Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

GameHarbor Alert!


  • This topic is locked This topic is locked
7 replies to this topic

#1 Ashes2Glory

Ashes2Glory

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:14 AM

Posted 14 September 2014 - 10:50 AM

Hello,

First time poster so I will attempt to do my best here.

I have gotten the amazing Gameharbor.org problem that many people seem to have gotten

Here is the scan from FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by Nick (administrator) on NICK-PC on 14-09-2014 10:48:53
Running from C:\Users\Nick\Desktop\Alien Tools
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
() C:\Program Files (x86)\Silicon Image\WiHD Config\SiBeamSuspendResume.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\iSafe\ipcdl.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeTray.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
() C:\Users\Nick\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Dell) C:\Users\Nick\AppData\Local\Apps\2.0\05N4G5Y2.M80\7BV438MR.LO7\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe
(BitTorrent Inc.) C:\Users\Nick\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
() C:\Program Files (x86)\Opera\24.0.1558.53\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13840 2013-11-04] (Alienware)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-10-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-09-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-09-26] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-4166919766-79589608-2377701187-1001\...\Run: [Amazon Cloud Player] => C:\Users\Nick\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-4166919766-79589608-2377701187-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-4166919766-79589608-2377701187-1001\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
HKU\S-1-5-21-4166919766-79589608-2377701187-1001\...\Run: [uTorrent] => C:\Users\Nick\AppData\Roaming\uTorrent\uTorrent.exe [1388112 2014-09-13] (BitTorrent Inc.)
HKU\S-1-5-21-4166919766-79589608-2377701187-1001\...\Run: [DellSystemDetect] => C:\Users\Nick\AppData\Local\Apps\2.0\05N4G5Y2.M80\7BV438MR.LO7\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe [263232 2014-07-27] (Dell)
HKU\S-1-5-21-4166919766-79589608-2377701187-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4166919766-79589608-2377701187-1001\...\MountPoints2: {07a97027-ac9b-11e3-8250-54271e32f074} - "E:\setup.exe" 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{F9D8E17A-8670-4D39-AFBE-9B599BB85B1A}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: DBARFileBackuped -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\SYSTEM32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: DBARFileNotBackuped -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\SYSTEM32\mscoree.dll (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.alienwarearena.com/welcome-us
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {7834E239-85A7-48AF-925A-700FCBB1A178} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {7834E239-85A7-48AF-925A-700FCBB1A178} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKCU - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {7834E239-85A7-48AF-925A-700FCBB1A178} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\4vvkf81s.default
FF Homepage: about:blank
FF NewTab: about:blank
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Forecastfox - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\4vvkf81s.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-03-14]
FF Extension: Download Manager (S3) - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\4vvkf81s.default\Extensions\s3download@statusbar.xpi [2014-03-14]
FF Extension: Adblock Plus - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\4vvkf81s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-14]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-03-15]
FF Extension: No Name - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\4vvkf81s.default\extensions\smarterwiki@wikiatic.com.xpi [Not Found]
 
