Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DCOM, Plug and Play, and Power Service Service Terminated Unexpectedly


  • Please log in to reply
10 replies to this topic

#1 StrykerF860

StrykerF860

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:50 PM

Posted 10 February 2014 - 02:10 PM

Hey guys at Bleeping Computer, I saw other people having this issue and I can't figure out how to fix it myself so now I'm coming to you guys. Also the DCOM service is taking up about 20-50% CPU. I set it to only one processor and is still taking up this much CPU constantly. I was not able to install Microsoft's .NET framework 4.0, or 4.5. I was also not able to install any windows updates as it is giving me the error code 80070216. I ran a scan with Malwarebytes but nothing showed up infected. This is a pretty much freshly factory restored computer as my friend gave me this computer about a few months ago. I noticed this problem about a week or two ago but it has not been getting any better as I thought it would.

 

Here is the DDS log the preparation guide told me to use:

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 8.0.7600.16671  BrowserJavaVersion: 10.51.2
Run by Josh at 14:00:21 on 2014-02-10
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.1.1033.18.3839.2060 [GMT -5:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Users\Josh\Documents\AMD Graphics\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{D045FF9E-B05B-45EC-9E33-4E5882DB3B49} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - 
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2014-2-6 82048]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2014-2-6 42624]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-6-2 238080]
R2 AMD FUEL Service;AMD FUEL Service;C:\Users\Josh\Documents\AMD Graphics\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-6 344064]
R2 AODDriver4.2.0;AODDriver4.2.0;C:\Users\Josh\Documents\AMD Graphics\ATI.ACE\Fuel\amd64\aoddriver2.sys [2013-9-19 59648]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-1-10 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-10 701512]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-2-6 289496]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-2-3 4915040]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-1-10 25928]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2014-2-6 266968]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-2-6 888536]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-6-2 38456]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-2-6 2151232]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2011-6-2 1002848]
.
=============== Created Last 30 ================
.
2014-02-09 21:22:03 -------- d-----w- C:\Users\Josh\IkovCache
2014-02-09 17:16:10 -------- d-----w- C:\Users\Josh\AppData\Local\EdgeOfReality
2014-02-09 17:16:01 519000 ----a-w- C:\Windows\System32\d3dx10_40.dll
2014-02-09 17:16:01 452440 ----a-w- C:\Windows\SysWow64\d3dx10_40.dll
2014-02-09 17:16:01 2605920 ----a-w- C:\Windows\System32\D3DCompiler_40.dll
2014-02-09 17:16:01 2036576 ----a-w- C:\Windows\SysWow64\D3DCompiler_40.dll
2014-02-09 17:16:00 5631312 ----a-w- C:\Windows\System32\D3DX9_40.dll
2014-02-09 17:16:00 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll
2014-02-07 19:52:22 -------- d-----w- C:\$RECYCLE.BIN
2014-02-07 19:44:55 208896 ----a-w- C:\Windows\MBR.exe
2014-02-07 19:44:54 98816 ----a-w- C:\Windows\sed.exe
2014-02-07 19:44:54 256000 ----a-w- C:\Windows\PEV.exe
2014-02-06 23:21:04 27456 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe
2014-02-06 23:01:11 888536 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2014-02-06 23:01:11 73800 ----a-w- C:\Windows\System32\RtNicProp64.dll
2014-02-06 23:00:52 9889352 ----a-w- C:\Windows\SysWow64\RtsUStoricon.dll
2014-02-06 23:00:52 266968 ----a-w- C:\Windows\System32\drivers\RtsUStor.sys
2014-02-06 22:51:41 82048 ----a-w- C:\Windows\System32\drivers\amd_sata.sys
2014-02-06 22:51:41 42624 ----a-w- C:\Windows\System32\drivers\amd_xata.sys
2014-02-06 20:51:38 431176 ----a-w- C:\Windows\System32\drivers\bdfsfltr.sys
2014-02-06 20:51:22 -------- d-----w- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-02-04 23:11:57 -------- d-----w- C:\ProgramData\White Sky, Inc
2014-02-04 00:25:05 -------- d-----w- C:\Program Files (x86)\TeamViewer
2014-02-01 21:48:39 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-31 17:17:10 -------- d-----w- C:\Users\Josh\AppData\Roaming\.minecraft
2014-01-31 17:08:38 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2014-01-31 17:07:50 -------- d-----w- C:\Users\Josh\AppData\Roaming\WinBatch
2014-01-31 17:02:47 -------- d-----w- C:\Users\Josh\AppData\Local\WindowsUpdate
2014-01-31 04:08:30 -------- d-----w- C:\ProgramData\AMD
2014-01-31 04:06:56 -------- d-----w- C:\ProgramData\Package Cache
2014-01-31 04:05:23 -------- d-----w- C:\AMD
2014-01-31 03:49:54 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2014-01-31 03:49:39 -------- d-----w- C:\SWTOOLS
2014-01-29 23:09:57 -------- d-----w- C:\Windows\System32\SRSLabs
2014-01-29 19:49:01 -------- d-----w- C:\ProgramData\ProductData
2014-01-29 19:48:53 -------- d-----w- C:\ProgramData\IObit
2014-01-29 19:48:52 -------- d-----w- C:\Users\Josh\AppData\Roaming\IObit
2014-01-29 19:48:44 -------- d-----w- C:\Program Files (x86)\IObit
2014-01-24 21:49:07 291760 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2014-01-24 21:48:59 -------- d-----w- C:\Users\Josh\AppData\Local\PunkBuster
2014-01-24 21:46:56 281872 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-01-24 21:46:56 281872 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2014-01-24 21:46:55 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2014-01-24 20:58:08 -------- d-----w- C:\Ubisoft
2014-01-23 00:42:07 -------- d-----w- C:\Users\Josh\AppData\Roaming\.technic
2014-01-18 05:23:01 -------- d-----w- C:\Users\Josh\AppData\Local\CyberLink
2014-01-18 05:23:00 -------- d-----w- C:\Users\Josh\AppData\Local\PowerCinema
.
==================== Find3M  ====================
.
2014-02-06 22:52:51 929736 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2013-11-19 11:33:38 267936 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 14:00:28.83 ===============
Attached File  attach.txt   11.46KB   1 downloads

Edited by StrykerF860, 10 February 2014 - 02:20 PM.


BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 8,389 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:50 PM

Posted 10 February 2014 - 10:10 PM

Hi and :welcome:

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Type the following in the edit box on FRST, after "Search:".

rpcss.dll

It then should look like:

Search: rpcss.dll

Click Search button and post the log (Search.txt) it makes on the USB drive in your next reply.

No request for help throughout private messaging will be attended.


If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 StrykerF860

StrykerF860
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:50 PM

Posted 11 February 2014 - 01:09 PM

Here you go:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-02-2014 01
Ran by Josh (administrator) on JOSH-HP on 11-02-2014 13:05:41
Running from C:\Users\Josh\Desktop
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices, Inc.) C:\Users\Josh\Documents\AMD Graphics\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-02-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-05-11] (Advanced Micro Devices, Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPDSK/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-18]
CHR Extension: (Google Drive) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-18]
CHR Extension: (Glow) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bekmjjakgojplnhahcilegeiklenjbgb [2013-12-25]
CHR Extension: (YouTube) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-18]
CHR Extension: (Google Search) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-18]
CHR Extension: (AdBlock) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-18]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-02-10]
CHR Extension: (Google Wallet) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-18]
CHR Extension: (Gmail) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-18]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2014-01-29]
 
