Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Constant redirects, pop-ups, unable to use internet at times [Solved]

Started by jbcteacher , Jul 06 2014 07:47 AM

  • This topic is locked This topic is locked

#1
jbcteacher
Posted 06 July 2014 - 07:47 AM

jbcteacher

    Member

  • Member
  • PipPipPip
  • 209 posts

Please help.  below is the OTL log.  Jarrett is a gamer, all computer downtime is felt throughout the house.  :-)  Thanks in advance!

 

 

OTL logfile created on: 7/6/2014 9:27:22 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jarrett\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.80 Gb Total Physical Memory | 3.90 Gb Available Physical Memory | 67.21% Memory free
23.80 Gb Paging File | 21.84 Gb Available in Paging File | 91.77% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.94 Gb Total Space | 114.07 Gb Free Space | 25.30% Space Free | Partition Type: NTFS
 
Computer Name: JARRETT | User Name: Jarrett | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/06 09:26:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jarrett\Downloads\OTL.exe
PRC - [2014/06/27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014/06/24 10:42:12 | 004,101,576 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014/06/24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014/06/21 15:05:08 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014/05/19 20:45:22 | 033,322,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jarrett\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/04/25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2014/03/26 09:19:30 | 000,108,032 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2012/08/24 00:24:38 | 002,435,728 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
PRC - [2012/08/23 02:24:38 | 000,259,136 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2012/08/23 02:24:10 | 000,533,568 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2012/08/22 18:04:22 | 000,025,232 | ---- | M] () -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
PRC - [2012/08/22 18:04:20 | 000,044,176 | ---- | M] () -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
PRC - [2012/08/21 22:36:54 | 000,473,712 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2012/08/21 22:36:52 | 001,176,176 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2012/08/21 22:36:52 | 000,348,784 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2012/08/01 03:08:36 | 000,081,536 | ---- | M] (Atheros) -- C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
PRC - [2012/07/17 17:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 17:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/07/04 13:57:44 | 000,990,320 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2012/06/25 13:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/06 09:24:20 | 000,043,008 | ---- | M] () -- c:\users\jarrett\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxllboe.dll
MOD - [2014/06/04 15:44:02 | 000,116,248 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll
MOD - [2014/05/13 12:04:48 | 000,167,768 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014/05/13 12:04:46 | 000,109,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014/05/13 12:04:42 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2014/02/18 19:33:47 | 012,436,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a673aacf407b499981342bb709cce917\System.Windows.Forms.ni.dll
MOD - [2014/02/18 19:33:38 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d76ae95d56d39a59f727f5518ac8e396\System.Drawing.ni.dll
MOD - [2014/02/17 17:52:52 | 007,993,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\20af51394609c937507288c2b1cf2c8c\System.ni.dll
MOD - [2014/02/17 17:52:37 | 011,499,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3de119146ed0e59408f896aa69cdfc42\mscorlib.ni.dll
MOD - [2014/01/02 21:09:26 | 003,610,624 | ---- | M] () -- C:\Users\Jarrett\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/08/23 15:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Jarrett\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012/08/23 02:26:10 | 000,465,384 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
MOD - [2012/08/22 18:04:22 | 000,025,232 | ---- | M] () -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
MOD - [2012/08/22 18:04:20 | 000,044,176 | ---- | M] () -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/06/03 15:47:16 | 000,706,864 | ---- | M] () [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe -- (LavasoftAdAwareService11)
SRV:64bit: - [2014/04/06 07:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/04/02 22:51:48 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/03/23 22:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/23 22:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/14 02:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 01:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 03:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/22 11:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 05:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 05:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 05:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 05:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/02/22 05:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/02/06 06:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/12/10 03:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/23 00:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 07:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 07:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 07:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 07:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 07:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 06:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 06:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 05:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 05:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 05:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 05:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 05:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 05:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 05:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 05:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/08/23 00:36:28 | 000,468,624 | ---- | M] (Acer Incorporated) [On_Demand | Stopped] -- C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe -- (DeviceFastLaneService)
SRV:64bit: - [2012/08/22 23:02:36 | 000,658,576 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2012/04/20 17:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2014/05/29 13:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/05/01 17:13:11 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/03/26 09:19:30 | 000,108,032 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2014/03/14 02:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/12/21 01:02:54 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 23:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 22:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012/09/12 22:16:49 | 000,093,296 | ---- | M] (Dritek System INC.) [Auto | Running] -- C:\Windows\RfBtnSvc64.exe -- (RfButtonDriverService)
SRV - [2012/08/24 00:24:38 | 002,435,728 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe -- (CCDMonitorService)
SRV - [2012/08/23 02:24:38 | 000,259,136 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2012/08/21 22:36:52 | 000,348,784 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2012/08/03 23:15:07 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/08/01 03:08:36 | 000,081,536 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2012/07/31 20:45:02 | 000,207,488 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/07/17 17:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 17:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/11 23:10:24 | 000,174,160 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2012/07/11 11:47:04 | 003,939,008 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2012/06/25 13:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/07/06 09:23:46 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/06/12 15:05:34 | 000,046,376 | ---- | M] (NetFilterSDK.com) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\netfilter64.sys -- (netfilter64)
DRV:64bit: - [2014/05/12 07:26:14 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/05/01 09:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/04/22 17:29:20 | 000,389,240 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Trufos.sys -- (Trufos)
DRV:64bit: - [2014/04/22 17:29:18 | 000,150,256 | ---- | M] (BitDefender LLC) [File_System | On_Demand | Running] -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys -- (gzflt)
DRV:64bit: - [2014/04/01 02:23:41 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/03/23 22:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/23 22:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/23 22:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/19 23:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 08:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 16:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/08 16:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/02/22 12:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 11:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 11:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 11:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 11:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/02/22 11:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 08:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/25 21:15:36 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/01/25 21:15:36 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/01/25 21:15:36 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/12/21 01:02:44 | 004,216,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/12/14 19:34:54 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/12/04 14:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/14 03:28:58 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/14 03:25:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/14 03:16:57 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/14 03:16:54 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 09:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 09:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 08:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 08:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 08:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 08:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 08:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 08:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 08:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 08:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 08:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 08:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 08:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 08:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 08:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 08:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 08:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 08:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 08:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 08:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 08:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 08:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 08:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 08:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 08:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 08:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 08:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 08:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 08:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 07:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 07:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 07:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 07:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 07:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 07:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 07:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 07:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 07:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 07:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 07:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 07:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 07:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 07:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 07:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 07:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 07:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 07:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 07:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 07:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 07:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 07:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 07:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 04:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 19:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 20:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 14:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 15:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 10:46:17 | 000,591,360 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/06/18 10:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/09/12 22:49:47 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2012/09/12 22:49:47 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2012/09/12 22:49:47 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2012/09/12 22:16:49 | 000,026,736 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aPs2Kb2Hid.sys -- (Ps2Kb2Hid)
DRV:64bit: - [2012/07/31 20:25:02 | 000,574,616 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012/07/31 20:24:58 | 000,135,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012/07/31 20:24:56 | 000,076,952 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012/07/31 20:24:52 | 000,178,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012/07/31 20:24:52 | 000,088,728 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012/07/31 20:24:50 | 000,344,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012/07/31 20:24:50 | 000,114,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012/07/09 16:43:12 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/07/02 18:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/19 11:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/13 22:23:58 | 000,294,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:64bit: - [2012/05/25 20:56:14 | 000,168,608 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NARAx64\0401000.00A\ccSetx64.sys -- (ccSet_NARA)
DRV:64bit: - [2012/04/20 20:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2010/07/09 15:51:38 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/04/20 14:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{4D4DCF81-0FD1-4FEA-8230-E7F4B9FE28DB}: "URL" = http://www.bing.com/...E10TR&pc=MAARJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect..._oid=23-03-2013
&tb_mrud=23-03-2013

IE - HKLM\..\SearchScopes\{4D4DCF81-0FD1-4FEA-8230-E7F4B9FE28DB}: "URL" = http://www.bing.com/...E10TR&pc=MAARJS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Jarrett\Downloads
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DF 66 43 AC 08 1A CF 01  [binary data]
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {E3040610-E4F8-481D-A526-D15A51AE82F4}
IE - HKCU\..\SearchScopes\{1B4F005E-22A0-4F9D-A06D-628D8F5CB4C3}: "URL" = http://us.yhs4.searc...669,0,IE10,7635
IE - HKCU\..\SearchScopes\{350C5A53-3327-4441-973B-E91F50D35F51}: "URL" = https://www.google.c...?q={searchTerms}
IE - HKCU\..\SearchScopes\{E3040610-E4F8-481D-A526-D15A51AE82F4}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
 
