie_sr.zip
2014-06-23 12:46 - 2013-07-18 18:24 - 00000000 ____D () C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com

Files to move or delete:
====================
C:\Users\Ethan\7z.dll
C:\Users\Ethan\fceux.exe
C:\Users\Ethan\jagex_cl_oldschool_LIVE.dat
C:\Users\Ethan\jagex_cl_runescape_LIVE.dat
C:\Users\Ethan\jagex_cl_runescape_LIVE1.dat
C:\Users\Ethan\lua5.1.dll
C:\Users\Ethan\lua51.dll
C:\Users\Ethan\random.dat


Some content of TEMP:
====================
C:\Users\Ethan\AppData\Local\Temp\jna431875319602554335.dll
C:\Users\Ethan\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Ethan\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Ethan\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Ethan\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2014-07-16 20:05] - [2011-02-24 23:19] - 2792960 ____A (Microsoft Corporation) 41A129F1CF1DED0B5A95235082D65ED8

C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-18 00:55

==================== End Of Log ============================



#15 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,904 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:44 AM

Posted 24 July 2014 - 05:59 AM

Step 1: FRST Fix
  • Please download the attached fixlist.txt file and save it to the same location as FRST

    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Step 2: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
Step 3: ESET

Please run a free online scan with the ESET Online Scanner:

IMPORTANT: You MUST use Internet Explorer for this step!
  • Visit the ESET Online Scanner Web Page
  • Select the blue Run ESET Online Scanner button:
    ESET1_zps23a5e840.png
  • Tick the box next to YES, I accept the Terms of Use and click Start
    ESET_EULA2_zps9451f1c3.png
  • When asked, allow the ActiveX control to install.
  • Select Enable detection of potentially unwanted applications and select Advanced Settings:
    ESET2_zpsc701c045.png
  • Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
    ESET4_zps0afafd0d.png
  • Click Start. (This scan can take several hours, so please be patient):
    ESET3_zpsccd1657d.png
  • Once the scan is completed, select List of found threats:
    ESET5_zpsd27be299.png
  • Select Export to text file... and save the file as ESETlog.txt on your Desktop:
    ESET6_zpsc17d154e.png
  • Click the Back button.
  • Click the Finish button:
    ESET9_zps51587217.png
  • Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
  • Copy and paste that log as a reply to this topic.
Step 4: Question

How is your PC running?

Attached Files


~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users