Chrome: 
=======
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-12-30] (Garmin Ltd or its subsidiaries)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [326760 2014-09-05] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 iSafeService; C:\Program Files (x86)\iSafe\iSafeSvc.exe [118048 2014-08-08] (Elex do Brasil Participações Ltda)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-18] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [706864 2014-08-27] ()
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2014-03-15] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-07] (Qualcomm Atheros) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [288472 2013-09-13] (Realtek Semiconductor)
R2 SIMG WiHD; C:\Program Files (x86)\Silicon Image\WiHD Config\SiBeamSuspendResume.exe [8192 2013-08-04] () [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S2 vlugPlay; C:\WINDOWS\System32\vlugPlay.dll [1540608 2014-07-08] () [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-03-15] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2014-03-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7474864 2014-03-16] (Broadcom Corporation)
R1 BdfNdisf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys [97816 2013-07-17] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [107080 2013-07-17] (BitDefender LLC)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-30] (Disc Soft Ltd)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-04-22] (BitDefender LLC)
R1 iSafeKrnl; C:\Program Files (x86)\iSafe\iSafeKrnl.sys [247488 2014-08-08] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [45248 2014-08-08] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys [78016 2014-08-08] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\iSafe\iSafeKrnlR3.sys [65216 2014-08-08] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [49320 2014-08-06] (Elex do Brasil Participações Ltda)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-18] (Intel Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2014-03-15] (Microsoft Corporation)
R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [299352 2014-07-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-13] (Synaptics Incorporated)
R3 ST_Accel; C:\Windows\system32\DRIVERS\ST_Accel.sys [83456 2013-08-06] (STMicroelectronics)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S1 ElRawDisk; \??\C:\WINDOWS\system32\drivers\rsdrvx64.sys [X]
U3 idsvc; No ImagePath
S3 iscFlash; \??\C:\Users\Nick\AppData\Local\Temp\7zS293A.tmp\iscflashx64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
NETSVC: vlugPlay -> C:\WINDOWS\System32\vlugPlay.dll ()
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-14 10:36 - 2014-09-14 10:37 - 00000312 _____ () C:\WINDOWS\setupact.log
2014-09-14 10:36 - 2014-09-14 10:36 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-09-14 10:36 - 2014-09-14 10:36 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-09-14 10:31 - 2014-09-14 10:34 - 132677248 _____ (Intel Corporation) C:\Users\Nick\Downloads\win64_15363.exe
2014-09-12 13:02 - 2014-09-12 13:03 - 02920320 _____ (Piriform Ltd) C:\Users\Nick\Downloads\ccsetup417 (1).exe.opdownload
2014-09-12 13:02 - 2014-09-12 13:02 - 04901352 _____ (Piriform Ltd) C:\Users\Nick\Downloads\ccsetup417.exe
2014-09-12 13:02 - 2014-09-12 13:02 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-09-12 13:02 - 2014-09-12 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-12 13:02 - 2014-09-12 13:02 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-12 12:55 - 2014-09-12 12:55 - 00000000 ____D () C:\Users\NickLMunson\Documents\Alienware TactX
2014-09-12 12:55 - 2014-09-12 12:55 - 00000000 ____D () C:\Users\NickLMunson\Documents\AlienFX
2014-09-12 12:55 - 2014-09-12 12:55 - 00000000 ____D () C:\Users\NickLMunson\AppData\Roaming\Logitech
2014-09-12 12:55 - 2014-09-12 12:55 - 00000000 ____D () C:\Users\NickLMunson\AppData\Local\NVIDIA Corporation
2014-09-12 12:54 - 2014-09-12 12:55 - 00000000 ____D () C:\Users\NickLMunson\AppData\Local\Packages
2014-09-12 12:54 - 2014-09-12 12:55 - 00000000 ____D () C:\Users\NickLMunson
2014-09-12 12:54 - 2014-09-12 12:54 - 00001444 _____ () C:\Users\NickLMunson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-12 12:54 - 2014-09-12 12:54 - 00000020 ___SH () C:\Users\NickLMunson\ntuser.ini
2014-09-12 12:54 - 2014-09-12 12:54 - 00000000 ____D () C:\Users\NickLMunson\AppData\Roaming\isafe
2014-09-12 12:54 - 2014-09-12 12:54 - 00000000 ____D () C:\Users\NickLMunson\AppData\Roaming\Adobe
2014-09-12 12:54 - 2014-09-12 12:54 - 00000000 ____D () C:\Users\NickLMunson\AppData\Local\VirtualStore
2014-09-12 12:54 - 2014-09-12 12:54 - 00000000 ____D () C:\Users\NickLMunson\AppData\Local\NVIDIA
2014-09-12 12:54 - 2014-07-09 23:57 - 00000000 ___RD () C:\Users\NickLMunson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-12 12:54 - 2014-05-16 22:07 - 00000000 ___RD () C:\Users\NickLMunson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-12 12:54 - 2014-03-17 01:56 - 00000000 ____D () C:\Users\NickLMunson\AppData\Local\Microsoft Help
2014-09-12 12:54 - 2014-03-15 18:38 - 00000000 ___RD () C:\Users\NickLMunson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 12:54 - 2014-02-21 23:37 - 00000369 _____ () C:\Users\NickLMunson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-09-12 12:54 - 2014-02-21 23:37 - 00000369 _____ () C:\Users\NickLMunson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-09-12 12:54 - 2013-08-22 10:36 - 00000000 ____D () C:\Users\NickLMunson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-12 12:32 - 2014-09-12 12:33 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 12:32 - 2014-09-12 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-12 12:32 - 2014-09-12 12:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-12 12:32 - 2014-09-12 12:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-12 12:32 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-12 12:32 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-09-12 12:32 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-12 12:31 - 2014-09-14 10:43 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-09-12 12:31 - 2014-09-12 12:33 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\iSafe
2014-09-12 12:31 - 2014-09-12 12:31 - 00001800 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\YAC.lnk
2014-09-12 12:31 - 2014-09-12 12:31 - 00000000 ____D () C:\WINDOWS\system32\log
2014-09-12 12:31 - 2014-09-12 12:31 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\eCyber
2014-09-12 12:31 - 2014-09-12 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2014-09-12 12:31 - 2014-08-08 01:24 - 00045248 _____ (Elex do Brasil Participações Ltda) C:\WINDOWS\system32\Drivers\iSafeKrnlBoot.sys
