Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Still Unkown Virus


  • This topic is locked This topic is locked
6 replies to this topic

#1 ComputersBeatMe

ComputersBeatMe

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:36 AM

Posted 06 November 2014 - 04:36 PM

Please refer to this thread for more info: http://www.bleepingcomputer.com/forums/t/551694/infected-with-unknown-virus/

 

I have been dealing with this Virus (or whatever it is) for a while that lurks in my AppData folder and creates .exe's that take up Disk Usage and play Ads in the Backround. You can close them but it will only create more. I have done many scans and removal kits and have not fixed the issue. I therefore ran RSIT as instructed  as I was unable to run DDS due to my operating system being Windows 8.1.

Here is the RSIT log.txt:

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by User at 2014-11-06 10:50:51
Microsoft Windows 8.1
System drive C: has 43 GB (9%) free of 469 GB
Total RAM: 12208 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:51:07 AM, on 11/6/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\WINDOWS\SysWOW64\regsvr32.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Cullen.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: 127.0.0.3 www.anchorfree.net
O1 - Hosts: 127.0.0.2 www.mefeedia.com
O1 - Hosts: 127.0.0.3 anchorfree.net
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Bho - {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - C:\PROGRA~2\Nuance\NATURA~1\Program\ieShim.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -autorun
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Spotify] "C:\Users\Cullen\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Cullen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [HP ENVY 4500 series (NET)] "C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3791R3NB05X4:NW" -scfn "HP ENVY 4500 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [File] "C:\Program Files (x86)\Java\jre7\bin\javaw.exe" -jar "C:\Users\Cullen\AppData\Local\Temp\File9023249809622684857.jar"
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Cullen\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [YscbPack] regsvr32.exe C:\Users\Cullen\AppData\Local\YscbPack\npitunes.dll
O4 - Startup: Dropbox.lnk = Cullen\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Send to OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
O4 - Global Startup: Battlefield 4(64 bit).lnk = C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
O4 - Global Startup: Qualcomm Atheros Killer Network Manager.lnk = C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
O4 - Global Startup: Skype.lnk = ?
O4 - Global Startup: Steam.lnk = C:\Program Files (x86)\Steam\Steam.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll, C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\SCM\MSIService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
O23 - Service: Pingzapper Service (PingzapperSvc) - Unknown owner - C:\Program Files (x86)\Pingzapper\PZService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: RosettaStoneDaemon - Rosetta Stone Ltd. - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
O23 - Service: Razer Surround Audio Service (RzMaelstromVADStreamingService) - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-20001 (WMSVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\wmsvc.exe (file missing)

--
End of file - 16616 bytes

======Listing Processes======

 

c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-9870-b614079d9863 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"

wininit.exe

winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\WLANExt.exe 48558659088
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
dashost.exe {2d2718aa-f817-4fd2-b15aac587b1d5fb7}
C:\WINDOWS\system32\inetsrv\inetinfo.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\SCM\MSIService.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
"C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe" /s "PCCUJobMgr" /m "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\Pingzapper\PZService.exe"
C:\WINDOWS\system32\PnkBstrA.exe
"C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss cfb7c169-9884-429a-b15e-8f38b20c4e40 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe"
"C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b43a5ca3-5b8d-4339-b524-2710e5bc8654 -SystemEventPortName:HostProcess-f0c637c7-bb7d-4b7b-b829-846d97d471c9 -IoCancelEventPortName:HostProcess-50119924-89f7-4260-9893-dbd46ab56ea1 -NonStateChangingEventPortName:HostProcess-d3500519-49f2-4f4f-a706-13e6433486f7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e72412c9-4565-4a06-be45-6677eb9f36b4 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
"C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe" /c /a /s UserSession
taskhostex.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Windows\System32\regsvr32.exe" C:\Users\Cullen\AppData\Local\YscbPack\npitunes.dll
 C:\Users\Cullen\AppData\Local\YscbPack\npitunes.dll
"C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"
taskeng.exe {E3BF4369-3CAA-4834-9F09-215D987670BC}
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe" /s
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Internet Explorer\iexplore.exe" -Embedding -noframemerging -private
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6068 CREDAT:144385 /prefetch:2

"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\Internet Explorer\iexplore.exe" -Embedding -noframemerging -private
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:8940 CREDAT:144385 /prefetch:2
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 624 628 636 65536 632
"C:\Users\Cullen\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler
C:\WINDOWS\tasks\Security Center Update - 1160650435.job - C:\Users\Cullen\AppData\Roaming\Nuivoc\avacz.exe 
C:\WINDOWS\tasks\Security Center Update - 1619281271.job - C:\Users\Cullen\AppData\Roaming\Unafegok\uzegovd.exe 
C:\WINDOWS\tasks\Security Center Update - 1829711121.job - C:\Users\Cullen\AppData\Roaming\Ashuyvbe\nanuu.exe 
C:\WINDOWS\tasks\Security Center Update - 2406958357.job - C:\Users\Cullen\AppData\Roaming\Laexsele\osuxxaa.exe 
C:\WINDOWS\tasks\Security Center Update - 3962440467.job - C:\Users\Cullen\AppData\Roaming\Anxymex\wepiqat.exe 
C:\WINDOWS\tasks\Security Center Update - 569799531.job - C:\Users\Cullen\AppData\Roaming\Vifyune\epecola.exe 
C:\WINDOWS\tasks\Security Center Update - 770941070.job - C:\Users\Cullen\AppData\Roaming\Boerawt\kaetgy.exe 

=========Mozilla firefox=========

ProfilePath - C:\Users\Cullen\AppData\Roaming\Mozilla\Firefox\Profiles\pnbtpzgb.default