==================== Services (Whitelisted) =================
 
R2 AMD FUEL Service; C:\Users\Josh\Documents\AMD Graphics\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904 2013-12-17] (Hewlett-Packard Company)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151232 2013-12-02] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-08] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2014-02-06] (Realtek Semiconductor)
S2 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S3 hpqwmiex; "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
R2 AODDriver4.2.0; C:\Users\Josh\Documents\AMD Graphics\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R2 bdfsfltr; C:\Windows\system32\Drivers\bdfsfltr.sys [431176 2011-03-24] (BitDefender)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-11 13:05 - 2014-02-11 13:06 - 00009669 _____ () C:\Users\Josh\Desktop\FRST.txt
2014-02-11 13:05 - 2014-02-11 13:05 - 00000000 ____D () C:\FRST
2014-02-11 13:04 - 2014-02-11 13:04 - 02151424 _____ (Farbar) C:\Users\Josh\Desktop\FRST64.exe
2014-02-10 19:39 - 2014-02-10 19:39 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\NewspaperDirect
2014-02-10 19:26 - 2014-02-10 19:38 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-02-10 19:24 - 2014-02-10 19:24 - 13670584 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\mseinstall.exe
2014-02-10 19:16 - 2014-02-10 19:16 - 04427776 _____ () C:\Users\Josh\Downloads\HPSupportSolutionsFramework.msi
2014-02-10 18:52 - 2014-02-10 18:52 - 01110478 _____ () C:\Users\Josh\Downloads\ProcessMonitor.zip
2014-02-10 14:11 - 2014-02-10 14:11 - 00000723 _____ () C:\Users\Josh\Documents\things.txt
2014-02-10 14:00 - 2014-02-10 14:00 - 00011730 _____ () C:\Users\Josh\Desktop\attach.txt
2014-02-10 14:00 - 2014-02-10 14:00 - 00011045 _____ () C:\Users\Josh\Desktop\dds.txt
2014-02-10 13:55 - 2014-02-10 13:55 - 00688992 ____R (Swearware) C:\Users\Josh\Desktop\dds.com
2014-02-09 16:22 - 2014-02-09 20:35 - 00000000 ____D () C:\Users\Josh\IkovCache
2014-02-09 12:16 - 2014-02-09 12:16 - 00000000 ____D () C:\Users\Josh\AppData\Local\EdgeOfReality
2014-02-09 12:16 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-02-09 12:16 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-02-09 12:16 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-02-09 12:16 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-02-09 12:16 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-02-09 12:16 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-02-09 12:15 - 2014-02-09 12:15 - 00018435 _____ () C:\Windows\DirectX.log
2014-02-08 21:11 - 2014-02-08 21:11 - 00000199 _____ () C:\Users\Josh\Documents\Source SDK Base 2006.url
2014-02-08 21:09 - 2014-02-08 21:09 - 00003120 _____ () C:\Windows\System32\Tasks\{B140BFBD-D6D4-4CCA-9FD3-EB36571C5D78}
2014-02-08 21:01 - 2014-02-08 21:08 - 181992655 _____ () C:\Users\Josh\Downloads\HSB4b-full.exe
2014-02-08 19:09 - 2014-02-08 19:09 - 101331736 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\msert.exe
2014-02-08 15:06 - 2014-02-08 15:08 - 01759182 _____ () C:\Users\Josh\Downloads\Unconfirmed 314552.crdownload
2014-02-08 15:05 - 2014-02-08 15:08 - 03035630 _____ () C:\Users\Josh\Downloads\Unconfirmed 262959.crdownload
2014-02-07 14:55 - 2014-02-07 14:55 - 00015141 _____ () C:\ComboFix.txt
2014-02-07 14:52 - 2014-02-07 14:52 - 00000540 _____ () C:\Windows\PFRO.log
2014-02-07 14:44 - 2014-02-07 14:55 - 00000000 ____D () C:\Qoobox
2014-02-07 14:44 - 2014-02-07 14:54 - 00000000 ____D () C:\Windows\erdnt
2014-02-07 14:44 - 2014-02-07 14:44 - 05180173 _____ (Swearware) C:\Users\Josh\Downloads\ComboFix.exe
2014-02-07 14:44 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-07 14:44 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-07 14:44 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-07 14:44 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-07 14:44 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-07 14:44 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-07 14:44 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-07 14:44 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-07 14:30 - 2014-02-07 14:30 - 01243588 _____ () C:\Users\Josh\Downloads\ProcessExplorer.zip
2014-02-07 14:28 - 2014-02-07 14:28 - 13359677 _____ () C:\Users\Josh\Downloads\SysinternalsSuite.zip
2014-02-06 18:44 - 2014-02-11 11:58 - 00000952 _____ () C:\Windows\setupact.log
2014-02-06 18:44 - 2014-02-06 18:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-06 18:32 - 2014-02-06 18:32 - 46661632 _____ () C:\Windows\system32\config\software.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 29384704 _____ () C:\Windows\system32\config\components.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 00262144 _____ () C:\Windows\system32\config\default.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 00024576 _____ () C:\Windows\system32\config\security.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 00024576 _____ () C:\Windows\system32\config\sam.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 00000000 _____ () C:\asc_rdflag
2014-02-06 18:21 - 2013-06-27 18:05 - 00027456 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2014-02-06 18:19 - 2014-02-06 18:19 - 29384704 _____ () C:\Windows\system32\config\components.iobit
2014-02-06 18:08 - 2014-02-06 18:08 - 41974272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-02-06 18:08 - 2014-02-06 18:08 - 03760344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-02-06 18:08 - 2014-02-06 18:08 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-02-06 18:08 - 2014-02-06 18:08 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00693329 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-02-06 18:08 - 2014-02-06 18:08 - 00618200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00154840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-02-06 18:01 - 2014-02-06 18:01 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-02-06 18:01 - 2014-02-06 18:01 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-02-06 18:00 - 2014-02-06 18:00 - 09889352 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsUStoricon.dll
2014-02-06 18:00 - 2014-02-06 18:00 - 00266968 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2014-02-06 17:52 - 2014-02-06 18:11 - 00000000 ____D () C:\DrvInstall
2014-02-06 17:52 - 2014-02-06 17:52 - 26017280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 19584512 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 15827456 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 13402112 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 11922944 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-02-06 17:52 - 2014-02-06 17:52 - 07528440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 06857392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 06288832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 04782960 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 04292192 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 02852480 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-02-06 17:52 - 2014-02-06 17:52 - 02818784 _____ () C:\Windows\system32\atiumd6a.cap
2014-02-06 17:52 - 2014-02-06 17:52 - 01978240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdmv.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 01065720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6v.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00929736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00618823 _____ () C:\Windows\system32\atiicdxx.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00364544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00359936 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-02-06 17:52 - 2014-02-06 17:52 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2014-02-06 17:52 - 2014-02-06 17:52 - 00246000 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-02-06 17:52 - 2014-02-06 17:52 - 00246000 _____ () C:\Windows\system32\atiapfxx.blb
2014-02-06 17:52 - 2014-02-06 17:52 - 00204952 _____ () C:\Windows\SysWOW64\ativvsvl.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-02-06 17:52 - 2014-02-06 17:52 - 00157144 _____ () C:\Windows\SysWOW64\ativvsva.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00069632 _____ (AMD) C:\Windows\system32\coinst_8.97.100.11.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00062976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00062976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00062464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00062464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2014-02-06 17:52 - 2014-02-06 17:52 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00051152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00048544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00038768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00038177 _____ () C:\Windows\atiogl.xml
2014-02-06 17:52 - 2014-02-06 17:52 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00021504 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00017920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00003917 _____ () C:\Windows\SysWOW64\atipblag.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00003917 _____ () C:\Windows\system32\atipblag.dat
2014-02-06 17:51 - 2014-02-06 17:51 - 00082048 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2014-02-06 17:51 - 2014-02-06 17:51 - 00042624 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2014-02-06 15:51 - 2014-02-06 15:51 - 00000000 ____D () C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-02-06 15:51 - 2011-03-24 15:36 - 00431176 _____ (BitDefender) C:\Windows\system32\Drivers\bdfsfltr.sys
2014-02-06 15:49 - 2014-02-06 15:49 - 62687640 _____ (IObit ) C:\Users\Josh\Downloads\asc-ultimate7-setup.exe
2014-02-06 15:36 - 2014-02-06 15:36 - 00488737 _____ () C:\Users\Josh\Documents\GTA San Andreas User Files.rar
2014-02-05 13:59 - 2014-02-05 13:59 - 02077392 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\IE11-Windows6.1.exe
2014-02-04 18:14 - 2014-02-04 18:15 - 50449456 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\dotNetFx40_Full_x86_x64.exe
2014-02-04 18:11 - 2014-02-04 18:11 - 00000000 ____D () C:\ProgramData\White Sky, Inc
2014-02-04 18:08 - 2014-02-04 18:09 - 20609808 _____ (White Sky, Inc.) C:\Users\Josh\Downloads\constantguard.exe
2014-02-03 19:25 - 2014-02-03 19:25 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-03 19:24 - 2014-02-03 19:24 - 05814840 _____ (TeamViewer GmbH) C:\Users\Josh\Downloads\TeamViewer_Setup_en.exe
2014-02-01 20:35 - 2014-02-09 18:29 - 00007602 _____ () C:\Users\Josh\AppData\Local\Resmon.ResmonCfg
2014-02-01 16:48 - 2014-02-01 16:48 - 00003422 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-01 16:48 - 2013-12-28 14:29 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-01 16:48 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-01 16:48 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-01 16:48 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-01 16:47 - 2014-02-01 16:47 - 00921000 _____ (Oracle Corporation) C:\Users\Josh\Downloads\chromeinstall-7u51 (1).exe
2014-01-31 17:34 - 2014-01-31 17:34 - 00991232 _____ () C:\Users\Josh\Downloads\MicrosoftFixit50267 (1).msi
2014-01-31 17:33 - 2014-01-31 17:33 - 00991232 _____ () C:\Users\Josh\Downloads\MicrosoftFixit50267.msi
2014-01-31 12:17 - 2014-02-07 19:23 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\.minecraft
2014-01-31 12:16 - 2014-01-31 12:16 - 00675988 _____ () C:\Users\Josh\Downloads\Minecraft (1).exe
2014-01-31 12:12 - 2014-01-31 12:12 - 00000000 ____D () C:\ProgramData\ATI
2014-01-31 12:08 - 2014-01-31 12:09 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-01-31 12:07 - 2014-01-31 12:07 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\WinBatch
2014-01-31 12:06 - 2014-01-31 12:07 - 101085744 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Josh\Downloads\sp51358.exe
2014-01-31 12:05 - 2014-01-31 12:05 - 01671216 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Josh\Downloads\sp51943.exe
2014-01-31 12:02 - 2014-01-31 12:02 - 00000000 ____D () C:\Users\Josh\AppData\Local\WindowsUpdate
2014-01-30 23:17 - 2014-01-30 23:17 - 01005568 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\dotNetFx45_Full_setup.exe
2014-01-30 23:08 - 2014-01-30 23:08 - 00000000 ____D () C:\ProgramData\AMD
2014-01-30 23:07 - 2014-01-30 23:07 - 00017019 _____ () C:\Windows\SysWOW64\CCCInstall_201401302307460039.log
2014-01-30 23:06 - 2014-01-30 23:09 - 00000000 ____D () C:\Users\Josh\Documents\AMD Graphics
2014-01-30 23:06 - 2014-01-30 23:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-01-30 23:05 - 2014-01-30 23:05 - 00000000 ____D () C:\AMD
2014-01-30 23:03 - 2014-01-30 23:03 - 00930440 _____ (CNET Download.com) C:\Users\Josh\Downloads\cbsidlm-cbsi176-ATI_Catalyst_Software_Suite_Windows_Vista_64bit__Windows_7_64bit__Windows_8_64bit-SEO-10607879 (1).exe
2014-01-30 22:59 - 2014-01-30 23:00 - 00930440 _____ (CNET Download.com) C:\Users\Josh\Downloads\cbsidlm-cbsi176-ATI_Catalyst_Software_Suite_Windows_Vista_64bit__Windows_7_64bit__Windows_8_64bit-SEO-10607879.exe
2014-01-30 22:49 - 2014-02-06 18:01 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-01-30 22:49 - 2014-01-30 22:49 - 00000000 ____D () C:\SWTOOLS
2014-01-29 18:22 - 2014-01-29 18:22 - 46333952 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-01-29 18:22 - 2014-01-29 18:22 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-01-29 18:22 - 2014-01-29 18:22 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-01-29 18:22 - 2014-01-29 18:22 - 00024576 _____ () C:\Windows\system32\config\SAM.iobit
2014-01-29 18:09 - 2014-02-06 18:08 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-01-29 15:46 - 2014-01-29 15:46 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-01-29 14:49 - 2014-02-06 18:47 - 00000000 ____D () C:\ProgramData\ProductData
2014-01-29 14:49 - 2014-01-29 14:49 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Apple Computer
2014-01-29 14:48 - 2014-02-06 15:53 - 00000000 ____D () C:\ProgramData\IObit
2014-01-29 14:48 - 2014-01-31 00:48 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\IObit
2014-01-29 14:48 - 2014-01-31 00:47 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-01-26 17:30 - 2014-01-26 17:30 - 00000253 _____ () C:\Users\Josh\Downloads\bot_data_for_ip_1390775308247_76.110.172.69.csv
2014-01-25 15:12 - 2014-01-25 15:12 - 00000048 _____ () C:\Users\Josh\jagex_cl_runescape_LIVE_BETA.dat
2014-01-25 15:10 - 2014-01-25 15:10 - 00921000 _____ (Oracle Corporation) C:\Users\Josh\Downloads\chromeinstall-7u51.exe
2014-01-24 16:49 - 2014-01-25 13:39 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-01-24 16:48 - 2014-01-24 16:48 - 00000000 ____D () C:\Users\Josh\AppData\Local\PunkBuster
2014-01-24 16:46 - 2014-02-08 16:35 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-24 16:46 - 2014-02-08 16:34 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-01-24 16:46 - 2014-02-08 16:34 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-24 15:58 - 2014-01-24 15:58 - 00000000 ____D () C:\Ubisoft
2014-01-24 15:57 - 2014-02-08 16:02 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-01-24 15:56 - 2014-01-24 15:56 - 04208184 _____ (DevAge, Vestris Inc. & Contributors) C:\Users\Josh\Downloads\GhostReconOnline_Setup(NA).exe
2014-01-24 13:37 - 2014-01-24 13:38 - 00000000 ____D () C:\Users\Josh\Documents\SCP - Containment Breach
2014-01-22 19:42 - 2014-01-22 19:42 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\.technic
2014-01-18 00:23 - 2014-01-18 00:23 - 00000000 ____D () C:\Users\Josh\AppData\Local\PowerCinema
2014-01-18 00:23 - 2014-01-18 00:23 - 00000000 ____D () C:\Users\Josh\AppData\Local\CyberLink
2014-01-15 22:23 - 2014-02-06 18:20 - 00000000 ____D () C:\Windows\Minidump
2014-01-14 16:28 - 2014-01-20 19:19 - 00000015 _____ () C:\Users\Josh\Documents\coords.txt
2014-01-13 16:39 - 2014-01-13 16:39 - 00000024 _____ () C:\Users\Josh\Documents\internetspeed.txt
 
