Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows cannot find the file specified


  • This topic is locked This topic is locked
17 replies to this topic

#1 Paisiri

Paisiri

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:05 PM

Posted 16 March 2014 - 05:08 AM

I am not entirely sure what has caused this or whether this post belongs somewhere else however something appears to have knocked the registry of my computer and windows cannot find the path of file specified for certain old files and new files that are downloaded. I tried to follow some step by step guides to fix the problem but the system cannot find the path for "regedit" or system restore. 

 

Here is the exact error message;

 

"Windows cannot find *****. Please check you have typed the name correctly and try again."

 

And...

 

"Windows cannot find the specified file"

 

Please note that I also encounter this error when trying to edit the user control settings. There is only one user on my computer that I am aware, and this should be the administrator user with access to all settings.

 

Any help you can give or offer your thoughts on the above would be greatly appreciated,

 

Many thanks.



BC AdBot (Login to Remove)

 


#2 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:09:05 AM

Posted 20 March 2014 - 04:46 PM

Hello Paisiri, and  :welcome: to the Virus/Trojan/Spyware/Malware Removal forum.

I am oneof4, and I am here to help you!

  • I ask that you refrain from running tools other than those I suggest to you while I am cleaning up your computer. The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received and do not proceed if you need clarification.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please do not re-run any programs I suggest. If you encounter problems please stop and tell me about it. When your computer is clean I will alert you of such. I will also provide you with detailed suggestions for prevention.
  • At the top right-center of the topic you will see a button called Follow this topic. If you click on this, another page will open. Please choose Instantly for notification and then clicking on Follow this topic you will be advised when we respond to your topic and facilitate the cleaning of your machine.
  • If after 5 days you have not replied to this topic, I will assume it has been abandoned, and I will close it.
  • I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. :heart: Please be courteous and appreciative for the assistance provided!
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. Your computer fix will be based on the current condition of your computer! Any changes might delay my ability to help you.

==========

We need to see some information about what is happening in your machine.  Please perform the following scans:

Download Security Check by screen317 from http://screen317.spywareinfoforum.org/SecurityCheck.exe
or http://screen317.changelog.fr/SecurityCheck.exe
.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

==========
 
Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note
: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Best Regards,
oneof4.


#3 Paisiri

Paisiri
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:05 PM

Posted 22 March 2014 - 04:53 AM

Hi Oneof4,
 
Security check log:
 
 Results of screen317's Security Check version 0.99.81  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Kaspersky Anti-Virus              
AVG AntiVirus Free Edition 2014   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 45  
 Java version out of Date! 
 Adobe Flash Player 12.0.0.77  
 Adobe Reader XI  
 Google Chrome 33.0.1750.149  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe 
 Kaspersky Lab Kaspersky Anti-Virus 2011 avp.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 
 
 
Farbar Log;
 
When I try to run the FRST file I get the persisiting error message
 
"Windows cannot find 'C:\USERS\NICK\DESKTOP\FRST64.EXE' Make sure you typed the name correctly and try again"


#4 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:09:05 AM

Posted 22 March 2014 - 07:53 AM

You may want to try removing the copy you have and download it again.


Best Regards,
oneof4.


#5 Paisiri

Paisiri
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:05 PM

Posted 22 March 2014 - 08:07 AM

I have tried this several times to re download the program. This issue is a problem for many programs, windows either cannot find the path specified or it cannot find the specified file. 

 

I tried to run regedit, and windows couldn't find that either.



#6 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:09:05 AM

Posted 23 March 2014 - 02:33 PM

Hey :)

 

Try these 2 Fix It tools in this order:

First, reset all security settings
http://support.microsoft.com/kb/313222

Then, reset the .exe associations
http://support.microsoft.com/kb/950505

 

These are both windows installer apps (msi), not .exe's so you should be able to run them.

 

Let me know how it goes.


Best Regards,
oneof4.


#7 Paisiri

Paisiri
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:05 PM

Posted 24 March 2014 - 02:43 PM

Hi :)

 

I tried the first step however the installer needs to install into System32 folder which my computer claims I don't have access too, which is strange as this is the only user on the system and it is the administrator.



#8 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:09:05 AM

Posted 24 March 2014 - 08:27 PM

Have you tried running in "Safe Mode"?  If not, boot to safe mode and see if the condition exists there as well.


Best Regards,
oneof4.


#9 Paisiri

Paisiri
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:05 PM

Posted 26 March 2014 - 03:06 PM

I ran the computer in safe mode and I was able to change the user account settings in able to create a new admin user which is able to run the programs. However my browser speed has now dropped ridiculously, and I am not sure what has caused this new problem. 

 

I have ran logs as per your first post



#10 Paisiri

Paisiri
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:05 PM

Posted 26 March 2014 - 03:07 PM

 Results of screen317's Security Check version 0.99.81  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Kaspersky Anti-Virus   
 Antivirus out of date! (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 45  
 Java version out of Date! 
 Adobe Flash Player 12.0.0.77  
 Adobe Reader XI  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 Kaspersky Lab Kaspersky Anti-Virus 2011 avp.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 22% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log`````````````````````` 


#11 Paisiri

Paisiri
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:05 PM

Posted 26 March 2014 - 03:09 PM

The browser is running so slow it will not allow me to post the full log, I will have to post it in parts



#12 Paisiri

Paisiri
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:05 PM

Posted 26 March 2014 - 03:14 PM

==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\system32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(cFos Software GmbH) C:\Program Files\ASUS\ROG GameFirst\spd.exe
(Realtek) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
() C:\Windows\DAODx.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe
(cFos Software GmbH) C:\Program Files\ASUS\ROG GameFirst\cfosspeed.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

(
ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU\EPU.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe
(Creative Technology Ltd.) C:\Windows\system32\AMBSpiE.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe


#13 Paisiri

Paisiri
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:05 PM

Posted 26 March 2014 - 03:17 PM

(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(AMD) C:\Windows\system32\atieclxx.exe
(cFos Software GmbH) C:\Program Files\ASUS\ROG GameFirst\cfosspeed.exe
(Google Inc.) C:\Users\NICK\AppData\Local\Google\Update\GoogleUpdate.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieCtrl.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