prefs.js - "browser.startup.homepage" -  "http://google.com/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@qq.com/npchrome]
"Description"=npchrome
"Path"=C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@qq.com/npqscall]
"Description"=npqscall
"Path"=C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\nuance.com/DragonRIAPlugin]
"Description"=
"Path"=C:\PROGRA~2\Nuance\NATURA~1\Program\npDgnRia.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.5.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-09-25 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-18 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-09-16 2334416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-18 211368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-09-25 153240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73A89C60-CF59-4EC7-9215-9B7EF05ECEA4}]
Dragon NaturallySpeaking Rich Internet Application Support - Extension - C:\PROGRA~2\Nuance\NATURA~1\Program\ieShim.dll [2013-10-15 205104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-07 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL [2014-09-16 1729232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-07 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-04-26 2875728]
"IAStorIcon"=C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe [2013-03-22 36352]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2013-01-28 452608]
"Radio Manager"=C:\Program Files (x86)\SCM\Radio Manager.exe [2013-04-23 406920]
"SCM"=C:\Program Files (x86)\SCM\SCM.exe [2013-04-23 406944]
"MBCfg64"=C:\Windows\system32\MBCfg64.dll [2013-01-07 27648]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-24 13662936]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-10-04 2463552]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-10-04 2800296]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-10-03 457616]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-12-21 771544]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-12-21 770520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify"=C:\Users\Cullen\AppData\Roaming\Spotify\Spotify.exe [2014-10-02 6553144]
"Spotify Web Helper"=C:\Users\Cullen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-10-02 1514040]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2014-10-21 1938624]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2011-10-12 2068856]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-10-21 22869088]
"HP ENVY 4500 series (NET)"=C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [2013-11-29 3487240]
"File"=C:\Program Files (x86)\Java\jre7\bin\javaw.exe [2014-05-07 175528]
"BitTorrent"=C:\Users\Cullen\AppData\Roaming\BitTorrent\BitTorrent.exe [2014-10-06 1417048]
"YscbPack"=regsvr32.exe C:\Users\Cullen\AppData\Local\YscbPack\npitunes.dll []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Sound Blaster Cinema"=C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [2012-11-29 711680]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2013-02-07 490480]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2011-10-12 2068856]
"DNS7reminder"=C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe [2010-10-27 328992]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
""= []
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2014-10-24 585536]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-07-22 2694040]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"RazerCortex"=C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [2014-08-28 60640]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-10-16 3649040]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-11-03 3835728]

[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Vyinwupabye"=C:\Users\Cullen\AppData\Roaming\Muynlim\ilgatyg.exe []
"Onsood"=C:\Users\Cullen\AppData\Roaming\Vifyune\epecola.exe []
"Wiockoipeny"=C:\Users\Cullen\AppData\Roaming\Laexsele\osuxxaa.exe []
"Syulym"=C:\Users\Cullen\AppData\Roaming\Boerawt\kaetgy.exe []
"Ryfotedefuwygy"=C:\Users\Cullen\AppData\Roaming\Ashuyvbe\nanuu.exe []
"Efebzout"=C:\Users\Cullen\AppData\Roaming\Unafegok\uzegovd.exe []
"Kunui"=C:\Users\Cullen\AppData\Roaming\Anxymex\wepiqat.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Battlefield 4(64 bit).lnk - C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
Qualcomm Atheros Killer Network Manager.lnk - C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
Skype.lnk - C:\WINDOWS\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK32.EXE