==================== One Month Modified Files and Folders =======
 
2014-02-11 13:06 - 2014-02-11 13:05 - 00009669 _____ () C:\Users\Josh\Desktop\FRST.txt
2014-02-11 13:05 - 2014-02-11 13:05 - 00000000 ____D () C:\FRST
2014-02-11 13:05 - 2013-12-18 19:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-11 13:04 - 2014-02-11 13:04 - 02151424 _____ (Farbar) C:\Users\Josh\Desktop\FRST64.exe
2014-02-11 12:05 - 2009-07-13 23:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-11 12:05 - 2009-07-13 23:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-11 12:04 - 2009-07-14 00:13 - 00713888 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-11 12:02 - 2011-06-02 18:48 - 01018731 _____ () C:\Windows\WindowsUpdate.log
2014-02-11 11:58 - 2014-02-06 18:44 - 00000952 _____ () C:\Windows\setupact.log
2014-02-11 11:58 - 2013-12-18 19:54 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-11 11:58 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-10 22:38 - 2013-12-18 20:00 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Skype
2014-02-10 21:25 - 2013-12-26 01:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-10 21:19 - 2013-12-25 12:42 - 00000000 ____D () C:\Users\Josh\AppData\Local\PMB Files
2014-02-10 21:19 - 2013-12-25 12:42 - 00000000 ____D () C:\ProgramData\PMB Files
2014-02-10 19:39 - 2014-02-10 19:39 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\NewspaperDirect
2014-02-10 19:38 - 2014-02-10 19:26 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-02-10 19:24 - 2014-02-10 19:24 - 13670584 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\mseinstall.exe
2014-02-10 19:17 - 2011-06-02 18:57 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-02-10 19:16 - 2014-02-10 19:16 - 04427776 _____ () C:\Users\Josh\Downloads\HPSupportSolutionsFramework.msi
2014-02-10 18:52 - 2014-02-10 18:52 - 01110478 _____ () C:\Users\Josh\Downloads\ProcessMonitor.zip
2014-02-10 14:11 - 2014-02-10 14:11 - 00000723 _____ () C:\Users\Josh\Documents\things.txt
2014-02-10 14:00 - 2014-02-10 14:00 - 00011730 _____ () C:\Users\Josh\Desktop\attach.txt
2014-02-10 14:00 - 2014-02-10 14:00 - 00011045 _____ () C:\Users\Josh\Desktop\dds.txt
2014-02-10 14:00 - 2014-01-11 14:41 - 00000000 ____D () C:\Users\Josh\Desktop\Applications
2014-02-10 13:55 - 2014-02-10 13:55 - 00688992 ____R (Swearware) C:\Users\Josh\Desktop\dds.com
2014-02-09 20:35 - 2014-02-09 16:22 - 00000000 ____D () C:\Users\Josh\IkovCache
2014-02-09 18:29 - 2014-02-01 20:35 - 00007602 _____ () C:\Users\Josh\AppData\Local\Resmon.ResmonCfg
2014-02-09 17:12 - 2013-12-26 01:38 - 00000000 ____D () C:\Users\Josh\Desktop\Games
2014-02-09 16:22 - 2013-12-18 19:41 - 00000000 ____D () C:\Users\Josh
2014-02-09 12:16 - 2014-02-09 12:16 - 00000000 ____D () C:\Users\Josh\AppData\Local\EdgeOfReality
2014-02-09 12:15 - 2014-02-09 12:15 - 00018435 _____ () C:\Windows\DirectX.log
2014-02-08 21:11 - 2014-02-08 21:11 - 00000199 _____ () C:\Users\Josh\Documents\Source SDK Base 2006.url
2014-02-08 21:09 - 2014-02-08 21:09 - 00003120 _____ () C:\Windows\System32\Tasks\{B140BFBD-D6D4-4CCA-9FD3-EB36571C5D78}
2014-02-08 21:08 - 2014-02-08 21:01 - 181992655 _____ () C:\Users\Josh\Downloads\HSB4b-full.exe
2014-02-08 19:09 - 2014-02-08 19:09 - 101331736 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\msert.exe
2014-02-08 16:35 - 2014-01-24 16:46 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-02-08 16:34 - 2014-01-24 16:46 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-02-08 16:34 - 2014-01-24 16:46 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-08 16:02 - 2014-01-24 15:57 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-02-08 16:02 - 2013-12-18 19:54 - 00000000 ____D () C:\Users\Josh\AppData\Local\Deployment
2014-02-08 15:08 - 2014-02-08 15:06 - 01759182 _____ () C:\Users\Josh\Downloads\Unconfirmed 314552.crdownload
2014-02-08 15:08 - 2014-02-08 15:05 - 03035630 _____ () C:\Users\Josh\Downloads\Unconfirmed 262959.crdownload
2014-02-07 19:23 - 2014-01-31 12:17 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\.minecraft
2014-02-07 15:08 - 2013-12-18 19:54 - 00000000 ____D () C:\Users\Josh\AppData\Local\Apps\2.0
2014-02-07 14:55 - 2014-02-07 14:55 - 00015141 _____ () C:\ComboFix.txt
2014-02-07 14:55 - 2014-02-07 14:44 - 00000000 ____D () C:\Qoobox
2014-02-07 14:54 - 2014-02-07 14:44 - 00000000 ____D () C:\Windows\erdnt
2014-02-07 14:52 - 2014-02-07 14:52 - 00000540 _____ () C:\Windows\PFRO.log
2014-02-07 14:52 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-07 14:44 - 2014-02-07 14:44 - 05180173 _____ (Swearware) C:\Users\Josh\Downloads\ComboFix.exe
2014-02-07 14:30 - 2014-02-07 14:30 - 01243588 _____ () C:\Users\Josh\Downloads\ProcessExplorer.zip
2014-02-07 14:28 - 2014-02-07 14:28 - 13359677 _____ () C:\Users\Josh\Downloads\SysinternalsSuite.zip
2014-02-07 14:18 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-02-06 18:47 - 2014-01-29 14:49 - 00000000 ____D () C:\ProgramData\ProductData
2014-02-06 18:44 - 2014-02-06 18:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-06 18:32 - 2014-02-06 18:32 - 46661632 _____ () C:\Windows\system32\config\software.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 29384704 _____ () C:\Windows\system32\config\components.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 00262144 _____ () C:\Windows\system32\config\default.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 00024576 _____ () C:\Windows\system32\config\security.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 00024576 _____ () C:\Windows\system32\config\sam.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 00000000 _____ () C:\asc_rdflag
2014-02-06 18:20 - 2014-01-15 22:23 - 00000000 ____D () C:\Windows\Minidump
2014-02-06 18:19 - 2014-02-06 18:19 - 29384704 _____ () C:\Windows\system32\config\components.iobit
2014-02-06 18:11 - 2014-02-06 17:52 - 00000000 ____D () C:\DrvInstall
2014-02-06 18:08 - 2014-02-06 18:08 - 41974272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-02-06 18:08 - 2014-02-06 18:08 - 03760344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-02-06 18:08 - 2014-02-06 18:08 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-02-06 18:08 - 2014-02-06 18:08 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00693329 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-02-06 18:08 - 2014-02-06 18:08 - 00618200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00154840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-02-06 18:08 - 2014-01-29 18:09 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-02-06 18:08 - 2011-06-02 18:42 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-02-06 18:01 - 2014-02-06 18:01 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-02-06 18:01 - 2014-02-06 18:01 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-02-06 18:01 - 2014-01-30 22:49 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-02-06 18:00 - 2014-02-06 18:00 - 09889352 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsUStoricon.dll
2014-02-06 18:00 - 2014-02-06 18:00 - 00266968 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2014-02-06 17:52 - 2014-02-06 17:52 - 26017280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 19584512 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 15827456 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 13402112 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 11922944 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-02-06 17:52 - 2014-02-06 17:52 - 07528440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 06857392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 06288832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 04782960 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 04292192 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 02852480 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-02-06 17:52 - 2014-02-06 17:52 - 02818784 _____ () C:\Windows\system32\atiumd6a.cap
2014-02-06 17:52 - 2014-02-06 17:52 - 01978240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdmv.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 01065720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6v.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00929736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00618823 _____ () C:\Windows\system32\atiicdxx.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00364544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00359936 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-02-06 17:52 - 2014-02-06 17:52 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2014-02-06 17:52 - 2014-02-06 17:52 - 00246000 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-02-06 17:52 - 2014-02-06 17:52 - 00246000 _____ () C:\Windows\system32\atiapfxx.blb
2014-02-06 17:52 - 2014-02-06 17:52 - 00204952 _____ () C:\Windows\SysWOW64\ativvsvl.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-02-06 17:52 - 2014-02-06 17:52 - 00157144 _____ () C:\Windows\SysWOW64\ativvsva.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00069632 _____ (AMD) C:\Windows\system32\coinst_8.97.100.11.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00062976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00062976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00062464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00062464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2014-02-06 17:52 - 2014-02-06 17:52 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00051152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00048544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00038768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00038177 _____ () C:\Windows\atiogl.xml