(
ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU\EPU.exe
(Creative Technology Ltd.) C:\Windows\system32\AMBSpiE.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe


#14 Paisiri

Paisiri
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:05 PM

Posted 26 March 2014 - 03:48 PM

Unfortunately the browser wont allow me to post large text and this is tedious. I am going to copy the documents onto a flash drive and post the logs from a different computer



#15 Paisiri

Paisiri
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:05 PM

Posted 26 March 2014 - 05:40 PM

Ok, please ignore all of the above, I have manage to get the browser running at an acceptable speed again, please see below,

 

 Results of screen317's Security Check version 0.99.81  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Kaspersky Anti-Virus   
 Antivirus out of date! (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 45  
 Java version out of Date! 
 Adobe Flash Player 12.0.0.77  
 Adobe Reader XI  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 Kaspersky Lab Kaspersky Anti-Virus 2011 avp.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 21% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log`````````````````````` 
 
 
 
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by NICK (administrator) on NICK-PC on 26-03-2014 22:38:11
Running from C:\Users\NICK\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\system32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(cFos Software GmbH) C:\Program Files\ASUS\ROG GameFirst\spd.exe
(Realtek) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
(cFos Software GmbH) C:\Program Files\ASUS\ROG GameFirst\cfosspeed.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(
ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU\EPU.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
(Creative Technology Ltd.) C:\Windows\system32\AMBSpiE.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Windows\DAODx.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\NICK\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RunDLLEntry] - C:\Windows\system32\AmbRunE.dll [17920 2009-02-26] (Creative Technology Ltd.)
HKLM\...\Run: [ROG GameFirst] - C:\Program Files\ASUS\ROG GameFirst\cFosSpeed.exe [1305816 2010-02-09] (cFos Software GmbH)
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-07-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)
HKLM-x32\...\Run: [Six Engine] - C:\Program Files (x86)\ASUS\EPU\EPU.exe [5309056 2010-03-16] (
ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [TurboV EVO] - C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe [9993344 2010-03-25] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [BCU] - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [375000 2009-10-26] (DeviceVM, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641664 2012-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-02-20] ()
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [344736 2010-05-07] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
HKU\S-1-5-21-2025472324-1745734285-1974034016-1000\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-03-12] ()
HKU\S-1-5-21-2025472324-1745734285-1974034016-1000\...\Run: [LiveSupport] - "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2025472324-1745734285-1974034016-1000\...\Run: [AVG-Secure-Search-Update_0214c] - C:\Users\NICK\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=cec1c0dd69ca40b5b7bb1269924e0145-de1128c43d2b2c22829897f45a5729059d322246 /CMPID=0214c
HKU\S-1-5-21-2025472324-1745734285-1974034016-1000\...\MountPoints2: {6c7008bc-ce6a-11e2-af29-20cf306d8888} - F:\setup.exe
AppInit_DLLs-x32: c:\progra~2\kasper~1\kasper~1\mzvkbd3.dll => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\mzvkbd3.dll [109240 2010-05-07] (Kaspersky Lab ZAO)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA40F55C6191FCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - {8923D422-1280-4ba1-AD9F-7CF561A2D29B} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
BHO: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
Chrome: 
=======
CHR DefaultSearchKeyword: google.co.uk
CHR Extension: (Google Docs) - C:\Users\NICK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-26]
CHR Extension: (Google Drive) - C:\Users\NICK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-26]
CHR Extension: (YouTube) - C:\Users\NICK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-26]
CHR Extension: (McAfee Security Scan+) - C:\Users\NICK\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-03-15]
CHR Extension: (Google Search) - C:\Users\NICK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-26]
CHR Extension: (Google Wallet) - C:\Users\NICK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\NICK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-26]
 
==================== Services (Whitelisted) =================
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-04-05] (Advanced Micro Devices, Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [344736 2010-05-07] (Kaspersky Lab ZAO)
R2 cFosSpeedS; C:\Program Files\ASUS\ROG GameFirst\spd.exe [487128 2010-02-09] (cFos Software GmbH)
R2 Realtek11nSU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)
 