C:\Users\Cullen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Cullen\AppData\Roaming\Dropbox\bin\Dropbox.exe
Send to OneNote.lnk - C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\windows\system32\nvinitx.dll, c:\windows\system32\nvinitx.dll, C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-12-21 624640]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"VIDC.FICV"=ficvdec_x64.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"midi3"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"midi4"=wdmaud.drv
"VIDC.WVC1"=d3dgeardecoder64.dll
"VIDC.WMV3"=d3dgeardecoder64.dll
"VIDC.M4S2"=d3dgeardecoder64.dll
"VIDC.FVFW"=d3dgeardecoder64.dll
"VIDC.FFVH"=d3dgeardecoder64.dll
"midi5"=wdmaud.drv
"midi7"=wdmaud.drv
"midi8"=wdmaud.drv
"midi6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-06 10:50:51 ----D---- C:\rsit
2014-11-06 10:50:51 ----D---- C:\Program Files\trend micro
2014-11-04 23:06:20 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-11-04 20:28:35 ----D---- C:\WINDOWS\SYSWOW64\NV
2014-11-04 20:28:35 ----D---- C:\WINDOWS\system32\NV
2014-11-04 20:27:26 ----D---- C:\WINDOWS\LastGood.Tmp
2014-11-04 20:26:24 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\system32\nvopencl.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\system32\nvdispgenco6434460.dll
2014-11-04 20:26:24 ----A---- C:\WINDOWS\system32\drivers\nvpciflt.sys
2014-11-04 20:26:24 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2014-11-04 20:26:23 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2014-11-04 20:26:23 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2014-11-04 20:26:23 ----A---- C:\WINDOWS\system32\nvdispco6434460.dll
2014-11-04 20:26:23 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2014-11-04 20:26:23 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2014-11-04 20:26:23 ----A---- C:\WINDOWS\system32\nvcuda.dll
2014-11-04 20:26:21 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2014-11-04 20:26:21 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2014-11-04 18:50:58 ----D---- C:\ProgramData\NVIDIA
2014-11-04 18:50:41 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2014-11-04 18:50:41 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2014-11-04 18:50:40 ----A---- C:\WINDOWS\system32\nvvsvc.exe
2014-11-04 18:50:40 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2014-11-04 18:50:40 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2014-11-04 18:50:40 ----A---- C:\WINDOWS\system32\nvshext.dll
2014-11-04 18:50:40 ----A---- C:\WINDOWS\system32\nvmctray.dll
2014-11-04 18:50:40 ----A---- C:\WINDOWS\system32\nvcpl.dll
2014-11-03 18:12:12 ----AH---- C:\WINDOWS\system32\drivers\Hamdrv.sys
2014-11-01 17:54:46 ----D---- C:\Program Files\ESEA
2014-10-31 11:19:50 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-10-31 11:09:12 ----SD---- C:\WINDOWS\system32\CompatTel
2014-10-31 10:35:40 ----A---- C:\WINDOWS\system32\termsrv.dll
2014-10-31 10:13:07 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2014-10-31 10:02:13 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-10-31 10:02:12 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-10-31 10:02:12 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-10-31 10:02:10 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2014-10-31 10:02:10 ----A---- C:\WINDOWS\system32\dxgi.dll
2014-10-31 10:02:10 ----A---- C:\WINDOWS\system32\dwmcore.dll
2014-10-31 10:02:10 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2014-10-31 10:01:31 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2014-10-31 10:01:31 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2014-10-31 10:00:38 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2014-10-31 10:00:38 ----A---- C:\WINDOWS\system32\gdi32.dll
2014-10-31 10:00:30 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-10-31 10:00:29 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-10-31 10:00:29 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-10-31 10:00:29 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-10-31 10:00:29 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-10-31 10:00:29 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-10-31 10:00:29 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-10-31 10:00:29 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-31 10:00:29 ----A---- C:\WINDOWS\system32\wups2.dll
2014-10-31 10:00:29 ----A---- C:\WINDOWS\system32\wups.dll
2014-10-31 10:00:29 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-10-31 10:00:29 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-10-31 10:00:29 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-10-31 10:00:29 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-10-31 10:00:29 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-10-31 09:57:36 ----A---- C:\WINDOWS\system32\storewuauth.dll
2014-10-31 09:57:35 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2014-10-31 09:57:35 ----A---- C:\WINDOWS\system32\ubpm.dll
2014-10-31 09:57:24 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-10-31 09:57:24 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-10-31 09:57:24 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-10-31 09:57:23 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-10-31 09:57:23 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-10-31 09:57:22 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-10-31 09:57:22 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-10-31 09:57:22 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-10-31 09:57:21 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-10-31 09:57:21 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-10-31 09:57:21 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-10-31 09:57:21 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-10-31 09:57:21 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-10-31 09:57:21 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-10-31 09:57:21 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-10-31 09:57:19 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-10-31 09:57:19 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-10-31 09:57:19 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-10-31 09:57:19 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-10-31 09:57:19 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-10-31 09:57:18 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-10-31 09:57:18 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-10-31 09:57:18 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-10-31 09:57:17 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-10-31 09:57:17 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-10-31 09:57:17 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-10-31 09:57:16 ----A---- C:\WINDOWS\system32\wininet.dll
2014-10-31 09:57:16 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-10-31 09:57:12 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-10-31 09:57:12 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-10-31 09:57:12 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-31 09:57:12 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-10-31 09:57:12 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-10-31 09:57:12 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-10-31 09:57:12 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-31 09:57:10 ----A---- C:\WINDOWS\system32\WpcMon.exe
2014-10-31 09:57:10 ----A---- C:\WINDOWS\system32\Wpc.dll
2014-10-31 09:57:09 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2014-10-31 09:57:09 ----A---- C:\WINDOWS\system32\WpcWebSync.dll
2014-10-31 09:57:08 ----A---- C:\WINDOWS\system32\drivers\wpcfltr.sys
2014-10-31 09:55:42 ----A---- C:\WINDOWS\system32\schedsvc.dll
2014-10-31 09:55:40 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2014-10-31 09:55:40 ----A---- C:\WINDOWS\system32\packager.dll
2014-10-31 09:55:04 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2014-10-31 09:55:04 ----A---- C:\WINDOWS\system32\rastls.dll
2014-10-31 09:54:19 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-10-31 09:54:18 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2014-10-31 09:54:18 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-10-31 09:54:17 ----A---- C:\WINDOWS\system32\uDWM.dll
2014-10-31 09:54:16 ----A---- C:\WINDOWS\SYSWOW64\UXInit.dll
2014-10-31 09:54:16 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2014-10-31 09:54:16 ----A---- C:\WINDOWS\system32\UXInit.dll
2014-10-31 09:54:16 ----A---- C:\WINDOWS\explorer.exe
2014-10-31 09:54:15 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-10-31 09:54:15 ----A---- C:\WINDOWS\system32\authui.dll
2014-10-31 09:54:13 ----A---- C:\WINDOWS\SYSWOW64\msihnd.dll
2014-10-31 09:54:13 ----A---- C:\WINDOWS\system32\win32k.sys
2014-10-31 09:54:13 ----A---- C:\WINDOWS\system32\msihnd.dll
2014-10-31 09:54:13 ----A---- C:\WINDOWS\system32\consent.exe
2014-10-31 09:54:13 ----A---- C:\WINDOWS\system32\appinfo.dll