2014-02-06 17:52 - 2014-02-06 17:52 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00021504 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00017920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00003917 _____ () C:\Windows\SysWOW64\atipblag.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00003917 _____ () C:\Windows\system32\atipblag.dat
2014-02-06 17:52 - 2011-06-02 19:39 - 07560424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-02-06 17:52 - 2011-06-02 19:39 - 01094024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-02-06 17:52 - 2011-06-02 19:39 - 00535552 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-02-06 17:52 - 2011-06-02 19:39 - 00514048 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-02-06 17:52 - 2011-06-02 19:39 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll
2014-02-06 17:52 - 2011-06-02 19:39 - 00238080 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-02-06 17:52 - 2011-06-02 19:39 - 00061464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-02-06 17:51 - 2014-02-06 17:51 - 00082048 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2014-02-06 17:51 - 2014-02-06 17:51 - 00042624 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2014-02-06 15:53 - 2014-01-29 14:48 - 00000000 ____D () C:\ProgramData\IObit
2014-02-06 15:51 - 2014-02-06 15:51 - 00000000 ____D () C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-02-06 15:49 - 2014-02-06 15:49 - 62687640 _____ (IObit ) C:\Users\Josh\Downloads\asc-ultimate7-setup.exe
2014-02-06 15:36 - 2014-02-06 15:36 - 00488737 _____ () C:\Users\Josh\Documents\GTA San Andreas User Files.rar
2014-02-05 13:59 - 2014-02-05 13:59 - 02077392 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\IE11-Windows6.1.exe
2014-02-05 12:36 - 2013-12-25 12:42 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-02-04 21:15 - 2013-12-28 14:30 - 00000024 _____ () C:\Users\Josh\random.dat
2014-02-04 21:14 - 2013-12-28 14:30 - 00000043 _____ () C:\Users\Josh\jagex_cl_runescape_LIVE.dat
2014-02-04 18:15 - 2014-02-04 18:14 - 50449456 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\dotNetFx40_Full_x86_x64.exe
2014-02-04 18:11 - 2014-02-04 18:11 - 00000000 ____D () C:\ProgramData\White Sky, Inc
2014-02-04 18:09 - 2014-02-04 18:08 - 20609808 _____ (White Sky, Inc.) C:\Users\Josh\Downloads\constantguard.exe
2014-02-04 17:11 - 2013-12-18 19:55 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-03 22:25 - 2014-01-02 15:08 - 00000091 _____ () C:\Windows\system32\ueme.vxk
2014-02-03 19:44 - 2013-12-18 19:43 - 00062648 _____ () C:\Users\Josh\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-03 19:42 - 2009-07-13 23:45 - 00276832 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-03 19:29 - 2011-06-02 18:48 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-03 19:25 - 2014-02-03 19:25 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-03 19:24 - 2014-02-03 19:24 - 05814840 _____ (TeamViewer GmbH) C:\Users\Josh\Downloads\TeamViewer_Setup_en.exe
2014-02-02 15:36 - 2013-12-28 01:32 - 00000000 ____D () C:\Users\Josh\AppData\Local\CrashDumps
2014-02-01 20:05 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-01 16:48 - 2014-02-01 16:48 - 00003422 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-01 16:48 - 2013-12-28 14:29 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-01 16:48 - 2013-12-28 14:29 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-01 16:47 - 2014-02-01 16:47 - 00921000 _____ (Oracle Corporation) C:\Users\Josh\Downloads\chromeinstall-7u51 (1).exe
2014-01-31 17:34 - 2014-01-31 17:34 - 00991232 _____ () C:\Users\Josh\Downloads\MicrosoftFixit50267 (1).msi
2014-01-31 17:33 - 2014-01-31 17:33 - 00991232 _____ () C:\Users\Josh\Downloads\MicrosoftFixit50267.msi
2014-01-31 12:16 - 2014-01-31 12:16 - 00675988 _____ () C:\Users\Josh\Downloads\Minecraft (1).exe
2014-01-31 12:12 - 2014-01-31 12:12 - 00000000 ____D () C:\ProgramData\ATI
2014-01-31 12:09 - 2014-01-31 12:08 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-01-31 12:07 - 2014-01-31 12:07 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\WinBatch
2014-01-31 12:07 - 2014-01-31 12:06 - 101085744 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Josh\Downloads\sp51358.exe
2014-01-31 12:05 - 2014-01-31 12:05 - 01671216 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Josh\Downloads\sp51943.exe
2014-01-31 12:02 - 2014-01-31 12:02 - 00000000 ____D () C:\Users\Josh\AppData\Local\WindowsUpdate
2014-01-31 00:48 - 2014-01-29 14:48 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\IObit
2014-01-31 00:47 - 2014-01-29 14:48 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-01-30 23:17 - 2014-01-30 23:17 - 01005568 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\dotNetFx45_Full_setup.exe
2014-01-30 23:09 - 2014-01-30 23:06 - 00000000 ____D () C:\Users\Josh\Documents\AMD Graphics
2014-01-30 23:08 - 2014-01-30 23:08 - 00000000 ____D () C:\ProgramData\AMD
2014-01-30 23:07 - 2014-01-30 23:07 - 00017019 _____ () C:\Windows\SysWOW64\CCCInstall_201401302307460039.log
2014-01-30 23:07 - 2014-01-30 23:06 - 00000000 ____D () C:\ProgramData\Package Cache
2014-01-30 23:05 - 2014-01-30 23:05 - 00000000 ____D () C:\AMD
2014-01-30 23:03 - 2014-01-30 23:03 - 00930440 _____ (CNET Download.com) C:\Users\Josh\Downloads\cbsidlm-cbsi176-ATI_Catalyst_Software_Suite_Windows_Vista_64bit__Windows_7_64bit__Windows_8_64bit-SEO-10607879 (1).exe
2014-01-30 23:00 - 2014-01-30 22:59 - 00930440 _____ (CNET Download.com) C:\Users\Josh\Downloads\cbsidlm-cbsi176-ATI_Catalyst_Software_Suite_Windows_Vista_64bit__Windows_7_64bit__Windows_8_64bit-SEO-10607879.exe
2014-01-30 22:49 - 2014-01-30 22:49 - 00000000 ____D () C:\SWTOOLS
2014-01-30 22:49 - 2011-06-02 18:53 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-01-30 22:46 - 2011-06-02 18:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-30 22:46 - 2010-06-14 21:07 - 00000000 ____D () C:\swsetup
2014-01-30 22:09 - 2011-06-02 19:02 - 00000000 ____D () C:\ProgramData\CyberLink
2014-01-30 22:09 - 2011-06-02 18:42 - 00000000 ____D () C:\Program Files\Realtek
2014-01-30 22:09 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\security
2014-01-30 22:09 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-01-30 22:08 - 2011-06-02 18:59 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-01-30 22:05 - 2013-12-18 20:34 - 00000000 ____D () C:\ProgramData\Recovery
2014-01-29 18:24 - 2009-07-24 14:22 - 00000000 ____D () C:\Windows\Panther
2014-01-29 18:22 - 2014-01-29 18:22 - 46333952 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-01-29 18:22 - 2014-01-29 18:22 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-01-29 18:22 - 2014-01-29 18:22 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-01-29 18:22 - 2014-01-29 18:22 - 00024576 _____ () C:\Windows\system32\config\SAM.iobit
2014-01-29 15:46 - 2014-01-29 15:46 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-01-29 14:49 - 2014-01-29 14:49 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Apple Computer
2014-01-26 17:30 - 2014-01-26 17:30 - 00000253 _____ () C:\Users\Josh\Downloads\bot_data_for_ip_1390775308247_76.110.172.69.csv
2014-01-25 15:12 - 2014-01-25 15:12 - 00000048 _____ () C:\Users\Josh\jagex_cl_runescape_LIVE_BETA.dat
2014-01-25 15:10 - 2014-01-25 15:10 - 00921000 _____ (Oracle Corporation) C:\Users\Josh\Downloads\chromeinstall-7u51.exe
2014-01-25 13:39 - 2014-01-24 16:49 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-01-24 16:48 - 2014-01-24 16:48 - 00000000 ____D () C:\Users\Josh\AppData\Local\PunkBuster
2014-01-24 15:58 - 2014-01-24 15:58 - 00000000 ____D () C:\Ubisoft
2014-01-24 15:56 - 2014-01-24 15:56 - 04208184 _____ (DevAge, Vestris Inc. & Contributors) C:\Users\Josh\Downloads\GhostReconOnline_Setup(NA).exe
2014-01-24 13:38 - 2014-01-24 13:37 - 00000000 ____D () C:\Users\Josh\Documents\SCP - Containment Breach
2014-01-22 19:42 - 2014-01-22 19:42 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\.technic
2014-01-20 19:19 - 2014-01-14 16:28 - 00000015 _____ () C:\Users\Josh\Documents\coords.txt
2014-01-19 11:39 - 2009-07-14 00:08 - 00026372 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-19 02:33 - 2013-12-18 19:57 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-18 00:23 - 2014-01-18 00:23 - 00000000 ____D () C:\Users\Josh\AppData\Local\PowerCinema
2014-01-18 00:23 - 2014-01-18 00:23 - 00000000 ____D () C:\Users\Josh\AppData\Local\CyberLink
2014-01-13 16:39 - 2014-01-13 16:39 - 00000024 _____ () C:\Users\Josh\Documents\internetspeed.txt
2014-01-13 12:54 - 2013-12-18 19:44 - 00000000 ___RD () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
 
Files to move or delete:
====================
C:\Users\Josh\jagex_cl_runescape_LIVE.dat
C:\Users\Josh\jagex_cl_runescape_LIVE_BETA.dat
C:\Users\Josh\random.dat
 
 
Some content of TEMP:
====================
C:\Users\Josh\AppData\Local\Temp\SRLDetectionLibrary1603407751342326279.dll
C:\Users\Josh\AppData\Local\Temp\SRLDetectionLibrary7881329547831648554.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-07-13 19:00] - [2009-07-13 20:41] - 0510464 ____A (Microsoft Corporation) 96EFD0CA23A6B0EECB8F045A4DAB4E30
 
 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-09 16:15
 
==================== End Of Log ============================
Attached File  Addition.txt   27.29KB   1 downloads
 
Edit: Here is the search.txt, I forgot to add it in original post.
 