 
O1 HOSTS File: ([2014/07/04 20:16:22 | 000,450,709 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15469 more lines...
O2:64bit: - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
O3 - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [BtPreLoad] C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BakupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [LManager]  File not found
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - Startup: C:\Users\Jarrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jarrett\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}  (ExentInf Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F9A8803-D052-41B4-ACC8-05845BC38989}: DhcpNameServer = 192.15.128.24
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DDBED1A0-DA6F-4F8A-9B27-E3F5F87D2E6A}: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/06 09:04:34 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/06 09:04:05 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/07/06 09:04:05 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014/07/06 09:04:05 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/07/06 09:04:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/07/06 09:04:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/07/05 12:05:02 | 000,000,000 | ---D | C] -- C:\Users\Jarrett\Desktop\versions
[2014/07/05 12:05:02 | 000,000,000 | ---D | C] -- C:\Users\Jarrett\Desktop\assets
[2014/07/05 12:04:54 | 000,000,000 | ---D | C] -- C:\Users\Jarrett\Desktop\libraries
[2014/07/05 12:03:07 | 000,000,000 | ---D | C] -- C:\Users\Jarrett\AppData\Local\ftblauncher
[2014/07/04 20:08:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014/07/04 20:08:25 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\SysNative\sdnclean64.exe
[2014/07/04 20:08:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/07/04 20:08:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/07/04 11:26:53 | 000,000,000 | ---D | C] -- C:\Users\Jarrett\AppData\Roaming\Lavasoft
[2014/07/04 11:25:45 | 000,000,000 | ---D | C] -- C:\Users\Jarrett\AppData\Roaming\LavasoftStatistics
[2014/07/04 11:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2014/07/04 11:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014/07/04 11:24:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Search Protection
[2014/07/04 11:24:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2014/07/04 11:23:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2014/07/04 11:22:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/07/04 11:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/06/26 17:28:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\F55D3AAA-D50B-4549-BEEA-B406B01B5226
[2014/06/21 11:36:08 | 000,000,000 | ---D | C] -- C:\Users\Jarrett\AppData\Roaming\Publish Providers
[2014/06/21 11:33:00 | 000,000,000 | ---D | C] -- C:\Users\Jarrett\AppData\Local\Sony
[2014/06/21 11:31:52 | 000,000,000 | ---D | C] -- C:\Users\Jarrett\AppData\Roaming\Sony
[2014/06/19 17:53:53 | 000,000,000 | ---D | C] -- C:\Users\Jarrett\AppData\Local\Skyrim
[2014/06/19 17:53:53 | 000,000,000 | ---D | C] -- C:\Users\Jarrett\Documents\My Games
[2014/06/19 17:47:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2014/06/19 17:30:10 | 000,000,000 | ---D | C] -- C:\Users\Jarrett\Desktop\The Elder Scrolls V Skyrim
[2014/06/19 12:41:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab
[2014/06/19 12:40:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GetPrivate
[2014/06/19 12:40:13 | 000,000,000 | ---D | C] -- C:\Users\Jarrett\AppData\Roaming\GetPrivate
[2014/06/19 12:39:55 | 000,000,000 | ---D | C] -- C:\Users\Jarrett\AppData\Roaming\wi_upd
[2014/06/12 15:05:34 | 000,046,376 | ---- | C] (NetFilterSDK.com) -- C:\WINDOWS\SysNative\drivers\netfilter64.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/06 09:24:54 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/07/06 09:24:25 | 000,002,333 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/07/06 09:23:46 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/06 09:23:33 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/06 09:22:49 | 687,525,887 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/06 09:22:49 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/07/06 09:22:44 | 000,053,284 | ---- | M] () -- C:\WINDOWS\SysNative\wpbbin.exe
[2014/07/06 09:10:55 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/06 09:04:08 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/05 20:45:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/07/05 12:03:07 | 004,886,141 | ---- | M] () -- C:\Users\Jarrett\Desktop\FTB_Launcher.jar
[2014/07/04 20:59:55 | 000,000,121 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2014/07/04 20:16:22 | 000,450,709 | R--- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2014/07/04 20:12:10 | 000,450,709 | R--- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts.20140704-201622.backup
[2014/07/04 20:08:33 | 000,001,359 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/07/04 11:24:10 | 000,000,061 | ---- | M] () -- C:\prefs.js
[2014/07/04 10:41:43 | 000,007,680 | ---- | M] () -- C:\WINDOWS\SysNative\--traceoff
[2014/06/22 16:53:45 | 176,191,942 | ---- | M] () -- C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.mp4
[2014/06/22 16:35:06 | 000,013,088 | ---- | M] () -- C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.veg
[2014/06/21 15:35:23 | 000,011,288 | ---- | M] () -- C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.veg.bak
[2014/06/21 11:33:57 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysNative\--debugoff
[2014/06/18 15:46:28 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/06/18 15:46:28 | 000,731,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/06/18 15:46:28 | 000,135,726 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/06/13 15:31:46 | 000,474,904 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/06/12 15:05:34 | 000,046,376 | ---- | M] (NetFilterSDK.com) -- C:\WINDOWS\SysNative\drivers\netfilter64.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/07/06 09:04:08 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/04 20:59:55 | 000,000,121 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2014/07/04 20:08:33 | 000,001,371 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014/07/04 20:08:33 | 000,001,359 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/07/04 11:25:38 | 000,002,333 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/07/04 11:24:10 | 000,000,061 | ---- | C] () -- C:\prefs.js
[2014/06/21 15:48:25 | 176,191,942 | ---- | C] () -- C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.mp4
[2014/06/21 15:32:02 | 000,013,088 | ---- | C] () -- C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.veg
[2014/06/21 15:32:02 | 000,011,288 | ---- | C] () -- C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.veg.bak
[2014/06/21 11:33:57 | 000,007,680 | ---- | C] () -- C:\WINDOWS\SysNative\--traceoff
[2014/06/21 11:33:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysNative\--debugoff
[2014/05/01 16:55:24 | 000,000,316 | ---- | C] () -- C:\Users\Jarrett\AppData\Roaming\aps.uninstall.scan.results
[2014/04/30 18:08:49 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/04/23 06:08:05 | 000,632,320 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll
[2014/04/23 06:08:05 | 000,235,520 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll
[2014/03/17 18:09:25 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/01/25 18:50:44 | 000,000,258 | RHS- | C] () -- C:\Users\Jarrett\ntuser.pol
[2014/01/25 15:26:21 | 000,000,060 | ---- | C] () -- C:\Users\Jarrett\AppData\Roaming\WB.CFG
[2013/12/28 12:05:33 | 000,000,884 | ---- | C] () -- C:\Users\Jarrett\Exe.reg
[2013/12/21 01:02:44 | 000,280,064 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/12/21 01:02:40 | 000,182,272 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/12/21 01:02:40 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/01/31 20:02:19 | 000,012,800 | ---- | C] () -- C:\Users\Jarrett\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/31 17:54:06 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat
[2012/12/26 10:35:23 | 000,703,117 | ---- | C] () -- C:\Users\Jarrett\AppData\Roaming\technic-launcher.jar
[2012/12/26 10:35:23 | 000,582,227 | ---- | C] () -- C:\Users\Jarrett\AppData\Roaming\technic-launcher.jar.bak
[2012/09/12 22:55:08 | 000,000,280 | ---- | C] () -- C:\WINDOWS\LaunApp.ini
[2012/09/12 22:44:45 | 000,001,258 | ---- | C] () -- C:\WINDOWS\WPatchProgress.ini
[2012/09/12 22:44:45 | 000,000,224 | ---- | C] () -- C:\WINDOWS\WisLangCode.ini
[2012/09/12 22:10:18 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012/08/03 23:44:58 | 000,000,460 | ---- | C] () -- C:\WINDOWS\Prelaunch.ini
[2012/08/03 23:44:58 | 000,000,395 | ---- | C] () -- C:\WINDOWS\WisPriority.ini
[2012/07/25 16:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012/07/25 16:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
 
========== ZeroAccess Check ==========
 
[2014/04/13 14:19:19 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/04/06 12:31:39 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/04/06 11:22:20 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/07/05 21:19:52 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\.minecraft
[2014/04/22 18:45:05 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\.technic
[2013/03/23 14:53:08 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\.techniclauncher
[2014/04/08 19:00:56 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\aipai
[2014/05/01 16:49:29 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\Angry_Birds
[2014/07/06 09:21:25 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\DefaultTab
[2014/07/06 09:24:39 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\Dropbox
[2014/07/06 09:24:35 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\DropboxMaster
[2013/01/31 18:13:35 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\Fighters
[2014/05/01 17:31:21 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\FileZilla
[2014/02/15 18:17:08 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\Firefly Studios
[2014/07/05 12:04:06 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\ftblauncher
[2014/05/01 17:13:01 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\GameOff
[2014/07/04 13:02:33 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\GetPrivate
[2013/02/01 13:52:33 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\ID Vault
[2012/12/25 09:39:58 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\lm
[2013/03/23 14:51:31 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\logs
[2014/04/08 17:13:49 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\OBS
[2013/08/23 17:48:31 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\Origin
[2013/01/31 18:54:02 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\PerformerSoft
[2014/01/25 18:56:53 | 000,000,000 | R--D | M] -- C:\Users\Jarrett\AppData\Roaming\Pictures
[2014/06/21 11:36:08 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\Publish Providers
[2014/04/29 18:28:45 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\SIX Networks
[2014/06/21 11:50:51 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\Sony
[2014/04/13 14:11:55 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\SplitMediaLabs
[2014/02/09 13:00:35 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\steamvr
[2013/10/31 17:41:34 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\Systweak
[2013/01/31 19:23:56 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\TechSmith
[2014/01/26 21:34:26 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\test
[2013/05/17 06:25:04 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\Vtools
[2014/04/06 12:53:00 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\WildTangent
[2014/06/19 12:39:55 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\wi_upd
[2014/04/20 14:21:04 | 000,000,000 | ---D | M] -- C:\Users\Jarrett\AppData\Roaming\WorldPainter
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\Jarrett\SkyDrive:ms-properties

< End of report >


  • 0

Advertisements

#2
LiquidTension
Posted 06 July 2014 - 08:16 AM

LiquidTension

    Expert

  • Expert
  • 1,151 posts
Hello jbcteacher,
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. :)
 
======================================================
 Important: I have laid out some "ground rules" I would very much appreciate you follow. Please read through the points below, to ensure this process moves as quickly and efficiently as possible.
  • Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
  • Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.
  • Ensure you are subscribed to this topic to receive instant email notifications of my responses.
    • ​Scroll to the top of this page and ensure you see the following: 6hgDYJ6.png
    • If you are not set to follow this topic, click the Follow this topic button and follow the prompts.
  • Please attempt to backup important documents before proceeding with my instructions.
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.
  • Topics are locked if no response is made after 5 days. Please inform me if you will require additional time to complete my instructions.
======================================================

Please be advised that I am currently in training at WhattheTech.com. My responses will need to be approved by a instructor at WhattheTech.com before I post in order to ensure you are receiving accurate instructions. I will return as soon as possible.
  • 0

#3
jbcteacher
Posted 06 July 2014 - 08:23 AM

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 209 posts
Ok, thank you Adam. My name is Joanne. Looking forward to hearing from you.
  • 0

#4
LiquidTension
Posted 06 July 2014 - 10:28 AM

LiquidTension

    Expert

  • Expert
  • 1,151 posts
Hello Joanne, 
 
Please run the following scans and post the logs generated. 
 
STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan
  • Please download Farbar Recovery Scan Tool (x64) and save the file to your desktop.
  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your desktop. Copy the contents of both logs and paste in your next reply. 
     
STEP 2
aA7bkRO.png aswMBR
  • Please download aswMBR and save the file to your desktop
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click aswMBR.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • If you are prompted to download the latest anti-virus definitions from avast!, click Yes.
  • Click the AV Scan: drop down box and click C:\.
  • Click Scan
  • Upon completion, you will see Scan finished successfully. Click Save log
  • Re-enable your anti-virus software. 
  • Copy the contents of the log and paste in your next reply.
Note: Do NOT attempt to click Fix or FixMBR.
Note: A file (MBR.dat) will be created on your desktop. Do NOT click or delete it.
 
======================================================
 STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.
  • FRST.txt
  • Addition.txt
  • aswMBR log

Edited by LiquidTension, 06 July 2014 - 10:29 AM.