2014-09-12 12:30 - 2014-09-12 12:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nick\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-12 12:30 - 2014-09-12 12:30 - 12925224 _____ (Elex do Brasil Participações Ltda) C:\Users\Nick\Downloads\yet_another_cleaner_sk.exe
2014-09-12 11:17 - 2014-09-12 11:20 - 00000000 ____D () C:\AdwCleaner
2014-09-12 11:17 - 2014-09-12 11:17 - 01373475 _____ () C:\Users\Nick\Downloads\AdwCleaner.exe
2014-09-12 08:24 - 2014-09-12 08:24 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-09-12 08:24 - 2014-09-12 08:24 - 00000000 ____D () C:\ProgramData\Sophos
2014-09-12 08:24 - 2014-09-12 08:24 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-09-12 08:20 - 2014-09-12 08:22 - 96525608 _____ (Sophos Limited) C:\Users\Nick\Downloads\Sophos Virus Removal Tool.exe
2014-09-12 08:20 - 2014-09-12 08:21 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-12 08:00 - 2014-09-12 08:01 - 00068341 _____ () C:\Users\Nick\Downloads\Addition.txt
2014-09-12 07:58 - 2014-09-14 10:48 - 00000000 ____D () C:\FRST
2014-09-12 07:57 - 2014-09-12 08:01 - 00062176 _____ () C:\Users\Nick\Downloads\FRST.txt
2014-09-12 07:42 - 2014-09-12 08:22 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-12 07:42 - 2014-09-12 07:42 - 00000000 _____ () C:\autoexec.bat
2014-09-12 07:38 - 2014-09-12 07:38 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Nick\Downloads\SpyHunter-Installer.exe
2014-09-12 07:27 - 2014-09-12 07:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-12 07:27 - 2014-09-12 07:27 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-12 07:27 - 2014-09-12 07:27 - 00000000 ____D () C:\Program Files\iTunes
2014-09-12 07:27 - 2014-09-12 07:27 - 00000000 ____D () C:\Program Files\iPod
2014-09-11 23:08 - 2014-09-12 02:59 - 00000000 ____D () C:\Users\Nick\Downloads\GMT.KZ_Dead_Rising_3_Apocalypse_Edition_RePack_MAXAGENT
2014-09-11 23:07 - 2014-09-11 23:12 - 00000000 ____D () C:\Users\Nick\Downloads\Edge.of.Tomorrow.2014.1080p.WEB-DL.DD5.1.H264-RARBG
2014-09-10 17:01 - 2014-09-10 17:03 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\PFStaticIP
2014-09-10 16:54 - 2014-09-10 16:55 - 00000000 ____D () C:\Users\Nick\Downloads\PFConfig 1.0.296+working serial
2014-09-10 16:54 - 2014-09-10 16:54 - 01697368 _____ () C:\Users\Nick\Downloads\setup-network-utilities (1).exe
2014-09-10 11:49 - 2014-09-10 11:49 - 00000000 ____D () C:\Users\Nick\Desktop\Disciple - Attack (2014)
2014-09-10 09:36 - 2014-09-10 09:36 - 00000000 ____D () C:\Users\Nick\Downloads\Sons of Anarchy S07E01 HDTV x264-2HD[ettv]
2014-09-10 08:56 - 2014-09-10 09:10 - 42366600 _____ () C:\Users\Nick\Downloads\www.NewAlbumReleases.net_Disciple - Attack (2014).rar
2014-09-10 08:48 - 2014-09-10 08:48 - 00000048 _____ () C:\Users\Nick\Downloads\RestoreAppXDeploymentServiceAppXSVCWindows8.bat
2014-09-09 17:52 - 2014-09-04 21:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-09 17:52 - 2014-09-04 21:31 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-09 17:52 - 2014-09-04 19:48 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-09 17:50 - 2014-08-01 19:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-09 17:49 - 2014-07-23 22:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-09 17:49 - 2014-07-23 22:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-09 17:44 - 2014-08-15 21:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-09 17:44 - 2014-08-15 21:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-09 17:44 - 2014-08-15 21:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-09 17:44 - 2014-08-15 21:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-09 17:44 - 2014-08-15 20:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-09 17:44 - 2014-08-15 20:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-09 17:44 - 2014-08-15 20:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-09 17:44 - 2014-08-15 20:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-09 17:44 - 2014-08-15 20:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-09 17:44 - 2014-08-15 20:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-09 17:44 - 2014-08-15 20:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-09 17:44 - 2014-08-15 20:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-09 17:44 - 2014-08-15 20:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-09 17:44 - 2014-08-15 20:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-09 17:44 - 2014-08-15 20:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-09 17:44 - 2014-08-15 20:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-09 17:44 - 2014-08-15 20:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-09 17:44 - 2014-08-15 20:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-09 17:44 - 2014-08-15 20:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-09 17:44 - 2014-08-15 20:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-09 17:44 - 2014-08-15 20:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-09 17:44 - 2014-08-15 19:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-09 17:44 - 2014-08-15 19:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-09 17:44 - 2014-08-15 19:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-09 17:44 - 2014-08-15 19:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-09 17:44 - 2014-08-15 19:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-09 17:44 - 2014-08-15 19:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-09 17:44 - 2014-08-15 19:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-09 17:44 - 2014-08-15 19:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-09 17:44 - 2014-08-15 19:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-09 17:44 - 2014-08-15 19:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-09 17:44 - 2014-08-15 19:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-09 17:44 - 2014-08-15 19:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-09 17:44 - 2014-08-15 19:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-09 17:44 - 2014-08-15 19:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-09 14:19 - 2014-09-09 14:22 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\PortForward.com
2014-09-09 14:19 - 2014-09-09 14:19 - 01697368 _____ () C:\Users\Nick\Downloads\setup-network-utilities.exe
2014-09-09 14:19 - 2014-09-09 14:19 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com
2014-09-09 14:19 - 2014-09-09 14:19 - 00000000 ____D () C:\Program Files (x86)\Portforward.com
2014-09-07 22:20 - 2014-09-08 01:12 - 514827230 ____R () C:\Users\Nick\Desktop\Boardwalk.Empire.S05E01.HDTV.x264-KILLERS.mp4
2014-09-07 22:19 - 2014-09-08 01:39 - 437203848 ____R () C:\Users\Nick\Desktop\The.Leftovers.S01E10.HDTV.x264-KILLERS.mp4
