Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My computer acting funky after unsecured wifi connection


  • This topic is locked This topic is locked
3 replies to this topic

#1 Inalienable

Inalienable

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:43 PM

Posted 07 June 2015 - 04:15 PM

There's an unsecured wifi in my neighbourhood that keeps automaticly connecting no matter what I did until I applied a wifi block filter, the computer has also been increasingly acting stranger, and I've gotten attack warnings in my firewall log. I've tried multiple scanners but all of them turn up empty. I suspect my svchost.exe might be compromised because it sends multiple port 135 requests per second, which luckily gets blocked by my firewall. I'd really appreciate if you could have a look! I hope I'm just being paranoid.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-06-2015
Ran by Inalienable (administrator) on HIDDENTRUTHS on 07-06-2015 23:12:53
Running from C:\Users\Inalienable\Desktop
Loaded Profiles: Inalienable (Available Profiles: Inalienable & DefaultAppPool)
Platform: Windows 8.1 (X64) OS Language: Norsk, bokmål (Norge)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(iS3, Inc.) C:\Program Files (x86)\STOPzilla\SZServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(ThreatTrack Security, Inc.) C:\Program Files (x86)\STOPzilla\SBAMSvc.exe
(iS3, Inc.) C:\Program Files (x86)\STOPzilla\STOPzilla.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [BullGuard] => C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe [1333032 2015-05-29] (BullGuard Ltd.)
HKLM\...\Run: [BullGuardUpdate2] => c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [2854184 2015-05-29] (BullGuard Ltd.)
HKU\S-1-5-21-614531655-1242924444-2404604625-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN Client.exe [17153024 2015-06-05] (NordVPN Inc.)
Startup: C:\Users\Inalienable\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-01-15] ()
ShellIconOverlayIdentifiers: [BackupOverlayErr] -> {8749448C-D907-45BF-A842-4D3898894AC8} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2015-05-29] (BullGuard Ltd.)
ShellIconOverlayIdentifiers: [BackupOverlayInProgress] -> {3FFBF330-7839-476B-BE14-2C8597CE11B6} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2015-05-29] (BullGuard Ltd.)
ShellIconOverlayIdentifiers: [BackupOverlaySynced] -> {C62CF4DB-48CB-4B03-BFD0-30A29125FA49} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2015-05-29] (BullGuard Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-614531655-1242924444-2404604625-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/nb-no/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{1D5FA079-E200-4775-9A52-7D9AA7CFB2BD}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{48393B22-36CC-4FD4-BFDF-FD3C55DC732B}: [NameServer] 198.7.63.141,78.46.223.24
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-04-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF HKLM-x32\...\Firefox\Extensions: [antiphishing@bullguard] - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard

Chrome:
=======
CHR Profile: C:\Users\Inalienable\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\Inalienable\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-07]
CHR Extension: (Google Wallet) - C:\Users\Inalienable\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2015-01-10] ()
R2 BsBackup; C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll [901928 2015-05-29] (BullGuard Ltd.)
R2 BsBhvScan; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [605480 2015-05-29] (BullGuard Ltd.)
R2 BsCache; C:\Program Files\BullGuard Ltd\BullGuard\BsCache.dll [160552 2015-05-29] (BullGuard Ltd.)
R2 BsFileScan; c:\program files\bullguard ltd\bullguard\BsFileScan.dll [439592 2015-05-29] (BullGuard Ltd.)
R2 BsFire; c:\program files\bullguard ltd\bullguard\BsFire.dll [761640 2015-05-29] (BullGuard Ltd.)
R2 BsMailProxy; c:\program files\bullguard ltd\bullguard\BsMailProxy\BsMailProxy.dll [1404712 2015-05-29] (BullGuard Ltd.)
R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [553256 2015-05-29] (BullGuard Ltd.)
R2 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [284968 2015-05-29] (BullGuard Ltd.)
R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [387368 2015-05-29] (BullGuard Ltd.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [174112 2014-12-08] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R3 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
R2 SBAMSvc; C:\Program Files (x86)\STOPzilla\SBAMSvc.exe [3937472 2014-01-07] (ThreatTrack Security, Inc.)
R2 sz7; C:\Program Files (x86)\STOPzilla\SZServer.exe [1592624 2015-04-06] (iS3, Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2015-03-05] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2015-03-05] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AFW; C:\Windows\system32\DRIVERS\afw.sys [41680 2014-10-28] (Agnitum Ltd.)
R3 afwcore; C:\Windows\system32\DRIVERS\afwcore.sys [469712 2014-10-28] (Agnitum Ltd.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R1 BdAgent; C:\Windows\System32\DRIVERS\BdAgent.sys [117184 2014-10-28] (BullGuard Ltd.)
R3 BdNet; C:\Windows\system32\DRIVERS\BdNet.sys [34384 2014-10-28] (BullGuard Ltd.)
R1 BdSpy; C:\Windows\System32\drivers\BdSpy.sys [67680 2014-10-28] (BullGuard Ltd.)
S3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [459544 2014-06-12] (Intel Corporation)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-07] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
R1 NovaShieldFilterDriver; C:\Windows\System32\DRIVERS\NSKernel.sys [269088 2015-05-29] (BullGuard Ltd.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-05-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [88928 2013-10-01] (ThreatTrack Security, Inc.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-03-17] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 23:06 - 2015-06-07 23:12 - 00013074 _____ C:\Users\Inalienable\Desktop\FRST.txt
2015-06-07 22:29 - 2015-06-07 22:29 - 00000000 ____D C:\Users\Inalienable\AppData\Roaming\WinRAR
2015-06-07 22:29 - 2015-06-07 22:29 - 00000000 ____D C:\Users\Inalienable\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-07 22:29 - 2015-06-07 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-07 22:29 - 2015-06-07 22:29 - 00000000 ____D C:\Program Files\WinRAR
2015-06-07 22:28 - 2015-06-07 22:28 - 01939560 _____ C:\Users\Inalienable\Downloads\winrar-x64-521.exe
2015-06-07 21:20 - 2015-06-07 21:20 - 00000000 _____ C:\Users\Inalienable\Downloads\Nytt tekstdokument.txt
2015-06-07 21:00 - 2015-06-07 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
2015-06-07 21:00 - 2015-06-07 21:00 - 00000000 ____D C:\Program Files (x86)\Cobian Backup 11
2015-06-07 20:54 - 2015-06-07 20:54 - 19709440 _____ (Luis Cobian, CobianSoft) C:\Users\Inalienable\Downloads\cbSetup.exe
2015-06-07 20:47 - 2015-06-07 23:01 - 00000000 ____D C:\Users\Inalienable\AppData\Roaming\vlc
2015-06-07 20:47 - 2015-06-07 20:47 - 00001089 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-06-07 20:47 - 2015-06-07 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-06-07 20:46 - 2015-06-07 20:46 - 28849904 _____ C:\Users\Inalienable\Downloads\vlc-2.2.1-win32.exe
2015-06-07 20:22 - 2015-06-07 20:22 - 00931408 _____ (Google Inc.) C:\Users\Inalienable\Downloads\ChromeSetup.exe
2015-06-07 19:33 - 2013-09-04 14:57 - 00031264 _____ (ThreatTrack Security) C:\windows\system32\Drivers\gfiutil.sys
2015-06-07 19:33 - 2013-05-23 08:39 - 00041032 _____ (ThreatTrack Security) C:\windows\system32\Drivers\gfiark.sys
2015-06-07 19:31 - 2015-06-07 19:31 - 00000521 _____ C:\Users\Inalienable\Desktop\prot.txt
2015-06-07 19:30 - 2015-06-07 19:31 - 00000521 _____ C:\Users\Inalienable\Desktop\Nytt tekstdokument (12).txt
2015-06-07 19:27 - 2015-06-07 22:40 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-06-07 19:27 - 2015-06-07 19:33 - 00000000 ____D C:\Program Files (x86)\STOPzilla
2015-06-07 19:27 - 2015-06-07 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOPzilla
2015-06-07 19:27 - 2013-10-01 16:31 - 00260816 _____ (GFI Software) C:\windows\system32\Drivers\SbFw.sys
2015-06-07 19:27 - 2013-10-01 16:31 - 00063184 _____ (GFI Software) C:\windows\system32\Drivers\sbhips.sys
2015-06-07 19:27 - 2013-03-26 15:58 - 00120608 _____ (GFI Software) C:\windows\system32\Drivers\SbFwIm.sys
2015-06-07 19:26 - 2015-06-07 19:26 - 02042328 _____ (iS3, Inc.) C:\Users\Inalienable\Downloads\STOPzillaPRO_Downloader.exe
2015-06-07 18:14 - 2015-06-07 18:14 - 00377168 _____ C:\windows\Minidump\060715-15281-01.dmp
2015-06-07 17:37 - 2015-06-07 17:37 - 00000000 ____D C:\Program Files (x86)\ESET
2015-06-07 05:50 - 2015-06-07 22:34 - 01516694 _____ C:\windows\WindowsUpdate.log
2015-06-07 05:50 - 2015-06-07 20:40 - 00000000 ___RD C:\Users\Inalienable\OneDrive
2015-06-07 05:49 - 2015-06-07 20:40 - 00000696 _____ C:\windows\setupact.log
2015-06-07 05:49 - 2015-06-07 05:49 - 00000000 _____ C:\windows\setuperr.log
2015-06-07 05:48 - 2015-06-07 20:39 - 00003408 _____ C:\windows\PFRO.log
2015-06-07 02:02 - 2015-06-07 02:02 - 00002810 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2015-06-07 02:02 - 2015-06-07 02:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-07 02:02 - 2015-06-07 02:02 - 00000000 ____D C:\Program Files\CCleaner
2015-06-07 01:15 - 2015-06-07 01:15 - 00001100 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-06-07 01:15 - 2015-06-07 01:15 - 00000000 ____D C:\Users\Inalienable\AppData\Local\VS Revo Group
2015-06-07 01:15 - 2015-06-07 01:15 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-06-07 01:15 - 2015-06-07 01:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-06-07 01:15 - 2015-06-07 01:15 - 00000000 ____D C:\Program Files\VS Revo Group
2015-06-07 01:15 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\windows\system32\Drivers\revoflt.sys
2015-06-07 00:48 - 2015-06-07 00:52 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-07 00:46 - 2015-06-07 00:52 - 00000000 ____D C:\Users\Inalienable\Desktop\mbar
2015-06-07 00:23 - 2015-06-07 06:21 - 00037624 _____ C:\windows\system32\Drivers\TrueSight.sys
2015-06-07 00:23 - 2015-06-07 00:26 - 00000000 ____D C:\ProgramData\RogueKiller
2015-06-07 00:20 - 2015-06-07 00:21 - 00000000 ____D C:\Users\Inalienable\Desktop\Ny mappe
2015-06-07 00:13 - 2015-06-07 00:15 - 00000000 ____D C:\AdwCleaner
2015-06-06 23:55 - 2015-06-07 23:12 - 00000000 ____D C:\FRST
2015-06-06 23:54 - 2015-06-06 23:54 - 02108928 _____ (Farbar) C:\Users\Inalienable\Downloads\FRST64.exe
2015-06-06 23:54 - 2015-06-06 23:54 - 02108928 _____ (Farbar) C:\Users\Inalienable\Desktop\FRST64.exe
2015-06-06 23:33 - 2015-06-07 00:13 - 00000221 _____ C:\Users\Inalienable\Desktop\aeristochrat.txt
2015-06-06 23:28 - 2015-06-06 23:29 - 00000017 _____ C:\Users\Inalienable\Desktop\hmacadress.txt
2015-06-06 23:27 - 2015-06-06 23:27 - 00000031 _____ C:\Users\Inalienable\Desktop\adress.txt
2015-06-06 23:01 - 2015-06-06 23:01 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Inalienable\Desktop\revosetup.exe
2015-06-05 19:34 - 2015-06-05 19:34 - 00000000 _____ C:\Users\Inalienable\Desktop\Nytt tekstdokument (11).txt
2015-06-05 15:00 - 2015-06-05 15:00 - 02442208 _____ (IO3O LLC ) C:\Users\Inalienable\Downloads\mywifi (1).exe
2015-06-05 15:00 - 2015-06-05 15:00 - 00002130 _____ C:\Users\Public\Desktop\Who Is On My Wifi.lnk
2015-06-05 15:00 - 2015-06-05 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Who Is On My Wifi
2015-06-05 14:36 - 2015-06-05 14:37 - 00000000 ____D C:\Program Files\NordVPN
2015-06-05 14:36 - 2015-06-05 14:36 - 00040664 _____ (The OpenVPN Project) C:\windows\system32\Drivers\tap0901.sys
2015-06-05 14:36 - 2015-06-05 14:36 - 00001032 _____ C:\Users\Public\Desktop\NordVPN.lnk
2015-06-05 14:36 - 2015-06-05 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\NordVPN
2015-06-05 13:26 - 2015-06-05 13:26 - 00000024 _____ C:\Users\Inalienable\Desktop\pi.txt
2015-06-04 05:24 - 2015-06-04 05:25 - 00000000 ____D C:\Users\Inalienable\Downloads\ipv6 fixit
2015-06-04 04:10 - 2015-06-04 04:10 - 01114112 _____ C:\Users\Inalienable\Downloads\MicrosoftFixit50440.msi
2015-06-04 04:01 - 2015-06-04 04:01 - 01112064 _____ C:\Users\Inalienable\Downloads\MicrosoftFixit50409.msi
2015-06-04 01:40 - 2015-06-04 02:43 - 00000942 _____ C:\Users\Inalienable\Desktop\editsnet.txt
2015-06-02 22:08 - 2015-06-02 22:08 - 00002156 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-06-02 22:08 - 2015-05-28 05:52 - 00571024 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvStreaming.exe
2015-06-02 22:07 - 2015-05-28 09:04 - 42719888 _____ C:\windows\system32\nvcompiler.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 37741712 _____ C:\windows\SysWOW64\nvcompiler.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2015-06-02 22:07 - 2015-05-28 09:04 - 02986392 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6435306.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6435306.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 00878816 _____ C:\windows\system32\nvmcumd.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 00503408 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 00408208 _____ (NVIDIA Corporation) C:\windows\system32\NvIFROpenGL.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 00407112 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 00364176 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFROpenGL.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 00195912 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvhda64v.sys