==================== Drivers (Whitelisted) ====================
 
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-03-22] (AVG Technologies)
R3 cFosSpeed; C:\Windows\System32\DRIVERS\cfosspeed.sys [1432792 2009-10-12] (cFos Software GmbH)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2010-05-06] (Kaspersky Lab ZAO)
S1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [460888 2010-05-06] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [560216 2012-06-13] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [27736 2010-04-22] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 VMfilt; C:\Windows\System32\drivers\VMfilt64.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-26 22:38 - 2014-03-26 22:38 - 00016504 _____ () C:\Users\NICK\Downloads\FRST.txt
2014-03-26 22:37 - 2014-03-26 22:38 - 02157056 _____ (Farbar) C:\Users\NICK\Downloads\FRST64.exe
2014-03-26 22:35 - 2014-03-26 22:35 - 00987448 _____ () C:\Users\NICK\Downloads\SecurityCheck.exe
2014-03-26 22:28 - 2014-03-14 18:44 - 00000426 _____ () C:\AVScanner.ini
2014-03-26 20:41 - 2014-03-26 20:41 - 228339236 _____ () C:\Users\NICK\Desktop\backup.reg
2014-03-26 20:40 - 2014-03-26 20:40 - 00000000 ____D () C:\Windows\syetem32
2014-03-26 20:03 - 2014-03-26 20:04 - 00026398 _____ () C:\Users\NICK\Desktop\Addition.txt
2014-03-26 20:02 - 2014-03-26 20:04 - 00067469 _____ () C:\Users\NICK\Desktop\FRST.txt
2014-03-26 19:39 - 2014-03-26 22:38 - 00000000 ____D () C:\FRST
2014-03-26 19:18 - 2014-03-26 22:25 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-26 19:18 - 2014-03-26 22:23 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-26 19:18 - 2014-03-26 19:18 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-26 19:18 - 2014-03-26 19:18 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-26 19:18 - 2014-03-26 19:18 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-26 19:18 - 2014-03-26 19:18 - 00000000 ____D () C:\Users\Nick 2\AppData\Local\Google
2014-03-26 19:18 - 2014-03-26 19:18 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-26 19:17 - 2014-03-26 19:18 - 00000000 ____D () C:\Users\Nick 2\AppData\Local\Deployment
2014-03-26 19:17 - 2014-03-26 19:17 - 00000000 ____D () C:\Users\Nick 2\AppData\Roaming\Macromedia
2014-03-26 19:17 - 2014-03-26 19:17 - 00000000 ____D () C:\Users\Nick 2\AppData\Local\Apps\2.0
2014-03-26 19:16 - 2014-03-26 22:23 - 00000000 ___RD () C:\Users\Nick 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-26 19:16 - 2014-03-26 22:23 - 00000000 ___RD () C:\Users\Nick 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-26 19:16 - 2014-03-26 22:23 - 00000000 ___RD () C:\Users\Nick 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-26 19:16 - 2014-03-26 22:23 - 00000000 ___RD () C:\Users\Nick 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-26 19:16 - 2014-03-26 22:23 - 00000000 ____D () C:\Users\Nick 2
2014-03-26 19:16 - 2014-03-26 19:16 - 00058016 _____ () C:\Users\Nick 2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-26 19:16 - 2014-03-26 19:16 - 00001417 _____ () C:\Users\Nick 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-26 19:16 - 2014-03-26 19:16 - 00001238 _____ () C:\Users\Nick 2\Desktop\Games.lnk
2014-03-26 19:16 - 2014-03-26 19:16 - 00001238 _____ () C:\Users\Nick 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
2014-03-26 19:16 - 2014-03-26 19:16 - 00000020 ___SH () C:\Users\Nick 2\ntuser.ini
2014-03-26 19:16 - 2014-03-26 19:16 - 00000000 ____D () C:\Users\Nick 2\AppData\Roaming\TS3Client
2014-03-26 19:16 - 2014-03-26 19:16 - 00000000 ____D () C:\Users\Nick 2\AppData\Roaming\ATI
2014-03-26 19:16 - 2014-03-26 19:16 - 00000000 ____D () C:\Users\Nick 2\AppData\Roaming\Apple Computer
2014-03-26 19:16 - 2014-03-26 19:16 - 00000000 ____D () C:\Users\Nick 2\AppData\Roaming\Adobe
2014-03-26 19:16 - 2014-03-26 19:16 - 00000000 ____D () C:\Users\Nick 2\AppData\Local\ATI
2014-03-26 19:16 - 2014-03-26 19:16 - 00000000 ____D () C:\Users\Nick 2\AppData\Local\AMD
2014-03-26 19:16 - 2013-10-19 07:23 - 00000000 ____D () C:\Users\Nick 2\AppData\Roaming\TuneUp Software
2014-03-24 19:21 - 2014-03-24 19:21 - 00000876 _____ () C:\Users\NICK\EXE.REG
2014-03-23 18:37 - 2014-03-23 18:37 - 00000000 ____D () C:\ProgramData\Creative
2014-03-22 17:29 - 2013-12-21 09:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-22 17:29 - 2013-12-21 08:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-22 09:49 - 2014-03-01 05:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-22 09:49 - 2014-03-01 04:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-22 09:49 - 2014-03-01 04:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-22 09:49 - 2014-03-01 03:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-22 09:49 - 2014-03-01 03:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-22 09:49 - 2014-03-01 03:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-22 09:49 - 2014-03-01 03:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-22 09:49 - 2014-03-01 02:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-22 09:48 - 2014-03-01 06:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-22 09:48 - 2014-03-01 05:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-22 09:48 - 2014-03-01 04:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-22 09:48 - 2014-03-01 04:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-22 09:48 - 2014-03-01 04:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-22 09:48 - 2014-03-01 04:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-22 09:48 - 2014-03-01 04:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-22 09:48 - 2014-03-01 04:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-22 09:48 - 2014-03-01 04:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt(50).exe
2014-03-22 09:48 - 2014-03-01 04:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-22 09:48 - 2014-03-01 04:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-22 09:48 - 2014-03-01 04:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-22 09:48 - 2014-03-01 04:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-22 09:48 - 2014-03-01 04:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-22 09:48 - 2014-03-01 04:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-22 09:48 - 2014-03-01 03:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-22 09:48 - 2014-03-01 03:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-22 09:48 - 2014-03-01 03:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-22 09:48 - 2014-03-01 03:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-22 09:48 - 2014-03-01 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-22 09:48 - 2014-03-01 03:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt(52).exe
2014-03-22 09:48 - 2014-03-01 03:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-22 09:48 - 2014-03-01 03:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-22 09:48 - 2014-03-01 03:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-22 09:48 - 2014-03-01 03:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe(49).dll
2014-03-22 09:48 - 2014-03-01 03:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-22 09:48 - 2014-03-01 03:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-22 09:48 - 2014-03-01 03:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-22 09:48 - 2014-03-01 03:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl(55).cpl
2014-03-22 09:48 - 2014-03-01 02:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-22 09:48 - 2014-03-01 02:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-22 09:48 - 2014-03-01 02:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-22 09:48 - 2014-03-01 02:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-22 09:48 - 2014-03-01 02:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-18 19:24 - 2014-03-22 17:29 - 00765876 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-18 19:23 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-03-18 19:21 - 2014-03-18 19:23 - 00007469 _____ () C:\Windows\IE11_main.log