2014-09-05 13:03 - 2014-09-05 13:03 - 03401832 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 03398248 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 02810576 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00931944 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00545896 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00545384 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00471656 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00455784 _____ () C:\WINDOWS\system32\igfxTray.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00279144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00194152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00154728 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2014-09-05 13:01 - 2014-09-05 13:01 - 00453872 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2014-09-05 13:00 - 2014-09-05 13:00 - 00182784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3907.dll
2014-09-05 12:48 - 2014-09-05 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-09-05 12:45 - 2014-09-05 12:45 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-09-05 12:42 - 2014-09-05 12:42 - 02806920 _____ () C:\Users\Nick\Downloads\Adaware_Installer.exe
2014-09-05 10:19 - 2014-09-05 15:12 - 00000000 ____D () C:\Users\Nick\Desktop\Sleepwave - Broken Compass (2014)
2014-09-05 10:03 - 2014-09-08 11:54 - 00000000 ____D () C:\Users\Nick\Desktop\This Wild Life - Clouded (Deluxe Edition) (2014)
2014-09-05 09:59 - 2014-09-08 11:54 - 00000000 ____D () C:\Users\Nick\Desktop\Slaves - Through Art We Are All Equals (2014)
2014-09-05 09:56 - 2014-09-05 10:14 - 55051197 _____ () C:\Users\Nick\Downloads\Slpwv - 14.rar
2014-09-04 12:59 - 2014-09-04 12:59 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Steam
2014-09-04 12:57 - 2014-09-04 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro Last Light Redux
2014-09-04 12:50 - 2014-09-04 12:57 - 00000000 ____D () C:\Program Files (x86)\Metro Last Light Redux
2014-09-04 12:48 - 2014-09-04 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro 2033 Redux
2014-09-04 12:43 - 2014-09-04 12:50 - 00000000 ____D () C:\Program Files (x86)\Metro 2033 Redux
2014-09-03 17:25 - 2014-09-03 22:16 - 00000000 ____D () C:\Users\Nick\Downloads\The SIMS 4 Deluxe Edition [L]
2014-09-02 16:47 - 2014-09-02 16:47 - 00000000 ____D () C:\Users\Nick\AppData\Local\Adobe
2014-09-01 22:21 - 2014-09-04 12:58 - 00000000 ____D () C:\Users\Nick\Downloads\Metro_Last_Light_Redux-FLT
2014-09-01 20:49 - 2014-09-01 21:14 - 51284955 _____ () C:\Users\Nick\Downloads\www.NewAlbumReleases.net_Dead Letter Circus - Stand Apart (2014).rar
2014-08-28 14:33 - 2014-08-28 14:33 - 00000000 ____D () C:\Users\Nick\Documents\Bioshock
2014-08-28 14:33 - 2014-08-28 14:33 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Bioshock
2014-08-27 20:59 - 2014-08-22 19:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-23 20:30 - 2014-08-23 20:30 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-21 12:20 - 2014-08-21 12:52 - 59073690 _____ () C:\Users\Nick\Downloads\www.NewAlbumReleases.net_Egypt_Central_-_Murder_in_the_French_Quarter_(2014).rar
2014-08-18 22:16 - 2014-08-18 22:46 - 51108839 _____ () C:\Users\Nick\Downloads\New Medicine - 14.rar
2014-08-18 20:15 - 2014-08-18 20:15 - 00010590 _____ () C:\Users\Nick\Downloads\dellsystemdetect.application
2014-08-18 20:14 - 2014-08-18 20:14 - 00417824 _____ () C:\Users\Nick\Downloads\DellSystemDetect.exe
2014-08-17 10:17 - 2014-08-17 10:17 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Surgeon Simulator 2013 Steam Edition 1.0
2014-08-15 18:22 - 2014-08-15 18:22 - 00000000 ___RD () C:\Users\Nick\OneDrive
2014-08-15 18:13 - 2014-08-15 18:13 - 00143357 _____ () C:\Users\Nick\Downloads\microsoftaccounts.diagcab
2014-08-15 17:39 - 2014-08-15 18:22 - 00000000 ___RD () C:\Users\Nick\OneDrive (5).old
2014-08-15 17:35 - 2014-08-15 17:39 - 00000000 ___RD () C:\Users\Nick\OneDrive (4).old
2014-08-15 17:33 - 2014-08-15 17:35 - 00000000 ___RD () C:\Users\Nick\OneDrive (3).old
2014-08-15 09:27 - 2014-06-19 20:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-15 09:27 - 2014-06-19 18:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-15 09:27 - 2014-06-12 20:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-15 09:27 - 2014-06-12 20:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-15 09:27 - 2014-06-12 19:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-15 09:27 - 2014-06-06 06:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-15 09:26 - 2014-07-15 13:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-15 09:26 - 2014-07-15 03:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-15 09:26 - 2014-07-15 03:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-15 09:26 - 2014-07-15 03:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-15 09:26 - 2014-06-09 17:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-15 09:26 - 2014-06-09 17:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-15 09:25 - 2014-08-06 21:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-15 09:25 - 2014-08-01 22:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-15 09:25 - 2014-08-01 22:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-15 09:25 - 2014-07-11 23:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-15 09:25 - 2014-06-04 04:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-15 09:25 - 2014-06-04 00:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-15 09:25 - 2014-06-04 00:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-15 09:25 - 2014-06-03 23:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-15 09:25 - 2014-06-03 23:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-15 09:25 - 2014-06-03 21:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-15 09:25 - 2014-06-03 21:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-15 09:08 - 2014-08-15 09:44 - 108330682 _____ () C:\Users\Nick\Downloads\Thsnd Ft Krtch - 14.rar
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-14 10:48 - 2014-09-12 07:58 - 00000000 ____D () C:\FRST
2014-09-14 10:48 - 2014-03-14 18:16 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\uTorrent
2014-09-14 10:48 - 2014-03-14 14:44 - 00000000 ___RD () C:\Users\Nick\Desktop\Alien Tools
2014-09-14 10:47 - 2014-03-14 19:47 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4166919766-79589608-2377701187-1001
2014-09-14 10:43 - 2014-09-12 12:31 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-09-14 10:42 - 2014-04-03 14:11 - 00018692 _____ () C:\WINDOWS\system32\results.xml
2014-09-14 10:42 - 2014-04-03 14:10 - 00000510 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-09-14 10:42 - 2014-02-09 23:25 - 00000000 ____D () C:\Intel
2014-09-14 10:41 - 2014-02-09 21:55 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn
2014-09-14 10:40 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-14 10:38 - 2014-07-30 08:40 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-09-14 10:38 - 2014-07-30 08:40 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-09-14 10:38 - 2014-03-15 18:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-14 10:38 - 2013-08-22 09:44 - 00488448 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-14 10:37 - 2014-09-14 10:36 - 00000312 _____ () C:\WINDOWS\setupact.log