Farbar Recovery Scan Tool (x64) Version: 10-02-2014 01
Ran by Josh at 2014-02-11 13:15:53
Running from C:\Users\Josh\Desktop
Boot Mode: Normal
 
================== Search: "rpcss.dll" ===================
 
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll
[2009-07-13 19:00] - [2009-07-13 20:41] - 0509440 ____A (Microsoft Corporation) 7266972E86890E2B30C0C322E906B027
 
C:\Windows\System32\rpcss.dll
[2009-07-13 19:00] - [2009-07-13 20:41] - 0510464 ____A (Microsoft Corporation) 96EFD0CA23A6B0EECB8F045A4DAB4E30
 
====== End Of Search ======

Edited by StrykerF860, 11 February 2014 - 01:17 PM.


#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 8,389 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:50 PM

Posted 11 February 2014 - 01:27 PM

Download the enclosed file. Attached File  fixlist.txt   602bytes   2 downloads

Save it in the same location FRST64 is saved.

Run FRST64 and click on the Fix button.

Wait until finished.

The tool will make a log in the flashdrive (Fixlog.txt) please post it to your reply.

Restart the computer.

Re-Scan with FRST64 and post the new FRST.txt log.

No request for help throughout private messaging will be attended.


If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 StrykerF860

StrykerF860
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:50 PM

Posted 11 February 2014 - 01:42 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-02-2014 01
Ran by Josh at 2014-02-11 13:41:38 Run:1
Running from C:\Users\Josh\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Start
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
File: C:\ComboFix.txt
Replace: C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll C:\Windows\System32\rpcss.dll
C:\Users\Josh\jagex_cl_runescape_LIVE.dat
C:\Users\Josh\jagex_cl_runescape_LIVE_BETA.dat
C:\Users\Josh\random.dat
C:\Users\Josh\AppData\Local\Temp\SRLDetectionLibrary1603407751342326279.dll
C:\Users\Josh\AppData\Local\Temp\SRLDetectionLibrary7881329547831648554.dll
End
*****************
 
AppMgmt => Service deleted successfully.
catchme => Service deleted successfully.
 
========================= File: C:\ComboFix.txt ========================
 
MD5: 813A976C8F5A54C9D17536D6A5A63F22
Creation and modification date: 2014-02-07 14:55 - 2014-02-07 14:55
Size: 0015141
Attributes: ----A
Company Name: 
Internal Name: 
Original Name: 
Product Name: 
Description: 
File Version: 
Product Version: 
Copyright: 
 
====== End Of File: ======
 
C:\Windows\System32\rpcss.dll => Moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll copied successfully to C:\Windows\System32\rpcss.dll
C:\Users\Josh\jagex_cl_runescape_LIVE.dat => Moved successfully.
C:\Users\Josh\jagex_cl_runescape_LIVE_BETA.dat => Moved successfully.
C:\Users\Josh\random.dat => Moved successfully.
C:\Users\Josh\AppData\Local\Temp\SRLDetectionLibrary1603407751342326279.dll => Moved successfully.
C:\Users\Josh\AppData\Local\Temp\SRLDetectionLibrary7881329547831648554.dll => Moved successfully.
 
==== End of Fixlog ====
 
Restarting computer now.


#6 StrykerF860

StrykerF860
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:50 PM

Posted 11 February 2014 - 01:46 PM

Here is the new FRST.txt
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-02-2014 01
Ran by Josh (administrator) on JOSH-HP on 11-02-2014 13:45:37
Running from C:\Users\Josh\Desktop
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices, Inc.) C:\Users\Josh\Documents\AMD Graphics\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-02-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-05-11] (Advanced Micro Devices, Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPDSK/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-18]
CHR Extension: (Google Drive) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-18]
CHR Extension: (Glow) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bekmjjakgojplnhahcilegeiklenjbgb [2013-12-25]
CHR Extension: (YouTube) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-18]
CHR Extension: (Google Search) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-18]
CHR Extension: (AdBlock) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-18]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-02-10]
CHR Extension: (Google Wallet) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-18]
CHR Extension: (Gmail) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-18]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2014-01-29]
 