2014-03-18 19:21 - 2014-03-18 19:21 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-18 19:21 - 2014-03-18 19:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-18 19:21 - 2014-03-18 19:21 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-18 19:21 - 2014-03-18 19:21 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-18 19:21 - 2014-03-18 19:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32(51).dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress(53).exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-18 19:21 - 2014-03-18 19:21 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-18 19:21 - 2014-03-18 19:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil(54).dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-16 19:27 - 2014-03-26 22:23 - 00000000 ____D () C:\Users\NICK\Desktop\snes9x-1.51-win32
2014-03-16 19:24 - 2014-03-16 19:25 - 00787296 _____ () C:\Users\NICK\Desktop\snes9x-1.51-win32.zip
2014-03-16 16:29 - 2014-03-16 16:29 - 13770216 _____ (TeamSpeak Systems GmbH) C:\Users\NICK\Desktop\ts3client_win64.exe
2014-03-16 11:46 - 2014-03-16 11:46 - 00986624 _____ () C:\Users\NICK\Downloads\MicrosoftFixit50850.msi
2014-03-16 11:44 - 2014-03-16 11:44 - 00002922 _____ () C:\Windows\System32\Tasks\{D197BFEC-40C1-4A9F-8538-4A799A33E465}
2014-03-16 11:44 - 2014-03-16 11:44 - 00002922 _____ () C:\Windows\System32\Tasks\{81B411D8-E34F-4D93-999B-A7A270C9F3B0}
2014-03-16 11:44 - 2014-03-16 11:44 - 00002922 _____ () C:\Windows\System32\Tasks\{5AEDFF06-894F-4E89-B58B-8F8FA43A9946}
2014-03-16 11:44 - 2014-03-16 11:44 - 00002922 _____ () C:\Windows\System32\Tasks\{598995AB-9BDE-446C-9060-6C0D1F608D09}
2014-03-16 09:50 - 2014-03-16 09:50 - 00014240 _____ () C:\Users\NICK\Downloads\hijackthis.log
2014-03-16 09:49 - 2014-03-16 09:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\NICK\Downloads\HijackThis.exe
2014-03-16 09:38 - 2014-03-16 09:38 - 00930952 _____ (CNET Download.com) C:\Users\NICK\Downloads\cbsidlm-cbsi183-Free_Window_Registry_Repair-SEO-10606555.exe
2014-03-16 09:22 - 2014-03-16 09:22 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\NICK\Downloads\TeamSpeak3-Client-win32-3.0.14 (1).exe
2014-03-16 08:42 - 2014-03-26 19:13 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-03-16 08:42 - 2014-03-22 09:43 - 00049952 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-03-16 08:31 - 2014-03-16 08:32 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\NICK\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-03-16 08:24 - 2014-03-16 08:24 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\NICK\Downloads\TeamSpeak3-Client-win64-3.0.14 (1).exe
2014-03-14 20:03 - 2013-05-10 05:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-03-14 20:03 - 2013-05-10 05:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-03-14 20:03 - 2013-05-10 04:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-03-14 20:03 - 2013-05-10 04:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-03-14 18:52 - 2014-01-29 02:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 18:52 - 2014-01-29 02:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-14 18:52 - 2014-01-28 02:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-14 18:52 - 2013-12-31 23:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-03-14 18:52 - 2013-12-31 23:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-03-14 18:52 - 2013-12-06 02:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-14 18:52 - 2013-12-06 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-03-14 18:52 - 2013-12-06 02:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-03-14 18:52 - 2013-12-06 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-03-14 18:52 - 2013-11-23 18:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-03-14 18:52 - 2013-11-23 17:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-03-14 18:52 - 2013-11-12 02:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-14 18:52 - 2013-11-12 02:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-03-14 18:52 - 2013-10-30 02:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-03-14 18:52 - 2013-10-30 02:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-03-14 18:52 - 2013-10-19 02:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-03-14 18:52 - 2013-10-19 01:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-03-14 18:51 - 2014-02-07 01:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 18:51 - 2014-02-04 02:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 18:51 - 2014-02-04 02:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 18:51 - 2014-02-04 02:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 18:51 - 2014-02-04 02:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-14 18:51 - 2013-12-24 23:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-03-14 18:51 - 2013-12-24 22:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-03-14 18:51 - 2013-12-04 02:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-03-14 18:51 - 2013-12-04 02:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-03-14 18:51 - 2013-12-04 02:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-03-14 18:51 - 2013-12-04 02:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-03-14 18:51 - 2013-12-04 02:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-03-14 18:51 - 2013-12-04 02:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-03-14 18:51 - 2013-12-04 02:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-03-14 18:51 - 2013-12-04 02:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-03-14 18:51 - 2013-12-04 02:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-03-14 18:51 - 2013-12-04 02:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-03-14 18:51 - 2013-12-04 02:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-03-14 18:51 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-03-14 18:51 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-03-14 18:51 - 2013-12-04 02:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-03-14 18:51 - 2013-12-04 01:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-03-14 18:51 - 2013-12-04 01:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-03-14 18:51 - 2013-12-04 01:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-03-14 18:51 - 2013-12-04 01:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-03-14 18:51 - 2013-11-27 01:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-03-14 18:51 - 2013-11-27 01:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-03-14 18:51 - 2013-11-27 01:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-03-14 18:51 - 2013-11-27 01:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-03-14 18:51 - 2013-11-27 01:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-03-14 18:51 - 2013-11-27 01:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-03-14 18:51 - 2013-11-27 01:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-03-14 18:51 - 2013-11-26 11:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-03-14 18:51 - 2013-11-26 08:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-03-14 18:51 - 2013-11-22 22:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-03-14 18:51 - 2013-10-12 02:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-03-14 18:51 - 2013-10-12 02:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-03-14 18:51 - 2013-10-12 02:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-03-14 18:51 - 2013-10-12 02:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-03-14 18:51 - 2013-10-12 01:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-03-14 18:51 - 2013-10-12 01:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-03-14 18:51 - 2013-10-12 01:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-03-14 18:51 - 2013-10-12 01:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-03-14 18:51 - 2013-10-04 02:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-03-14 18:51 - 2013-10-04 01:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
 