2014-10-31 09:54:10 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-10-31 09:54:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-10-31 09:54:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-31 09:54:10 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-10-31 09:54:10 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-10-31 09:54:09 ----A---- C:\WINDOWS\SYSWOW64\SkyDriveShell.dll
2014-10-31 09:54:09 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2014-10-31 09:54:08 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-31 09:54:08 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-10-31 09:54:07 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-31 09:54:07 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-31 09:54:07 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-10-31 09:54:06 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2014-10-31 09:54:05 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-10-31 09:54:05 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-31 09:54:05 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-10-31 09:54:05 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2014-10-31 09:54:04 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-10-31 09:54:04 ----A---- C:\WINDOWS\system32\propsys.dll
2014-10-31 09:54:04 ----A---- C:\WINDOWS\system32\ntdll.dll
2014-10-31 09:54:04 ----A---- C:\WINDOWS\system32\KernelBase.dll
2014-10-31 09:54:03 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2014-10-31 09:54:03 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-10-31 09:54:03 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2014-10-31 09:54:03 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2014-10-31 09:54:03 ----A---- C:\WINDOWS\system32\Wldap32.dll
2014-10-31 09:54:03 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-31 09:54:03 ----A---- C:\WINDOWS\system32\ProximityService.dll
2014-10-31 09:54:03 ----A---- C:\WINDOWS\system32\pcsvDevice.dll
2014-10-31 09:54:03 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2014-10-31 09:54:03 ----A---- C:\WINDOWS\system32\httpprxm.dll
2014-10-31 09:54:03 ----A---- C:\WINDOWS\system32\bisrv.dll
2014-10-31 09:54:02 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2014-10-31 09:54:02 ----A---- C:\WINDOWS\system32\WSReset.exe
2014-10-31 09:54:02 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2014-10-31 09:54:02 ----A---- C:\WINDOWS\system32\adhsvc.dll
2014-10-31 09:53:48 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2014-10-31 09:53:48 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-31 09:53:10 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-10-31 09:53:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2014-10-31 09:53:01 ----A---- C:\WINDOWS\system32\gpsvc.dll
2014-10-31 09:52:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2014-10-31 09:52:57 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2014-10-31 09:52:57 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2014-10-31 09:52:57 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-10-31 09:52:56 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2014-10-31 09:52:56 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2014-10-31 09:52:56 ----A---- C:\WINDOWS\system32\wmpmde.dll
2014-10-31 09:52:56 ----A---- C:\WINDOWS\system32\winmde.dll
2014-10-31 09:52:56 ----A---- C:\WINDOWS\system32\services.exe
2014-10-31 09:52:56 ----A---- C:\WINDOWS\system32\mfsvr.dll
2014-10-31 09:52:55 ----A---- C:\WINDOWS\SYSWOW64\XpsGdiConverter.dll
2014-10-31 09:52:55 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2014-10-31 09:52:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2014-10-31 09:52:55 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2014-10-31 09:52:55 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-10-31 09:52:55 ----A---- C:\WINDOWS\system32\XpsGdiConverter.dll
2014-10-31 09:52:55 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-10-31 09:52:55 ----A---- C:\WINDOWS\system32\srvsvc.dll
2014-10-31 09:52:55 ----A---- C:\WINDOWS\system32\MDEServer.exe
2014-10-31 09:52:55 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-10-31 09:52:55 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2014-10-31 09:52:55 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-10-31 09:52:55 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2014-10-31 09:52:55 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-10-31 09:52:55 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-10-31 09:52:54 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2014-10-31 09:52:54 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2014-10-31 09:52:54 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-10-31 09:52:54 ----A---- C:\WINDOWS\system32\rdpencom.dll
2014-10-31 09:52:54 ----A---- C:\WINDOWS\system32\ploptin.dll
2014-10-31 09:52:54 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2014-10-31 09:52:54 ----A---- C:\WINDOWS\system32\dwmapi.dll
2014-10-31 09:52:54 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2014-10-31 09:52:54 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2014-10-31 09:52:54 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-10-31 09:52:54 ----A---- C:\WINDOWS\system32\defragsvc.dll
2014-10-31 09:52:54 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-10-31 09:52:53 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2014-10-31 09:52:53 ----A---- C:\WINDOWS\system32\swprv.dll
2014-10-31 09:52:53 ----A---- C:\WINDOWS\system32\resutils.dll
2014-10-31 09:52:53 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2014-10-31 09:52:52 ----A---- C:\WINDOWS\system32\gpapi.dll
2014-10-31 09:52:50 ----A---- C:\WINDOWS\system32\VSSVC.exe
2014-10-31 09:52:50 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2014-10-31 09:52:50 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2014-10-31 09:52:49 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2014-10-31 09:52:49 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2014-10-31 09:52:49 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2014-10-31 09:52:49 ----A---- C:\WINDOWS\system32\wscsvc.dll
2014-10-31 09:52:49 ----A---- C:\WINDOWS\system32\rpchttp.dll
2014-10-31 09:52:49 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2014-10-31 09:52:49 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2014-10-31 09:52:49 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2014-10-31 09:52:48 ----A---- C:\WINDOWS\system32\mf.dll
2014-10-31 09:52:47 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2014-10-31 09:52:47 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2014-10-31 09:52:47 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-10-31 09:52:47 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-10-31 09:52:47 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-10-31 09:52:46 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2014-10-31 09:52:46 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2014-10-31 09:52:46 ----A---- C:\WINDOWS\system32\wintrust.dll
2014-10-31 09:52:46 ----A---- C:\WINDOWS\system32\mfplat.dll
2014-10-31 09:52:46 ----A---- C:\WINDOWS\system32\energyprov.dll
2014-10-31 09:52:46 ----A---- C:\WINDOWS\system32\clusapi.dll
2014-10-31 09:52:46 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-10-31 09:52:45 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2014-10-31 09:52:45 ----A---- C:\WINDOWS\system32\tlscsp.dll
2014-10-31 09:52:45 ----A---- C:\WINDOWS\system32\srcore.dll
2014-10-31 09:52:45 ----A---- C:\WINDOWS\system32\mfpmp.exe
2014-10-31 09:52:45 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-10-31 09:52:44 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2014-10-31 09:52:44 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2014-10-31 09:52:44 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2014-10-31 09:52:44 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2014-10-31 09:52:44 ----A---- C:\WINDOWS\system32\wlansvc.dll
2014-10-31 09:52:44 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-10-31 09:52:44 ----A---- C:\WINDOWS\system32\mispace.dll
2014-10-31 09:52:44 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2014-10-31 09:52:43 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2014-10-31 09:52:43 ----A---- C:\WINDOWS\SYSWOW64\wlanhlp.dll
2014-10-31 09:52:43 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2014-10-31 09:52:43 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2014-10-31 09:52:43 ----A---- C:\WINDOWS\SYSWOW64\srclient.dll
2014-10-31 09:52:43 ----A---- C:\WINDOWS\system32\wlansec.dll
2014-10-31 09:52:43 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2014-10-31 09:52:43 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2014-10-31 09:52:43 ----A---- C:\WINDOWS\system32\wlanapi.dll
2014-10-31 09:52:43 ----A---- C:\WINDOWS\system32\tsgqec.dll
2014-10-31 09:52:43 ----A---- C:\WINDOWS\system32\srclient.dll
2014-10-31 09:52:43 ----A---- C:\WINDOWS\system32\rstrui.exe
2014-10-31 09:52:43 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-10-31 03:30:11 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-10-31 03:30:11 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-10-31 03:30:10 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-10-31 03:30:09 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-10-31 03:30:09 ----A---- C:\WINDOWS\system32\vpnike.dll