2014-09-14 10:37 - 2014-04-03 14:01 - 00000724 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2014-09-14 10:37 - 2014-03-15 18:27 - 01949005 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-14 10:37 - 2013-08-22 08:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-14 10:36 - 2014-09-14 10:36 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-09-14 10:36 - 2014-09-14 10:36 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-09-14 10:36 - 2014-02-09 21:56 - 00000000 ____D () C:\Temp
2014-09-14 10:34 - 2014-09-14 10:31 - 132677248 _____ (Intel Corporation) C:\Users\Nick\Downloads\win64_15363.exe
2014-09-14 10:24 - 2014-02-09 21:30 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-14 10:22 - 2014-03-22 15:44 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{53FDC95D-A8CD-43D2-9F9D-B2F6DA72E63D}
2014-09-14 10:19 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-14 10:18 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-13 22:22 - 2014-03-15 09:19 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-13 16:45 - 2014-03-15 11:42 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\.minecraft
2014-09-13 10:18 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-09-12 14:10 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-09-12 13:49 - 2014-07-08 18:37 - 00204800 ___SH () C:\Users\Nick\Desktop\Thumbs.db
2014-09-12 13:06 - 2014-03-30 15:27 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Vso
2014-09-12 13:06 - 2014-03-30 15:27 - 00000000 ____D () C:\ProgramData\VSO
2014-09-12 13:06 - 2014-03-15 21:23 - 00000000 ___DC () C:\WINDOWS\Panther
2014-09-12 13:06 - 2014-03-14 17:57 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\DAEMON Tools Lite
2014-09-12 13:03 - 2014-09-12 13:02 - 02920320 _____ (Piriform Ltd) C:\Users\Nick\Downloads\ccsetup417 (1).exe.opdownload
2014-09-12 13:02 - 2014-09-12 13:02 - 04901352 _____ (Piriform Ltd) C:\Users\Nick\Downloads\ccsetup417.exe
2014-09-12 13:02 - 2014-09-12 13:02 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-09-12 13:02 - 2014-09-12 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-12 13:02 - 2014-09-12 13:02 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-12 12:55 - 2014-09-12 12:55 - 00000000 ____D () C:\Users\NickLMunson\Documents\Alienware TactX
2014-09-12 12:55 - 2014-09-12 12:55 - 00000000 ____D () C:\Users\NickLMunson\Documents\AlienFX
2014-09-12 12:55 - 2014-09-12 12:55 - 00000000 ____D () C:\Users\NickLMunson\AppData\Roaming\Logitech
2014-09-12 12:55 - 2014-09-12 12:55 - 00000000 ____D () C:\Users\NickLMunson\AppData\Local\NVIDIA Corporation
2014-09-12 12:55 - 2014-09-12 12:54 - 00000000 ____D () C:\Users\NickLMunson\AppData\Local\Packages
2014-09-12 12:55 - 2014-09-12 12:54 - 00000000 ____D () C:\Users\NickLMunson
2014-09-12 12:54 - 2014-09-12 12:54 - 00001444 _____ () C:\Users\NickLMunson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-12 12:54 - 2014-09-12 12:54 - 00000020 ___SH () C:\Users\NickLMunson\ntuser.ini
2014-09-12 12:54 - 2014-09-12 12:54 - 00000000 ____D () C:\Users\NickLMunson\AppData\Roaming\isafe
2014-09-12 12:54 - 2014-09-12 12:54 - 00000000 ____D () C:\Users\NickLMunson\AppData\Roaming\Adobe
2014-09-12 12:54 - 2014-09-12 12:54 - 00000000 ____D () C:\Users\NickLMunson\AppData\Local\VirtualStore
2014-09-12 12:54 - 2014-09-12 12:54 - 00000000 ____D () C:\Users\NickLMunson\AppData\Local\NVIDIA
2014-09-12 12:33 - 2014-09-12 12:32 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 12:33 - 2014-09-12 12:31 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\iSafe
2014-09-12 12:32 - 2014-09-12 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-12 12:32 - 2014-09-12 12:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-12 12:32 - 2014-09-12 12:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-12 12:31 - 2014-09-12 12:31 - 00001800 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\YAC.lnk
2014-09-12 12:31 - 2014-09-12 12:31 - 00000000 ____D () C:\WINDOWS\system32\log
2014-09-12 12:31 - 2014-09-12 12:31 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\eCyber
2014-09-12 12:31 - 2014-09-12 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2014-09-12 12:31 - 2014-09-12 12:30 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nick\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-12 12:30 - 2014-09-12 12:30 - 12925224 _____ (Elex do Brasil Participações Ltda) C:\Users\Nick\Downloads\yet_another_cleaner_sk.exe
2014-09-12 11:20 - 2014-09-12 11:17 - 00000000 ____D () C:\AdwCleaner
2014-09-12 11:17 - 2014-09-12 11:17 - 01373475 _____ () C:\Users\Nick\Downloads\AdwCleaner.exe
2014-09-12 11:08 - 2014-04-09 18:38 - 00000000 ____D () C:\Program Files (x86)\Broken Age
2014-09-12 11:08 - 2014-03-22 11:18 - 00000000 ____D () C:\Program Files (x86)\Octodad Dadliest Catch
2014-09-12 08:24 - 2014-09-12 08:24 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-09-12 08:24 - 2014-09-12 08:24 - 00000000 ____D () C:\ProgramData\Sophos
2014-09-12 08:24 - 2014-09-12 08:24 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-09-12 08:22 - 2014-09-12 08:20 - 96525608 _____ (Sophos Limited) C:\Users\Nick\Downloads\Sophos Virus Removal Tool.exe
2014-09-12 08:22 - 2014-09-12 07:42 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-12 08:21 - 2014-09-12 08:20 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-12 08:01 - 2014-09-12 08:00 - 00068341 _____ () C:\Users\Nick\Downloads\Addition.txt
2014-09-12 08:01 - 2014-09-12 07:57 - 00062176 _____ () C:\Users\Nick\Downloads\FRST.txt
2014-09-12 07:42 - 2014-09-12 07:42 - 00000000 _____ () C:\autoexec.bat
2014-09-12 07:38 - 2014-09-12 07:38 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Nick\Downloads\SpyHunter-Installer.exe
2014-09-12 07:27 - 2014-09-12 07:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-12 07:27 - 2014-09-12 07:27 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-12 07:27 - 2014-09-12 07:27 - 00000000 ____D () C:\Program Files\iTunes
2014-09-12 07:27 - 2014-09-12 07:27 - 00000000 ____D () C:\Program Files\iPod
2014-09-12 07:27 - 2014-03-15 00:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-12 02:59 - 2014-09-11 23:08 - 00000000 ____D () C:\Users\Nick\Downloads\GMT.KZ_Dead_Rising_3_Apocalypse_Edition_RePack_MAXAGENT
2014-09-11 23:12 - 2014-09-11 23:07 - 00000000 ____D () C:\Users\Nick\Downloads\Edge.of.Tomorrow.2014.1080p.WEB-DL.DD5.1.H264-RARBG
2014-09-10 17:03 - 2014-09-10 17:01 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\PFStaticIP
2014-09-10 16:55 - 2014-09-10 16:54 - 00000000 ____D () C:\Users\Nick\Downloads\PFConfig 1.0.296+working serial
2014-09-10 16:54 - 2014-09-10 16:54 - 01697368 _____ () C:\Users\Nick\Downloads\setup-network-utilities (1).exe