  • 0

#5
jbcteacher
Posted 06 July 2014 - 10:37 AM

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 209 posts

 

 

Step 1:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Jarrett (administrator) on JARRETT on 06-07-2014 12:31:37
Running from C:\Users\Jarrett\Desktop
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dropbox, Inc.) C:\Users\Jarrett\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-31] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-07-31] ()
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe [7715160 2014-06-03] ()
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533568 2012-08-23] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1589877896-1942565005-1192230565-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\Jarrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jarrett\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDF6643AC081ACF01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM - {4D4DCF81-0FD1-4FEA-8230-E7F4B9FE28DB} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect..._oid=23-03-2013
&tb_mrud=23-03-2013

SearchScopes: HKLM-x32 - {4D4DCF81-0FD1-4FEA-8230-E7F4B9FE28DB} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {1B4F005E-22A0-4F9D-A06D-628D8F5CB4C3} URL = http://us.yhs4.searc...669,0,IE10,7635
SearchScopes: HKCU - {350C5A53-3327-4441-973B-E91F50D35F51} URL = https://www.google.c...?q={searchTerms}
SearchScopes: HKCU - {4D4DCF81-0FD1-4FEA-8230-E7F4B9FE28DB} URL =
BHO: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO-x32: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
Toolbar: HKLM-x32 - Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [207488 2012-07-31] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-24] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-03-26] (Freemake) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe [706864 2014-06-03] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-12] (Dritek System INC.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros)

==================== Drivers (Whitelisted) ====================

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-07-31] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-04-22] (BitDefender LLC)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-06-12] (NetFilterSDK.com)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-12] (Dritek System Inc.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-06 12:31 - 2014-07-06 12:32 - 00016553 _____ () C:\Users\Jarrett\Desktop\FRST.txt
2014-07-06 12:31 - 2014-07-06 12:31 - 00000000 ____D () C:\FRST
2014-07-06 12:30 - 2014-07-06 12:30 - 02084352 _____ (Farbar) C:\Users\Jarrett\Desktop\FRST64.exe
2014-07-06 09:42 - 2014-07-06 09:42 - 00076570 _____ () C:\Users\Jarrett\Downloads\Extras.Txt
2014-07-06 09:41 - 2014-07-06 09:41 - 00132548 _____ () C:\Users\Jarrett\Downloads\OTL.Txt
2014-07-06 09:26 - 2014-07-06 09:26 - 00602112 _____ (OldTimer Tools) C:\Users\Jarrett\Downloads\OTL.exe
2014-07-06 09:22 - 2014-07-06 09:22 - 00012940 _____ () C:\WINDOWS\PFRO.log
2014-07-06 09:04 - 2014-07-06 10:28 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-06 09:04 - 2014-07-06 09:04 - 00001082 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-06 09:04 - 2014-07-06 09:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-06 09:04 - 2014-07-06 09:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-06 09:04 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-06 09:04 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-06 09:04 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-05 17:43 - 2014-07-06 10:40 - 00079557 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-05 12:20 - 2014-07-05 12:20 - 06188769 _____ () C:\Users\Jarrett\Downloads\Home.zip
2014-07-05 12:18 - 2014-07-05 12:18 - 06988944 _____ () C:\Users\Jarrett\Downloads\HomeMP.zip
2014-07-05 12:05 - 2014-07-05 12:06 - 00000000 ____D () C:\Users\Jarrett\Desktop\assets
2014-07-05 12:05 - 2014-07-05 12:05 - 00000000 ____D () C:\Users\Jarrett\Desktop\versions
2014-07-05 12:04 - 2014-07-05 12:05 - 00000000 ____D () C:\Users\Jarrett\Desktop\libraries
2014-07-05 12:03 - 2014-07-05 12:04 - 00000000 ____D () C:\Users\Jarrett\AppData\Local\ftblauncher
2014-07-04 20:59 - 2014-07-04 20:59 - 00000121 _____ () C:\WINDOWS\wininit.ini
2014-07-04 20:16 - 2014-07-04 20:12 - 00450709 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140704-201622.backup
2014-07-04 20:12 - 2013-08-22 09:25 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140704-201210.backup
2014-07-04 20:08 - 2014-07-04 20:17 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-04 20:08 - 2014-07-04 20:10 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-04 20:08 - 2014-07-04 20:08 - 00001371 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-04 20:08 - 2014-07-04 20:08 - 00001359 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-04 20:08 - 2014-07-04 20:08 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-07-04 20:08 - 2014-07-04 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-04 20:08 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-07-04 11:58 - 2014-01-19 03:38 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-07-04 11:26 - 2014-07-04 11:26 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\Lavasoft
2014-07-04 11:25 - 2014-07-06 09:24 - 00002333 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-07-04 11:25 - 2014-07-04 11:25 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\LavasoftStatistics
2014-07-04 11:25 - 2014-07-04 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-07-04 11:24 - 2014-07-06 09:22 - 00000000 ____D () C:\ProgramData\Search Protection
2014-07-04 11:24 - 2014-07-04 11:24 - 00000061 _____ () C:\prefs.js
2014-07-04 11:24 - 2014-07-04 11:24 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-04 11:24 - 2014-07-04 11:24 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-07-04 11:23 - 2014-07-04 11:23 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-07-04 11:22 - 2014-07-04 11:22 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-07-04 11:21 - 2014-07-04 11:21 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-04 10:48 - 2014-07-04 10:48 - 00003156 ____N () C:\WINDOWS\System32\Tasks\{EBD2DB98-7DCC-47BC-94D3-3330C46E1BD2}
2014-06-26 17:28 - 2014-07-06 09:22 - 00000000 ____D () C:\Program Files (x86)\F55D3AAA-D50B-4549-BEEA-B406B01B5226
2014-06-21 15:48 - 2014-06-22 16:53 - 176191942 _____ () C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.mp4
2014-06-21 15:40 - 2014-06-22 16:08 - 00151936 _____ () C:\Users\Jarrett\Downloads\Thrones.mp4.sfk
2014-06-21 15:32 - 2014-06-22 16:35 - 00013088 _____ () C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.veg
2014-06-21 15:32 - 2014-06-21 15:35 - 00011288 _____ () C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.veg.bak
2014-06-21 15:14 - 2014-06-21 15:17 - 169112645 _____ () C:\Users\Jarrett\Downloads\Thrones Skyrim Re-imagined Intro-52683-1-0-0B.zip
2014-06-21 11:36 - 2014-06-21 11:36 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\Publish Providers
2014-06-21 11:33 - 2014-07-04 10:41 - 00007680 _____ () C:\WINDOWS\system32\--traceoff
2014-06-21 11:33 - 2014-06-21 11:35 - 00000000 ____D () C:\Users\Jarrett\AppData\Local\Sony
2014-06-21 11:33 - 2014-06-21 11:33 - 00000000 _____ () C:\WINDOWS\system32\--debugoff
2014-06-21 11:31 - 2014-06-21 11:50 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\Sony
2014-06-19 17:53 - 2014-06-19 17:57 - 00000000 ____D () C:\Users\Jarrett\AppData\Local\Skyrim
2014-06-19 17:53 - 2014-06-19 17:53 - 00000000 ____D () C:\Users\Jarrett\Documents\My Games
2014-06-19 17:47 - 2014-06-19 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
2014-06-19 17:30 - 2014-06-21 09:47 - 00000000 ____D () C:\Users\Jarrett\Desktop\The Elder Scrolls V Skyrim
2014-06-19 12:41 - 2014-07-06 09:32 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-19 12:40 - 2014-07-04 13:02 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\GetPrivate
2014-06-19 12:40 - 2014-07-03 12:59 - 00003506 ____N () C:\WINDOWS\System32\Tasks\GPUpdateCheck
2014-06-19 12:40 - 2014-06-19 12:41 - 00000000 ____D () C:\Program Files (x86)\GetPrivate
2014-06-19 12:39 - 2014-06-19 12:39 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\wi_upd
2014-06-16 12:23 - 2014-05-08 19:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-13 10:31 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-13 10:31 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-13 10:31 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-13 10:31 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-13 10:31 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-13 10:31 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-13 10:31 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-13 10:31 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-13 10:31 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-13 10:31 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-13 10:31 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-13 10:31 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-13 10:31 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-13 10:31 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-13 10:31 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-13 10:31 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-13 10:31 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-13 10:31 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-13 10:31 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-13 10:31 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-13 10:31 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-13 10:31 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-13 10:31 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-13 10:31 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-13 10:31 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-13 10:31 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-13 10:31 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-13 10:31 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-13 10:31 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-13 10:31 - 2014-05-09 23:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-13 10:31 - 2014-05-09 23:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-13 10:31 - 2014-05-05 00:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-13 10:31 - 2014-05-03 03:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-13 10:31 - 2014-05-03 00:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-13 10:31 - 2014-05-03 00:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-13 10:31 - 2014-05-02 23:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-13 10:31 - 2014-05-02 23:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-13 10:31 - 2014-04-30 07:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-13 10:31 - 2014-04-29 23:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-13 10:31 - 2014-04-03 03:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-13 10:31 - 2014-04-03 03:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-13 10:31 - 2014-02-06 07:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-13 10:31 - 2014-02-06 07:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-13 10:31 - 2014-02-06 07:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-13 10:31 - 2014-02-06 06:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-13 10:31 - 2014-02-06 06:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-13 10:31 - 2014-02-06 06:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-13 10:31 - 2014-02-06 06:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-13 10:31 - 2014-02-06 06:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-13 10:31 - 2014-02-06 05:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-13 10:31 - 2014-02-06 05:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-13 10:31 - 2014-02-06 05:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-13 10:31 - 2014-02-06 05:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-13 10:30 - 2014-04-18 10:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-13 10:30 - 2014-04-18 10:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-13 10:30 - 2014-04-18 09:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-13 10:30 - 2014-04-18 05:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-13 10:30 - 2014-04-18 05:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-13 10:30 - 2014-04-18 04:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-13 10:30 - 2014-04-18 04:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-13 10:30 - 2014-04-18 04:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-13 10:30 - 2014-04-18 04:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-13 10:30 - 2014-04-18 03:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-13 10:30 - 2014-04-18 03:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-13 10:30 - 2014-04-14 05:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-13 10:30 - 2014-04-14 04:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-13 10:30 - 2014-04-11 02:13 - 01200128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-06-13 10:30 - 2014-04-11 00:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-13 10:30 - 2014-04-11 00:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-13 10:30 - 2014-04-10 23:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-13 10:30 - 2014-04-09 07:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-13 10:30 - 2014-04-09 02:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-13 10:30 - 2014-04-09 01:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-13 10:30 - 2014-04-09 00:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-13 10:30 - 2014-04-08 23:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-13 10:30 - 2014-04-07 22:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-13 10:30 - 2014-04-06 12:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-13 10:30 - 2014-04-06 12:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-13 10:30 - 2014-04-06 12:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-13 10:30 - 2014-04-06 12:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-13 10:30 - 2014-04-06 12:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-13 10:30 - 2014-04-06 12:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-13 10:30 - 2014-04-06 12:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-13 10:30 - 2014-04-06 12:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-13 10:30 - 2014-04-06 11:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-13 10:30 - 2014-04-06 11:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-13 10:30 - 2014-04-06 11:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-13 10:30 - 2014-04-06 10:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-13 10:30 - 2014-04-06 08:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-13 10:30 - 2014-04-06 08:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-13 10:30 - 2014-04-06 08:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-13 10:30 - 2014-04-06 08:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-13 10:30 - 2014-04-06 08:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-13 10:30 - 2014-04-06 07:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-13 10:30 - 2014-04-06 07:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-13 10:30 - 2014-04-06 07:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-13 10:30 - 2014-04-06 07:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-13 10:30 - 2014-04-06 07:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-13 10:30 - 2014-04-06 06:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-13 10:30 - 2014-04-06 06:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-13 10:30 - 2014-04-06 06:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-13 10:30 - 2014-04-06 06:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-13 10:30 - 2014-04-06 06:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-13 10:30 - 2014-04-06 05:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-13 10:30 - 2014-04-03 04:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-13 10:30 - 2014-04-03 04:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-13 10:30 - 2014-04-03 04:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-13 10:30 - 2014-04-03 00:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-13 10:30 - 2014-04-03 00:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-13 10:30 - 2014-04-02 23:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-13 10:30 - 2014-04-02 22:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-13 10:30 - 2014-04-02 22:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-13 10:30 - 2014-04-02 22:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-13 10:30 - 2014-04-02 22:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-13 10:30 - 2014-04-02 22:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-13 10:30 - 2014-04-02 22:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-13 10:30 - 2014-04-02 22:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-13 10:30 - 2014-04-01 02:23 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-13 10:30 - 2014-03-31 01:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-13 10:30 - 2014-03-30 20:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-13 10:30 - 2014-03-30 20:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-13 10:30 - 2014-03-30 19:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-13 10:30 - 2014-03-30 18:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-13 10:30 - 2014-03-30 18:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-13 10:30 - 2014-03-30 18:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-13 10:30 - 2014-03-30 18:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-13 10:30 - 2014-03-30 17:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-13 10:30 - 2014-03-28 11:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-13 10:30 - 2014-03-27 02:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-13 10:30 - 2014-03-27 01:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-13 10:30 - 2014-03-27 00:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-13 10:30 - 2014-03-27 00:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-13 10:30 - 2014-03-27 00:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-13 10:30 - 2014-03-26 23:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-13 10:30 - 2014-03-26 23:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-13 10:30 - 2014-03-26 23:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-13 10:30 - 2014-03-24 18:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-13 10:30 - 2014-03-19 23:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-13 10:30 - 2014-03-19 20:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-13 10:30 - 2014-03-19 19:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-13 10:30 - 2014-03-19 04:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-13 10:30 - 2014-03-19 04:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-13 10:30 - 2014-03-19 03:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-13 10:30 - 2014-03-19 03:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-13 10:30 - 2014-03-19 02:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-13 10:30 - 2014-03-19 01:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-13 10:30 - 2014-03-19 01:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-13 10:30 - 2014-03-19 01:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-13 10:30 - 2014-03-19 01:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-13 10:30 - 2014-03-19 01:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-13 10:30 - 2014-03-19 01:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-13 10:30 - 2014-03-19 00:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-13 10:30 - 2014-03-19 00:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-13 10:30 - 2014-03-19 00:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-13 10:30 - 2014-03-18 04:19 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-13 10:30 - 2014-03-18 01:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-13 10:30 - 2014-03-18 00:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-13 10:30 - 2014-03-17 01:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-13 10:30 - 2014-03-17 00:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-13 10:30 - 2014-03-16 23:01 - 00486912 ____N (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-13 10:30 - 2014-03-16 22:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-13 10:30 - 2014-03-16 22:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-13 10:30 - 2014-03-14 02:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-13 10:30 - 2014-03-14 02:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-13 10:30 - 2014-03-06 08:42 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-13 10:28 - 2014-05-19 02:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-13 10:28 - 2014-05-19 02:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-13 10:28 - 2014-05-19 01:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-13 10:28 - 2014-05-01 09:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-13 10:28 - 2014-05-01 09:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-13 10:28 - 2014-05-01 03:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-13 10:28 - 2014-05-01 03:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-13 10:28 - 2014-05-01 02:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-13 10:28 - 2014-05-01 01:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-13 10:28 - 2014-04-30 00:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-13 10:28 - 2014-04-30 00:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-13 10:28 - 2014-04-29 23:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-13 10:22 - 2014-06-13 10:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-12 15:05 - 2014-06-12 15:05 - 00046376 _____ (NetFilterSDK.com) C:\WINDOWS\system32\Drivers\netfilter64.sys