2014-10-31 03:30:07 ----A---- C:\WINDOWS\system32\fveapi.dll
2014-10-31 03:30:07 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2014-10-31 03:30:05 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2014-10-31 03:30:05 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-10-31 03:30:04 ----A---- C:\WINDOWS\SYSWOW64\framedynos.dll
2014-10-31 03:30:04 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2014-10-31 03:30:04 ----A---- C:\WINDOWS\system32\framedynos.dll
2014-10-31 03:30:04 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2014-10-31 03:30:04 ----A---- C:\WINDOWS\system32\bdesvc.dll
2014-10-31 03:30:03 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2014-10-31 03:30:03 ----A---- C:\WINDOWS\SYSWOW64\ncobjapi.dll
2014-10-31 03:30:03 ----A---- C:\WINDOWS\system32\WebClnt.dll
2014-10-31 03:30:03 ----A---- C:\WINDOWS\system32\Robocopy.exe
2014-10-31 03:30:03 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2014-10-31 03:30:03 ----A---- C:\WINDOWS\system32\framedyn.dll
2014-10-31 03:30:03 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2014-10-31 03:30:03 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2014-10-31 03:30:03 ----A---- C:\WINDOWS\system32\BFE.DLL
2014-10-31 03:30:02 ----A---- C:\WINDOWS\SYSWOW64\Robocopy.exe
2014-10-31 03:30:02 ----A---- C:\WINDOWS\SYSWOW64\framedyn.dll
2014-10-31 03:30:02 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc6.dll
2014-10-31 03:30:02 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc.dll
2014-10-31 03:30:02 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-10-31 03:30:02 ----A---- C:\WINDOWS\system32\srms.dat
2014-10-31 03:30:02 ----A---- C:\WINDOWS\system32\reseteng.dll
2014-10-31 03:30:02 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2014-10-31 03:30:02 ----A---- C:\WINDOWS\system32\drivers\vwififlt.sys
2014-10-31 03:30:02 ----A---- C:\WINDOWS\system32\dhcpcsvc6.dll
2014-10-31 03:30:02 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2014-10-31 03:30:02 ----A---- C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-31 03:29:58 ----A---- C:\WINDOWS\SYSWOW64\mrt100.dll
2014-10-31 03:29:58 ----A---- C:\WINDOWS\SYSWOW64\mrt_map.dll
2014-10-31 03:29:58 ----A---- C:\WINDOWS\system32\mrt100.dll
2014-10-31 03:29:58 ----A---- C:\WINDOWS\system32\mrt_map.dll
2014-10-31 03:29:58 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-10-31 03:29:48 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-10-31 03:29:47 ----A---- C:\WINDOWS\system32\twinui.dll
2014-10-31 03:29:47 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-10-31 03:29:47 ----A---- C:\WINDOWS\system32\localspl.dll
2014-10-31 03:29:46 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-10-31 03:29:46 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-10-31 03:29:46 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-10-31 03:29:46 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-10-31 03:29:46 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-10-31 03:29:45 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-10-31 03:29:45 ----A---- C:\WINDOWS\system32\shell32.dll
2014-10-31 03:29:45 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-10-31 03:29:42 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2014-10-31 03:29:42 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2014-10-31 03:29:42 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-10-31 03:29:42 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-10-31 03:29:42 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-10-31 03:29:41 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2014-10-31 03:29:41 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2014-10-31 03:29:41 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2014-10-31 03:29:41 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2014-10-31 03:29:41 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-10-31 03:29:41 ----A---- C:\WINDOWS\system32\schannel.dll
2014-10-31 03:29:41 ----A---- C:\WINDOWS\system32\puiobj.dll
2014-10-31 03:29:41 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2014-10-31 03:29:40 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2014-10-31 03:29:40 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-10-31 03:29:40 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2014-10-31 03:29:39 ----A---- C:\WINDOWS\SYSWOW64\puiapi.dll
2014-10-31 03:29:39 ----A---- C:\WINDOWS\SYSWOW64\prnntfy.dll
2014-10-31 03:29:39 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2014-10-31 03:29:39 ----A---- C:\WINDOWS\system32\winbici.dll
2014-10-31 03:29:39 ----A---- C:\WINDOWS\system32\untfs.dll
2014-10-31 03:29:39 ----A---- C:\WINDOWS\system32\puiapi.dll
2014-10-31 03:29:39 ----A---- C:\WINDOWS\system32\prnntfy.dll
2014-10-31 03:29:39 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-10-31 03:29:39 ----A---- C:\WINDOWS\system32\certcli.dll
2014-10-31 03:29:38 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2014-10-31 03:29:38 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2014-10-31 03:29:38 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2014-10-31 03:29:38 ----A---- C:\WINDOWS\system32\FXSAPI.dll
2014-10-31 03:29:38 ----A---- C:\WINDOWS\system32\compstui.dll
2014-10-31 03:29:34 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-10-31 03:29:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-10-31 03:29:32 ----A---- C:\WINDOWS\system32\drivers\usbport.sys
2014-10-31 03:29:31 ----A---- C:\WINDOWS\system32\rsaenh.dll
2014-10-31 03:29:31 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2014-10-31 03:29:30 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2014-10-31 03:29:30 ----A---- C:\WINDOWS\SYSWOW64\DaOtpCredentialProvider.dll
2014-10-31 03:29:30 ----A---- C:\WINDOWS\system32\WUDFSvc.dll
2014-10-31 03:29:30 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2014-10-31 03:29:30 ----A---- C:\WINDOWS\system32\WUDFHost.exe
2014-10-31 03:29:30 ----A---- C:\WINDOWS\system32\hal.dll
2014-10-31 03:29:30 ----A---- C:\WINDOWS\system32\drivers\WUDFRd.sys
2014-10-31 03:29:30 ----A---- C:\WINDOWS\system32\drivers\WUDFPf.sys
2014-10-31 03:29:30 ----A---- C:\WINDOWS\system32\drivers\usbuhci.sys
2014-10-31 03:29:30 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys
2014-10-31 03:29:30 ----A---- C:\WINDOWS\system32\drivers\usbd.sys
2014-10-31 03:29:30 ----A---- C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-10-31 03:28:06 ----A---- C:\WINDOWS\system32\generaltel.dll
2014-10-31 03:28:06 ----A---- C:\WINDOWS\system32\devinv.dll
2014-10-31 03:28:06 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-10-31 03:28:05 ----A---- C:\WINDOWS\system32\aepic.dll
2014-10-31 03:28:05 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-10-31 03:26:54 ----A---- C:\WINDOWS\SYSWOW64\drvinst.exe
2014-10-31 03:26:54 ----A---- C:\WINDOWS\system32\drvinst.exe
2014-10-31 03:26:54 ----A---- C:\WINDOWS\system32\drvcfg.exe
2014-10-31 03:26:27 ----A---- C:\WINDOWS\system32\qedit.dll
2014-10-31 03:26:26 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll
2014-10-31 03:26:23 ----A---- C:\WINDOWS\system32\wpccpl.dll
2014-10-31 03:26:21 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-10-31 03:26:21 ----A---- C:\WINDOWS\system32\msi.dll
2014-10-31 03:25:05 ----A---- C:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2014-10-31 03:25:05 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-10-31 03:23:51 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2014-10-31 03:23:51 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2014-10-31 03:23:51 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2014-10-31 03:22:22 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll
2014-10-31 03:22:22 ----A---- C:\WINDOWS\system32\adtschema.dll
2014-10-31 03:21:33 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2014-10-31 03:21:33 ----A---- C:\WINDOWS\system32\FntCache.dll
2014-10-31 03:21:33 ----A---- C:\WINDOWS\system32\DWrite.dll
2014-10-31 03:21:27 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2014-10-31 03:06:02 ----D---- C:\Program Files (x86)\Advanced Fix
2014-10-30 20:34:14 ----D---- C:\Users\Cullen\AppData\Roaming\Nuivoc
2014-10-30 15:17:14 ----D---- C:\ProgramData\Origin
2014-10-30 15:17:11 ----D---- C:\Program Files (x86)\Origin
2014-10-22 15:52:20 ----D---- C:\Users\Cullen\AppData\Roaming\AVG2015
2014-10-22 15:50:43 ----D---- C:\Users\Cullen\AppData\Roaming\TuneUp Software
2014-10-22 15:48:56 ----HD---- C:\$AVG
2014-10-22 15:48:55 ----D---- C:\ProgramData\AVG2015
2014-10-22 15:48:01 ----D---- C:\Program Files (x86)\AVG
2014-10-22 15:22:07 ----HD---- C:\ProgramData\Common Files
2014-10-22 15:22:07 ----D---- C:\ProgramData\MFAData
2014-10-16 17:04:48 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-16 17:04:48 ----D---- C:\Program Files\iTunes
2014-10-14 22:36:48 ----D---- C:\Program Files (x86)\Software Lag Switch
2014-10-14 16:38:06 ----D---- C:\Users\Cullen\AppData\Roaming\Oszaxaky
2014-10-12 18:19:10 ----A---- C:\TDSSKiller.3.0.0.40_12.10.2014_19.19.10_log.txt
2014-10-09 03:07:10 ----A---- C:\WINDOWS\SYSWOW64\rzdevinfo.dll
2014-10-07 20:43:06 ----A---- C:\WINDOWS\system32\drivers\avgidsdrivera.sys