==================== One Month Modified Files and Folders =======
 
2014-03-26 22:38 - 2014-03-26 22:38 - 00016504 _____ () C:\Users\NICK\Downloads\FRST.txt
2014-03-26 22:38 - 2014-03-26 22:37 - 02157056 _____ (Farbar) C:\Users\NICK\Downloads\FRST64.exe
2014-03-26 22:38 - 2014-03-26 19:39 - 00000000 ____D () C:\FRST
2014-03-26 22:38 - 2012-06-19 22:06 - 00000000 ____D () C:\Users\NICK\AppData\Local\PMB Files
2014-03-26 22:35 - 2014-03-26 22:35 - 00987448 _____ () C:\Users\NICK\Downloads\SecurityCheck.exe
2014-03-26 22:32 - 2012-06-08 15:05 - 01583372 _____ () C:\Windows\WindowsUpdate.log
2014-03-26 22:32 - 2009-07-14 04:45 - 00014816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-26 22:32 - 2009-07-14 04:45 - 00014816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-26 22:30 - 2013-01-29 18:51 - 00000000 ____D () C:\Users\NICK\Desktop\ASHCARD
2014-03-26 22:29 - 2013-06-10 10:05 - 00000000 ____D () C:\ProgramData\InstallShield
2014-03-26 22:29 - 2012-06-08 15:12 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-26 22:29 - 2009-07-14 05:13 - 00782010 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-26 22:25 - 2014-03-26 19:18 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-26 22:25 - 2012-06-13 10:56 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-26 22:24 - 2013-08-11 22:00 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-26 22:24 - 2013-03-13 03:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-26 22:24 - 2013-03-13 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-26 22:24 - 2012-06-23 17:18 - 00000000 ____D () C:\ProgramData\Skype
2014-03-26 22:24 - 2012-06-19 22:06 - 00000000 ____D () C:\ProgramData\PMB Files
2014-03-26 22:24 - 2012-06-19 21:55 - 00000000 ____D () C:\ProgramData\Xfire
2014-03-26 22:24 - 2012-06-19 21:55 - 00000000 ____D () C:\Program Files (x86)\Xfire
2014-03-26 22:24 - 2012-06-17 14:23 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-26 22:24 - 2012-06-17 09:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-26 22:24 - 2012-06-17 09:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-03-26 22:24 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-26 22:24 - 2009-07-14 04:51 - 00043931 _____ () C:\Windows\setupact.log
2014-03-26 22:24 - 2009-07-14 03:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-03-26 22:23 - 2014-03-26 19:18 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-26 22:23 - 2014-03-26 19:16 - 00000000 ___RD () C:\Users\Nick 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-26 22:23 - 2014-03-26 19:16 - 00000000 ___RD () C:\Users\Nick 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-26 22:23 - 2014-03-26 19:16 - 00000000 ___RD () C:\Users\Nick 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-26 22:23 - 2014-03-26 19:16 - 00000000 ___RD () C:\Users\Nick 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-26 22:23 - 2014-03-26 19:16 - 00000000 ____D () C:\Users\Nick 2
2014-03-26 22:23 - 2014-03-16 19:27 - 00000000 ____D () C:\Users\NICK\Desktop\snes9x-1.51-win32
2014-03-26 22:23 - 2012-07-22 17:44 - 00000000 ____D () C:\Windows\Minidump
2014-03-26 22:23 - 2012-07-03 18:47 - 00000000 ____D () C:\Users\NICK\AppData\Roaming\uTorrent
2014-03-26 22:23 - 2012-06-19 21:55 - 00000000 ____D () C:\Users\NICK\AppData\Roaming\Xfire
2014-03-26 22:23 - 2012-06-12 12:55 - 00000000 ____D () C:\Windows\system32\Macromed
2014-03-26 22:23 - 2012-06-08 15:20 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-03-26 22:23 - 2012-06-08 15:05 - 00000000 ____D () C:\Users\NICK
2014-03-26 22:23 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\servicing
2014-03-26 22:23 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2014-03-26 22:23 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\registration
2014-03-26 22:23 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-26 22:23 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\AppCompat
2014-03-26 22:19 - 2012-06-12 12:55 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-26 22:12 - 2013-11-10 22:41 - 00000000 ____D () C:\Users\NICK\AppData\Roaming\Mael
2014-03-26 22:12 - 2013-11-06 19:28 - 00000000 ____D () C:\Program Files\7-Zip
2014-03-26 22:12 - 2013-11-04 19:10 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-26 22:12 - 2013-10-08 11:24 - 00000000 ____D () C:\Users\NICK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2014-03-26 22:12 - 2012-08-24 19:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-26 22:12 - 2009-07-14 07:45 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-03-26 22:12 - 2009-07-14 05:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-03-26 22:12 - 2009-07-14 05:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-03-26 21:53 - 2012-06-08 15:30 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F764BF17-9432-4E2D-94AC-F2A901FC2938}
2014-03-26 21:49 - 2013-09-22 20:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-03-26 21:49 - 2013-03-15 18:04 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-03-26 21:49 - 2012-06-17 12:07 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-26 21:49 - 2012-06-17 12:07 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-26 21:49 - 2012-06-17 12:07 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-26 21:49 - 2009-07-14 05:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-26 21:48 - 2012-06-08 15:05 - 00000000 ___RD () C:\Users\NICK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-26 21:48 - 2012-06-08 15:05 - 00000000 ___RD () C:\Users\NICK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-26 21:48 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\Speech
2014-03-26 21:48 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-03-26 20:41 - 2014-03-26 20:41 - 228339236 _____ () C:\Users\NICK\Desktop\backup.reg
2014-03-26 20:40 - 2014-03-26 20:40 - 00000000 ____D () C:\Windows\syetem32
2014-03-26 20:38 - 2012-06-16 16:20 - 00000000 ____D () C:\Users\NICK\AppData\Local\Google
2014-03-26 20:04 - 2014-03-26 20:03 - 00026398 _____ () C:\Users\NICK\Desktop\Addition.txt
2014-03-26 20:04 - 2014-03-26 20:02 - 00067469 _____ () C:\Users\NICK\Desktop\FRST.txt
2014-03-26 19:18 - 2014-03-26 19:18 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-26 19:18 - 2014-03-26 19:18 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-26 19:18 - 2014-03-26 19:18 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-26 19:18 - 2014-03-26 19:18 - 00000000 ____D () C:\Users\Nick 2\AppData\Local\Google
2014-03-26 19:18 - 2014-03-26 19:18 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-26 19:18 - 2014-03-26 19:17 - 00000000 ____D () C:\Users\Nick 2\AppData\Local\Deployment
2014-03-26 19:17 - 2014-03-26 19:17 - 00000000 ____D () C:\Users\Nick 2\AppData\Roaming\Macromedia
2014-03-26 19:17 - 2014-03-26 19:17 - 00000000 ____D () C:\Users\Nick 2\AppData\Local\Apps\2.0
2014-03-26 19:16 - 2014-03-26 19:16 - 00058016 _____ () C:\Users\Nick 2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-26 19:16 - 2014-03-26 19:16 - 00001417 _____ () C:\Users\Nick 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-26 19:16 - 2014-03-26 19:16 - 00001238 _____ () C:\Users\Nick 2\Desktop\Games.lnk
2014-03-26 19:16 - 2014-03-26 19:16 - 00001238 _____ () C:\Users\Nick 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
2014-03-26 19:16 - 2014-03-26 19:16 - 00000020 ___SH () C:\Users\Nick 2\ntuser.ini
2014-03-26 19:16 - 2014-03-26 19:16 - 00000000 ____D () C:\Users\Nick 2\AppData\Roaming\TS3Client
2014-03-26 19:16 - 2014-03-26 19:16 - 00000000 ____D () C:\Users\Nick 2\AppData\Roaming\ATI
2014-03-26 19:16 - 2014-03-26 19:16 - 00000000 ____D () C:\Users\Nick 2\AppData\Roaming\Apple Computer