2014-09-10 13:25 - 2014-03-14 18:07 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\vlc
2014-09-10 11:49 - 2014-09-10 11:49 - 00000000 ____D () C:\Users\Nick\Desktop\Disciple - Attack (2014)
2014-09-10 09:55 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-10 09:36 - 2014-09-10 09:36 - 00000000 ____D () C:\Users\Nick\Downloads\Sons of Anarchy S07E01 HDTV x264-2HD[ettv]
2014-09-10 09:10 - 2014-09-10 08:56 - 42366600 _____ () C:\Users\Nick\Downloads\www.NewAlbumReleases.net_Disciple - Attack (2014).rar
2014-09-10 08:48 - 2014-09-10 08:48 - 00000048 _____ () C:\Users\Nick\Downloads\RestoreAppXDeploymentServiceAppXSVCWindows8.bat
2014-09-10 07:46 - 2013-11-14 02:29 - 00995944 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-10 07:36 - 2014-07-09 10:16 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-09-10 07:35 - 2014-03-14 17:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-10 07:35 - 2014-03-14 17:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 07:35 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-09 17:44 - 2014-06-11 12:05 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-09 17:44 - 2014-06-11 12:05 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-09 17:44 - 2014-06-11 12:05 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-09 17:44 - 2014-06-11 12:05 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-09 17:44 - 2014-06-11 12:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-09 17:44 - 2014-06-11 12:05 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-09 17:44 - 2014-06-11 12:05 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-09 17:44 - 2014-06-11 12:05 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-09 17:44 - 2014-06-11 12:05 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-09 17:44 - 2014-06-11 12:05 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-09 17:44 - 2014-06-11 12:05 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-09 17:44 - 2014-06-11 12:05 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-09 17:44 - 2014-06-11 12:05 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-09 17:44 - 2014-06-11 12:05 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-09 17:44 - 2014-05-02 06:11 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-09 17:44 - 2014-05-02 06:11 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-09 17:44 - 2014-03-14 20:20 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-09 17:40 - 2014-03-14 20:20 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-09 14:46 - 2014-03-14 14:31 - 00000000 ____D () C:\Users\Nick\Desktop\Important
2014-09-09 14:22 - 2014-09-09 14:19 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\PortForward.com
2014-09-09 14:19 - 2014-09-09 14:19 - 01697368 _____ () C:\Users\Nick\Downloads\setup-network-utilities.exe
2014-09-09 14:19 - 2014-09-09 14:19 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com
2014-09-09 14:19 - 2014-09-09 14:19 - 00000000 ____D () C:\Program Files (x86)\Portforward.com
2014-09-09 13:24 - 2014-02-09 21:30 - 00003742 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-09-08 13:03 - 2014-03-14 14:47 - 00000000 ____D () C:\Users\Nick\Desktop\Movies
2014-09-08 11:54 - 2014-09-05 10:03 - 00000000 ____D () C:\Users\Nick\Desktop\This Wild Life - Clouded (Deluxe Edition) (2014)
2014-09-08 11:54 - 2014-09-05 09:59 - 00000000 ____D () C:\Users\Nick\Desktop\Slaves - Through Art We Are All Equals (2014)
2014-09-08 10:48 - 2014-03-16 18:02 - 00000000 ____D () C:\Users\Nick\Documents\my games
2014-09-08 01:39 - 2014-09-07 22:19 - 437203848 ____R () C:\Users\Nick\Desktop\The.Leftovers.S01E10.HDTV.x264-KILLERS.mp4
2014-09-08 01:12 - 2014-09-07 22:20 - 514827230 ____R () C:\Users\Nick\Desktop\Boardwalk.Empire.S05E01.HDTV.x264-KILLERS.mp4
2014-09-05 15:12 - 2014-09-05 10:19 - 00000000 ____D () C:\Users\Nick\Desktop\Sleepwave - Broken Compass (2014)
2014-09-05 13:03 - 2014-09-05 13:03 - 03401832 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 03398248 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 02810576 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00931944 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00545896 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00545384 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00471656 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00455784 _____ () C:\WINDOWS\system32\igfxTray.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00279144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00194152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2014-09-05 13:03 - 2014-09-05 13:03 - 00154728 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2014-09-05 13:03 - 2014-06-05 09:59 - 00326760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2014-09-05 13:03 - 2014-06-05 09:59 - 00304232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2014-09-05 13:03 - 2014-06-05 09:59 - 00245864 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2014-09-05 13:01 - 2014-09-05 13:01 - 00453872 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2014-09-05 13:00 - 2014-09-05 13:00 - 00182784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3907.dll
2014-09-05 12:48 - 2014-09-05 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-09-05 12:45 - 2014-09-05 12:45 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-09-05 12:42 - 2014-09-05 12:42 - 02806920 _____ () C:\Users\Nick\Downloads\Adaware_Installer.exe
2014-09-05 12:35 - 2014-03-28 23:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-05 12:35 - 2014-03-14 15:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-05 10:14 - 2014-09-05 09:56 - 55051197 _____ () C:\Users\Nick\Downloads\Slpwv - 14.rar
2014-09-04 21:36 - 2014-09-09 17:52 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-04 21:31 - 2014-09-09 17:52 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-04 19:48 - 2014-09-09 17:52 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-04 13:01 - 2014-07-10 17:35 - 00000000 ____D () C:\Users\Nick\Documents\4A Games
2014-09-04 13:00 - 2014-07-10 17:31 - 00000000 ____D () C:\Users\Nick\AppData\Local\4A Games
2014-09-04 12:59 - 2014-09-04 12:59 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Steam
2014-09-04 12:59 - 2014-03-15 11:43 - 00000000 ____D () C:\Users\Nick\Desktop\Games
2014-09-04 12:58 - 2014-09-01 22:21 - 00000000 ____D () C:\Users\Nick\Downloads\Metro_Last_Light_Redux-FLT
2014-09-04 12:57 - 2014-09-04 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro Last Light Redux
2014-09-04 12:57 - 2014-09-04 12:50 - 00000000 ____D () C:\Program Files (x86)\Metro Last Light Redux
2014-09-04 12:50 - 2014-09-04 12:43 - 00000000 ____D () C:\Program Files (x86)\Metro 2033 Redux
2014-09-04 12:48 - 2014-09-04 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro 2033 Redux