==================== One Month Modified Files and Folders =======

2014-07-06 12:32 - 2014-07-06 12:31 - 00016553 _____ () C:\Users\Jarrett\Desktop\FRST.txt
2014-07-06 12:31 - 2014-07-06 12:31 - 00000000 ____D () C:\FRST
2014-07-06 12:30 - 2014-07-06 12:30 - 02084352 _____ (Farbar) C:\Users\Jarrett\Desktop\FRST64.exe
2014-07-06 12:10 - 2013-08-16 20:32 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-06 12:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-06 11:45 - 2014-05-01 17:13 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-06 11:25 - 2014-02-07 19:11 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\.minecraft
2014-07-06 10:40 - 2014-07-05 17:43 - 00079557 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-06 10:28 - 2014-07-06 09:04 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-06 09:58 - 2012-12-25 09:48 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1589877896-1942565005-1192230565-1001
2014-07-06 09:42 - 2014-07-06 09:42 - 00076570 _____ () C:\Users\Jarrett\Downloads\Extras.Txt
2014-07-06 09:41 - 2014-07-06 09:41 - 00132548 _____ () C:\Users\Jarrett\Downloads\OTL.Txt
2014-07-06 09:32 - 2014-06-19 12:41 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-06 09:26 - 2014-07-06 09:26 - 00602112 _____ (OldTimer Tools) C:\Users\Jarrett\Downloads\OTL.exe
2014-07-06 09:24 - 2014-07-04 11:25 - 00002333 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-07-06 09:24 - 2014-01-26 20:45 - 00000000 ___RD () C:\Users\Jarrett\Dropbox
2014-07-06 09:24 - 2014-01-26 20:38 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\DropboxMaster
2014-07-06 09:24 - 2014-01-26 20:37 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\Dropbox
2014-07-06 09:24 - 2014-01-25 18:56 - 00000000 __RDO () C:\Users\Jarrett\SkyDrive
2014-07-06 09:23 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-06 09:23 - 2013-08-16 20:32 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-06 09:22 - 2014-07-06 09:22 - 00012940 _____ () C:\WINDOWS\PFRO.log
2014-07-06 09:22 - 2014-07-04 11:24 - 00000000 ____D () C:\ProgramData\Search Protection
2014-07-06 09:22 - 2014-06-26 17:28 - 00000000 ____D () C:\Program Files (x86)\F55D3AAA-D50B-4549-BEEA-B406B01B5226
2014-07-06 09:22 - 2014-01-25 18:19 - 00053284 _____ () C:\WINDOWS\system32\wpbbin.exe
2014-07-06 09:22 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-06 09:22 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\TAPI
2014-07-06 09:21 - 2013-03-23 15:07 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\DefaultTab
2014-07-06 09:04 - 2014-07-06 09:04 - 00001082 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-06 09:04 - 2014-07-06 09:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-06 09:04 - 2014-07-06 09:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-06 08:59 - 2014-01-25 18:57 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9F73C08E-D277-41EF-A7F1-FA038CFC4699}
2014-07-05 19:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-05 12:20 - 2014-07-05 12:20 - 06188769 _____ () C:\Users\Jarrett\Downloads\Home.zip
2014-07-05 12:18 - 2014-07-05 12:18 - 06988944 _____ () C:\Users\Jarrett\Downloads\HomeMP.zip
2014-07-05 12:06 - 2014-07-05 12:05 - 00000000 ____D () C:\Users\Jarrett\Desktop\assets
2014-07-05 12:06 - 2014-05-10 17:21 - 00000000 ____D () C:\Users\Jarrett\Desktop\AgrarianSkiesHQ
2014-07-05 12:05 - 2014-07-05 12:05 - 00000000 ____D () C:\Users\Jarrett\Desktop\versions
2014-07-05 12:05 - 2014-07-05 12:04 - 00000000 ____D () C:\Users\Jarrett\Desktop\libraries
2014-07-05 12:04 - 2014-07-05 12:03 - 00000000 ____D () C:\Users\Jarrett\AppData\Local\ftblauncher
2014-07-05 12:04 - 2013-03-10 15:18 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\ftblauncher
2014-07-05 12:03 - 2014-05-10 17:20 - 00000000 ____D () C:\Users\Jarrett\Desktop\authlib
2014-07-05 12:03 - 2013-03-10 15:18 - 04886141 _____ () C:\Users\Jarrett\Desktop\FTB_Launcher.jar
2014-07-04 20:59 - 2014-07-04 20:59 - 00000121 _____ () C:\WINDOWS\wininit.ini
2014-07-04 20:17 - 2014-07-04 20:08 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-04 20:12 - 2014-07-04 20:16 - 00450709 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140704-201622.backup
2014-07-04 20:10 - 2014-07-04 20:08 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-04 20:08 - 2014-07-04 20:08 - 00001371 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-04 20:08 - 2014-07-04 20:08 - 00001359 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-04 20:08 - 2014-07-04 20:08 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-07-04 20:08 - 2014-07-04 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-04 19:43 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-07-04 19:08 - 2014-01-25 15:58 - 00000000 ____D () C:\temp
2014-07-04 15:22 - 2014-05-01 16:53 - 00000000 ____D () C:\Program Files (x86)\Information
2014-07-04 15:19 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-04 13:02 - 2014-06-19 12:40 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\GetPrivate
2014-07-04 12:28 - 2014-05-01 16:54 - 00000000 ____D () C:\Program Files\003
2014-07-04 12:00 - 2012-09-12 22:50 - 00000000 ____D () C:\ProgramData\Norton
2014-07-04 11:57 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-04 11:26 - 2014-07-04 11:26 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\Lavasoft
2014-07-04 11:25 - 2014-07-04 11:25 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\LavasoftStatistics
2014-07-04 11:25 - 2014-07-04 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-07-04 11:24 - 2014-07-04 11:24 - 00000061 _____ () C:\prefs.js
2014-07-04 11:24 - 2014-07-04 11:24 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-04 11:24 - 2014-07-04 11:24 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-07-04 11:23 - 2014-07-04 11:23 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-07-04 11:22 - 2014-07-04 11:22 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-07-04 11:21 - 2014-07-04 11:21 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-04 11:06 - 2014-01-25 18:27 - 00000000 ____D () C:\Users\Jarrett
2014-07-04 11:01 - 2013-12-28 12:19 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-04 10:54 - 2014-04-08 19:00 - 00000000 ____D () C:\SmartPixel
2014-07-04 10:51 - 2014-04-19 14:09 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-07-04 10:48 - 2014-07-04 10:48 - 00003156 ____N () C:\WINDOWS\System32\Tasks\{EBD2DB98-7DCC-47BC-94D3-3330C46E1BD2}
2014-07-04 10:41 - 2014-06-21 11:33 - 00007680 _____ () C:\WINDOWS\system32\--traceoff
2014-07-03 12:59 - 2014-06-19 12:40 - 00003506 ____N () C:\WINDOWS\System32\Tasks\GPUpdateCheck
2014-06-25 14:55 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-23 15:14 - 2013-05-06 15:37 - 00000000 ____D () C:\Fraps
2014-06-22 16:53 - 2014-06-21 15:48 - 176191942 _____ () C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.mp4
2014-06-22 16:35 - 2014-06-21 15:32 - 00013088 _____ () C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.veg
2014-06-22 16:08 - 2014-06-21 15:40 - 00151936 _____ () C:\Users\Jarrett\Downloads\Thrones.mp4.sfk
2014-06-21 15:40 - 2014-04-02 12:06 - 33431895 _____ () C:\Users\Jarrett\Downloads\Thrones.mp4
2014-06-21 15:35 - 2014-06-21 15:32 - 00011288 _____ () C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.veg.bak
2014-06-21 15:17 - 2014-06-21 15:14 - 169112645 _____ () C:\Users\Jarrett\Downloads\Thrones Skyrim Re-imagined Intro-52683-1-0-0B.zip
2014-06-21 15:05 - 2013-08-16 20:32 - 00003888 ____N () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-21 15:05 - 2013-08-16 20:32 - 00003652 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-21 11:50 - 2014-06-21 11:31 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\Sony
2014-06-21 11:36 - 2014-06-21 11:36 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\Publish Providers
2014-06-21 11:35 - 2014-06-21 11:33 - 00000000 ____D () C:\Users\Jarrett\AppData\Local\Sony
2014-06-21 11:33 - 2014-06-21 11:33 - 00000000 _____ () C:\WINDOWS\system32\--debugoff
2014-06-21 09:47 - 2014-06-19 17:30 - 00000000 ____D () C:\Users\Jarrett\Desktop\The Elder Scrolls V Skyrim
2014-06-20 19:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-19 17:57 - 2014-06-19 17:53 - 00000000 ____D () C:\Users\Jarrett\AppData\Local\Skyrim
2014-06-19 17:53 - 2014-06-19 17:53 - 00000000 ____D () C:\Users\Jarrett\Documents\My Games
2014-06-19 17:47 - 2014-06-19 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
2014-06-19 16:20 - 2012-12-25 09:39 - 00000000 ____D () C:\Users\Jarrett\AppData\Local\Packages
2014-06-19 12:41 - 2014-06-19 12:40 - 00000000 ____D () C:\Program Files (x86)\GetPrivate
2014-06-19 12:39 - 2014-06-19 12:39 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\wi_upd
2014-06-18 15:46 - 2013-11-14 03:28 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-16 18:23 - 2013-07-21 12:34 - 00000000 ____D () C:\ProgramData\Origin
2014-06-16 18:23 - 2013-07-21 12:34 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-16 12:35 - 2013-07-18 16:15 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-16 12:34 - 2013-01-03 19:17 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-13 15:31 - 2013-08-22 10:44 - 00474904 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-13 15:26 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-13 15:26 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-13 15:25 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-13 15:25 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-13 15:18 - 2013-08-16 20:32 - 00000000 ____D () C:\Users\Jarrett\AppData\Local\Google
2014-06-13 15:17 - 2013-08-16 20:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-13 10:22 - 2014-06-13 10:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-12 15:05 - 2014-06-12 15:05 - 00046376 _____ (NetFilterSDK.com) C:\WINDOWS\system32\Drivers\netfilter64.sys