2014-03-26 19:16 - 2014-03-26 19:16 - 00000000 ____D () C:\Users\Nick 2\AppData\Roaming\Adobe
2014-03-26 19:16 - 2014-03-26 19:16 - 00000000 ____D () C:\Users\Nick 2\AppData\Local\ATI
2014-03-26 19:16 - 2014-03-26 19:16 - 00000000 ____D () C:\Users\Nick 2\AppData\Local\AMD
2014-03-26 19:15 - 2013-09-29 14:57 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-26 19:15 - 2012-06-08 15:20 - 00422914 _____ () C:\Windows\PFRO.log
2014-03-26 19:13 - 2014-03-16 08:42 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-03-24 19:21 - 2014-03-24 19:21 - 00000876 _____ () C:\Users\NICK\EXE.REG
2014-03-23 18:37 - 2014-03-23 18:37 - 00000000 ____D () C:\ProgramData\Creative
2014-03-22 17:29 - 2014-03-18 19:24 - 00765876 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-22 09:43 - 2014-03-16 08:42 - 00049952 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-03-22 09:43 - 2012-06-08 15:05 - 00001417 _____ () C:\Users\NICK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-18 19:23 - 2014-03-18 19:21 - 00007469 _____ () C:\Windows\IE11_main.log
2014-03-18 19:21 - 2014-03-18 19:21 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-18 19:21 - 2014-03-18 19:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-18 19:21 - 2014-03-18 19:21 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-18 19:21 - 2014-03-18 19:21 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-18 19:21 - 2014-03-18 19:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32(51).dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress(53).exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-18 19:21 - 2014-03-18 19:21 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-18 19:21 - 2014-03-18 19:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil(54).dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-18 19:21 - 2014-03-18 19:21 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-18 19:21 - 2014-03-18 19:21 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-18 19:21 - 2013-08-15 02:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-16 19:25 - 2014-03-16 19:24 - 00787296 _____ () C:\Users\NICK\Desktop\snes9x-1.51-win32.zip
2014-03-16 17:06 - 2013-03-12 20:27 - 00000000 ____D () C:\Users\NICK\Desktop\League of Legends
2014-03-16 16:29 - 2014-03-16 16:29 - 13770216 _____ (TeamSpeak Systems GmbH) C:\Users\NICK\Desktop\ts3client_win64.exe
2014-03-16 11:46 - 2014-03-16 11:46 - 00986624 _____ () C:\Users\NICK\Downloads\MicrosoftFixit50850.msi
2014-03-16 11:44 - 2014-03-16 11:44 - 00002922 _____ () C:\Windows\System32\Tasks\{D197BFEC-40C1-4A9F-8538-4A799A33E465}
2014-03-16 11:44 - 2014-03-16 11:44 - 00002922 _____ () C:\Windows\System32\Tasks\{81B411D8-E34F-4D93-999B-A7A270C9F3B0}
2014-03-16 11:44 - 2014-03-16 11:44 - 00002922 _____ () C:\Windows\System32\Tasks\{5AEDFF06-894F-4E89-B58B-8F8FA43A9946}
2014-03-16 11:44 - 2014-03-16 11:44 - 00002922 _____ () C:\Windows\System32\Tasks\{598995AB-9BDE-446C-9060-6C0D1F608D09}
2014-03-16 09:50 - 2014-03-16 09:50 - 00014240 _____ () C:\Users\NICK\Downloads\hijackthis.log
2014-03-16 09:49 - 2014-03-16 09:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\NICK\Downloads\HijackThis.exe
2014-03-16 09:38 - 2014-03-16 09:38 - 00930952 _____ (CNET Download.com) C:\Users\NICK\Downloads\cbsidlm-cbsi183-Free_Window_Registry_Repair-SEO-10606555.exe
2014-03-16 09:22 - 2014-03-16 09:22 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\NICK\Downloads\TeamSpeak3-Client-win32-3.0.14 (1).exe
2014-03-16 08:32 - 2014-03-16 08:31 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\NICK\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-03-16 08:24 - 2014-03-16 08:24 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\NICK\Downloads\TeamSpeak3-Client-win64-3.0.14 (1).exe
2014-03-15 11:19 - 2012-06-12 12:55 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-15 11:19 - 2012-06-12 12:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-15 11:19 - 2012-06-12 12:55 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-15 10:29 - 2009-07-14 05:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-03-15 10:28 - 2009-07-14 04:45 - 00275712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 18:44 - 2014-03-26 22:28 - 00000426 _____ () C:\AVScanner.ini
2014-03-02 14:05 - 2012-06-08 16:07 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-01 06:05 - 2014-03-22 09:48 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 05:17 - 2014-03-22 09:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 05:16 - 2014-03-22 09:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 04:58 - 2014-03-22 09:49 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 04:52 - 2014-03-22 09:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 04:51 - 2014-03-22 09:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 04:42 - 2014-03-22 09:48 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 04:40 - 2014-03-22 09:48 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 04:37 - 2014-03-22 09:48 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 04:33 - 2014-03-22 09:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 04:33 - 2014-03-22 09:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt(50).exe
2014-03-01 04:33 - 2014-03-22 09:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 04:32 - 2014-03-22 09:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 04:30 - 2014-03-22 09:49 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 04:23 - 2014-03-22 09:48 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 04:17 - 2014-03-22 09:48 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 04:11 - 2014-03-22 09:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 04:02 - 2014-03-22 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 03:54 - 2014-03-22 09:48 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 03:52 - 2014-03-22 09:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 03:51 - 2014-03-22 09:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 03:47 - 2014-03-22 09:49 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 03:43 - 2014-03-22 09:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 03:43 - 2014-03-22 09:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 03:42 - 2014-03-22 09:48 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 03:40 - 2014-03-22 09:48 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 03:38 - 2014-03-22 09:48 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt(52).exe
2014-03-01 03:37 - 2014-03-22 09:48 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 03:35 - 2014-03-22 09:48 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 03:18 - 2014-03-22 09:48 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 03:18 - 2014-03-22 09:48 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe(49).dll
2014-03-01 03:16 - 2014-03-22 09:48 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 03:14 - 2014-03-22 09:48 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 03:10 - 2014-03-22 09:48 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 03:03 - 2014-03-22 09:49 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 03:00 - 2014-03-22 09:48 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl(55).cpl
2014-03-01 02:57 - 2014-03-22 09:48 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 02:38 - 2014-03-22 09:48 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 02:32 - 2014-03-22 09:48 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 02:27 - 2014-03-22 09:49 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 02:25 - 2014-03-22 09:48 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 02:25 - 2014-03-22 09:48 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
 