2014-09-04 12:41 - 2014-07-13 19:50 - 00000000 ____D () C:\Program Files (x86)\THQ
2014-09-04 07:28 - 2014-04-03 16:00 - 00000000 ____D () C:\Users\Nick\Documents\Electronic Arts
2014-09-04 07:24 - 2014-02-09 21:47 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-04 07:22 - 2014-03-27 21:52 - 00000000 ____D () C:\ProgramData\Origin
2014-09-04 07:21 - 2014-03-27 21:52 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-03 22:16 - 2014-09-03 17:25 - 00000000 ____D () C:\Users\Nick\Downloads\The SIMS 4 Deluxe Edition [L]
2014-09-03 18:24 - 2014-04-03 16:23 - 00447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2014-09-02 21:40 - 2014-06-03 16:56 - 00003828 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1396751841
2014-09-02 21:40 - 2014-04-05 21:37 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-02 17:25 - 2014-03-17 12:18 - 00532480 ___SH () C:\Users\Nick\Downloads\Thumbs.db
2014-09-02 16:47 - 2014-09-02 16:47 - 00000000 ____D () C:\Users\Nick\AppData\Local\Adobe
2014-09-02 16:35 - 2014-03-15 11:57 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\HpUpdate
2014-09-02 15:06 - 2013-08-22 10:38 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-02 15:06 - 2013-08-22 10:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-01 21:14 - 2014-09-01 20:49 - 51284955 _____ () C:\Users\Nick\Downloads\www.NewAlbumReleases.net_Dead Letter Circus - Stand Apart (2014).rar
2014-08-29 17:48 - 2014-03-14 19:38 - 00000000 ____D () C:\Users\Nick\AppData\Local\Packages
2014-08-29 17:28 - 2009-07-14 00:09 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-08-28 14:33 - 2014-08-28 14:33 - 00000000 ____D () C:\Users\Nick\Documents\Bioshock
2014-08-28 14:33 - 2014-08-28 14:33 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Bioshock
2014-08-23 20:30 - 2014-08-23 20:30 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-22 19:42 - 2014-08-27 20:59 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-21 12:52 - 2014-08-21 12:20 - 59073690 _____ () C:\Users\Nick\Downloads\www.NewAlbumReleases.net_Egypt_Central_-_Murder_in_the_French_Quarter_(2014).rar
2014-08-18 22:46 - 2014-08-18 22:16 - 51108839 _____ () C:\Users\Nick\Downloads\New Medicine - 14.rar
2014-08-18 20:16 - 2014-07-04 16:57 - 00000000 ____D () C:\Users\Nick\AppData\Local\Deployment
2014-08-18 20:15 - 2014-08-18 20:15 - 00010590 _____ () C:\Users\Nick\Downloads\dellsystemdetect.application
2014-08-18 20:14 - 2014-08-18 20:14 - 00417824 _____ () C:\Users\Nick\Downloads\DellSystemDetect.exe
2014-08-18 20:10 - 2014-02-09 21:55 - 00000000 ____D () C:\ProgramData\PCDr
2014-08-17 10:17 - 2014-08-17 10:17 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Surgeon Simulator 2013 Steam Edition 1.0
2014-08-17 10:16 - 2014-03-24 16:06 - 00000000 ____D () C:\Games
2014-08-16 22:53 - 2014-03-15 18:27 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2014-08-16 15:39 - 2014-03-30 15:30 - 00000000 ____D () C:\Users\Nick\Documents\ConvertXtoDVD
2014-08-16 14:43 - 2014-04-23 09:53 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\DVDVideoSoft
2014-08-15 21:40 - 2014-09-09 17:44 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-15 21:04 - 2014-09-09 17:44 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-15 21:00 - 2014-09-09 17:44 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-15 21:00 - 2014-09-09 17:44 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-15 20:56 - 2014-09-09 17:44 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-15 20:54 - 2014-09-09 17:44 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-15 20:45 - 2014-09-09 17:44 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-15 20:43 - 2014-09-09 17:44 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-15 20:32 - 2014-09-09 17:44 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-15 20:25 - 2014-09-09 17:44 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-15 20:22 - 2014-09-09 17:44 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-15 20:20 - 2014-09-09 17:44 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-15 20:19 - 2014-09-09 17:44 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-15 20:18 - 2014-09-09 17:44 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-15 20:18 - 2014-09-09 17:44 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-15 20:11 - 2014-09-09 17:44 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-15 20:06 - 2014-09-09 17:44 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-15 20:05 - 2014-09-09 17:44 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-15 20:05 - 2014-09-09 17:44 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-15 20:03 - 2014-09-09 17:44 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-15 20:03 - 2014-09-09 17:44 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-15 19:58 - 2014-09-09 17:44 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 19:56 - 2014-09-09 17:44 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-15 19:53 - 2014-09-09 17:44 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-15 19:53 - 2014-09-09 17:44 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-15 19:53 - 2014-09-09 17:44 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-15 19:51 - 2014-09-09 17:44 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-15 19:45 - 2014-09-09 17:44 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-15 19:44 - 2014-09-09 17:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-15 19:44 - 2014-09-09 17:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-15 19:34 - 2014-09-09 17:44 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-15 19:20 - 2014-09-09 17:44 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-15 19:18 - 2014-09-09 17:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-15 19:14 - 2014-09-09 17:44 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-15 19:12 - 2014-09-09 17:44 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-15 18:25 - 2014-03-15 18:53 - 00000000 __RDO () C:\Users\Nick\SkyDrive
2014-08-15 18:22 - 2014-08-15 18:22 - 00000000 ___RD () C:\Users\Nick\OneDrive
2014-08-15 18:22 - 2014-08-15 17:39 - 00000000 ___RD () C:\Users\Nick\OneDrive (5).old
2014-08-15 18:22 - 2014-03-15 18:34 - 00000000 ____D () C:\Users\Nick
2014-08-15 18:13 - 2014-08-15 18:13 - 00143357 _____ () C:\Users\Nick\Downloads\microsoftaccounts.diagcab
2014-08-15 17:39 - 2014-08-15 17:35 - 00000000 ___RD () C:\Users\Nick\OneDrive (4).old
2014-08-15 17:35 - 2014-08-15 17:33 - 00000000 ___RD () C:\Users\Nick\OneDrive (3).old
2014-08-15 17:33 - 2014-07-10 14:00 - 00000000 ___RD () C:\Users\Nick\OneDrive (2).old
2014-08-15 17:27 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-15 17:27 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-15 09:44 - 2014-08-15 09:08 - 108330682 _____ () C:\Users\Nick\Downloads\Thsnd Ft Krtch - 14.rar
 