Files to move or delete:
====================
C:\Users\Jarrett\Exe.reg

Some content of TEMP:
====================
C:\Users\Jarrett\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxllboe.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-06 09:58

==================== End Of Log ============================

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Jarrett (administrator) on JARRETT on 06-07-2014 12:31:37
Running from C:\Users\Jarrett\Desktop
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dropbox, Inc.) C:\Users\Jarrett\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-31] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-07-31] ()
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe [7715160 2014-06-03] ()
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533568 2012-08-23] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1589877896-1942565005-1192230565-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\Jarrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jarrett\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDF6643AC081ACF01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM - {4D4DCF81-0FD1-4FEA-8230-E7F4B9FE28DB} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect..._oid=23-03-2013
&tb_mrud=23-03-2013

SearchScopes: HKLM-x32 - {4D4DCF81-0FD1-4FEA-8230-E7F4B9FE28DB} URL = http://www.bing.com/...E10TR&pc=MAARJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {1B4F005E-22A0-4F9D-A06D-628D8F5CB4C3} URL = http://us.yhs4.searc...669,0,IE10,7635
SearchScopes: HKCU - {350C5A53-3327-4441-973B-E91F50D35F51} URL = https://www.google.c...?q={searchTerms}
SearchScopes: HKCU - {4D4DCF81-0FD1-4FEA-8230-E7F4B9FE28DB} URL =
BHO: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO-x32: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
Toolbar: HKLM-x32 - Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [207488 2012-07-31] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-24] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-03-26] (Freemake) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe [706864 2014-06-03] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-12] (Dritek System INC.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros)

==================== Drivers (Whitelisted) ====================

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-07-31] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-04-22] (BitDefender LLC)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-06-12] (NetFilterSDK.com)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-12] (Dritek System Inc.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-06 12:31 - 2014-07-06 12:32 - 00016553 _____ () C:\Users\Jarrett\Desktop\FRST.txt
2014-07-06 12:31 - 2014-07-06 12:31 - 00000000 ____D () C:\FRST
2014-07-06 12:30 - 2014-07-06 12:30 - 02084352 _____ (Farbar) C:\Users\Jarrett\Desktop\FRST64.exe
2014-07-06 09:42 - 2014-07-06 09:42 - 00076570 _____ () C:\Users\Jarrett\Downloads\Extras.Txt
2014-07-06 09:41 - 2014-07-06 09:41 - 00132548 _____ () C:\Users\Jarrett\Downloads\OTL.Txt
2014-07-06 09:26 - 2014-07-06 09:26 - 00602112 _____ (OldTimer Tools) C:\Users\Jarrett\Downloads\OTL.exe
2014-07-06 09:22 - 2014-07-06 09:22 - 00012940 _____ () C:\WINDOWS\PFRO.log
2014-07-06 09:04 - 2014-07-06 10:28 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-06 09:04 - 2014-07-06 09:04 - 00001082 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-06 09:04 - 2014-07-06 09:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-06 09:04 - 2014-07-06 09:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-06 09:04 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-06 09:04 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-06 09:04 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-05 17:43 - 2014-07-06 10:40 - 00079557 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-05 12:20 - 2014-07-05 12:20 - 06188769 _____ () C:\Users\Jarrett\Downloads\Home.zip
2014-07-05 12:18 - 2014-07-05 12:18 - 06988944 _____ () C:\Users\Jarrett\Downloads\HomeMP.zip
2014-07-05 12:05 - 2014-07-05 12:06 - 00000000 ____D () C:\Users\Jarrett\Desktop\assets
2014-07-05 12:05 - 2014-07-05 12:05 - 00000000 ____D () C:\Users\Jarrett\Desktop\versions
2014-07-05 12:04 - 2014-07-05 12:05 - 00000000 ____D () C:\Users\Jarrett\Desktop\libraries
2014-07-05 12:03 - 2014-07-05 12:04 - 00000000 ____D () C:\Users\Jarrett\AppData\Local\ftblauncher
2014-07-04 20:59 - 2014-07-04 20:59 - 00000121 _____ () C:\WINDOWS\wininit.ini
2014-07-04 20:16 - 2014-07-04 20:12 - 00450709 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140704-201622.backup
2014-07-04 20:12 - 2013-08-22 09:25 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140704-201210.backup
2014-07-04 20:08 - 2014-07-04 20:17 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-04 20:08 - 2014-07-04 20:10 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-04 20:08 - 2014-07-04 20:08 - 00001371 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-04 20:08 - 2014-07-04 20:08 - 00001359 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-04 20:08 - 2014-07-04 20:08 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-07-04 20:08 - 2014-07-04 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-04 20:08 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-07-04 11:58 - 2014-01-19 03:38 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-07-04 11:26 - 2014-07-04 11:26 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\Lavasoft
2014-07-04 11:25 - 2014-07-06 09:24 - 00002333 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-07-04 11:25 - 2014-07-04 11:25 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\LavasoftStatistics
2014-07-04 11:25 - 2014-07-04 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-07-04 11:24 - 2014-07-06 09:22 - 00000000 ____D () C:\ProgramData\Search Protection
2014-07-04 11:24 - 2014-07-04 11:24 - 00000061 _____ () C:\prefs.js
2014-07-04 11:24 - 2014-07-04 11:24 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-04 11:24 - 2014-07-04 11:24 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-07-04 11:23 - 2014-07-04 11:23 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-07-04 11:22 - 2014-07-04 11:22 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-07-04 11:21 - 2014-07-04 11:21 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-04 10:48 - 2014-07-04 10:48 - 00003156 ____N () C:\WINDOWS\System32\Tasks\{EBD2DB98-7DCC-47BC-94D3-3330C46E1BD2}
2014-06-26 17:28 - 2014-07-06 09:22 - 00000000 ____D () C:\Program Files (x86)\F55D3AAA-D50B-4549-BEEA-B406B01B5226
2014-06-21 15:48 - 2014-06-22 16:53 - 176191942 _____ () C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.mp4
2014-06-21 15:40 - 2014-06-22 16:08 - 00151936 _____ () C:\Users\Jarrett\Downloads\Thrones.mp4.sfk
2014-06-21 15:32 - 2014-06-22 16:35 - 00013088 _____ () C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.veg
2014-06-21 15:32 - 2014-06-21 15:35 - 00011288 _____ () C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.veg.bak
2014-06-21 15:14 - 2014-06-21 15:17 - 169112645 _____ () C:\Users\Jarrett\Downloads\Thrones Skyrim Re-imagined Intro-52683-1-0-0B.zip
2014-06-21 11:36 - 2014-06-21 11:36 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\Publish Providers
2014-06-21 11:33 - 2014-07-04 10:41 - 00007680 _____ () C:\WINDOWS\system32\--traceoff
2014-06-21 11:33 - 2014-06-21 11:35 - 00000000 ____D () C:\Users\Jarrett\AppData\Local\Sony
2014-06-21 11:33 - 2014-06-21 11:33 - 00000000 _____ () C:\WINDOWS\system32\--debugoff
2014-06-21 11:31 - 2014-06-21 11:50 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\Sony
2014-06-19 17:53 - 2014-06-19 17:57 - 00000000 ____D () C:\Users\Jarrett\AppData\Local\Skyrim
2014-06-19 17:53 - 2014-06-19 17:53 - 00000000 ____D () C:\Users\Jarrett\Documents\My Games
2014-06-19 17:47 - 2014-06-19 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
2014-06-19 17:30 - 2014-06-21 09:47 - 00000000 ____D () C:\Users\Jarrett\Desktop\The Elder Scrolls V Skyrim
2014-06-19 12:41 - 2014-07-06 09:32 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-19 12:40 - 2014-07-04 13:02 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\GetPrivate
2014-06-19 12:40 - 2014-07-03 12:59 - 00003506 ____N () C:\WINDOWS\System32\Tasks\GPUpdateCheck
2014-06-19 12:40 - 2014-06-19 12:41 - 00000000 ____D () C:\Program Files (x86)\GetPrivate
2014-06-19 12:39 - 2014-06-19 12:39 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\wi_upd
2014-06-16 12:23 - 2014-05-08 19:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-13 10:31 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-13 10:31 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-13 10:31 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-13 10:31 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-13 10:31 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-13 10:31 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-13 10:31 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-13 10:31 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-13 10:31 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-13 10:31 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-13 10:31 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-13 10:31 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-13 10:31 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-13 10:31 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-13 10:31 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-13 10:31 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-13 10:31 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-13 10:31 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-13 10:31 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-13 10:31 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-13 10:31 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-13 10:31 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-13 10:31 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-13 10:31 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-13 10:31 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-13 10:31 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-13 10:31 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-13 10:31 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-13 10:31 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-13 10:31 - 2014-05-09 23:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-13 10:31 - 2014-05-09 23:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-13 10:31 - 2014-05-05 00:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-13 10:31 - 2014-05-03 03:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-13 10:31 - 2014-05-03 00:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-13 10:31 - 2014-05-03 00:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-13 10:31 - 2014-05-02 23:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-13 10:31 - 2014-05-02 23:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-13 10:31 - 2014-04-30 07:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-13 10:31 - 2014-04-29 23:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-13 10:31 - 2014-04-03 03:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-13 10:31 - 2014-04-03 03:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-13 10:31 - 2014-02-06 07:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-13 10:31 - 2014-02-06 07:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-13 10:31 - 2014-02-06 07:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-13 10:31 - 2014-02-06 06:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-13 10:31 - 2014-02-06 06:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-13 10:31 - 2014-02-06 06:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-13 10:31 - 2014-02-06 06:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-13 10:31 - 2014-02-06 06:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-13 10:31 - 2014-02-06 05:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-13 10:31 - 2014-02-06 05:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-13 10:31 - 2014-02-06 05:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-13 10:31 - 2014-02-06 05:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-13 10:30 - 2014-04-18 10:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-13 10:30 - 2014-04-18 10:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-13 10:30 - 2014-04-18 09:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-13 10:30 - 2014-04-18 05:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-13 10:30 - 2014-04-18 05:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-13 10:30 - 2014-04-18 04:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-13 10:30 - 2014-04-18 04:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-13 10:30 - 2014-04-18 04:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-13 10:30 - 2014-04-18 04:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-13 10:30 - 2014-04-18 03:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-13 10:30 - 2014-04-18 03:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-13 10:30 - 2014-04-14 05:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-13 10:30 - 2014-04-14 04:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-13 10:30 - 2014-04-11 02:13 - 01200128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-06-13 10:30 - 2014-04-11 00:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-13 10:30 - 2014-04-11 00:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-13 10:30 - 2014-04-10 23:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-13 10:30 - 2014-04-09 07:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-13 10:30 - 2014-04-09 02:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-13 10:30 - 2014-04-09 01:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-13 10:30 - 2014-04-09 00:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-13 10:30 - 2014-04-08 23:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-13 10:30 - 2014-04-07 22:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-13 10:30 - 2014-04-06 12:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-13 10:30 - 2014-04-06 12:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-13 10:30 - 2014-04-06 12:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-13 10:30 - 2014-04-06 12:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-13 10:30 - 2014-04-06 12:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-13 10:30 - 2014-04-06 12:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-13 10:30 - 2014-04-06 12:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-13 10:30 - 2014-04-06 12:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-13 10:30 - 2014-04-06 12:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-13 10:30 - 2014-04-06 11:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-13 10:30 - 2014-04-06 11:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-13 10:30 - 2014-04-06 11:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-13 10:30 - 2014-04-06 11:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-13 10:30 - 2014-04-06 10:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-13 10:30 - 2014-04-06 08:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-13 10:30 - 2014-04-06 08:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-13 10:30 - 2014-04-06 08:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-13 10:30 - 2014-04-06 08:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-13 10:30 - 2014-04-06 08:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-13 10:30 - 2014-04-06 07:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-13 10:30 - 2014-04-06 07:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-13 10:30 - 2014-04-06 07:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-13 10:30 - 2014-04-06 07:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-13 10:30 - 2014-04-06 07:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-13 10:30 - 2014-04-06 06:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-13 10:30 - 2014-04-06 06:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-13 10:30 - 2014-04-06 06:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-13 10:30 - 2014-04-06 06:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-13 10:30 - 2014-04-06 06:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-13 10:30 - 2014-04-06 05:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-13 10:30 - 2014-04-03 04:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-13 10:30 - 2014-04-03 04:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-13 10:30 - 2014-04-03 04:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-13 10:30 - 2014-04-03 00:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-13 10:30 - 2014-04-03 00:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-13 10:30 - 2014-04-02 23:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-13 10:30 - 2014-04-02 22:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-13 10:30 - 2014-04-02 22:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-13 10:30 - 2014-04-02 22:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-13 10:30 - 2014-04-02 22:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-13 10:30 - 2014-04-02 22:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-13 10:30 - 2014-04-02 22:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-13 10:30 - 2014-04-02 22:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-13 10:30 - 2014-04-01 02:23 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-13 10:30 - 2014-03-31 01:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-13 10:30 - 2014-03-30 20:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-13 10:30 - 2014-03-30 20:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-13 10:30 - 2014-03-30 19:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-13 10:30 - 2014-03-30 18:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-13 10:30 - 2014-03-30 18:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-13 10:30 - 2014-03-30 18:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-13 10:30 - 2014-03-30 18:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-13 10:30 - 2014-03-30 17:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-13 10:30 - 2014-03-28 11:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-13 10:30 - 2014-03-27 02:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-13 10:30 - 2014-03-27 01:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-13 10:30 - 2014-03-27 00:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-13 10:30 - 2014-03-27 00:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-13 10:30 - 2014-03-27 00:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-13 10:30 - 2014-03-26 23:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-13 10:30 - 2014-03-26 23:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-13 10:30 - 2014-03-26 23:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-13 10:30 - 2014-03-24 18:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-13 10:30 - 2014-03-19 23:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-13 10:30 - 2014-03-19 20:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-13 10:30 - 2014-03-19 19:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-13 10:30 - 2014-03-19 04:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-13 10:30 - 2014-03-19 04:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-13 10:30 - 2014-03-19 03:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-13 10:30 - 2014-03-19 03:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-13 10:30 - 2014-03-19 02:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-13 10:30 - 2014-03-19 01:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-13 10:30 - 2014-03-19 01:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-13 10:30 - 2014-03-19 01:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-13 10:30 - 2014-03-19 01:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-13 10:30 - 2014-03-19 01:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-13 10:30 - 2014-03-19 01:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-13 10:30 - 2014-03-19 00:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-13 10:30 - 2014-03-19 00:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-13 10:30 - 2014-03-19 00:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-13 10:30 - 2014-03-18 04:19 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-13 10:30 - 2014-03-18 01:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-13 10:30 - 2014-03-18 00:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-13 10:30 - 2014-03-17 01:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-13 10:30 - 2014-03-17 00:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-13 10:30 - 2014-03-16 23:01 - 00486912 ____N (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-13 10:30 - 2014-03-16 22:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-13 10:30 - 2014-03-16 22:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-13 10:30 - 2014-03-14 02:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-13 10:30 - 2014-03-14 02:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-13 10:30 - 2014-03-06 08:42 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-13 10:28 - 2014-05-19 02:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-13 10:28 - 2014-05-19 02:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-13 10:28 - 2014-05-19 01:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-13 10:28 - 2014-05-01 09:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-13 10:28 - 2014-05-01 09:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-13 10:28 - 2014-05-01 03:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-13 10:28 - 2014-05-01 03:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-13 10:28 - 2014-05-01 02:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-13 10:28 - 2014-05-01 01:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-13 10:28 - 2014-04-30 00:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-13 10:28 - 2014-04-30 00:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-13 10:28 - 2014-04-29 23:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-13 10:22 - 2014-06-13 10:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-12 15:05 - 2014-06-12 15:05 - 00046376 _____ (NetFilterSDK.com) C:\WINDOWS\system32\Drivers\netfilter64.sys