Files to move or delete:
====================
C:\Users\NICK\EXE.REG
 
 
Some content of TEMP:
====================
C:\Users\NICK\AppData\Local\Temp\UNINSTALL.exe
C:\Users\NICK\AppData\Local\Temp\_isFC77.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-22 13:26
 
==================== End Of Log ============================
 
 
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by NICK at 2014-03-26 22:38:35
Running from C:\Users\NICK\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Kaspersky Anti-Virus (Disabled - Out of date) {56547CC9-C9B2-849D-8FEF-A496150D6A06}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
 
==================== Installed Programs ======================
 
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.0 - )
7-Zip 9.25 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0925-000001000000}) (Version: 9.25.00.0 - Igor Pavlov)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
AMD Accelerated Video Transcoding (Version: 2.00.0002 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.923.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5831C6D6-309D-DBB5-14F7-FEE57086CEE7}) (Version: 8.0.873.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.70405.2224 - Advanced Micro Devices, Inc.) Hidden
AMD USB Filter Driver (x32 Version: 1.0.14.91 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser Configuration Utility (HKLM-x32\...\{D793423B-FF18-4A54-B9C9-75B3396BAAC4}) (Version: 1.0.10.0 - DeviceVM Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version: 1.0.3.10485 - Blizzard Entertainment)
EPU (HKLM-x32\...\{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}) (Version: 1.02.20 - )
Football Manager 2012 (HKLM-x32\...\Steam App 71270) (Version:  - SI Games)
Football Manager 2012 Editor (HKLM-x32\...\Steam App 71400) (Version:  - )
Football Manager 2012 Resource Archiver (HKLM-x32\...\Steam App 71410) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417007FF}) (Version: 7.0.70 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMicron Technology Corp.)
Kaspersky Anti-Virus 2011 (HKLM-x32\...\InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}) (Version: 11.0.0.232 - Kaspersky Lab)
Kaspersky Anti-Virus 2011 (x32 Version: 11.0.0.232 - Kaspersky Lab) Hidden
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
Killing Floor Mod: Defence Alliance 2 (HKLM-x32\...\Steam App 35420) (Version:  - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.24.10.3 - Marvell)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0175 - )
ROG GameFirst v4.53 (HKLM\...\ROG GameFirst) (Version: 4.53 - cFos Software GmbH, Bonn)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sound Blaster X-Fi MB (HKLM-x32\...\{818690C7-8DA5-4623-BBA8-A73CFBD44077}) (Version: 1.0 - Creative Technology Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TurboV EVO (HKLM-x32\...\{491D92A9-69CA-4EB4-81D3-0106F9337957}) (Version: 1.02.18 - )
Unigine Heaven Benchmark v2.1 (HKLM-x32\...\{38468127-9E6F-4FC9-B5F7-42D4AD437D96}) (Version: 2.1 - Unigine Corp.)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D9}) (Version: 17.0.10381 - WinZip Computing, S.L. )
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
Yahoo Community Smartbar (HKLM-x32\...\{B5945149-A282-42E9-B43A-815E404F0580}) (Version: 1.185.66.12678 - Linkury Inc.) <==== ATTENTION
 
==================== Restore Points  =========================
 
22-03-2014 17:28:54 Windows Update
23-03-2014 18:46:03 Windows Update
24-03-2014 19:31:59 Installed Windows Resource Kit Tools - SubInAcl.exe
24-03-2014 23:29:58 Windows Update
25-03-2014 22:21:33 Windows Update
26-03-2014 19:19:31 Windows Update
26-03-2014 21:34:15 Restore Operation
26-03-2014 22:28:57 Removed Medieval II Total War : Kingdoms : Crusades
 
==================== Hosts content: ==========================
 
2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {18851735-DAA9-4E57-8CB6-D4CDABA24498} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {1CEF76B3-2404-4D9B-A18C-64E7572B7709} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-26] (Google Inc.)
Task: {2006651C-3D87-4FEE-9C4C-BA0A6CCE45A6} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5B89BE32-C9D4-4791-8DDF-A5EFBE201ACA} - System32\Tasks\{5AEDFF06-894F-4E89-B58B-8F8FA43A9946} => C:\Users\NICK\Desktop\FRST.exe
Task: {71A31F88-EFFB-4920-9512-A9A250478A51} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-26] (Google Inc.)
Task: {7358E812-7F7E-4C08-915E-559C499BE477} - System32\Tasks\ASUS\TurboVHelp => C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe [2010-03-25] (ASUSTeK Computer Inc.)
Task: {D00510CE-1A70-43CE-AC5F-BEC47951F802} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DA007D54-647D-4E5B-842D-1BD2EA9189F1} - System32\Tasks\{598995AB-9BDE-446C-9060-6C0D1F608D09} => C:\Users\NICK\Desktop\FRST.exe
Task: {EA840E05-D256-493C-A8BD-48F373BCF4FC} - System32\Tasks\{D197BFEC-40C1-4A9F-8538-4A799A33E465} => C:\Users\NICK\Desktop\FRST.exe
Task: {F3D6D936-A973-4B24-8705-C5D5A8D17C48} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {F5954460-05D1-4DD3-B7A4-EB4D044C85E1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-15] (Adobe Systems Incorporated)
Task: {F7F62300-1C99-4515-865D-868FC6B01F86} - System32\Tasks\{81B411D8-E34F-4D93-999B-A7A270C9F3B0} => C:\Users\NICK\Desktop\FRST.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-06-19 22:06 - 2013-03-12 20:26 - 03093624 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2012-04-05 20:57 - 2012-04-05 20:57 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-04-05 21:00 - 2012-04-05 21:00 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-03-30 14:32 - 2009-03-30 14:32 - 00032768 ____R () C:\Windows\DAODx.exe
2014-03-26 22:35 - 2014-03-26 22:35 - 00987448 _____ () C:\Users\NICK\Downloads\SecurityCheck.exe
2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-05-07 11:37 - 2010-05-07 11:37 - 02078392 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avzkrnl.dll
2012-06-08 15:13 - 2009-02-06 17:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2012-06-08 15:13 - 2009-07-30 13:54 - 00170496 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2012-06-08 15:19 - 2009-04-22 19:20 - 00179712 _____ () C:\Program Files (x86)\ASUS\EPU\ASUSSERVICE.DLL
2012-06-08 15:19 - 2010-01-08 16:17 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU\pngio.dll
2012-06-08 15:19 - 2010-01-08 16:17 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU\AsSpindownTimeout.dll
2012-06-08 15:20 - 2008-12-10 19:04 - 00253952 _____ () C:\Program Files\ASUS\TurboV EVO\pngio.dll
2012-06-08 15:20 - 2009-06-24 07:47 - 00061440 _____ () C:\Program Files\ASUS\TurboV EVO\flashobj.dll
2009-06-27 09:11 - 2009-06-27 09:11 - 00503202 _____ () C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
2012-11-05 20:58 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\EnumDevLib.dll
2012-06-08 15:20 - 2010-02-08 16:19 - 00053248 _____ () C:\Program Files\ASUS\TurboV EVO\HookKey32.dll
2014-03-26 19:18 - 2014-03-15 00:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-26 19:18 - 2014-03-15 00:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-26 19:18 - 2014-03-15 00:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-26 19:18 - 2014-03-15 00:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-26 19:18 - 2014-03-15 00:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-26 19:18 - 2014-03-15 00:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-26 19:18 - 2014-03-15 00:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\startupfolder: C:^Users^NICK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk => C:\Windows\pss\Xfire.lnk.Startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/26/2014 10:28:57 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.
 
System Error:
The parameter is incorrect.
.
 
Error: (03/26/2014 10:25:49 PM) (Source: System Restore) (User: )
Description: An unspecified error occurred during System Restore: (Windows Backup). Additional information: 0x80070005.
 
Error: (03/26/2014 10:15:04 PM) (Source: System Restore) (User: )
Description: An unspecified error occurred during System Restore: (Windows Backup). Additional information: 0x80070005.
 
Error: (03/26/2014 09:50:25 PM) (Source: System Restore) (User: )
Description: An unspecified error occurred during System Restore: (Windows Backup). Additional information: 0x80070005.
 
Error: (03/26/2014 09:34:15 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.
 
System Error:
The parameter is incorrect.
.
 
Error: (03/26/2014 07:53:35 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.16521 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 15e4
 
Start Time: 01cf492c33571eed
 
Termination Time: 20
 
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Report Id:
 
Error: (03/26/2014 07:19:32 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.
 
System Error:
The parameter is incorrect.
.
 
Error: (03/26/2014 07:19:31 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.
 
System Error:
The parameter is incorrect.
.
 
Error: (03/26/2014 07:14:23 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed AVG 2014; Error = 0x8007043c).
 
Error: (03/26/2014 07:14:23 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed AVG 2014; Error = 0x8007043c).
 
 
System errors:
=============
Error: (03/26/2014 10:25:00 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
kl2
 
Error: (03/26/2014 10:16:22 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004
 
Error: (03/26/2014 10:14:59 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
kl2
 
Error: (03/26/2014 09:59:55 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004
 
Error: (03/26/2014 09:50:19 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
kl2
 
Error: (03/26/2014 09:31:46 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004
 
Error: (03/26/2014 07:20:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2667402).
 
Error: (03/26/2014 07:16:17 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
kl2
 
Error: (03/26/2014 07:12:51 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (03/26/2014 07:12:51 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (03/26/2014 10:28:57 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.
 
System Error:
The parameter is incorrect.
 
Error: (03/26/2014 10:25:49 PM) (Source: System Restore)(User: )
Description: Windows Backup0x80070005
 
Error: (03/26/2014 10:15:04 PM) (Source: System Restore)(User: )
Description: Windows Backup0x80070005
 
Error: (03/26/2014 09:50:25 PM) (Source: System Restore)(User: )
Description: Windows Backup0x80070005
 
Error: (03/26/2014 09:34:15 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.
 
System Error:
The parameter is incorrect.
 
Error: (03/26/2014 07:53:35 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.1652115e401cf492c33571eed20C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Error: (03/26/2014 07:19:32 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.
 
System Error:
The parameter is incorrect.
 
Error: (03/26/2014 07:19:31 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.
 
System Error:
The parameter is incorrect.
 
Error: (03/26/2014 07:14:23 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved AVG 20140x8007043c
 
Error: (03/26/2014 07:14:23 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved AVG 20140x8007043c
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 37%
Total physical RAM: 6142.18 MB
Available physical RAM: 3829.27 MB
Total Pagefile: 12282.53 MB
Available Pagefile: 9645.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:119.24 GB) (Free:31.39 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:465.54 GB) (Free:197.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 99C43CC9)
Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 466 GB) (Disk ID: E3C8C871)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users