Some content of TEMP:
====================
C:\Users\Nick\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-13 11:35
 
==================== End Of Log ============================
 
Thanks. 


BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:14 PM

Posted 14 September 2014 - 01:28 PM

Hi,

please do this:


Step 1

Please download this attached Attached File  fixlist.txt   149bytes   2 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


Step 2

Please download AdwCleaner (by Xplode) and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.


#3 Ashes2Glory

Ashes2Glory
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:14 AM

Posted 14 September 2014 - 11:03 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-09-2014
Ran by Nick at 2014-09-14 23:02:30 Run:3
Running from C:\Users\Nick\Desktop\Alien Tools
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-4166919766-79589608-2377701187-1001\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
EmptyTemp:
*****************
 
HKU\S-1-5-21-4166919766-79589608-2377701187-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CMD => value deleted successfully.
EmptyTemp: => Removed 360.7 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====


#4 Ashes2Glory

Ashes2Glory
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:14 AM

Posted 14 September 2014 - 11:23 PM

# AdwCleaner v3.310 - Report created 14/09/2014 at 23:14:57
# Updated 12/09/2014 by Xplode
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : Nick - NICK-PC
# Running from : C:\Users\Nick\Desktop\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : iSafeKrnl
[#] Service Deleted : iSafeKrnlBoot
Service Deleted : iSafeKrnlKit
Service Deleted : iSafeKrnlR3
Service Deleted : iSafeNetFilter
[#] Service Deleted : iSafeService
 
***** [ Files / Folders ] *****
 
[!] Folder Deleted : C:\Program Files (x86)\iSafe
Folder Deleted : C:\Users\Nick\AppData\Local\Temp\iSafeRightKeyScan
Folder Deleted : C:\Users\Nick\AppData\Roaming\eCyber
Folder Deleted : C:\Users\Nick\AppData\Roaming\iSafe
Folder Deleted : C:\Users\NickLMunson\AppData\Roaming\iSafe
File Deleted : C:\WINDOWS\System32\drivers\iSafeKrnlBoot.sys
File Deleted : C:\WINDOWS\System32\log\iSafeKrnlCall.log
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5411D116-5A37-47D4-B154-5F7FCD9062F0}
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKLM\SOFTWARE\iSafe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17278
 
 
-\\ Mozilla Firefox v30.0 (en-US)
 
[ File : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\4vvkf81s.default\prefs.js ]
 
 
*************************
 
AdwCleaner[R0].txt - [1017 octets] - [12/09/2014 11:17:44]
AdwCleaner[R1].txt - [1732 octets] - [14/09/2014 23:13:05]
AdwCleaner[S0].txt - [1087 octets] - [12/09/2014 11:20:37]
AdwCleaner[S1].txt - [1695 octets] - [14/09/2014 23:14:57]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1755 octets] ##########


#5 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:14 PM

Posted 15 September 2014 - 06:14 AM

Is the computer running smoothly now?

#6 Ashes2Glory

Ashes2Glory
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:14 AM

Posted 15 September 2014 - 07:23 AM

Yep, so far so good. Thank you so much for the help! I love this site!

#7 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:14 PM

Posted 15 September 2014 - 08:30 AM

Ok. :)

My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif.
Thank you!

#8 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:14 PM

Posted 19 September 2014 - 03:37 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users