==================== Services (Whitelisted) =================
 
R2 AMD FUEL Service; C:\Users\Josh\Documents\AMD Graphics\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904 2013-12-17] (Hewlett-Packard Company)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151232 2013-12-02] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-08] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2014-02-06] (Realtek Semiconductor)
S2 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S3 hpqwmiex; "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
R2 AODDriver4.2.0; C:\Users\Josh\Documents\AMD Graphics\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R2 bdfsfltr; C:\Windows\system32\Drivers\bdfsfltr.sys [431176 2011-03-24] (BitDefender)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-11 13:45 - 2014-02-11 13:45 - 00000000 ____D () C:\Users\Josh\Desktop\New folder
2014-02-11 13:05 - 2014-02-11 13:45 - 00009584 _____ () C:\Users\Josh\Desktop\FRST.txt
2014-02-11 13:05 - 2014-02-11 13:45 - 00000000 ____D () C:\FRST
2014-02-11 13:04 - 2014-02-11 13:04 - 02151424 _____ (Farbar) C:\Users\Josh\Desktop\FRST64.exe
2014-02-10 19:39 - 2014-02-10 19:39 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\NewspaperDirect
2014-02-10 19:26 - 2014-02-10 19:38 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-02-10 19:24 - 2014-02-10 19:24 - 13670584 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\mseinstall.exe
2014-02-10 19:16 - 2014-02-10 19:16 - 04427776 _____ () C:\Users\Josh\Downloads\HPSupportSolutionsFramework.msi
2014-02-10 18:52 - 2014-02-10 18:52 - 01110478 _____ () C:\Users\Josh\Downloads\ProcessMonitor.zip
2014-02-10 14:11 - 2014-02-10 14:11 - 00000723 _____ () C:\Users\Josh\Documents\things.txt
2014-02-10 14:00 - 2014-02-10 14:00 - 00011730 _____ () C:\Users\Josh\Desktop\attach.txt
2014-02-10 14:00 - 2014-02-10 14:00 - 00011045 _____ () C:\Users\Josh\Desktop\dds.txt
2014-02-10 13:55 - 2014-02-10 13:55 - 00688992 ____R (Swearware) C:\Users\Josh\Desktop\dds.com
2014-02-09 16:22 - 2014-02-09 20:35 - 00000000 ____D () C:\Users\Josh\IkovCache
2014-02-09 12:16 - 2014-02-09 12:16 - 00000000 ____D () C:\Users\Josh\AppData\Local\EdgeOfReality
2014-02-09 12:16 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-02-09 12:16 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-02-09 12:16 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-02-09 12:16 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-02-09 12:16 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-02-09 12:16 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-02-09 12:15 - 2014-02-09 12:15 - 00018435 _____ () C:\Windows\DirectX.log
2014-02-08 21:11 - 2014-02-08 21:11 - 00000199 _____ () C:\Users\Josh\Documents\Source SDK Base 2006.url
2014-02-08 21:09 - 2014-02-08 21:09 - 00003120 _____ () C:\Windows\System32\Tasks\{B140BFBD-D6D4-4CCA-9FD3-EB36571C5D78}
2014-02-08 21:01 - 2014-02-08 21:08 - 181992655 _____ () C:\Users\Josh\Downloads\HSB4b-full.exe
2014-02-08 19:09 - 2014-02-08 19:09 - 101331736 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\msert.exe
2014-02-08 15:06 - 2014-02-08 15:08 - 01759182 _____ () C:\Users\Josh\Downloads\Unconfirmed 314552.crdownload
2014-02-08 15:05 - 2014-02-08 15:08 - 03035630 _____ () C:\Users\Josh\Downloads\Unconfirmed 262959.crdownload
2014-02-07 14:55 - 2014-02-07 14:55 - 00015141 _____ () C:\ComboFix.txt
2014-02-07 14:52 - 2014-02-07 14:52 - 00000540 _____ () C:\Windows\PFRO.log
2014-02-07 14:44 - 2014-02-07 14:55 - 00000000 ____D () C:\Qoobox
2014-02-07 14:44 - 2014-02-07 14:54 - 00000000 ____D () C:\Windows\erdnt
2014-02-07 14:44 - 2014-02-07 14:44 - 05180173 _____ (Swearware) C:\Users\Josh\Downloads\ComboFix.exe
2014-02-07 14:44 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-07 14:44 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-07 14:44 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-07 14:44 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-07 14:44 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-07 14:44 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-07 14:44 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-07 14:44 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-07 14:30 - 2014-02-07 14:30 - 01243588 _____ () C:\Users\Josh\Downloads\ProcessExplorer.zip
2014-02-07 14:28 - 2014-02-07 14:28 - 13359677 _____ () C:\Users\Josh\Downloads\SysinternalsSuite.zip
2014-02-06 18:44 - 2014-02-11 13:44 - 00001008 _____ () C:\Windows\setupact.log
2014-02-06 18:44 - 2014-02-06 18:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-06 18:32 - 2014-02-06 18:32 - 46661632 _____ () C:\Windows\system32\config\software.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 29384704 _____ () C:\Windows\system32\config\components.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 00262144 _____ () C:\Windows\system32\config\default.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 00024576 _____ () C:\Windows\system32\config\security.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 00024576 _____ () C:\Windows\system32\config\sam.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 00000000 _____ () C:\asc_rdflag
2014-02-06 18:21 - 2013-06-27 18:05 - 00027456 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2014-02-06 18:19 - 2014-02-06 18:19 - 29384704 _____ () C:\Windows\system32\config\components.iobit
2014-02-06 18:08 - 2014-02-06 18:08 - 41974272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-02-06 18:08 - 2014-02-06 18:08 - 03760344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-02-06 18:08 - 2014-02-06 18:08 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-02-06 18:08 - 2014-02-06 18:08 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00693329 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-02-06 18:08 - 2014-02-06 18:08 - 00618200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00154840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-02-06 18:01 - 2014-02-06 18:01 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-02-06 18:01 - 2014-02-06 18:01 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-02-06 18:00 - 2014-02-06 18:00 - 09889352 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsUStoricon.dll
2014-02-06 18:00 - 2014-02-06 18:00 - 00266968 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2014-02-06 17:52 - 2014-02-06 18:11 - 00000000 ____D () C:\DrvInstall
2014-02-06 17:52 - 2014-02-06 17:52 - 26017280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 19584512 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 15827456 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 13402112 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 11922944 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-02-06 17:52 - 2014-02-06 17:52 - 07528440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 06857392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 06288832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 04782960 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 04292192 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 02852480 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-02-06 17:52 - 2014-02-06 17:52 - 02818784 _____ () C:\Windows\system32\atiumd6a.cap
2014-02-06 17:52 - 2014-02-06 17:52 - 01978240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdmv.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 01065720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6v.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00929736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00618823 _____ () C:\Windows\system32\atiicdxx.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00364544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00359936 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-02-06 17:52 - 2014-02-06 17:52 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2014-02-06 17:52 - 2014-02-06 17:52 - 00246000 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-02-06 17:52 - 2014-02-06 17:52 - 00246000 _____ () C:\Windows\system32\atiapfxx.blb
2014-02-06 17:52 - 2014-02-06 17:52 - 00204952 _____ () C:\Windows\SysWOW64\ativvsvl.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-02-06 17:52 - 2014-02-06 17:52 - 00157144 _____ () C:\Windows\SysWOW64\ativvsva.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00069632 _____ (AMD) C:\Windows\system32\coinst_8.97.100.11.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00062976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00062976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00062464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00062464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2014-02-06 17:52 - 2014-02-06 17:52 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00051152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00048544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00038768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00038177 _____ () C:\Windows\atiogl.xml
2014-02-06 17:52 - 2014-02-06 17:52 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00021504 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00017920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00003917 _____ () C:\Windows\SysWOW64\atipblag.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00003917 _____ () C:\Windows\system32\atipblag.dat
2014-02-06 17:51 - 2014-02-06 17:51 - 00082048 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2014-02-06 17:51 - 2014-02-06 17:51 - 00042624 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2014-02-06 15:51 - 2014-02-06 15:51 - 00000000 ____D () C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-02-06 15:51 - 2011-03-24 15:36 - 00431176 _____ (BitDefender) C:\Windows\system32\Drivers\bdfsfltr.sys
2014-02-06 15:49 - 2014-02-06 15:49 - 62687640 _____ (IObit ) C:\Users\Josh\Downloads\asc-ultimate7-setup.exe
2014-02-06 15:36 - 2014-02-06 15:36 - 00488737 _____ () C:\Users\Josh\Documents\GTA San Andreas User Files.rar
2014-02-05 13:59 - 2014-02-05 13:59 - 02077392 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\IE11-Windows6.1.exe
2014-02-04 18:14 - 2014-02-04 18:15 - 50449456 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\dotNetFx40_Full_x86_x64.exe
2014-02-04 18:11 - 2014-02-04 18:11 - 00000000 ____D () C:\ProgramData\White Sky, Inc
2014-02-04 18:08 - 2014-02-04 18:09 - 20609808 _____ (White Sky, Inc.) C:\Users\Josh\Downloads\constantguard.exe
2014-02-03 19:25 - 2014-02-03 19:25 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-03 19:24 - 2014-02-03 19:24 - 05814840 _____ (TeamViewer GmbH) C:\Users\Josh\Downloads\TeamViewer_Setup_en.exe
2014-02-01 20:35 - 2014-02-09 18:29 - 00007602 _____ () C:\Users\Josh\AppData\Local\Resmon.ResmonCfg
2014-02-01 16:48 - 2014-02-01 16:48 - 00003422 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-01 16:48 - 2013-12-28 14:29 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-01 16:48 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-01 16:48 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-01 16:48 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-01 16:47 - 2014-02-01 16:47 - 00921000 _____ (Oracle Corporation) C:\Users\Josh\Downloads\chromeinstall-7u51 (1).exe
2014-01-31 17:34 - 2014-01-31 17:34 - 00991232 _____ () C:\Users\Josh\Downloads\MicrosoftFixit50267 (1).msi
2014-01-31 17:33 - 2014-01-31 17:33 - 00991232 _____ () C:\Users\Josh\Downloads\MicrosoftFixit50267.msi
2014-01-31 12:17 - 2014-02-07 19:23 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\.minecraft
2014-01-31 12:16 - 2014-01-31 12:16 - 00675988 _____ () C:\Users\Josh\Downloads\Minecraft (1).exe
2014-01-31 12:12 - 2014-01-31 12:12 - 00000000 ____D () C:\ProgramData\ATI
2014-01-31 12:08 - 2014-01-31 12:09 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-01-31 12:07 - 2014-01-31 12:07 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\WinBatch
2014-01-31 12:06 - 2014-01-31 12:07 - 101085744 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Josh\Downloads\sp51358.exe
2014-01-31 12:05 - 2014-01-31 12:05 - 01671216 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Josh\Downloads\sp51943.exe
2014-01-31 12:02 - 2014-01-31 12:02 - 00000000 ____D () C:\Users\Josh\AppData\Local\WindowsUpdate
2014-01-30 23:17 - 2014-01-30 23:17 - 01005568 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\dotNetFx45_Full_setup.exe
2014-01-30 23:08 - 2014-01-30 23:08 - 00000000 ____D () C:\ProgramData\AMD
2014-01-30 23:07 - 2014-01-30 23:07 - 00017019 _____ () C:\Windows\SysWOW64\CCCInstall_201401302307460039.log
2014-01-30 23:06 - 2014-01-30 23:09 - 00000000 ____D () C:\Users\Josh\Documents\AMD Graphics
2014-01-30 23:06 - 2014-01-30 23:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-01-30 23:05 - 2014-01-30 23:05 - 00000000 ____D () C:\AMD
2014-01-30 23:03 - 2014-01-30 23:03 - 00930440 _____ (CNET Download.com) C:\Users\Josh\Downloads\cbsidlm-cbsi176-ATI_Catalyst_Software_Suite_Windows_Vista_64bit__Windows_7_64bit__Windows_8_64bit-SEO-10607879 (1).exe
2014-01-30 22:59 - 2014-01-30 23:00 - 00930440 _____ (CNET Download.com) C:\Users\Josh\Downloads\cbsidlm-cbsi176-ATI_Catalyst_Software_Suite_Windows_Vista_64bit__Windows_7_64bit__Windows_8_64bit-SEO-10607879.exe
2014-01-30 22:49 - 2014-02-06 18:01 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-01-30 22:49 - 2014-01-30 22:49 - 00000000 ____D () C:\SWTOOLS
2014-01-29 18:22 - 2014-01-29 18:22 - 46333952 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-01-29 18:22 - 2014-01-29 18:22 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-01-29 18:22 - 2014-01-29 18:22 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-01-29 18:22 - 2014-01-29 18:22 - 00024576 _____ () C:\Windows\system32\config\SAM.iobit
2014-01-29 18:09 - 2014-02-06 18:08 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-01-29 15:46 - 2014-01-29 15:46 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-01-29 14:49 - 2014-02-06 18:47 - 00000000 ____D () C:\ProgramData\ProductData
2014-01-29 14:49 - 2014-01-29 14:49 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Apple Computer
2014-01-29 14:48 - 2014-02-06 15:53 - 00000000 ____D () C:\ProgramData\IObit
2014-01-29 14:48 - 2014-01-31 00:48 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\IObit
2014-01-29 14:48 - 2014-01-31 00:47 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-01-26 17:30 - 2014-01-26 17:30 - 00000253 _____ () C:\Users\Josh\Downloads\bot_data_for_ip_1390775308247_76.110.172.69.csv
2014-01-25 15:10 - 2014-01-25 15:10 - 00921000 _____ (Oracle Corporation) C:\Users\Josh\Downloads\chromeinstall-7u51.exe
2014-01-24 16:49 - 2014-01-25 13:39 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-01-24 16:48 - 2014-01-24 16:48 - 00000000 ____D () C:\Users\Josh\AppData\Local\PunkBuster
2014-01-24 16:46 - 2014-02-08 16:35 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-24 16:46 - 2014-02-08 16:34 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-01-24 16:46 - 2014-02-08 16:34 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-24 15:58 - 2014-01-24 15:58 - 00000000 ____D () C:\Ubisoft
2014-01-24 15:57 - 2014-02-08 16:02 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-01-24 15:56 - 2014-01-24 15:56 - 04208184 _____ (DevAge, Vestris Inc. & Contributors) C:\Users\Josh\Downloads\GhostReconOnline_Setup(NA).exe
2014-01-24 13:37 - 2014-01-24 13:38 - 00000000 ____D () C:\Users\Josh\Documents\SCP - Containment Breach
2014-01-22 19:42 - 2014-01-22 19:42 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\.technic
2014-01-18 00:23 - 2014-01-18 00:23 - 00000000 ____D () C:\Users\Josh\AppData\Local\PowerCinema
2014-01-18 00:23 - 2014-01-18 00:23 - 00000000 ____D () C:\Users\Josh\AppData\Local\CyberLink
2014-01-15 22:23 - 2014-02-06 18:20 - 00000000 ____D () C:\Windows\Minidump
2014-01-14 16:28 - 2014-01-20 19:19 - 00000015 _____ () C:\Users\Josh\Documents\coords.txt
2014-01-13 16:39 - 2014-01-13 16:39 - 00000024 _____ () C:\Users\Josh\Documents\internetspeed.txt
 