==================== One Month Modified Files and Folders =======

2014-07-06 12:32 - 2014-07-06 12:31 - 00016553 _____ () C:\Users\Jarrett\Desktop\FRST.txt
2014-07-06 12:31 - 2014-07-06 12:31 - 00000000 ____D () C:\FRST
2014-07-06 12:30 - 2014-07-06 12:30 - 02084352 _____ (Farbar) C:\Users\Jarrett\Desktop\FRST64.exe
2014-07-06 12:10 - 2013-08-16 20:32 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-06 12:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-06 11:45 - 2014-05-01 17:13 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-06 11:25 - 2014-02-07 19:11 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\.minecraft
2014-07-06 10:40 - 2014-07-05 17:43 - 00079557 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-06 10:28 - 2014-07-06 09:04 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-06 09:58 - 2012-12-25 09:48 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1589877896-1942565005-1192230565-1001
2014-07-06 09:42 - 2014-07-06 09:42 - 00076570 _____ () C:\Users\Jarrett\Downloads\Extras.Txt
2014-07-06 09:41 - 2014-07-06 09:41 - 00132548 _____ () C:\Users\Jarrett\Downloads\OTL.Txt
2014-07-06 09:32 - 2014-06-19 12:41 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-06 09:26 - 2014-07-06 09:26 - 00602112 _____ (OldTimer Tools) C:\Users\Jarrett\Downloads\OTL.exe
2014-07-06 09:24 - 2014-07-04 11:25 - 00002333 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-07-06 09:24 - 2014-01-26 20:45 - 00000000 ___RD () C:\Users\Jarrett\Dropbox
2014-07-06 09:24 - 2014-01-26 20:38 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\DropboxMaster
2014-07-06 09:24 - 2014-01-26 20:37 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\Dropbox
2014-07-06 09:24 - 2014-01-25 18:56 - 00000000 __RDO () C:\Users\Jarrett\SkyDrive
2014-07-06 09:23 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-06 09:23 - 2013-08-16 20:32 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-06 09:22 - 2014-07-06 09:22 - 00012940 _____ () C:\WINDOWS\PFRO.log
2014-07-06 09:22 - 2014-07-04 11:24 - 00000000 ____D () C:\ProgramData\Search Protection
2014-07-06 09:22 - 2014-06-26 17:28 - 00000000 ____D () C:\Program Files (x86)\F55D3AAA-D50B-4549-BEEA-B406B01B5226
2014-07-06 09:22 - 2014-01-25 18:19 - 00053284 _____ () C:\WINDOWS\system32\wpbbin.exe
2014-07-06 09:22 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-06 09:22 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\TAPI
2014-07-06 09:21 - 2013-03-23 15:07 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\DefaultTab
2014-07-06 09:04 - 2014-07-06 09:04 - 00001082 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-06 09:04 - 2014-07-06 09:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-06 09:04 - 2014-07-06 09:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-06 08:59 - 2014-01-25 18:57 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9F73C08E-D277-41EF-A7F1-FA038CFC4699}
2014-07-05 19:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-05 12:20 - 2014-07-05 12:20 - 06188769 _____ () C:\Users\Jarrett\Downloads\Home.zip
2014-07-05 12:18 - 2014-07-05 12:18 - 06988944 _____ () C:\Users\Jarrett\Downloads\HomeMP.zip
2014-07-05 12:06 - 2014-07-05 12:05 - 00000000 ____D () C:\Users\Jarrett\Desktop\assets
2014-07-05 12:06 - 2014-05-10 17:21 - 00000000 ____D () C:\Users\Jarrett\Desktop\AgrarianSkiesHQ
2014-07-05 12:05 - 2014-07-05 12:05 - 00000000 ____D () C:\Users\Jarrett\Desktop\versions
2014-07-05 12:05 - 2014-07-05 12:04 - 00000000 ____D () C:\Users\Jarrett\Desktop\libraries
2014-07-05 12:04 - 2014-07-05 12:03 - 00000000 ____D () C:\Users\Jarrett\AppData\Local\ftblauncher
2014-07-05 12:04 - 2013-03-10 15:18 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\ftblauncher
2014-07-05 12:03 - 2014-05-10 17:20 - 00000000 ____D () C:\Users\Jarrett\Desktop\authlib
2014-07-05 12:03 - 2013-03-10 15:18 - 04886141 _____ () C:\Users\Jarrett\Desktop\FTB_Launcher.jar
2014-07-04 20:59 - 2014-07-04 20:59 - 00000121 _____ () C:\WINDOWS\wininit.ini
2014-07-04 20:17 - 2014-07-04 20:08 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-04 20:12 - 2014-07-04 20:16 - 00450709 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140704-201622.backup
2014-07-04 20:10 - 2014-07-04 20:08 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-04 20:08 - 2014-07-04 20:08 - 00001371 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-04 20:08 - 2014-07-04 20:08 - 00001359 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-04 20:08 - 2014-07-04 20:08 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-07-04 20:08 - 2014-07-04 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-04 19:43 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-07-04 19:08 - 2014-01-25 15:58 - 00000000 ____D () C:\temp
2014-07-04 15:22 - 2014-05-01 16:53 - 00000000 ____D () C:\Program Files (x86)\Information
2014-07-04 15:19 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-04 13:02 - 2014-06-19 12:40 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\GetPrivate
2014-07-04 12:28 - 2014-05-01 16:54 - 00000000 ____D () C:\Program Files\003
2014-07-04 12:00 - 2012-09-12 22:50 - 00000000 ____D () C:\ProgramData\Norton
2014-07-04 11:57 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-04 11:26 - 2014-07-04 11:26 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\Lavasoft
2014-07-04 11:25 - 2014-07-04 11:25 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\LavasoftStatistics
2014-07-04 11:25 - 2014-07-04 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-07-04 11:24 - 2014-07-04 11:24 - 00000061 _____ () C:\prefs.js
2014-07-04 11:24 - 2014-07-04 11:24 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-04 11:24 - 2014-07-04 11:24 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-07-04 11:23 - 2014-07-04 11:23 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-07-04 11:22 - 2014-07-04 11:22 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-07-04 11:21 - 2014-07-04 11:21 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-04 11:06 - 2014-01-25 18:27 - 00000000 ____D () C:\Users\Jarrett
2014-07-04 11:01 - 2013-12-28 12:19 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-04 10:54 - 2014-04-08 19:00 - 00000000 ____D () C:\SmartPixel
2014-07-04 10:51 - 2014-04-19 14:09 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-07-04 10:48 - 2014-07-04 10:48 - 00003156 ____N () C:\WINDOWS\System32\Tasks\{EBD2DB98-7DCC-47BC-94D3-3330C46E1BD2}
2014-07-04 10:41 - 2014-06-21 11:33 - 00007680 _____ () C:\WINDOWS\system32\--traceoff
2014-07-03 12:59 - 2014-06-19 12:40 - 00003506 ____N () C:\WINDOWS\System32\Tasks\GPUpdateCheck
2014-06-25 14:55 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-23 15:14 - 2013-05-06 15:37 - 00000000 ____D () C:\Fraps
2014-06-22 16:53 - 2014-06-21 15:48 - 176191942 _____ () C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.mp4
2014-06-22 16:35 - 2014-06-21 15:32 - 00013088 _____ () C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.veg
2014-06-22 16:08 - 2014-06-21 15:40 - 00151936 _____ () C:\Users\Jarrett\Downloads\Thrones.mp4.sfk
2014-06-21 15:40 - 2014-04-02 12:06 - 33431895 _____ () C:\Users\Jarrett\Downloads\Thrones.mp4
2014-06-21 15:35 - 2014-06-21 15:32 - 00011288 _____ () C:\Users\Jarrett\Documents\Skyrim Lp ep 2 Theif Stone.veg.bak
2014-06-21 15:17 - 2014-06-21 15:14 - 169112645 _____ () C:\Users\Jarrett\Downloads\Thrones Skyrim Re-imagined Intro-52683-1-0-0B.zip
2014-06-21 15:05 - 2013-08-16 20:32 - 00003888 ____N () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-21 15:05 - 2013-08-16 20:32 - 00003652 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-21 11:50 - 2014-06-21 11:31 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\Sony
2014-06-21 11:36 - 2014-06-21 11:36 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\Publish Providers
2014-06-21 11:35 - 2014-06-21 11:33 - 00000000 ____D () C:\Users\Jarrett\AppData\Local\Sony
2014-06-21 11:33 - 2014-06-21 11:33 - 00000000 _____ () C:\WINDOWS\system32\--debugoff
2014-06-21 09:47 - 2014-06-19 17:30 - 00000000 ____D () C:\Users\Jarrett\Desktop\The Elder Scrolls V Skyrim
2014-06-20 19:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-19 17:57 - 2014-06-19 17:53 - 00000000 ____D () C:\Users\Jarrett\AppData\Local\Skyrim
2014-06-19 17:53 - 2014-06-19 17:53 - 00000000 ____D () C:\Users\Jarrett\Documents\My Games
2014-06-19 17:47 - 2014-06-19 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
2014-06-19 16:20 - 2012-12-25 09:39 - 00000000 ____D () C:\Users\Jarrett\AppData\Local\Packages
2014-06-19 12:41 - 2014-06-19 12:40 - 00000000 ____D () C:\Program Files (x86)\GetPrivate
2014-06-19 12:39 - 2014-06-19 12:39 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\wi_upd
2014-06-18 15:46 - 2013-11-14 03:28 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-16 18:23 - 2013-07-21 12:34 - 00000000 ____D () C:\ProgramData\Origin
2014-06-16 18:23 - 2013-07-21 12:34 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-16 12:35 - 2013-07-18 16:15 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-16 12:34 - 2013-01-03 19:17 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-13 15:31 - 2013-08-22 10:44 - 00474904 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-13 15:26 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-13 15:26 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-13 15:25 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-13 15:25 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-13 15:18 - 2013-08-16 20:32 - 00000000 ____D () C:\Users\Jarrett\AppData\Local\Google
2014-06-13 15:17 - 2013-08-16 20:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-13 10:22 - 2014-06-13 10:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-12 15:05 - 2014-06-12 15:05 - 00046376 _____ (NetFilterSDK.com) C:\WINDOWS\system32\Drivers\netfilter64.sys

Files to move or delete:
====================
C:\Users\Jarrett\Exe.reg

Some content of TEMP:
====================
C:\Users\Jarrett\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxllboe.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-06 09:58

==================== End Of Log ============================


  • 0

#6
jbcteacher
Posted 06 July 2014 - 10:38 AM

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 209 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by Jarrett at 2014-07-06 12:32:32
Running from C:\Users\Jarrett\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Ad-Aware Antivirus (HKLM\...\{9F965DAA-2FFD-41E3-8125-893BFBBE01D6}_AdAwareUpdater) (Version: 11.2.5952.0 - Lavasoft)
Ad-Aware Security Toolbar (HKLM-x32\...\adawaretb) (Version: 3.9.0.23 - Lavasoft)
AdAwareInstaller (Version: 11.2.5952.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.2.5952.0 - Lavasoft) Hidden
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819 - CyberLink Corp.) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Freemake Video Converter version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Information (HKLM-x32\...\Information) (Version: 1.34.4.10 - VisualBee)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3003 - Acer Incorporated)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40825 - Microsoft Corporation) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.10 - Symantec Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.204 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.05 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