2015-06-02 22:07 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 00117576 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcaparm.dll
2015-06-02 22:07 - 2015-05-28 09:04 - 00039056 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvadarm.sys
2015-06-02 22:07 - 2015-05-28 09:04 - 00031552 _____ (NVIDIA Corporation) C:\windows\system32\nvhdap64.dll
2015-06-02 21:54 - 2015-06-02 21:54 - 05666867 _____ C:\Users\Inalienable\Downloads\Dr_USB_N53_10140_Windows.zip
2015-06-02 21:54 - 2015-06-02 21:54 - 00000000 ____D C:\Users\Inalienable\Downloads\Dr_USB_N53_10140_Windows
2015-06-02 21:18 - 2015-06-02 21:18 - 00000054 _____ C:\windows\system32\interface
2015-06-02 21:17 - 2015-06-02 21:17 - 00000060 _____ C:\windows\system32\show
2015-06-02 21:01 - 2015-06-02 22:17 - 00000000 ____D C:\windows\LastGood.Tmp
2015-06-02 21:01 - 2015-06-02 21:01 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-02 21:01 - 2015-04-03 15:21 - 00048784 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2015-06-02 21:01 - 2015-04-03 15:21 - 00038032 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2015-06-01 07:22 - 2015-06-01 07:22 - 00000000 ____D C:\Users\Inalienable\Downloads\Game.of.thrones.S05E08.hdtv.XviD-AFG
2015-06-01 07:20 - 2015-06-01 07:20 - 00010461 _____ C:\Users\Inalienable\Downloads\Game.of.thrones.S05E08.hdtv.XviD-AFG [IPT].torrent
2015-06-01 07:08 - 2015-06-01 07:08 - 00000000 ____D C:\Users\Inalienable\AppData\Local\GWX
2015-05-30 09:48 - 2015-05-30 09:48 - 00000000 ____D C:\Users\Inalienable\AppData\Roaming\Wireshark
2015-05-30 01:21 - 2015-05-30 01:21 - 00001567 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2015-05-30 01:21 - 2015-05-30 01:21 - 00000000 ____D C:\Program Files\Wireshark
2015-05-30 00:47 - 2015-05-30 00:48 - 29840448 _____ (Wireshark development team) C:\Users\Inalienable\Downloads\Wireshark-win64-1.12.5.exe
2015-05-29 22:44 - 2015-05-29 22:43 - 00169672 _____ (BullGuard Ltd.) C:\windows\system32\BgGamingMonitor.dll
2015-05-29 22:44 - 2015-05-29 22:43 - 00148024 _____ (BullGuard Ltd.) C:\windows\SysWOW64\BgGamingMonitor.dll
2015-05-29 22:44 - 2015-05-29 22:43 - 00076584 _____ (BullGuard Ltd.) C:\windows\system32\BGLsp.dll
2015-05-29 22:44 - 2015-05-29 22:43 - 00061736 _____ (BullGuard Ltd.) C:\windows\SysWOW64\BGLsp.dll
2015-05-29 04:02 - 2015-05-29 04:02 - 00000000 ____D C:\Users\Inalienable\Documents\Telltale Games
2015-05-28 01:53 - 2015-05-29 04:33 - 838437843 ____R C:\Users\Inalienable\Downloads\Silver Linings Playbook (2012) BluRay 720p 800MB Ganool.mkv
2015-05-28 01:28 - 2015-05-28 01:41 - 735055872 ____R C:\Users\Inalienable\Downloads\Warm Bodies (2013) BDRip XviD-MeRCuRY.avi
2015-05-28 01:26 - 2015-05-28 01:26 - 00014419 _____ C:\Users\Inalienable\Downloads\Warm Bodies (2013) BDRip XviD-MeRCuRY.avi [IPT].torrent
2015-05-27 23:18 - 2015-05-28 00:32 - 00003030 _____ C:\Users\Inalienable\Desktop\Nytt tekstdokument (9).txt
2015-05-27 22:07 - 2015-05-27 22:07 - 00016506 _____ C:\Users\Inalienable\Downloads\Silver Linings Playbook (2012) BluRay 720p 800MB Ganool.mkv [IPT].torrent
2015-05-27 22:06 - 2015-05-28 01:52 - 00000000 ____D C:\Users\Inalienable\Downloads\Black Swan {2010} 720p BRRip x264 - HDMiCRO
2015-05-27 22:05 - 2015-05-27 22:05 - 00014473 _____ C:\Users\Inalienable\Downloads\Black Swan {2010} 720p BRRip x264 - HDMiCRO [IPT].torrent
2015-05-27 11:55 - 2015-05-27 12:11 - 00000000 ____D C:\Users\Inalienable\Downloads\American.Hustle.(2013).BRRip.720p.x264.AC3.DPL2(REMUX)-theboss
2015-05-27 11:37 - 2015-05-27 11:37 - 00025759 _____ C:\Users\Inalienable\Downloads\American.Hustle.(2013).BRRip.720p.x264.AC3.DPL2(REMUX)-theboss [IPT].torrent
2015-05-27 11:35 - 2015-05-27 11:35 - 00056953 _____ C:\Users\Inalienable\Downloads\Call.Me.Crazy.A.Five.Film.2013.HDRip.XviD-AQOS [IPT].torrent
2015-05-27 10:55 - 2015-05-27 10:55 - 00015239 _____ C:\Users\Inalienable\Downloads\It's.Kind.Of.A.Funny.Story.2010.720p.BRRip.XviD.AC3-FLAWL3SS [IPT].torrent
2015-05-27 10:37 - 2015-05-27 10:37 - 00011693 _____ C:\Users\Inalienable\Downloads\It's Kind of a Funny Story 2010 720p BRRip x264 [Hindi-Eng] AAC - [SnowDoN-IcTv] [IPT].torrent
2015-05-25 07:20 - 2015-05-25 07:50 - 1821595366 ____R C:\Users\Inalienable\Downloads\Game.of.Thrones.S05E07.720p.HDTV.x264-TOPKEK.mkv
2015-05-25 07:20 - 2015-05-25 07:20 - 00002567 _____ C:\Users\Inalienable\Downloads\Game.of.Thrones.S05E07.720p.HDTV.x264-TOPKEK [IPT].torrent
2015-05-25 07:18 - 2015-05-25 07:18 - 00095639 _____ C:\Users\Inalienable\Downloads\Game.of.Thrones.S05E07.720p.HDTV.x264-IMMERSE [IPT].torrent
2015-05-24 16:28 - 2015-05-24 16:28 - 00000000 ____D C:\Users\Inalienable\Downloads\The.Blacklist.S01-S02.720p.WEB.DL.DD5.1.x264-ITSat
2015-05-24 16:26 - 2015-05-24 16:26 - 00062917 _____ C:\Users\Inalienable\Downloads\The.Blacklist.S01-S02.720p.WEB.DL.DD5.1.x264-ITSat [IPT].torrent
2015-05-23 01:29 - 2015-05-23 01:29 - 00000000 ____D C:\Users\Inalienable\AppData\Local\Ndemic Creations
2015-05-21 06:42 - 2015-05-21 06:42 - 00000336 _____ C:\Users\Inalienable\Desktop\Nytt tekstdokument (8).txt
2015-05-21 05:05 - 2015-05-21 05:05 - 00007147 _____ C:\Users\Inalienable\Downloads\Supernatural.S10E23.HDTV.XviD-AFG [IPT].torrent
2015-05-20 16:22 - 2015-05-20 16:22 - 00139773 _____ C:\Users\Inalienable\Downloads\Vikings.S03.720p.WEB-DL.DD5.1 H.264-BS [IPT].torrent
2015-05-20 13:47 - 2015-05-20 14:04 - 00000112 _____ C:\Users\Inalienable\Desktop\Nytt tekstdokument (6).txt
2015-05-20 11:08 - 2015-05-20 11:08 - 00015136 _____ C:\Users\Inalienable\Downloads\Ex.Machina.2015.DVDRip.XviD.AC3-EVO [IPT] (1).torrent
2015-05-20 00:32 - 2015-05-20 00:32 - 00000000 ____D C:\Users\Inalienable\AppData\Local\CAPCOM
2015-05-19 23:57 - 2015-06-07 06:46 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-19 23:57 - 2015-06-07 00:46 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-05-19 23:57 - 2015-05-19 23:57 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Inalienable\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-19 23:57 - 2015-05-19 23:57 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-19 23:57 - 2015-05-19 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-19 23:57 - 2015-05-19 23:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-05-19 23:57 - 2015-05-19 23:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-19 23:57 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-05-19 23:57 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-05-19 23:11 - 2015-06-07 04:01 - 00000000 ____D C:\wifidata
2015-05-19 23:11 - 2015-05-19 23:11 - 00000000 ____D C:\Program Files (x86)\IO3O LLC
2015-05-19 23:10 - 2015-05-19 23:11 - 02442208 _____ (IO3O LLC ) C:\Users\Inalienable\Downloads\mywifi.exe
2015-05-19 23:06 - 2015-05-19 23:23 - 69144360 _____ (Spiceworks, Inc.) C:\Users\Inalienable\Downloads\Spiceworks.exe
2015-05-19 22:53 - 2015-05-19 22:55 - 20119552 _____ (Insecure.org) C:\Users\Inalienable\Downloads\nmap-6.47-setup.exe
2015-05-19 10:27 - 2015-05-19 10:27 - 00000792 _____ C:\Users\Inalienable\Downloads\Game.of.Thrones.S05E06.HDTV.XviD-FUM.avi [IPT].torrent
2015-05-15 18:20 - 2015-05-15 18:20 - 00015136 _____ C:\Users\Inalienable\Downloads\Ex.Machina.2015.DVDRip.XviD.AC3-EVO [IPT].torrent
2015-05-14 21:44 - 2015-05-14 21:44 - 00007147 _____ C:\Users\Inalienable\Downloads\Supernatural.S10E22.HDTV.XviD-AFG [IPT].torrent
2015-05-13 03:06 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 03:06 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 01:05 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-05-13 01:05 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-05-13 01:05 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-05-13 01:05 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-05-13 01:05 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ahcache.sys
2015-05-13 01:05 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2015-05-13 01:05 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\windows\system32\Drivers\bthhfenum.sys
2015-05-13 01:05 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Input.Inking.dll
2015-05-13 01:05 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 01:05 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers.dll
2015-05-13 01:04 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-05-13 01:04 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-05-13 01:04 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-05-13 01:04 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-05-13 01:04 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-05-13 01:04 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-05-13 01:04 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-05-13 01:04 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-05-13 01:04 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-05-13 01:04 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2015-05-13 01:04 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-05-13 01:04 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-05-13 01:04 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-05-13 01:04 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-05-13 01:04 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-05-13 01:04 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-05-13 01:04 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-05-13 01:04 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-05-13 01:04 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-05-13 01:04 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-05-13 01:04 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-05-13 01:04 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-05-13 01:04 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-05-13 01:04 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-05-13 01:04 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-05-13 01:04 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2015-05-13 01:04 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-05-13 01:04 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-05-13 01:04 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-05-13 01:04 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-05-13 01:04 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-05-13 01:04 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-05-13 01:04 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-05-13 01:04 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-05-13 01:04 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-05-13 01:04 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-05-13 01:04 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-05-13 01:04 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-05-13 01:04 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-05-13 01:04 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-05-13 01:04 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-05-13 01:04 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-05-13 01:04 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-05-13 01:04 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-05-13 01:04 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-05-13 01:04 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\PhotoMetadataHandler.dll
2015-05-13 01:04 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 01:04 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbgeng.dll
2015-05-13 01:04 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\windows\system32\dbgeng.dll
2015-05-13 01:04 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\windows\system32\dbghelp.dll
2015-05-13 01:04 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbghelp.dll
2015-05-13 01:04 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-05-13 01:04 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-05-13 01:04 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-05-13 01:04 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-05-13 01:04 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2015-05-13 01:04 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2015-05-13 01:04 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2015-05-13 01:04 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\windows\system32\SRH.dll
2015-05-13 01:04 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\SRH.dll
2015-05-13 01:04 - 2015-03-13 02:29 - 00410017 _____ C:\windows\system32\ApnDatabase.xml
2015-05-13 01:04 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-05-13 01:04 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2015-05-13 01:04 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-05-13 01:04 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\windows\system32\wevtsvc.dll
2015-05-13 01:04 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2015-05-13 01:04 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-05-13 01:04 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2015-05-11 16:35 - 2015-05-11 16:35 - 00007147 _____ C:\Users\Inalienable\Downloads\Supernatural.S10E21.HDTV.XviD-AFG [IPT].torrent
2015-05-11 06:03 - 2015-05-11 06:03 - 00011926 _____ C:\Users\Inalienable\Downloads\Game of Thrones S05E05 720p HDTV AAC x264-PSYPHER.mkv [IPT].torrent
2015-05-10 17:17 - 2015-05-10 17:17 - 00008477 _____ C:\Users\Inalienable\Downloads\Game.Of.Thrones.S05E04.PROPER.HDTV.XviD-AFG [IPT].torrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 23:12 - 2015-01-11 06:47 - 00000000 ____D C:\ProgramData\BullGuard
2015-06-07 23:02 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\sru
2015-06-07 21:39 - 2014-12-08 14:03 - 00003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-614531655-1242924444-2404604625-1001
2015-06-07 21:36 - 2014-12-08 14:04 - 00000000 ____D C:\Users\Inalienable\AppData\Local\Deployment
2015-06-07 21:34 - 2014-12-08 14:04 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-07 20:53 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness
2015-06-07 20:47 - 2014-12-09 04:44 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-06-07 20:47 - 2014-11-21 18:29 - 00542322 _____ C:\windows\system32\perfh014.dat
2015-06-07 20:47 - 2014-11-21 18:29 - 00113080 _____ C:\windows\system32\perfc014.dat
2015-06-07 20:47 - 2014-03-18 12:03 - 01638968 _____ C:\windows\system32\PerfStringBackup.INI
2015-06-07 20:40 - 2014-12-04 09:52 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-07 20:40 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-06-07 20:39 - 2015-01-11 06:54 - 00310872 _____ C:\windows\system32\config\afw_db.conf
2015-06-07 20:39 - 2015-01-11 06:54 - 00000180 _____ C:\windows\system32\config\afw_hm.conf
2015-06-07 20:39 - 2013-08-22 15:25 - 00786432 ___SH C:\windows\system32\config\BBI
2015-06-07 20:36 - 2014-12-08 13:58 - 00000000 ____D C:\Users\Inalienable
2015-06-07 18:41 - 2015-01-15 14:04 - 00000000 ____D C:\Users\Inalienable\AppData\Local\Battle.net
2015-06-07 18:14 - 2014-12-11 07:39 - 00000000 ____D C:\windows\Minidump
2015-06-07 04:12 - 2015-01-11 06:48 - 00000000 ____D C:\Users\Inalienable\AppData\Roaming\BullGuard
2015-06-07 03:44 - 2014-11-21 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-07 03:44 - 2014-11-21 18:40 - 00000000 ____D C:\Program Files\Java
2015-06-07 02:47 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\NDF
2015-06-07 02:32 - 2014-12-08 18:32 - 00000000 ____D C:\Users\Inalienable\AppData\Roaming\uTorrent
2015-06-07 02:32 - 2014-12-08 14:06 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-07 02:01 - 2014-11-21 18:40 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-06 21:48 - 2014-12-08 18:46 - 00000000 ____D C:\Users\Inalienable\AppData\Local\Spotify
2015-06-06 21:41 - 2014-12-08 18:45 - 00000000 ____D C:\Users\Inalienable\AppData\Roaming\Spotify
2015-06-06 21:28 - 2015-02-11 06:13 - 00000000 ____D C:\Users\Inalienable\AppData\Roaming\TS3Client
2015-06-05 20:33 - 2015-05-06 01:41 - 00000188 _____ C:\Users\Inalienable\Desktop\ip.txt
2015-06-05 19:58 - 2014-12-08 14:36 - 00000000 ____D C:\Users\Inalienable\AppData\Roaming\Mumble
2015-06-02 22:22 - 2014-12-04 00:51 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-06-02 22:20 - 2014-12-12 15:50 - 00000000 ____D C:\ProgramData\Ralink
2015-06-02 22:08 - 2014-12-04 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-02 22:08 - 2014-12-04 09:52 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-01 12:28 - 2015-04-15 06:36 - 00000080 _____ C:\Users\Inalienable\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-05-29 22:43 - 2015-02-24 15:27 - 00269088 _____ (BullGuard Ltd.) C:\windows\system32\Drivers\NSKernel.sys
2015-05-29 22:38 - 2014-11-21 18:39 - 00000000 ____D C:\ProgramData\Package Cache
2015-05-28 09:04 - 2015-04-14 16:35 - 14987528 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2015-05-28 09:04 - 2015-01-31 22:35 - 01558848 _____ (NVIDIA Corporation) C:\windows\system32\nvhdagenco6420103.dll
2015-05-28 09:04 - 2015-01-08 14:19 - 15864064 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2015-05-28 09:04 - 2014-12-04 09:52 - 17486856 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2015-05-28 09:04 - 2014-12-04 09:52 - 12852152 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2015-05-28 09:04 - 2014-12-04 09:52 - 03379680 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2015-05-28 09:04 - 2014-12-04 09:52 - 01557832 _____ (NVIDIA Corporation) C:\windows\system32\nvmcvadgenco64.dll
2015-05-28 09:04 - 2014-12-04 09:52 - 00112968 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2015-05-28 09:04 - 2014-12-04 09:52 - 00105288 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2015-05-28 09:04 - 2014-12-04 09:52 - 00030966 _____ C:\windows\system32\nvinfo.pb
2015-05-28 06:15 - 2014-12-04 09:52 - 06872904 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2015-05-28 06:15 - 2014-12-04 09:52 - 03491984 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2015-05-28 06:15 - 2014-12-04 09:52 - 02558608 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2015-05-28 06:15 - 2014-12-04 09:52 - 00937288 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2015-05-28 06:15 - 2014-12-04 09:52 - 00385168 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2015-05-28 06:15 - 2014-12-04 09:52 - 00062608 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2015-05-27 12:48 - 2014-12-04 09:52 - 04408727 _____ C:\windows\system32\nvcoproc.bin
2015-05-24 16:25 - 2014-12-08 14:10 - 00000000 ____D C:\Users\Inalienable\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-23 03:47 - 2014-12-04 09:54 - 01756424 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2015-05-23 03:47 - 2014-12-04 09:54 - 01571696 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2015-05-23 03:47 - 2014-12-04 09:54 - 01320304 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2015-05-23 03:47 - 2014-12-04 09:54 - 01316000 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2015-05-22 18:59 - 2013-08-22 17:36 - 00000000 ____D C:\windows\rescache
2015-05-20 00:06 - 2015-04-04 07:13 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-05-20 00:06 - 2015-04-04 07:13 - 00000000 ___SD C:\windows\system32\GWX
2015-05-20 00:06 - 2013-08-22 17:20 - 00000000 ____D C:\windows\CbsTemp
2015-05-19 23:11 - 2014-12-08 13:58 - 00000000 ____D C:\Users\Inalienable\AppData\Local\VirtualStore
2015-05-14 11:22 - 2014-11-21 18:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 11:22 - 2014-11-21 18:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 11:22 - 2013-08-22 16:44 - 00337832 _____ C:\windows\system32\FNTCACHE.DAT
2015-05-14 03:56 - 2013-08-22 17:36 - 00000000 ___RD C:\windows\ImmersiveControlPanel
2015-05-14 03:56 - 2013-08-22 15:36 - 00000000 ____D C:\windows\system32\AdvancedInstallers
2015-05-13 01:13 - 2014-11-21 19:01 - 00000000 ____D C:\windows\system32\MRT
2015-05-13 01:11 - 2014-11-21 19:01 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-05-13 01:10 - 2014-11-21 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 01:09 - 2014-03-18 11:45 - 00000000 ____D C:\Program Files\Windows Journal

==================== Files in the root of some directories =======

2015-01-10 06:19 - 2015-02-08 10:11 - 0000099 _____ () C:\Users\Inalienable\AppData\Roaming\LauncherSettings_live.cfg
2015-03-06 02:36 - 2015-03-10 18:31 - 0000098 _____ () C:\Users\Inalienable\AppData\Roaming\theHunterPrimal_LauncherSettings_live.cfg
2015-03-06 00:00 - 2015-03-06 00:00 - 0000040 _____ () C:\Users\Inalienable\AppData\Roaming\TheHunterPrimevalSettings_live.cfg
2015-01-10 05:57 - 2015-01-14 04:44 - 0000040 _____ () C:\Users\Inalienable\AppData\Roaming\TheHunterSettings_steam_live.cfg
2014-12-08 15:13 - 2014-12-08 15:13 - 0000043 _____ () C:\Users\Inalienable\AppData\Roaming\WB.CFG
2015-03-13 05:01 - 2015-03-13 05:01 - 0003191 _____ () C:\Users\Inalienable\AppData\Local\recently-used.xbel

Some files in TEMP:
====================
C:\Users\Inalienable\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Inalienable\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_ecpyz.dll
C:\Users\Inalienable\AppData\Local\Temp\Quarantine.exe
C:\Users\Inalienable\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-05 13:37

==================== End of log ============================

Attached Files


Edited by Inalienable, 07 June 2015 - 07:04 PM.


BC AdBot (Login to Remove)

 


m

#2 Inalienable

Inalienable
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:43 PM

Posted 07 June 2015 - 04:29 PM

C:\Users\Inalienable\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 seems to be out of Place atleast.



#3 Inalienable

Inalienable
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:43 PM

Posted 10 June 2015 - 01:39 PM

Never mind, did a new clean install :)



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:43 AM

Posted 12 June 2015 - 08:20 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users