==================== One Month Modified Files and Folders =======
 
2014-02-11 13:46 - 2014-02-11 13:05 - 00009584 _____ () C:\Users\Josh\Desktop\FRST.txt
2014-02-11 13:45 - 2014-02-11 13:45 - 00000000 ____D () C:\Users\Josh\Desktop\New folder
2014-02-11 13:45 - 2014-02-11 13:05 - 00000000 ____D () C:\FRST
2014-02-11 13:44 - 2014-02-06 18:44 - 00001008 _____ () C:\Windows\setupact.log
2014-02-11 13:44 - 2013-12-18 19:54 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-11 13:44 - 2011-06-02 18:48 - 01019364 _____ () C:\Windows\WindowsUpdate.log
2014-02-11 13:44 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-11 13:41 - 2013-12-18 19:41 - 00000000 ____D () C:\Users\Josh
2014-02-11 13:05 - 2013-12-18 19:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-11 13:04 - 2014-02-11 13:04 - 02151424 _____ (Farbar) C:\Users\Josh\Desktop\FRST64.exe
2014-02-11 12:05 - 2009-07-13 23:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-11 12:05 - 2009-07-13 23:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-11 12:04 - 2009-07-14 00:13 - 00713888 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-10 22:38 - 2013-12-18 20:00 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Skype
2014-02-10 21:25 - 2013-12-26 01:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-10 21:19 - 2013-12-25 12:42 - 00000000 ____D () C:\Users\Josh\AppData\Local\PMB Files
2014-02-10 21:19 - 2013-12-25 12:42 - 00000000 ____D () C:\ProgramData\PMB Files
2014-02-10 19:39 - 2014-02-10 19:39 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\NewspaperDirect
2014-02-10 19:38 - 2014-02-10 19:26 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-02-10 19:24 - 2014-02-10 19:24 - 13670584 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\mseinstall.exe
2014-02-10 19:17 - 2011-06-02 18:57 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-02-10 19:16 - 2014-02-10 19:16 - 04427776 _____ () C:\Users\Josh\Downloads\HPSupportSolutionsFramework.msi
2014-02-10 18:52 - 2014-02-10 18:52 - 01110478 _____ () C:\Users\Josh\Downloads\ProcessMonitor.zip
2014-02-10 14:11 - 2014-02-10 14:11 - 00000723 _____ () C:\Users\Josh\Documents\things.txt
2014-02-10 14:00 - 2014-02-10 14:00 - 00011730 _____ () C:\Users\Josh\Desktop\attach.txt
2014-02-10 14:00 - 2014-02-10 14:00 - 00011045 _____ () C:\Users\Josh\Desktop\dds.txt
2014-02-10 14:00 - 2014-01-11 14:41 - 00000000 ____D () C:\Users\Josh\Desktop\Applications
2014-02-10 13:55 - 2014-02-10 13:55 - 00688992 ____R (Swearware) C:\Users\Josh\Desktop\dds.com
2014-02-09 20:35 - 2014-02-09 16:22 - 00000000 ____D () C:\Users\Josh\IkovCache
2014-02-09 18:29 - 2014-02-01 20:35 - 00007602 _____ () C:\Users\Josh\AppData\Local\Resmon.ResmonCfg
2014-02-09 17:12 - 2013-12-26 01:38 - 00000000 ____D () C:\Users\Josh\Desktop\Games
2014-02-09 12:16 - 2014-02-09 12:16 - 00000000 ____D () C:\Users\Josh\AppData\Local\EdgeOfReality
2014-02-09 12:15 - 2014-02-09 12:15 - 00018435 _____ () C:\Windows\DirectX.log
2014-02-08 21:11 - 2014-02-08 21:11 - 00000199 _____ () C:\Users\Josh\Documents\Source SDK Base 2006.url
2014-02-08 21:09 - 2014-02-08 21:09 - 00003120 _____ () C:\Windows\System32\Tasks\{B140BFBD-D6D4-4CCA-9FD3-EB36571C5D78}
2014-02-08 21:08 - 2014-02-08 21:01 - 181992655 _____ () C:\Users\Josh\Downloads\HSB4b-full.exe
2014-02-08 19:09 - 2014-02-08 19:09 - 101331736 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\msert.exe
2014-02-08 16:35 - 2014-01-24 16:46 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-02-08 16:34 - 2014-01-24 16:46 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-02-08 16:34 - 2014-01-24 16:46 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-08 16:02 - 2014-01-24 15:57 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-02-08 16:02 - 2013-12-18 19:54 - 00000000 ____D () C:\Users\Josh\AppData\Local\Deployment
2014-02-08 15:08 - 2014-02-08 15:06 - 01759182 _____ () C:\Users\Josh\Downloads\Unconfirmed 314552.crdownload
2014-02-08 15:08 - 2014-02-08 15:05 - 03035630 _____ () C:\Users\Josh\Downloads\Unconfirmed 262959.crdownload
2014-02-07 19:23 - 2014-01-31 12:17 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\.minecraft
2014-02-07 15:08 - 2013-12-18 19:54 - 00000000 ____D () C:\Users\Josh\AppData\Local\Apps\2.0
2014-02-07 14:55 - 2014-02-07 14:55 - 00015141 _____ () C:\ComboFix.txt
2014-02-07 14:55 - 2014-02-07 14:44 - 00000000 ____D () C:\Qoobox
2014-02-07 14:54 - 2014-02-07 14:44 - 00000000 ____D () C:\Windows\erdnt
2014-02-07 14:52 - 2014-02-07 14:52 - 00000540 _____ () C:\Windows\PFRO.log
2014-02-07 14:52 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-07 14:44 - 2014-02-07 14:44 - 05180173 _____ (Swearware) C:\Users\Josh\Downloads\ComboFix.exe
2014-02-07 14:30 - 2014-02-07 14:30 - 01243588 _____ () C:\Users\Josh\Downloads\ProcessExplorer.zip
2014-02-07 14:28 - 2014-02-07 14:28 - 13359677 _____ () C:\Users\Josh\Downloads\SysinternalsSuite.zip
2014-02-07 14:18 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-02-06 18:47 - 2014-01-29 14:49 - 00000000 ____D () C:\ProgramData\ProductData
2014-02-06 18:44 - 2014-02-06 18:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-06 18:32 - 2014-02-06 18:32 - 46661632 _____ () C:\Windows\system32\config\software.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 29384704 _____ () C:\Windows\system32\config\components.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 00262144 _____ () C:\Windows\system32\config\default.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 00024576 _____ () C:\Windows\system32\config\security.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 00024576 _____ () C:\Windows\system32\config\sam.iodefrag.bak
2014-02-06 18:32 - 2014-02-06 18:32 - 00000000 _____ () C:\asc_rdflag
2014-02-06 18:20 - 2014-01-15 22:23 - 00000000 ____D () C:\Windows\Minidump
2014-02-06 18:19 - 2014-02-06 18:19 - 29384704 _____ () C:\Windows\system32\config\components.iobit
2014-02-06 18:11 - 2014-02-06 17:52 - 00000000 ____D () C:\DrvInstall
2014-02-06 18:08 - 2014-02-06 18:08 - 41974272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-02-06 18:08 - 2014-02-06 18:08 - 03760344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-02-06 18:08 - 2014-02-06 18:08 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-02-06 18:08 - 2014-02-06 18:08 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00693329 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-02-06 18:08 - 2014-02-06 18:08 - 00618200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00154840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-02-06 18:08 - 2014-02-06 18:08 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-02-06 18:08 - 2014-01-29 18:09 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-02-06 18:08 - 2011-06-02 18:42 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-02-06 18:01 - 2014-02-06 18:01 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-02-06 18:01 - 2014-02-06 18:01 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-02-06 18:01 - 2014-01-30 22:49 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-02-06 18:00 - 2014-02-06 18:00 - 09889352 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsUStoricon.dll
2014-02-06 18:00 - 2014-02-06 18:00 - 00266968 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2014-02-06 17:52 - 2014-02-06 17:52 - 26017280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 19584512 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 15827456 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 13402112 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 11922944 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-02-06 17:52 - 2014-02-06 17:52 - 07528440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 06857392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 06288832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 04782960 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 04292192 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 02852480 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-02-06 17:52 - 2014-02-06 17:52 - 02818784 _____ () C:\Windows\system32\atiumd6a.cap
2014-02-06 17:52 - 2014-02-06 17:52 - 01978240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdmv.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 01065720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6v.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00929736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00618823 _____ () C:\Windows\system32\atiicdxx.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00364544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00359936 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-02-06 17:52 - 2014-02-06 17:52 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2014-02-06 17:52 - 2014-02-06 17:52 - 00246000 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-02-06 17:52 - 2014-02-06 17:52 - 00246000 _____ () C:\Windows\system32\atiapfxx.blb
2014-02-06 17:52 - 2014-02-06 17:52 - 00204952 _____ () C:\Windows\SysWOW64\ativvsvl.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-02-06 17:52 - 2014-02-06 17:52 - 00157144 _____ () C:\Windows\SysWOW64\ativvsva.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00069632 _____ (AMD) C:\Windows\system32\coinst_8.97.100.11.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00062976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00062976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00062464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00062464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2014-02-06 17:52 - 2014-02-06 17:52 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00051152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00048544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00038768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00038177 _____ () C:\Windows\atiogl.xml
2014-02-06 17:52 - 2014-02-06 17:52 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00021504 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00017920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-02-06 17:52 - 2014-02-06 17:52 - 00003917 _____ () C:\Windows\SysWOW64\atipblag.dat
2014-02-06 17:52 - 2014-02-06 17:52 - 00003917 _____ () C:\Windows\system32\atipblag.dat
2014-02-06 17:52 - 2011-06-02 19:39 - 07560424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-02-06 17:52 - 2011-06-02 19:39 - 01094024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-02-06 17:52 - 2011-06-02 19:39 - 00535552 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-02-06 17:52 - 2011-06-02 19:39 - 00514048 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-02-06 17:52 - 2011-06-02 19:39 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll
2014-02-06 17:52 - 2011-06-02 19:39 - 00238080 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-02-06 17:52 - 2011-06-02 19:39 - 00061464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-02-06 17:51 - 2014-02-06 17:51 - 00082048 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2014-02-06 17:51 - 2014-02-06 17:51 - 00042624 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2014-02-06 15:53 - 2014-01-29 14:48 - 00000000 ____D () C:\ProgramData\IObit
2014-02-06 15:51 - 2014-02-06 15:51 - 00000000 ____D () C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-02-06 15:49 - 2014-02-06 15:49 - 62687640 _____ (IObit ) C:\Users\Josh\Downloads\asc-ultimate7-setup.exe
2014-02-06 15:36 - 2014-02-06 15:36 - 00488737 _____ () C:\Users\Josh\Documents\GTA San Andreas User Files.rar
2014-02-05 13:59 - 2014-02-05 13:59 - 02077392 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\IE11-Windows6.1.exe
2014-02-05 12:36 - 2013-12-25 12:42 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-02-04 18:15 - 2014-02-04 18:14 - 50449456 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\dotNetFx40_Full_x86_x64.exe
2014-02-04 18:11 - 2014-02-04 18:11 - 00000000 ____D () C:\ProgramData\White Sky, Inc
2014-02-04 18:09 - 2014-02-04 18:08 - 20609808 _____ (White Sky, Inc.) C:\Users\Josh\Downloads\constantguard.exe
2014-02-04 17:11 - 2013-12-18 19:55 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-03 22:25 - 2014-01-02 15:08 - 00000091 _____ () C:\Windows\system32\ueme.vxk
2014-02-03 19:44 - 2013-12-18 19:43 - 00062648 _____ () C:\Users\Josh\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-03 19:42 - 2009-07-13 23:45 - 00276832 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-03 19:29 - 2011-06-02 18:48 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-03 19:25 - 2014-02-03 19:25 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-03 19:24 - 2014-02-03 19:24 - 05814840 _____ (TeamViewer GmbH) C:\Users\Josh\Downloads\TeamViewer_Setup_en.exe
2014-02-02 15:36 - 2013-12-28 01:32 - 00000000 ____D () C:\Users\Josh\AppData\Local\CrashDumps
2014-02-01 20:05 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-01 16:48 - 2014-02-01 16:48 - 00003422 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-01 16:48 - 2013-12-28 14:29 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-01 16:48 - 2013-12-28 14:29 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-01 16:47 - 2014-02-01 16:47 - 00921000 _____ (Oracle Corporation) C:\Users\Josh\Downloads\chromeinstall-7u51 (1).exe
2014-01-31 17:34 - 2014-01-31 17:34 - 00991232 _____ () C:\Users\Josh\Downloads\MicrosoftFixit50267 (1).msi
2014-01-31 17:33 - 2014-01-31 17:33 - 00991232 _____ () C:\Users\Josh\Downloads\MicrosoftFixit50267.msi
2014-01-31 12:16 - 2014-01-31 12:16 - 00675988 _____ () C:\Users\Josh\Downloads\Minecraft (1).exe
2014-01-31 12:12 - 2014-01-31 12:12 - 00000000 ____D () C:\ProgramData\ATI
2014-01-31 12:09 - 2014-01-31 12:08 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-01-31 12:07 - 2014-01-31 12:07 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\WinBatch
2014-01-31 12:07 - 2014-01-31 12:06 - 101085744 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Josh\Downloads\sp51358.exe
2014-01-31 12:05 - 2014-01-31 12:05 - 01671216 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\Josh\Downloads\sp51943.exe
2014-01-31 12:02 - 2014-01-31 12:02 - 00000000 ____D () C:\Users\Josh\AppData\Local\WindowsUpdate
2014-01-31 00:48 - 2014-01-29 14:48 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\IObit
2014-01-31 00:47 - 2014-01-29 14:48 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-01-30 23:17 - 2014-01-30 23:17 - 01005568 _____ (Microsoft Corporation) C:\Users\Josh\Downloads\dotNetFx45_Full_setup.exe
2014-01-30 23:09 - 2014-01-30 23:06 - 00000000 ____D () C:\Users\Josh\Documents\AMD Graphics
2014-01-30 23:08 - 2014-01-30 23:08 - 00000000 ____D () C:\ProgramData\AMD
2014-01-30 23:07 - 2014-01-30 23:07 - 00017019 _____ () C:\Windows\SysWOW64\CCCInstall_201401302307460039.log
2014-01-30 23:07 - 2014-01-30 23:06 - 00000000 ____D () C:\ProgramData\Package Cache
2014-01-30 23:05 - 2014-01-30 23:05 - 00000000 ____D () C:\AMD
2014-01-30 23:03 - 2014-01-30 23:03 - 00930440 _____ (CNET Download.com) C:\Users\Josh\Downloads\cbsidlm-cbsi176-ATI_Catalyst_Software_Suite_Windows_Vista_64bit__Windows_7_64bit__Windows_8_64bit-SEO-10607879 (1).exe
2014-01-30 23:00 - 2014-01-30 22:59 - 00930440 _____ (CNET Download.com) C:\Users\Josh\Downloads\cbsidlm-cbsi176-ATI_Catalyst_Software_Suite_Windows_Vista_64bit__Windows_7_64bit__Windows_8_64bit-SEO-10607879.exe
2014-01-30 22:49 - 2014-01-30 22:49 - 00000000 ____D () C:\SWTOOLS
2014-01-30 22:49 - 2011-06-02 18:53 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-01-30 22:46 - 2011-06-02 18:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-30 22:46 - 2010-06-14 21:07 - 00000000 ____D () C:\swsetup
2014-01-30 22:09 - 2011-06-02 19:02 - 00000000 ____D () C:\ProgramData\CyberLink
2014-01-30 22:09 - 2011-06-02 18:42 - 00000000 ____D () C:\Program Files\Realtek
2014-01-30 22:09 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\security
2014-01-30 22:09 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-01-30 22:08 - 2011-06-02 18:59 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-01-30 22:05 - 2013-12-18 20:34 - 00000000 ____D () C:\ProgramData\Recovery
2014-01-29 18:24 - 2009-07-24 14:22 - 00000000 ____D () C:\Windows\Panther
2014-01-29 18:22 - 2014-01-29 18:22 - 46333952 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-01-29 18:22 - 2014-01-29 18:22 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-01-29 18:22 - 2014-01-29 18:22 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-01-29 18:22 - 2014-01-29 18:22 - 00024576 _____ () C:\Windows\system32\config\SAM.iobit
2014-01-29 15:46 - 2014-01-29 15:46 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-01-29 14:49 - 2014-01-29 14:49 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\Apple Computer
2014-01-26 17:30 - 2014-01-26 17:30 - 00000253 _____ () C:\Users\Josh\Downloads\bot_data_for_ip_1390775308247_76.110.172.69.csv
2014-01-25 15:10 - 2014-01-25 15:10 - 00921000 _____ (Oracle Corporation) C:\Users\Josh\Downloads\chromeinstall-7u51.exe
2014-01-25 13:39 - 2014-01-24 16:49 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-01-24 16:48 - 2014-01-24 16:48 - 00000000 ____D () C:\Users\Josh\AppData\Local\PunkBuster
2014-01-24 15:58 - 2014-01-24 15:58 - 00000000 ____D () C:\Ubisoft
2014-01-24 15:56 - 2014-01-24 15:56 - 04208184 _____ (DevAge, Vestris Inc. & Contributors) C:\Users\Josh\Downloads\GhostReconOnline_Setup(NA).exe
2014-01-24 13:38 - 2014-01-24 13:37 - 00000000 ____D () C:\Users\Josh\Documents\SCP - Containment Breach
2014-01-22 19:42 - 2014-01-22 19:42 - 00000000 ____D () C:\Users\Josh\AppData\Roaming\.technic
2014-01-20 19:19 - 2014-01-14 16:28 - 00000015 _____ () C:\Users\Josh\Documents\coords.txt
2014-01-19 11:39 - 2009-07-14 00:08 - 00026622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-19 02:33 - 2013-12-18 19:57 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-18 00:23 - 2014-01-18 00:23 - 00000000 ____D () C:\Users\Josh\AppData\Local\PowerCinema
2014-01-18 00:23 - 2014-01-18 00:23 - 00000000 ____D () C:\Users\Josh\AppData\Local\CyberLink
2014-01-13 16:39 - 2014-01-13 16:39 - 00000024 _____ () C:\Users\Josh\Documents\internetspeed.txt
2014-01-13 12:54 - 2013-12-18 19:44 - 00000000 ___RD () C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-09 16:15
 