WorldPainter 1.8.5 (HKLM\...\4144-4862-0472-7103) (Version: 1.8.5 - pepsoft.org)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)

==================== Restore Points  =========================

19-06-2014 21:43:23 Installed DirectX
25-06-2014 18:52:38 Windows Update
04-07-2014 14:40:34 Removed Vegas Pro 13.0 (64-bit)

==================== Hosts content: ==========================

2013-08-22 09:25 - 2014-07-04 20:16 - 00450709 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

Task: {033AE805-1816-4FD9-B361-225B601BAA1A} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-11] (Egis Technology Inc.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {154C9639-605F-4640-9860-476B8B99EFE8} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {185D9755-90BA-4CB5-852F-C56EA95BA3F6} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {18EB4204-C03D-479B-A3DB-E4BC2A21EAE6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {1A65EEB1-7578-4297-9816-CF2BCF919141} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {22B31700-DA43-4DEE-A938-843CFF57A1C3} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1589877896-1942565005-1192230565-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {241C8CFC-375F-40FF-BD1E-C05216C8EEBC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-01] (Adobe Systems Incorporated)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3F273F91-EBE8-41A0-BE76-189F5B169E89} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5455D7C3-21DA-402F-9283-B44B72440A64} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1589877896-1942565005-1192230565-1001
Task: {5B6A1035-3D38-4019-8345-179BA8492F02} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-16] (Google Inc.)
Task: {62C92010-36C6-4EB5-9DA7-E60A83E101D6} - System32\Tasks\GPUpdateCheck => C:\Users\Jarrett\AppData\Roaming\GetPrivate\gp_upd.exe
Task: {64452D24-6B2D-4FAC-BE42-4B8C08D48F0C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-16] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {74D58A29-7366-4255-A473-7EC2C97EE392} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {89CA9060-79C3-41A6-AEE6-54A833420981} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9BE54B41-27A7-4527-A364-A599E7FB8CD3} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A05FD819-A66C-4B37-96FF-0A5DEA8E9688} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {ACB80D9E-8209-42BF-AA88-1405A7F1D509} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {AFAF0BD0-E7E8-4B73-BFF3-D94D3096B6AD} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1589877896-1942565005-1192230565-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {B6090BEB-97CC-406B-A459-5157ED3D8FD4} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-11] (Egis Technology Inc.)
Task: {C53EAA85-81C8-4517-8036-6EC162B27004} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1589877896-1942565005-1192230565-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {C5738C5B-2142-4B7F-961F-4D14400D54EB} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-22] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D875268E-1586-4397-B0D3-B508E148995F} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1589877896-1942565005-1192230565-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E27719E1-9F08-4377-B0DA-B6ACAF851097} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1589877896-1942565005-1192230565-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {E42357DD-AB4A-4CED-9421-476B664120F3} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-24] ()
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F5C8BDDE-38A8-4B95-99FE-47BB95B66634} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {F8101272-A836-44DB-A5EF-5DC8547540F6} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {F8AA0611-84CB-4880-823E-1C89050D418E} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-22] ()
Task: {FA024EDA-47B7-4CB3-9F7A-7B14614BFDAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-16] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-03 15:47 - 2014-06-03 15:47 - 00706864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
2014-06-03 16:19 - 2014-06-03 16:19 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_thread-vc100-mt-1_55.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_system-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_date_time-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_filesystem-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_chrono-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 10070888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareServiceKernel.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\SQLite.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 03393352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\RCF.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_regex-vc100-mt-1_55.dll
2014-06-03 16:17 - 2014-06-03 16:17 - 00604520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareActivation.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\pugixml.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00360312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareApplicationUpdater.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\libssh2.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\zlib.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareGamingMode.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareReset.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTime.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00290168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareDefinitionsUpdater.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareIgnoreList.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00245608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareQuarantine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00336752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiMalwareEngine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiRootkitEngine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScannerHistory.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00610144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScanner.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_timer-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00326000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScannerScheduler.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00453496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareRealTimeProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareIncompatibles.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00218976 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiSpam.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00171368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiPhishing.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00786800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareParentalControl.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 01936744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareWebProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00422256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareEmailProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareNetworkProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwarePromo.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00298336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareFeedback.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00371576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareThreatWorkAlliance.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\SecurityCenter.dll
2012-06-21 21:12 - 2012-06-21 21:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 02082160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareShellExtension.dll
2013-12-21 01:02 - 2013-12-21 01:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-31 20:45 - 2012-07-31 20:45 - 00384128 _____ () c:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 07715160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
2014-06-03 16:18 - 2014-06-03 16:18 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_locale-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00364896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\HtmlFramework.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\DllStorage.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00803696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTrayDefaultSkin.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\Localization.dll
2012-08-22 18:04 - 2012-08-22 18:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-08-22 18:04 - 2012-08-22 18:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2012-08-23 02:26 - 2012-08-23 02:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 02:25 - 2012-08-23 02:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 02:26 - 2012-08-23 02:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 02:25 - 2012-08-23 02:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 02:25 - 2012-08-23 02:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 02:25 - 2012-08-23 02:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 02:26 - 2012-08-23 02:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2014-07-04 20:08 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-07-04 20:08 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-07-04 20:08 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-07-04 20:08 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-07-04 20:08 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-07-06 09:24 - 2014-07-06 09:24 - 00043008 _____ () c:\users\jarrett\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxllboe.dll
2013-08-23 15:01 - 2013-08-23 15:01 - 25100288 _____ () C:\Users\Jarrett\AppData\Roaming\Dropbox\bin\libcef.dll
2012-09-12 22:08 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Jarrett\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2014 08:55:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/04/2014 08:45:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/04/2014 08:30:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/04/2014 08:30:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/04/2014 08:30:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/04/2014 08:19:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDScan.exe, version: 2.4.40.181, time stamp: 0x535a5179
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc00000fd
Fault offset: 0x77ce8a5d
Faulting process id: 0x1284
Faulting application start time: 0xSDScan.exe0
Faulting application path: SDScan.exe1
Faulting module path: SDScan.exe2
Report Id: SDScan.exe3
Faulting package full name: SDScan.exe4
Faulting package-relative application ID: SDScan.exe5

Error: (07/04/2014 08:17:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/04/2014 08:17:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/04/2014 08:17:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/04/2014 08:17:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.