======List of files/folders modified in the last 1 month======

2014-11-06 10:50:51 ----RD---- C:\Program Files
2014-11-06 10:50:32 ----A---- C:\WINDOWS\system32\RzMaelstromVADAudioDeviceManager_log.txt
2014-11-06 10:50:03 ----D---- C:\Program Files (x86)\Steam
2014-11-06 10:48:59 ----RD---- C:\WINDOWS\System32
2014-11-06 10:48:59 ----D---- C:\WINDOWS\Inf
2014-11-06 10:48:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-06 10:44:38 ----D---- C:\WINDOWS\system32\inetsrv
2014-11-06 10:43:54 ----D---- C:\ProgramData\Realtek
2014-11-06 10:43:04 ----D---- C:\WINDOWS\Temp
2014-11-06 10:42:14 ----D---- C:\WINDOWS\SysWOW64
2014-11-06 10:42:14 ----D---- C:\Windows
2014-11-06 10:30:33 ----D---- C:\WINDOWS\system32\sru
2014-11-06 10:28:24 ----D---- C:\WINDOWS\SoftwareDistribution
2014-11-06 01:50:31 ----D---- C:\Users\Cullen\AppData\Roaming\TS3Client
2014-11-05 23:44:04 ----HD---- C:\ProgramData
2014-11-05 23:44:02 ----D---- C:\WINDOWS\Tasks
2014-11-05 23:44:02 ----D---- C:\WINDOWS\system32\Tasks
2014-11-05 22:23:31 ----D---- C:\WINDOWS\debug
2014-11-05 22:21:52 ----SHD---- C:\WINDOWS\Installer
2014-11-05 22:21:52 ----SHD---- C:\Config.Msi
2014-11-05 17:41:18 ----D---- C:\Users\Cullen\AppData\Roaming\Spotify
2014-11-05 15:52:45 ----D---- C:\WINDOWS\Prefetch
2014-11-05 15:44:24 ----D---- C:\WINDOWS\system32\drivers
2014-11-05 09:47:08 ----D---- C:\WINDOWS\AppReadiness
2014-11-05 09:47:07 ----HD---- C:\Program Files\WindowsApps
2014-11-04 23:08:46 ----RD---- C:\Program Files (x86)
2014-11-04 23:08:46 ----D---- C:\Program Files (x86)\Google
2014-11-04 23:04:07 ----SHD---- C:\System Volume Information
2014-11-04 20:28:35 ----D---- C:\TEMP
2014-11-04 20:27:20 ----D---- C:\WINDOWS\system32\DriverStore
2014-11-04 18:50:30 ----D---- C:\WINDOWS\Help
2014-11-04 18:50:30 ----D---- C:\Program Files\NVIDIA Corporation
2014-11-04 18:47:48 ----D---- C:\ProgramData\NVIDIA Corporation
2014-11-04 18:47:12 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-11-03 12:31:12 ----D---- C:\Users\Cullen\AppData\Roaming\Audacity
2014-11-03 11:22:43 ----D---- C:\WINDOWS\Microsoft.NET
2014-11-02 20:07:18 ----D---- C:\WINDOWS\system32\catroot
2014-11-02 14:20:39 ----A---- C:\WINDOWS\SYSWOW64\PnkBstrB.exe
2014-11-01 11:48:14 ----D---- C:\WINDOWS\rescache
2014-11-01 11:16:10 ----RSD---- C:\WINDOWS\assembly
2014-11-01 11:15:41 ----D---- C:\WINDOWS\system32\config
2014-10-31 12:37:58 ----D---- C:\WINDOWS\system32\wbem
2014-10-31 12:32:22 ----D---- C:\Program Files\Intel
2014-10-31 12:32:22 ----D---- C:\Program Files\Common Files\microsoft shared
2014-10-31 12:32:16 ----D---- C:\Program Files (x86)\Windows Defender
2014-10-31 12:32:16 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-31 12:32:14 ----D---- C:\Program Files\Internet Explorer
2014-10-31 12:31:34 ----D---- C:\Program Files\Windows Journal
2014-10-31 12:31:34 ----D---- C:\Program Files\Windows Defender
2014-10-31 12:31:16 ----HD---- C:\SuperChargerProfile
2014-10-31 12:31:03 ----D---- C:\WINDOWS\apppatch
2014-10-31 12:30:56 ----D---- C:\WINDOWS\FileManager
2014-10-31 12:30:56 ----D---- C:\WINDOWS\Camera
2014-10-31 12:30:54 ----RSD---- C:\WINDOWS\Fonts
2014-10-31 12:30:54 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-10-31 12:30:19 ----RSD---- C:\WINDOWS\Media
2014-10-31 12:30:19 ----D---- C:\WINDOWS\MediaViewer
2014-10-31 12:30:18 ----D---- C:\WINDOWS\PolicyDefinitions
2014-10-31 12:29:46 ----D---- C:\WINDOWS\servicing
2014-10-31 12:29:45 ----D---- C:\WINDOWS\system32\catroot2
2014-10-31 12:29:45 ----D---- C:\WINDOWS\ShellNew
2014-10-31 12:29:37 ----D---- C:\WINDOWS\system32\drivers\en-US
2014-10-31 12:29:37 ----D---- C:\WINDOWS\system32\CodeIntegrity
2014-10-31 12:29:32 ----D---- C:\WINDOWS\system32\en-US
2014-10-31 12:29:26 ----D---- C:\WINDOWS\system32\Sysprep
2014-10-31 12:29:26 ----D---- C:\WINDOWS\system32\setup
2014-10-31 12:29:26 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2014-10-31 12:29:26 ----D---- C:\WINDOWS\system32\oobe
2014-10-31 12:29:26 ----D---- C:\WINDOWS\system32\migration
2014-10-31 12:29:22 ----D---- C:\WINDOWS\SystemResources
2014-10-31 12:29:20 ----D---- C:\WINDOWS\SYSWOW64\inetsrv
2014-10-31 12:29:20 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-10-31 12:29:19 ----RD---- C:\WINDOWS\ToastData
2014-10-31 12:29:19 ----D---- C:\WINDOWS\WinStore
2014-10-31 12:29:19 ----D---- C:\WINDOWS\SYSWOW64\wbem
2014-10-31 12:29:19 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-10-31 12:29:18 ----D---- C:\WINDOWS\WinSxS
2014-10-31 12:09:26 ----D---- C:\WINDOWS\registration
2014-10-31 11:33:44 ----D---- C:\WINDOWS\system32\NDF
2014-10-31 11:05:13 ----D---- C:\WINDOWS\CbsTemp
2014-10-31 10:55:11 ----D---- C:\ProgramData\Microsoft Help
2014-10-31 10:33:48 ----D---- C:\WINDOWS\system32\MRT
2014-10-31 10:26:45 ----A---- C:\WINDOWS\system32\MRT.exe
2014-10-31 09:56:23 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-10-31 09:56:22 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-10-31 09:56:15 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-10-31 09:56:15 ----A---- C:\WINDOWS\system32\ieetwcollectorres.dll
2014-10-31 09:56:15 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-10-31 09:56:14 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-10-31 09:56:13 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-10-31 09:56:13 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-10-31 09:56:12 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-10-31 09:56:11 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-10-31 09:56:11 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-10-31 09:56:07 ----A---- C:\WINDOWS\system32\msrating.dll
2014-10-31 03:11:44 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-10-30 21:28:32 ----D---- C:\Users\Cullen\AppData\Roaming\Dropbox
2014-10-30 18:54:41 ----D---- C:\WINDOWS\LiveKernelReports
2014-10-29 22:53:26 ----A---- C:\WINDOWS\SYSWOW64\nvumdshim.dll
2014-10-29 22:53:26 ----A---- C:\WINDOWS\SYSWOW64\nvinit.dll
2014-10-29 22:53:26 ----A---- C:\WINDOWS\SYSWOW64\nvd3dum.dll
2014-10-29 22:53:26 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2014-10-29 22:53:26 ----A---- C:\WINDOWS\system32\nvumdshimx.dll
2014-10-29 22:53:26 ----A---- C:\WINDOWS\system32\nvinitx.dll
2014-10-29 22:53:26 ----A---- C:\WINDOWS\system32\nvapi64.dll
2014-10-26 04:07:21 ----D---- C:\Users\Cullen\AppData\Roaming\Skype
2014-10-24 10:31:22 ----A---- C:\IFRToolLog.txt
2014-10-23 10:05:09 ----D---- C:\WINDOWS\SYSWOW64\config
2014-10-22 17:02:39 ----D---- C:\Users\Cullen\AppData\Roaming\BitTorrent
2014-10-22 17:02:20 ----D---- C:\WINDOWS\Minidump
2014-10-22 17:02:20 ----D---- C:\WINDOWS\Logs
2014-10-22 16:24:35 ----A---- C:\ProgramData\wrnhoah.tmp
2014-10-22 16:23:32 ----D---- C:\Program Files\KMSpico
2014-10-22 15:50:34 ----HD---- C:\WINDOWS\ELAMBKUP
2014-10-22 14:55:33 ----D---- C:\Program Files (x86)\Razer
2014-10-22 14:55:17 ----D---- C:\ProgramData\Razer
2014-10-19 15:49:30 ----D---- C:\Users\Cullen\AppData\Roaming\XBMC
2014-10-18 16:54:12 ----RD---- C:\Users
2014-10-16 17:05:45 ----D---- C:\Program Files (x86)\iTunes
2014-10-16 17:04:49 ----D---- C:\Program Files\iPod
2014-10-16 17:04:49 ----D---- C:\Program Files\Common Files\Apple
2014-10-16 17:04:44 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-12 18:28:41 ----D---- C:\Users\Cullen\AppData\Roaming\Adobe
2014-10-12 18:26:38 ----D---- C:\AdwCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-03-18 678384]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2014-10-29 31560]
R0 PxHlpa64;PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [2012-06-22 56336]
R0 Tpkd;Tpkd; C:\WINDOWS\system32\drivers\Tpkd.sys [2011-06-28 105592]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2014-10-07 262424]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2014-09-24 277784]
R1 RrNetCapFilterDriver;@oem23.inf,%RrNetCapFilterDriver_Desc%;RadioRip Filter Driver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [2013-10-07 24744]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 ETD;@oem11.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2013-04-26 357200]
R3 EuMusDesignVirtualAudioCableWdm;@oem19.inf,%DeviceName% (WDM);Virtual Audio Cable (WDM); C:\WINDOWS\system32\DRIVERS\vrtaucbl.sys [2014-01-25 66728]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2014-11-03 46136]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-10-03 4753336]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-11-05 3707864]
R3 Ke2200;@oem6.inf,%L1C.Service.DispName%;NDIS Miniport Driver for the Killer e2200 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\e22w8x64.sys [2013-03-15 174448]
R3 MBfilt;MBfilt; C:\WINDOWS\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;@oem34.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-03-12 64624]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-10-25 13368]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-10-29 13189832]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-10-04 20288]
R3 nvvad_WaveExtensible;@oem75.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-09-04 38048]
R3 RtkBtFilter;@oem9.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2013-04-26 524360]
R3 RTSPER;@oem8.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2013-04-26 448072]
R3 RTWlanE;@oem33.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [2013-04-26 1552456]
R3 rzendpt;@oem45.inf,%rzendpt.SvcDesc%;rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [2014-09-04 39592]
R3 RZMAELSTROMVADService;@oem85.inf,%RZMAELSTROMVAD.SvcDesc%;Razer Surround Audio Enhancer Service; C:\WINDOWS\system32\drivers\RzMaelstromVAD.sys [2014-05-23 32768]
R3 rzudd;@oem87.inf,%Razer.SvcDesc%;Razer Mouse Driver; C:\WINDOWS\System32\drivers\rzudd.sys [2014-09-04 160424]
R3 SensorsSimulatorDriver;@oem52.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2014-05-31 227840]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2013-08-22 11776]
R3 tbhsd;@oem22.inf,%tbhsd.SvcDesc%;Audials Sound Capturing; C:\WINDOWS\system32\drivers\tbhsd.sys [2013-10-07 47240]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2013-10-21 834544]
S1 caaimalv;caaimalv; \??\C:\WINDOWS\system32\drivers\caaimalv.sys []
S1 cxdsxdqw;cxdsxdqw; \??\C:\WINDOWS\system32\drivers\cxdsxdqw.sys []
S1 dhefdovn;dhefdovn; \??\C:\WINDOWS\system32\drivers\dhefdovn.sys []
S1 dpkupzuo;dpkupzuo; \??\C:\WINDOWS\system32\drivers\dpkupzuo.sys []
S1 fuqnkknr;fuqnkknr; \??\C:\WINDOWS\system32\drivers\fuqnkknr.sys []
S1 HssDRV6;@oem39.inf,%HssDRV6_Desc%;Hotspot Shield Routing Driver 6; C:\WINDOWS\system32\DRIVERS\hssdrv6.sys []
S1 hvggkkjx;hvggkkjx; \??\C:\WINDOWS\system32\drivers\hvggkkjx.sys []
S1 jklbbkmo;jklbbkmo; \??\C:\WINDOWS\system32\drivers\jklbbkmo.sys []
S1 jqmahygm;jqmahygm; \??\C:\WINDOWS\system32\drivers\jqmahygm.sys []
S1 jrjlmqrt;jrjlmqrt; \??\C:\WINDOWS\system32\drivers\jrjlmqrt.sys []
S1 MpKsl008e3d2c;MpKsl008e3d2c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3BFBEAF7-E2FC-4590-9D12-47537A68E628}\MpKsl008e3d2c.sys []
S1 MpKsl2b4cd784;MpKsl2b4cd784; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3BFBEAF7-E2FC-4590-9D12-47537A68E628}\MpKsl2b4cd784.sys []
S1 MpKsl4ec3fd16;MpKsl4ec3fd16; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3BFBEAF7-E2FC-4590-9D12-47537A68E628}\MpKsl4ec3fd16.sys []
S1 rdtbxwru;rdtbxwru; \??\C:\WINDOWS\system32\drivers\rdtbxwru.sys []
S1 seulfccp;seulfccp; \??\C:\WINDOWS\system32\drivers\seulfccp.sys []
S1 sjqbpqmf;sjqbpqmf; \??\C:\WINDOWS\system32\drivers\sjqbpqmf.sys []
S1 smfxmzey;smfxmzey; \??\C:\WINDOWS\system32\drivers\smfxmzey.sys []
S3 77835F2D;77835F2D; \??\C:\ProgramData\001336AD_S_tvn []
S3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth Stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2013-08-22 131584]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth Hands-Free; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2013-08-22 32640]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2013-08-22 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 busenum;@oem4.inf,%SvcDesc%;SteelBusSvc; C:\WINDOWS\System32\drivers\SteelBus64.sys [2013-10-30 140800]
S3 ccSet_NARA;NARA Settings Manager; C:\WINDOWS\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [2012-05-25 168608]
S3 EraserUtilDrv11311;EraserUtilDrv11311; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11311.sys []
S3 EraserUtilDrv11410;EraserUtilDrv11410; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11410.sys []
S3 ESEADriver2;ESEADriver2; \??\C:\Users\Cullen\AppData\Local\Temp\ESEADriver2.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 intaud_WaveExtensible;@oem40.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys []
S3 IntcDAud;@oem3.inf,%IntcDAud.SvcDesc%;Intel® Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-04-26 442368]
S3 iwdbus;@oem55.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys []
S3 netr28ux;@netr28ux.inf,%Generic.Service.DispName%;RT2870 USB Extensible Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\netr28ux.sys [2013-06-18 2408208]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-01-27 167424]
S3 ScreamBAudioSvc;@oem64.inf,%sbee_audio.SvcDesc%;ScreamBee Audio; C:\WINDOWS\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2014-02-05 16152]
S3 tap0901;@oem50.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2014-04-08 27136]
S3 taphss6;@oem69.inf,%DeviceDescription%;Anchorfree HSS VPN Adapter; C:\WINDOWS\system32\DRIVERS\taphss6.sys [2014-05-16 42184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-10-16 3487248]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-10-16 298080]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2012-12-07 39424]
R2 DragonSvc;Dragon Service; C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2013-10-15 311184]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-04 1149760]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-11-03 2530128]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-03-22 15344]
R2 IISADMIN;@%windir%\system32\inetsrv\iisres.dll,-30007; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2014-04-04 16896]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
R2 Intel® ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-03-12 131544]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2013-03-12 169432]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-10-21 417552]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2013-03-12 366552]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [2013-04-23 160768]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2013-02-07 154112]
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2014-01-23 11936560]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe [2012-08-13 123320]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-04 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-10-04 19440960]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-10-29 935232]
R2 PCCUJobMgr;Common Client Job Manager Service; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe [2012-08-13 126392]
R2 PingzapperSvc;Pingzapper Service; C:\Program Files (x86)\Pingzapper\PZService.exe [2012-06-11 679424]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2014-07-14 76152]
R2 RosettaStoneDaemon;RosettaStoneDaemon; C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2012-06-19 1646608]
R2 RzKLService;RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [2014-08-28 105448]
R2 RzMaelstromVADStreamingService;Razer Surround Audio Service; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [2014-06-09 4250624]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-07-02 5037888]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-08 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-20 267440]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-09 50784]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 cphs;Intel® Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-10-03 279952]
S3 EasyAntiCheat;EasyAntiCheat; C:\WINDOWS\syswow64\EasyAntiCheat.exe [2014-09-04 175136]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-06-02 1045256]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-02 43696]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-07-25 139776]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-08 116648]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S3 iumsvc;Intel® Update Manager; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-23 114288]
S3 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2013-01-28 4230016]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-11-04 1900400]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-10-21 833728]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-07-25 126976]
S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\WINDOWS\System32\tlntsvr.exe [2014-04-04 146944]

-----------------EOF-----------------

 

 

 



BC AdBot (Login to Remove)

 


#2 ComputersBeatMe

ComputersBeatMe
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:36 AM

Posted 11 November 2014 - 03:25 PM

Bump



#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 AM

Posted 12 November 2014 - 12:10 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/555053 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 ComputersBeatMe

ComputersBeatMe
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:36 AM

Posted 15 November 2014 - 01:58 PM

I still need help and I cant run DDS as i have stated



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,724 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:36 AM

Posted 15 November 2014 - 04:59 PM

Greetings ComputersBeatMe and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop <<< Important
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,724 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:36 AM

Posted 18 November 2014 - 10:11 PM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,724 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:36 AM

Posted 20 November 2014 - 02:51 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users