==================== End Of Log ============================


#7 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 8,389 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:50 PM

Posted 11 February 2014 - 01:52 PM

OK, lets scan:

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon.

scan-results.jpg

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder. as AdwCleaner[S0].txt

bf_new.gif Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

No request for help throughout private messaging will be attended.


If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#8 StrykerF860

StrykerF860
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:50 PM

Posted 11 February 2014 - 01:54 PM

I think whatever you did with the FRST scans fixed the CPU usage problems. But I will continue on just to make sure everything is clean.


Edited by StrykerF860, 11 February 2014 - 01:55 PM.


#9 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 8,389 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:50 PM

Posted 11 February 2014 - 01:57 PM

:thumbup2:


No request for help throughout private messaging will be attended.


If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#10 StrykerF860

StrykerF860
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:50 PM

Posted 11 February 2014 - 02:16 PM

Heres JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x64
Ran by Josh on Tue 02/11/2014 at 13:56:18.87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/11/2014 at 14:02:13.59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
and ADWCleaner:
# AdwCleaner v3.018 - Report created 11/02/2014 at 14:10:49
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium  (64 bits)
# Username : Josh - JOSH-HP
# Running from : C:\Users\Josh\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7600.16671
 
 
-\\ Google Chrome v32.0.1700.107
 
[ File : C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1081 octets] - [11/02/2014 14:04:50]
AdwCleaner[S0].txt - [998 octets] - [11/02/2014 14:10:49]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1057 octets] ##########
 
And malwarebytes:
alwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.02.11.08
 
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Josh :: JOSH-HP [administrator]
 
2/11/2014 2:12:54 PM
mbam-log-2014-02-11 (14-12-54).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 212035
Time elapsed: 3 minute(s), 4 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)


#11 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 8,389 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:50 PM

Posted 11 February 2014 - 02:21 PM

How is the computer doing?


No request for help throughout private messaging will be attended.


If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users