System errors:
=============
Error: (07/04/2014 08:55:16 PM) (Source: DCOM) (EventID: 10001) (User: JARRETT)
Description: "C:\WINDOWS\syswow64\wwahost.exe" -ServerName:App.wwa15612App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwaUnavailableUnavailable

Error: (07/04/2014 08:44:57 PM) (Source: DCOM) (EventID: 10001) (User: JARRETT)
Description: "C:\WINDOWS\syswow64\wwahost.exe" -ServerName:App.wwa15612App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwaUnavailableUnavailable

Error: (07/04/2014 08:29:58 PM) (Source: DCOM) (EventID: 10001) (User: JARRETT)
Description: "C:\WINDOWS\syswow64\wwahost.exe" -ServerName:App.wwa15612App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwaUnavailableUnavailable

Error: (07/04/2014 08:29:57 PM) (Source: DCOM) (EventID: 10001) (User: JARRETT)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (07/04/2014 08:29:57 PM) (Source: DCOM) (EventID: 10001) (User: JARRETT)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (07/04/2014 08:17:44 PM) (Source: DCOM) (EventID: 10001) (User: JARRETT)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (07/04/2014 08:17:44 PM) (Source: DCOM) (EventID: 10001) (User: JARRETT)
Description: "BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.115612Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.1UnavailableUnavailable

Error: (07/04/2014 08:17:44 PM) (Source: DCOM) (EventID: 10001) (User: JARRETT)
Description: "BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.415612Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4UnavailableUnavailable

Error: (07/04/2014 08:17:44 PM) (Source: DCOM) (EventID: 10001) (User: JARRETT)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (07/04/2014 08:15:39 PM) (Source: DCOM) (EventID: 10001) (User: JARRETT)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Microsoft Office Sessions:
=========================
Error: (07/04/2014 08:55:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2147009284

Error: (07/04/2014 08:45:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2147009284

Error: (07/04/2014 08:30:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284

Error: (07/04/2014 08:30:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284

Error: (07/04/2014 08:30:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2147009284

Error: (07/04/2014 08:19:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDScan.exe2.4.40.181535a5179unknown0.0.0.000000000c00000fd77ce8a5d128401cf97e660ae6138C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exeunknown004b74fb-03da-11e4-bf08-20689d1157d8

Error: (07/04/2014 08:17:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147009284

Error: (07/04/2014 08:17:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284

Error: (07/04/2014 08:17:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284

Error: (07/04/2014 08:17:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JARRETT)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284

==================== Memory info ===========================

Percentage of memory in use: 41%
Total physical RAM: 5939.6 MB
Available physical RAM: 3462.21 MB
Total Pagefile: 24371.6 MB
Available Pagefile: 22312.11 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:450.94 GB) (Free:113.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 4AB36342)

Partition: GPT Partition Type.

==================== End Of Log ============================


  • 0

#7
LiquidTension
Posted 06 July 2014 - 11:38 AM

LiquidTension

    Expert

  • Expert
  • 1,151 posts
Please proceed with STEP 2, and I will return with instructions. :)
  • 0

#8
jbcteacher
Posted 06 July 2014 - 12:11 PM

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 209 posts
I am. It's still scanning. :)
  • 0

#9
jbcteacher
Posted 06 July 2014 - 12:12 PM

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 209 posts
It started at 12:41...
  • 0

#10
jbcteacher
Posted 06 July 2014 - 01:27 PM

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 209 posts
Still scanning. Kinda like watching water come to a boil.
  • 0

Advertisements

#11
jbcteacher
Posted 06 July 2014 - 01:40 PM

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 209 posts
Yay... done!
 
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-07-06 12:41:31
-----------------------------
12:41:31.241    OS Version: Windows x64 6.2.9200
12:41:31.241    Number of processors: 4 586 0x3A09
12:41:31.241    ComputerName: JARRETT  UserName: Jarrett
12:41:34.694    Initialize success
12:41:34.741    VM: initialized successfully
12:41:34.756    VM: Intel CPU supported
12:41:54.192    VM: disk I/O iaStorA.sys
12:43:45.754    AVAST engine defs: 14070600
12:44:48.336    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002c
12:44:48.336    Disk 0 Vendor: Hitachi_HTS545050A7E380 GG2OA6C0 Size: 476940MB BusType: 11
12:44:48.445    Disk 0 MBR read successfully
12:44:48.445    Disk 0 MBR scan
12:44:48.461    Disk 0 unknown MBR code
12:44:48.461    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
12:44:48.570    Disk 0 scanning C:\WINDOWS\system32\drivers
12:45:02.680    Service scanning
12:45:46.120    Modules scanning
12:45:46.120    Disk 0 trace - called modules:
12:45:46.151    ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
12:45:46.151    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe001e9933060]
12:45:46.151    3 CLASSPNP.SYS[fffff80011c0227b] -> nt!IofCallDriver -> \Device\0000002c[0xffffe001e80ad060]
12:45:47.026    AVAST engine scan C:\
13:00:02.024    File: C:\Program Files (x86)\F55D3AAA-D50B-4549-BEEA-B406B01B5226\uninstall_l.exe  **INFECTED** Win32:Dropper-gen [Drp]
15:33:50.065    Scan finished successfully
15:37:00.512    Disk 0 MBR has been saved successfully to "C:\Users\Jarrett\Desktop\MBR.dat"
15:37:00.512    The log file has been saved successfully to "C:\Users\Jarrett\Desktop\aswMBR.txt"
 
 

Edited by jbcteacher, 06 July 2014 - 04:33 PM.

  • 0

#12
LiquidTension
Posted 06 July 2014 - 01:58 PM

LiquidTension

    Expert

  • Expert
  • 1,151 posts
Okay, thanks Joanne. :)

I need to get an early night, so shall return with instructions tomorrow.
  • 0

#13
jbcteacher
Posted 06 July 2014 - 02:36 PM

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 209 posts

Ok, I appreciate the heads up.  I will be out most of tomorrow taking my parents to doctors/etc...  If you don't hear from me right away that is why.  Good night.


  • 0

#14
LiquidTension
Posted 07 July 2014 - 12:55 PM

LiquidTension

    Expert

  • Expert
  • 1,151 posts

Hi Joanne,

  • Is this a file you (or the owner) created? C:\Users\Jarrett\Exe.reg
  • Do you (or the owner) use services/websites related to Yahoo?
     

STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document. 
    start
C:\Program Files (x86)\F55D3AAA-D50B-4549-BEEA-B406B01B5226\uninstall_l.exe
2014-06-26 17:28 - 2014-07-06 09:22 - 00000000 ____D () C:\Program Files (x86)\F55D3AAA-D50B-4549-BEEA-B406B01B5226
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM-x32 - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect..._oid=23-03-2013
2014-06-19 12:41 - 2014-07-06 09:32 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-19 12:40 - 2014-07-04 13:02 - 00000000 ____D () C:\Users\Jarrett\AppData\Roaming\GetPrivate
2014-06-19 12:40 - 2014-07-03 12:59 - 00003506 ____N () C:\WINDOWS\System32\Tasks\GPUpdateCheck
2014-06-19 12:40 - 2014-06-19 12:41 - 00000000 ____D () C:\Program Files (x86)\GetPrivate
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
C:\Program Files (x86)\AnyProtectEx
HKLM\...\Run: [] => [X]
SearchScopes: HKCU - {4D4DCF81-0FD1-4FEA-8230-E7F4B9FE28DB} URL =
Folder: C:\Program Files (x86)\Information
Folder: C:\Program Files\003
Folder: C:\Users\Jarrett\AppData\Local\ftblauncher
Folder: C:\Users\Jarrett\Desktop\assets
Folder: C:\Users\Jarrett\Desktop\versions
Folder: C:\Users\Jarrett\Desktop\libraries
end
  • Click FileSave As and type fixlist.txt as the File Name
  • Important: The file must be saved in the same location as FRST64.exe. 

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Fix.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.
     

STEP 2
nSymGHK.png Folder Options 

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Control Folders and click OK.
  • Click View. Under Hidden files and folders
  • Place a checkmark next to Show hidden files, folders and drives.
  • Remove the checkmark next to Hide extensions for known file types.
  • Remove the checkmark next to Hide protected operating system Files (Recommended).
  • Click Apply followed by OK.
     

STEP 3
nWhGEI3.png VirusTotal Upload

  • Please go to VirusTotal.com.
  • Click Choose File and locate the following file:
    • C:\Users\Jarrett\Desktop\MBR.dat
  • Click Scan it!.
  • If you receive the following notification: File already analysed click Reanalyse.
  • Once the file has been analyzed, copy the page URL at the top of the window and paste in your next reply. 
  • Please do the same for the files below:
    • C:\WINDOWS\system32\--traceoff
    • C:\WINDOWS\system32\--debugoff
    • C:\WINDOWS\System32\Tasks\{EBD2DB98-7DCC-47BC-94D3-3330C46E1BD2}
       

STEP 4
gxJsKn9.png Farbar Service Scanner (FSS)

  • Please download FSS and save the file to your desktop.
  • Right-Click FSS.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Ensure the following items are checked:
    • H5woOOZ.png.
    • TA6BLVm.png.
    • e1PK1mD.png.
    • mQdJltp.png.
    • 7wCHunX.png.
    • wU6iCZ5.png.
  • Click YMLYaf6.png.
  • A log (FSS.txt) will be created on your desktop. Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 5
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Is the file user made?
  • Do you use Yahoo services?
  • Fixlog.txt
  • VirusTotal Results
  • FSS.txt

  • 0

#15
jbcteacher
Posted 07 July 2014 - 03:59 PM

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 209 posts

Hi Adam.  No, the user (Jarrett) did not create that file nor does he use Yahoo.  I will perform the other steps after dinner and paste the logs as requested.  Thank you.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP