Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows suddenly dropping performance dramatically?


  • This topic is locked This topic is locked
15 replies to this topic

#1 jameswils100

jameswils100

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:35 AM

Posted 03 July 2014 - 03:08 AM

About three days ago, my computer started acting slower, and a little less responsive. The next day, my computer couldn't do anything. Simply watching a youtube video suddenly bogs the entire thing, freezing it up. The video stutters every few seconds, freezing on a frame for up to ten seconds. Every time I play my games, they max at about 5-10 fps, which is not at all normal to what im used to. I average pretty fairly, and my rig isn't too bad either. I'll put the specs at the bottom after all of this. I've tried downloading a couple other methods, even a couple programs that mightve helped. Pc decrapifier is one, did nothing noticable as far as i could tell. Ran microsoft security essentials and did a full scan overnight, turned up with nothing. On an off topic note, i did get gamebooster from razer before all of this, and found it didnt work at all, or perhaps made my game experience worse, so i uninstalled it same day. After reading in a lot of forums, someone recommended process explorer, which i have now. I don't entirely know what it does; it seems to be the same as my resource monitor, except with pretty colors

 

Anyway, im not sure if the next bit of information is relevant, my cpu is running about 1-5% cap (45% max frequency), and my physical memory normally has been running at around 55% since this started happening. I'm not sure if these are normal numbers, just felt it might be of some use. I've also done a memory test, as well as using CCleaner. And normally CCleaner takes a couple of moments to clear my cache, but when i select the Wipe Free Space box, it takes hours upon hours to do, and when it's finished, it hasn't even done anything. I've tried just about everything i feel i could on my own, and im out of options. My computer is crap, and i need help to figure out why. If you need to know anything else at all, ill be checking frequently in hopes i could resolve this problem, because it's driving me crazy.

 

My specs are as follows:

i7 2600k CPU

8GB ram

win7(64 bit)

150 gb harddrive that runs my windows

650 gb d drive, both are relatively vacant

 

I've also just recently discovered that my computer fan in the front end of my case wasn't working, i think it jammed up. Tried turning it, was really hard and the center was hot. took the drives and set them on top of my pc. I don't think that this may be what's causing my issue, seeing that ive never had a heating issue with my computer before, but ill get another fan as a last resort. Let's hope that it's a software issue in the mean time. 

 

Thanks in advance to whomever could shed some light on my situation, not a moment goes by that it's unappreciated.

 

P.S. Should I get Hijack? would it be necessary for my issue?

Attached Files



BC AdBot (Login to Remove)

 


#2 jameswils100

jameswils100
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:35 AM

Posted 03 July 2014 - 04:24 AM

as an update to the situation. At around 5 am, all videos ceased to buffer now. Youtube and other sites no longer play, and sound for anything. I went to my music folder to see if any sound came out of my headset, and the media player wouldn't run, it just froze up. But if i turn my headset up, i can still hear the high pitch of it still working. Things are getting worse as it goes

 

I did a restart and that fixed my issue, but after playing planetside 2 to see if my frames were still low, id closed it and now flash isnt working. The videos wont play and any other websites with anything flash related are stuck at the top and freeze. i can't scroll or click on the embedded video

 

10 pm, same day:

ive done a scan using malware bytes and it found 86 potential items. I've removed all of them and even saved a log. It told me to restart, and when i did, i noticed significant increase of performance, but i didn't get all of it back. Is there more malware in my computer, or did it just leave behind an irreparable mess? What do i do now? Also, that bug is still happening where i close a game and youtube, or flash doesnt seem to be working.


Edited by jameswils100, 03 July 2014 - 09:11 PM.


#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,731 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:35 AM

Posted 08 July 2014 - 03:10 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/539771 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 polskamachina

polskamachina

  • Malware Response Team
  • 4,002 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:35 PM

Posted 08 July 2014 - 11:53 AM

Hi jameswils100 :)

 

My name is polskamachina and I will be assisting you with your malware problems. Please give me some time to review your situation and I will get back to you with further instructions.

 

polskamachina



#5 jameswils100

jameswils100
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:35 AM

Posted 08 July 2014 - 02:16 PM

Thank you very much, polskamachina. I know I was told not to do anything else on my own, but i've done a bit of superficial digging and ran an SFC scan. It turns out that my computer has a lot of errors that it cannot fix on its own for some reason. Just an update



#6 polskamachina

polskamachina

  • Malware Response Team
  • 4,002 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:35 PM

Posted 08 July 2014 - 06:53 PM

Hi jameswils100 :)
 
I would like to officially welcome you to Bleeping Computer. What follows below are some ground rules for this forum.

I will reply as soon as possible (typically within 24-48 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, please let me know.

I am in California at GMT-7 Hours (DST). If I do not respond to you within 48 hours, feel free to send me a private message.

Some points for you to keep in mind:

  • Do NOT run any tools unless instructed to do so.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Do not attach logs or use code boxes, just copy and paste the text.
  • I cannot see your computer. Periodically update me on the condition of your computer, and provide as much detail as you can in every post.
  • Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end.
  • NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a flash drive, anywhere except on the computer.
  • NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. Please remember to copy the entire post so you do not miss any instructions.

Before we start investigating for malware, you should make sure your hardware is functioning properly. The problems you describe sound like your CPU may be overheating. The most common thing that happens is that dust gets into the cooling fins, heat sinks, and air flow areas. When this happens, the performance is throttled down to prevent damage to the hardware. If you don't feel confident disassembling your hardware, then I would take it to a computer shop for investigation. There are hazardous voltages inside a computer and not knowing your technical skill, you could easily damage the components or cause serious injury to yourself. Again, if you have any doubt, take it to a trusted computer professional for a diagnosis.
 
Once you're satisfied that the hardware is ok, please do the following:
Please download AdwCleaner by Xplode and save to your Desktop.

  • Right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Regarding the results of your SFC scan, sometimes that software is helpful, sometimes it's not.
 
Let me know if you have any questions. How is your computer performing now?
 
polskamachina



#7 jameswils100

jameswils100
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:35 AM

Posted 08 July 2014 - 10:13 PM

Thank you for responding. It's still running quite slow. The RAM usage is very gradually rising, i have to keep resetting my computer to bring it back down again, though all of my issues are still happening, even with good ram. I got an error when the scan finished, ill post it as an attatchment to see if you could make any sense of it, as well as the log. Looking over the results, it seems i'm not as thorough as i originally thought.

I could've sworn there was an attach button to use for this.

# AdwCleaner v3.215 - Report created 08/07/2014 at 23:03:58
# Updated 09/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : shade - SHADE-PC
# Running from : C:\Users\shade\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Program Files (x86)\Mozilla Firefox\user.js
File Found : C:\Users\shade\AppData\Roaming\Mozilla\Firefox\Profiles\rqdcuia7.default\searchplugins\WSE Rocket.xml
File Found : C:\Users\shade\AppData\Roaming\Mozilla\Firefox\Profiles\rqdcuia7.default\user.js
File Found : C:\Windows\System32\roboot64.exe
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\NCH Software
Folder Found : C:\Program Files (x86)\Perion
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\NCH Software
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Folder Found : C:\Users\shade\AppData\Local\Babylon
Folder Found : C:\Users\shade\AppData\Local\Conduit
Folder Found : C:\Users\shade\AppData\Local\DefineExt
Folder Found : C:\Users\shade\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
Folder Found : C:\Users\shade\AppData\LocalLow\Conduit
Folder Found : C:\Users\shade\AppData\LocalLow\SweetIM
Folder Found : C:\Users\shade\AppData\LocalLow\Toolbar4
Folder Found : C:\Users\shade\AppData\Roaming\Mozilla\Firefox\Profiles\rqdcuia7.default\Extensions\staged\{ecaa9181-d92a-47b9-8e14-bef9680f204b}
Folder Found : C:\Users\shade\AppData\Roaming\NCH Software
Folder Found : C:\Users\shade\AppData\Roaming\RocketUpdater
Folder Found : C:\Users\shade\AppData\Roaming\Systweak
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\anchorfree
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Google\Chrome\Extensions\fdkednngfjmpnljkolbapdednncafhen
Key Found : HKCU\Software\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Found : HKCU\Software\systweak
Key Found : HKCU\Software\WEDLMNGR
Key Found : [x64] HKCU\Software\anchorfree
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\IGearSettings
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : [x64] HKCU\Software\systweak
Key Found : [x64] HKCU\Software\WEDLMNGR
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Found : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\niogeckbkdcabhnapjbkeiklablhjoca
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_painttool-sai_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_painttool-sai_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Key Found : HKLM\Software\systweak
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://rocket-find.com/?f=1&a=rckt_dnldstr_14_28_ch&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCtDtC0FyCyE0F0B0B0EtN0D0Tzu0SzytCzztN1L2XzutBtFtBtCtFtCyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtCtD0CtDzzyEzztGtC0Fzz0AtG0B0CtB0DtGtCtBzy0DtGtBtDyDtC0C0DyE0EyD0B0DtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCtD0EtCtB0A0CtGtBtB0AyBtGzyyDzzyEtGtDzyyD0FtGtDyBtByEtA0D0EtA0B0DyByE2Q&cr=266768412&ir=
 
-\\ Mozilla Firefox v30.0 (en-US)
 
[ File : C:\Users\shade\AppData\Roaming\Mozilla\Firefox\Profiles\rqdcuia7.default\prefs.js ]
 
Line Found : user_pref("browser.startup.homepage", "hxxp://rocket-find.com/?f=1&a=rckt_dnldstr_14_28_ch&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCtDtC0FyCyE0F0B0B0EtN0D0Tzu0SzytCzztN1L2XzutBtFtBtCtFtCyEtFtDtN1L1CzutCyEtBzy[...]
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg
Found [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Found [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
Found [Extension] : kincjchfokkeneeofpeefomkikfkiedl
 
[ File : C:\Users\shade\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Startup_urls] : hxxp://rocket-find.com/?f=7&a=rckt_dnldstr_14_28_ch&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCtDtC0FyCyE0F0B0B0EtN0D0Tzu0SzytCzztN1L2XzutBtFtBtCtFtCyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtCtD0CtDzzyEzztGtC0Fzz0AtG0B0CtB0DtGtCtBzy0DtGtBtDyDtC0C0DyE0EyD0B0DtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCtD0EtCtB0A0CtGtBtB0AyBtGzyyDzzyEtGtDzyyD0FtGtDyBtByEtA0D0EtA0B0DyByE2Q&cr=266768412&ir=
Found [Homepage] : hxxp://rocket-find.com/?f=1&a=rckt_dnldstr_14_28_ch&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCtDtC0FyCyE0F0B0B0EtN0D0Tzu0SzytCzztN1L2XzutBtFtBtCtFtCyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtCtD0CtDzzyEzztGtC0Fzz0AtG0B0CtB0DtGtCtBzy0DtGtBtDyDtC0C0DyE0EyD0B0DtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCtD0EtCtB0A0CtGtBtB0AyBtGzyyDzzyEtGtDzyyD0FtGtDyBtByEtA0D0EtA0B0DyByE2Q&cr=266768412&ir=
Found [Extension] : ibnjmihbbanannlbobkbmnmckjnmdnom
Found [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg
 
*************************
 
AdwCleaner[R0].txt - [11666 octets] - [08/07/2014 23:03:58]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [11727 octets] ##########
 
And as for the picture: http://imgur.com/7nM7VOL
 
Should I clean the results? Or wait for further instructions?
 
Thank you again, very much :)

Edited by jameswils100, 08 July 2014 - 11:03 PM.


#8 polskamachina

polskamachina

  • Malware Response Team
  • 4,002 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:35 PM

Posted 08 July 2014 - 11:54 PM

Hi jameswils100 :)
 
You have quite an accumulation of Adware. Unless you see anything in particular that you want to keep, please follow the directions below:
 
Double click on AdwCleaner.exe to run the tool again.

  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished, this time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

Did that help speed things up?

 

polskamachina


Edited by polskamachina, 08 July 2014 - 11:58 PM.


#9 jameswils100

jameswils100
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:35 AM

Posted 09 July 2014 - 02:46 AM

# AdwCleaner v3.215 - Report created 09/07/2014 at 02:26:53
# Updated 09/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : shade - SHADE-PC
# Running from : C:\Users\shade\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\Perion
Folder Deleted : C:\Users\shade\AppData\Local\Babylon
Folder Deleted : C:\Users\shade\AppData\Local\Conduit
Folder Deleted : C:\Users\shade\AppData\Local\DefineExt
Folder Deleted : C:\Users\shade\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\shade\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\shade\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\shade\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\shade\AppData\Roaming\RocketUpdater
Folder Deleted : C:\Users\shade\AppData\Roaming\Systweak
Folder Deleted : C:\Users\shade\AppData\Roaming\Mozilla\Firefox\Profiles\rqdcuia7.default\Extensions\staged\{ecaa9181-d92a-47b9-8e14-bef9680f204b}
Folder Deleted : C:\Users\shade\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
File Deleted : C:\END
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\shade\AppData\Roaming\Mozilla\Firefox\Profiles\rqdcuia7.default\searchplugins\WSE Rocket.xml
File Deleted : C:\Users\shade\AppData\Roaming\Mozilla\Firefox\Profiles\rqdcuia7.default\user.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Google\Chrome\Extensions\fdkednngfjmpnljkolbapdednncafhen
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niogeckbkdcabhnapjbkeiklablhjoca
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_painttool-sai_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_painttool-sai_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Key Deleted : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Mozilla Firefox v30.0 (en-US)
 
[ File : C:\Users\shade\AppData\Roaming\Mozilla\Firefox\Profiles\rqdcuia7.default\prefs.js ]
 
Line Deleted : user_pref("browser.startup.homepage", "hxxp://rocket-find.com/?f=1&a=rckt_dnldstr_14_28_ch&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCtDtC0FyCyE0F0B0B0EtN0D0Tzu0SzytCzztN1L2XzutBtFtBtCtFtCyEtFtDtN1L1CzutCyEtBzy[...]
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg
Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Deleted [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
 
[ File : C:\Users\shade\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb212/?search={searchTerms}&loc=IB_DS&a=6PQTOIh6XJ&i=26
Deleted [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3298566&CUI=UN26737008992030113&UM=2
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=250DBA29-0D9E-4893-ADD9-A85AD1440658&apn_sauid=DED604B0-6EE4-4B66-A9CE-41D2BC76752B
Deleted [Search Provider] : hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dnldstr_14_28_ch&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCtDtC0FyCyE0F0B0B0EtN0D0Tzu0SzytCzztN1L2XzutBtFtBtCtFtCyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtCtD0CtDzzyEzztGtC0Fzz0AtG0B0CtB0DtGtCtBzy0DtGtBtDyDtC0C0DyE0EyD0B0DtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCtD0EtCtB0A0CtGtBtB0AyBtGzyyDzzyEtGtDzyyD0FtGtDyBtByEtA0D0EtA0B0DyByE2Q&cr=266768412&ir=
Deleted [Startup_urls] : hxxp://rocket-find.com/?f=7&a=rckt_dnldstr_14_28_ch&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCtDtC0FyCyE0F0B0B0EtN0D0Tzu0SzytCzztN1L2XzutBtFtBtCtFtCyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtCtD0CtDzzyEzztGtC0Fzz0AtG0B0CtB0DtGtCtBzy0DtGtBtDyDtC0C0DyE0EyD0B0DtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCtD0EtCtB0A0CtGtBtB0AyBtGzyyDzzyEtGtDzyyD0FtGtDyBtByEtA0D0EtA0B0DyByE2Q&cr=266768412&ir=
Deleted [Homepage] : hxxp://rocket-find.com/?f=1&a=rckt_dnldstr_14_28_ch&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCtDtC0FyCyE0F0B0B0EtN0D0Tzu0SzytCzztN1L2XzutBtFtBtCtFtCyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtCtD0CtDzzyEzztGtC0Fzz0AtG0B0CtB0DtGtCtBzy0DtGtBtDyDtC0C0DyE0EyD0B0DtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCtD0EtCtB0A0CtGtBtB0AyBtGzyyDzzyEtGtDzyyD0FtGtDyBtByEtA0D0EtA0B0DyByE2Q&cr=266768412&ir=
Deleted [Extension] : ibnjmihbbanannlbobkbmnmckjnmdnom
Deleted [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg
 
*************************
 
AdwCleaner[R0].txt - [11880 octets] - [08/07/2014 23:03:58]
AdwCleaner[S0].txt - [11966 octets] - [09/07/2014 02:26:53]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12027 octets] ##########
 
 
Yes, noticeably so! It's so surprising to see that my computer is a lot healthier, thank you! I mean, it still lags a fair amount, but this is a massive step in the right direction :o
For about a week i've tried to fix this issue on my own, using multiple different programs and websites and tricks, but one little sweep nearly entirely fixes my Pc! You are a good, heh.
Though after about an hour or two of testing, i've noticed I still suffer from a couple of odd details.
 
1) My frames are excellent, tolerable at best
2) When I closed out of my game, i've noticed that when trying to play a youtube video, it plays for about another second and stops at that point, even if the buffer has gone past that. Refreshing the page does nothing
3) Anything related to Adobe flash seems to stop working. I've tried reinstalling it. Only a reboot seems to fix the issue
4) Everyone on my skype list is offline. Closing skype and reopening it prevents me from signing back in; computer thinks im still signed in even after signing off and denying me access
5) After closing a game, all system sounds seem to shut off. The in game sound was fine, but became silent after. I've tried seeing if maybe the volume was moved to another playback device, but it cuts off entirely. Reboots fixes this.
 
 These are all superficial, in my opinion, aside from 1. I'd udnerstand if you declared your job finished, but i'd like to know if there's any way you could help me regain full strength of my pc, or at least grant me the tools to try on my own. Thank you
 
I don't know where i'd be without people like you :')
 
One final thing. If all of this is irreversable, I just went out and bought a pack of dvds, and was wondering if you knew where to get an iso for windows7 professional. Not cracked or modified in any way, just one that would work normally as if it was the original disk. Thanks again!

Edited by jameswils100, 09 July 2014 - 01:10 PM.


#10 polskamachina

polskamachina

  • Malware Response Team
  • 4,002 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:35 PM

Posted 09 July 2014 - 01:45 PM

Hi jameswils100 :)
 
Looks like we're making some progress here.
 
Next, follow the instructions below.
 

How To Publish a Snapshot using Speccy


Guide Overview

The purpose of this guide is to teach you how to post your computer's specifications to the forum with minimal effort on your part. This is often helpful when troubleshooting problems, and the person helping you needs to see the details of your computer's hardware.

Tools Needed

  • Speccy - First, you will need a program called Speccy. From Piriform's website: "Speccy is an advanced system information tool for your PC." This is a very useful utility that every PC user should have in their arsenal.

Instructions

  • Go to Piriform's website, and click the big download.png button.

    Next, click Download from Piriform (the FileHippo link requires an extra click). Or if you want to use a portable version of Speccy (which doesn't require installation), click the builds page link and download the portable version.

    You will now be asked where you want to save the file. The best place to put it is the Desktop, as it will be easy to find later.
  • After the file finishes downloading, you are ready to run Speccy. If you downloaded the installer, simply double-click on it and follow the prompts until installation is complete. If you downloaded the portable version, you will need to unzip it before use. Right-click the ZIP file and click Extract all. Click Next. Open up the extracted folder and double-click on Speccy. You may want to set the options under View to Imperial if you prefer degrees Fahrenheit to Celsius. For me, it will save me one step of conversion. In any case, I would like you pay particular attention the temperatures displayed when your first boot up your computer and then after it's been on a while and the frame rate starts to slow down.
  • Once inside Speccy, it will look similar to this (with your computer's specifications, of course):
    JmYsp.png

    Now, in the menu bar at the top left, click File > Publish Snapshot

    You will see the following prompt:
    publish.png

    Click Yes > then Copy to Clipboard

    copydi.png

    Now, once you are back in the forum topic you are posting in, click the replyji.png button. Right-click in the empty space of the Reply box and click Paste. Then, click Add Reply below the Reply box.

Congrats! You have just posted your specs!
 

Next:

 

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to select  the 64-bit version.

  • Right click to run as administrator.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Regarding your observations:


Though after about an hour or two of testing, i've noticed I still suffer from a couple of odd details.
1) My frames are excellent, tolerable at best
2) When I closed out of my game, i've noticed that when trying to play a youtube video, it plays for about another second and stops at that point, even if the buffer has gone past that. Refreshing the page does nothing
3) Anything related to Adobe flash seems to stop working. I've tried reinstalling it. Only a reboot seems to fix the issue
4) Everyone on my skype list is offline. Closing skype and reopening it prevents me from signing back in; computer thinks im still signed in even after signing off and denying me access
5) After closing a game, all system sounds seem to shut off. The in game sound was fine, but became silent after. I've tried seeing if maybe the volume was moved to another playback device, but it cuts off entirely. Reboots fixes this.

 

 

I think most, if not all of those symptoms, can be attribute to hardware issues. While the Bleeping Computer staff usually limits our help to malware removal, I don't mind getting you pointed in the right direction to get these issues resolved as well. :)

 

Let me know if you have any questions about running Speccy, FRST, or anything else.

 

polskamachina



#11 jameswils100

jameswils100
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:35 AM

Posted 09 July 2014 - 02:19 PM

Hey again, polskamachina.
 
http://speccy.piriform.com/results/EJqqQPRIOov7RPopncmDtxB

 

 

 

I think most, if not all of those symptoms, can be attribute to hardware issues. While the Bleeping Computer staff usually limits our help to malware removal, I don't mind getting you pointed in the right direction to get these issues resolved as well.  :)

 I wasn't experiencing any of these issues in any form before all of this, but that's very much appreciated. Whatever helps, i'll take :)

 

Here comes the FRST first :P

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2014
Ran by shade (administrator) on SHADE-PC on 09-07-2014 15:10:58
Running from C:\Users\shade\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
(NETGEAR,Inc.) C:\Program Files (x86)\NETGEAR\A6200\A6200.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Valve Corporation) D:\steam\Steam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Beepa P/L) C:\Fraps\fraps.exe
(Beepa P/L) C:\Fraps\fraps64.dat
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12632168 2011-07-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2264168 2011-07-13] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [LanuchApp] => C:\Program Files (x86)\NETGEAR\A6200\LanuchApp.exe [15576 2013-08-09] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [84576 2013-07-23] (Nullsoft, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-06] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
HKU\S-1-5-21-355484532-951285083-856939427-1000\...\MountPoints2: D - D:\TL_Bootstrap.exe
HKU\S-1-5-21-355484532-951285083-856939427-1000\...\MountPoints2: {489d3b36-f5f2-11e1-96dc-902b34101f64} - D:\TL_Bootstrap.exe
HKU\S-1-5-21-355484532-951285083-856939427-1000\...\MountPoints2: {4d2c2cb4-6386-11e2-a3b4-902b34101f64} - F:\TL_Bootstrap.exe
HKU\S-1-5-21-355484532-951285083-856939427-1000\...\MountPoints2: {6359d687-e1c9-11e2-b267-902b34101f64} - F:\TL_Bootstrap.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\shade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7830020C9F99CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
URLSearchHook: HKCU - (No Name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - No File
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0B6BB7F7-0DA0-489e-8146-7F14E1B482E4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKCU - {C72DBF13-F7B8-467f-A05F-D177BF0183D2} URL = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {A13C2648-91D4-4bf3-BC6D-0079707C4389} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\shade\AppData\Roaming\Mozilla\Firefox\Profiles\rqdcuia7.default
FF SelectedSearchEngine: WSE Rocket
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\shade\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Define Ext - C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com [2013-07-12]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.0.26\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-06]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Google Docs) - C:\Users\shade\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-07]
CHR Extension: (Google Drive) - C:\Users\shade\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\shade\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-07]
CHR Extension: (YouTube) - C:\Users\shade\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-07]
CHR Extension: (Adblock Plus) - C:\Users\shade\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-07]
CHR Extension: (Google Search) - C:\Users\shade\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-07]
CHR Extension: (avast! Online Security) - C:\Users\shade\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-07]
CHR Extension: (Skype Click to Call) - C:\Users\shade\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-07]
CHR Extension: (Google Wallet) - C:\Users\shade\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-07]
CHR Extension: (Gmail) - C:\Users\shade\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-07]
CHR HKCU\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\shade\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx [2014-07-07]
CHR HKCU\...\Chrome\Extension: [gclijllifhfpomppedeljakfegbcpojn] - C:\Users\shade\AppData\Local\CRE\gclijllifhfpomppedeljakfegbcpojn.crx [2014-07-07]
CHR HKLM-x32\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\shade\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx [2014-07-07]
CHR HKLM-x32\...\Chrome\Extension: [gclijllifhfpomppedeljakfegbcpojn] - C:\Users\shade\AppData\Local\CRE\gclijllifhfpomppedeljakfegbcpojn.crx [2014-07-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-06]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.0.26\Exts\Chrome.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-06] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-14] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.0.26\ccSvcHst.exe [144520 2012-12-24] (Symantec Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-30] ()
R2 WNDA6200; C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe [18944 2014-03-14] () [File not signed]
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
 
==================== Drivers (Whitelisted) ====================
 
R3 A6200; C:\Windows\System32\DRIVERS\bcmwlhigh664.sys [2567984 2013-02-28] (Broadcom Corporation)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-06] ()
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DD03000.01A\ccSetx64.sys [168096 2012-11-15] (Symantec Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-08-15] ()
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R1 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-26] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [15712 2012-08-26] ()
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
R3 cpuz136; \??\C:\Users\shade\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-09 15:10 - 2014-07-09 15:11 - 00022516 _____ () C:\Users\shade\Downloads\FRST.txt
2014-07-09 15:10 - 2014-07-09 15:11 - 00000000 ____D () C:\FRST
2014-07-09 15:10 - 2014-07-09 15:10 - 02084352 _____ (Farbar) C:\Users\shade\Downloads\FRST64.exe
2014-07-09 15:08 - 2014-07-09 15:08 - 00000796 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-07-09 15:08 - 2014-07-09 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2014-07-09 15:07 - 2014-07-09 15:08 - 00000000 ____D () C:\Program Files\Speccy
2014-07-09 15:07 - 2014-07-09 15:07 - 04890736 _____ (Piriform Ltd) C:\Users\shade\Downloads\spsetup126.exe
2014-07-09 03:42 - 2014-07-09 03:42 - 00002162 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-07-09 03:42 - 2014-07-09 03:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-07-09 03:42 - 2014-07-09 03:42 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-07-08 23:05 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-08 23:03 - 2014-07-09 03:52 - 00000000 ____D () C:\AdwCleaner
2014-07-08 23:03 - 2014-07-08 23:03 - 01348263 _____ () C:\Users\shade\Downloads\AdwCleaner.exe
2014-07-08 05:25 - 2014-07-08 05:25 - 00688992 ____R (Swearware) C:\Users\shade\Downloads\dds (1).com
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT WWED1
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT WW2
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT WW1
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT WTUE1
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT WTHUR1
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT WMON1
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT WFRI1
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT W2
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT W1
2014-07-07 15:49 - 2014-07-07 15:49 - 00001891 _____ () C:\Users\shade\Desktop\WorldofTanks.lnk
2014-07-07 15:49 - 2014-07-07 15:49 - 00000000 ____D () C:\Users\shade\AppData\Roaming\WorldofTanks
2014-07-07 15:49 - 2014-07-07 15:49 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks
2014-07-07 15:49 - 2014-07-07 15:49 - 00000000 ____D () C:\Users\shade\AppData\Local\WorldofTanks
2014-07-07 15:48 - 2014-07-07 15:48 - 28114944 _____ () C:\Users\shade\Downloads\SkypeSetup.exe
2014-07-07 15:23 - 2014-07-07 15:23 - 00838296 _____ ( ) C:\Users\shade\Downloads\Skype_Setup.exe
2014-07-07 02:35 - 2014-07-07 03:24 - 00001648 _____ () C:\Windows\system32\ASOROSet.bin
2014-07-07 02:34 - 2014-07-07 02:35 - 00000000 ____D () C:\Windows\system32\config\RCCBakup
2014-07-07 02:15 - 2014-07-07 02:15 - 00838296 _____ ( ) C:\Users\shade\Downloads\Adobe_Flash_Setup (1).exe
2014-07-07 02:14 - 2014-07-09 14:50 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-07 02:14 - 2014-07-09 14:14 - 00000292 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-07-07 02:14 - 2014-07-09 03:50 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-07 02:14 - 2014-07-09 03:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-07 02:14 - 2014-07-09 03:50 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-07 02:14 - 2014-07-07 02:14 - 00003232 _____ () C:\Windows\System32\Tasks\Rocket Updater
2014-07-07 02:13 - 2014-07-07 02:14 - 00002577 _____ () C:\Users\shade\Desktop\StormFall.lnk
2014-07-07 02:13 - 2014-07-07 02:13 - 18583216 _____ (Adobe Systems Incorporated) C:\Users\shade\Downloads\install_flash_player_ax.exe
2014-07-07 02:13 - 2014-07-07 02:13 - 00003690 _____ () C:\Windows\System32\Tasks\StormFall W2
2014-07-07 02:13 - 2014-07-07 02:13 - 00003690 _____ () C:\Windows\System32\Tasks\StormFall W1
2014-07-07 02:13 - 2014-07-07 02:13 - 00003690 _____ () C:\Windows\System32\Tasks\StormFall TW2
2014-07-07 02:13 - 2014-07-07 02:13 - 00003690 _____ () C:\Windows\System32\Tasks\StormFall TW1
2014-07-07 02:13 - 2014-07-07 02:13 - 00000000 ____D () C:\Users\shade\AppData\Roaming\StormFall
2014-07-07 02:13 - 2014-07-07 02:13 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall
2014-07-07 02:12 - 2014-07-07 02:12 - 00838296 _____ ( ) C:\Users\shade\Downloads\Adobe_Flash_Setup.exe
2014-07-07 02:12 - 2014-07-07 02:12 - 00000000 ____D () C:\Users\shade\AppData\Local\StormFall
2014-07-07 01:37 - 2014-07-07 01:37 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-07 01:37 - 2014-07-07 01:36 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-07 01:37 - 2014-07-07 01:36 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-07 01:37 - 2014-07-07 01:36 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-07 01:36 - 2014-07-07 01:36 - 00000000 ____D () C:\Program Files\Java
2014-07-07 01:32 - 2014-07-07 01:32 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-07 01:32 - 2014-07-07 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-07 01:31 - 2014-07-09 14:36 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-07 01:31 - 2014-07-09 03:56 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-07 01:31 - 2014-07-07 01:31 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-07 01:31 - 2014-07-07 01:31 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-07 01:30 - 2014-07-07 01:30 - 00895120 _____ (Google Inc.) C:\Users\shade\Downloads\ChromeSetup.exe
2014-07-07 01:10 - 2014-07-07 01:12 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Trillian
2014-07-07 01:10 - 2014-07-07 01:10 - 00001105 _____ () C:\Users\shade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trillian.lnk
2014-07-07 01:10 - 2014-07-07 01:10 - 00001075 _____ () C:\Users\shade\Desktop\Trillian.lnk
2014-07-07 01:09 - 2014-07-07 01:10 - 00000000 ____D () C:\Program Files (x86)\Trillian
2014-07-07 01:04 - 2014-07-07 01:05 - 21966664 _____ () C:\Users\shade\Downloads\trillian-v5.4.0.16.exe
2014-07-07 01:01 - 2014-07-07 01:01 - 00000000 ____D () C:\Users\shade\AppData\Local\Macromedia
2014-07-07 01:00 - 2014-07-07 01:00 - 00003128 _____ () C:\Windows\System32\Tasks\{142164B2-7F42-43BA-8801-FF8A1FCEE699}
2014-07-07 00:51 - 2014-07-07 00:52 - 00000000 ____D () C:\Users\shade\AppData\Local\Mozilla
2014-07-07 00:51 - 2014-07-07 00:51 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-07 00:51 - 2014-07-07 00:51 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-07 00:51 - 2014-07-07 00:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-07 00:50 - 2014-07-07 00:50 - 00284224 _____ (Mozilla) C:\Users\shade\Documents\Firefox Setup Stub 30.0.exe
2014-07-06 05:46 - 2014-07-09 03:56 - 00001064 _____ () C:\Windows\setupact.log
2014-07-06 05:46 - 2014-07-06 05:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-06 05:45 - 2014-07-09 03:55 - 00007934 _____ () C:\Windows\PFRO.log
2014-07-06 05:45 - 2014-07-06 05:46 - 04966136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-06 03:10 - 2014-07-06 03:10 - 02347384 _____ (ESET) C:\Users\shade\Documents\esetsmartinstaller_enu.exe
2014-07-06 01:25 - 2014-07-06 01:26 - 00000000 ____D () C:\Users\shade\AppData\Roaming\DropboxMaster
2014-07-06 01:25 - 2014-07-06 01:25 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-06 01:22 - 2014-07-06 01:26 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Dropbox
2014-07-06 01:12 - 2014-07-07 03:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-06 01:12 - 2014-07-06 01:12 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-06 01:12 - 2014-07-06 01:12 - 00000000 ____D () C:\Users\shade\AppData\Roaming\AVAST Software
2014-07-06 01:12 - 2014-07-06 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-06 01:11 - 2014-07-06 01:12 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-06 01:11 - 2014-07-06 01:10 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-06 01:11 - 2014-07-06 01:10 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-06 01:11 - 2014-07-06 01:10 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-06 01:11 - 2014-07-06 01:10 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-06 01:11 - 2014-07-06 01:10 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-06 01:11 - 2014-07-06 01:10 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-06 01:11 - 2014-07-06 01:10 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-06 01:10 - 2014-07-06 01:10 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-06 01:10 - 2014-07-06 01:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-06 01:08 - 2014-07-06 01:08 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-06 01:07 - 2014-07-06 01:08 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-06 01:06 - 2014-07-06 01:06 - 04862664 _____ (AVAST Software) C:\Users\shade\Downloads\avast_free_antivirus_setup_online.exe
2014-07-06 01:06 - 2014-07-06 01:06 - 00065384 _____ () C:\Users\shade\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-06 00:58 - 2014-07-06 00:58 - 00032950 _____ () C:\Users\shade\Desktop\cc_20140706_005813.reg
2014-07-05 20:08 - 2014-07-05 20:08 - 02388336 _____ (Reason Company Software Inc.) C:\Users\shade\Downloads\herdProtectScan_Setup.exe
2014-07-05 20:08 - 2014-07-05 20:08 - 00001113 _____ () C:\Users\Public\Desktop\herdProtect.lnk
2014-07-05 20:08 - 2014-07-05 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect
2014-07-05 20:08 - 2014-07-05 20:08 - 00000000 ____D () C:\Program Files\Reason
2014-07-04 19:03 - 2014-07-04 19:05 - 00000339 _____ () C:\ProgramData\1404514982.3008.bin
2014-07-04 19:03 - 2014-07-04 19:03 - 00040838 _____ () C:\ProgramData\1404514982.6420.bin
2014-07-04 19:03 - 2014-07-04 19:03 - 00002052 _____ () C:\ProgramData\1404514982.7660.bin
2014-07-04 19:03 - 2014-07-04 19:03 - 00000000 ____D () C:\Users\shade\AppData\Roaming\QuickScan
2014-07-04 19:02 - 2014-07-04 19:02 - 10447328 _____ () C:\Users\shade\Downloads\Antivirus_Free_Edition_x64.exe
2014-07-04 19:02 - 2014-07-04 19:02 - 00162208 _____ () C:\Users\shade\Downloads\Antivirus_Free_Edition.exe
2014-07-03 22:26 - 2014-07-03 22:26 - 02682880 _____ () C:\Users\shade\Downloads\AdbeRdrSecUpd11005.msp
2014-07-03 17:42 - 2014-07-03 17:43 - 35314816 _____ (Skype Technologies S.A.) C:\Users\shade\Downloads\SkypeSetupFull.exe
2014-07-03 05:17 - 2014-07-03 05:17 - 04991400 _____ (Adobe Systems Inc.) C:\Users\shade\Downloads\Shockwave_Installer_Slim.exe
2014-07-03 04:08 - 2014-07-03 04:08 - 00011960 _____ () C:\Users\shade\Downloads\attach.txt
2014-07-03 04:03 - 2014-07-08 05:27 - 00025628 _____ () C:\Users\shade\Desktop\dds.txt
2014-07-03 04:03 - 2014-07-08 05:27 - 00018880 _____ () C:\Users\shade\Desktop\attach.txt
2014-07-03 04:01 - 2014-07-03 04:01 - 00688992 ____R (Swearware) C:\Users\shade\Downloads\dds.com
2014-07-03 01:30 - 2014-07-03 01:30 - 01243655 _____ () C:\Users\shade\Downloads\ProcessExplorer.zip
2014-07-03 01:30 - 2014-03-06 23:53 - 02925760 _____ (Sysinternals - www.sysinternals.com) C:\Users\shade\Desktop\procexp.exe
2014-07-03 01:30 - 2012-10-15 13:23 - 00072154 _____ () C:\Users\shade\Desktop\procexp.chm
2014-07-03 01:30 - 2006-07-28 08:32 - 00007005 _____ () C:\Users\shade\Desktop\Eula.txt
2014-07-02 21:04 - 2014-07-02 21:04 - 00000000 __SHD () C:\Users\shade\AppData\Local\EmieUserList
2014-07-02 21:04 - 2014-07-02 21:04 - 00000000 __SHD () C:\Users\shade\AppData\Local\EmieSiteList
2014-07-02 17:59 - 2014-07-02 17:59 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-02 17:40 - 2013-05-10 01:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-07-02 17:40 - 2013-05-10 01:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-07-02 17:40 - 2013-05-10 00:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-07-02 17:40 - 2013-05-10 00:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-07-02 17:11 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-07-02 17:02 - 2014-07-02 17:02 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-02 17:02 - 2014-07-02 17:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-02 17:02 - 2014-07-02 17:02 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-02 17:02 - 2014-07-02 17:02 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-02 17:02 - 2014-07-02 17:02 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-07-02 17:02 - 2014-07-02 17:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-07-02 17:02 - 2014-07-02 17:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-07-02 17:02 - 2014-07-02 17:02 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-07-02 17:02 - 2014-07-02 17:02 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00266456 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00240856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-07-02 17:02 - 2014-07-02 17:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-07-02 17:02 - 2014-07-02 17:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-02 15:32 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-07-02 15:32 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-07-02 15:32 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-07-02 15:32 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-07-02 15:32 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-07-02 15:30 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-02 15:30 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-02 15:30 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-07-02 15:30 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-07-02 15:30 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-07-02 15:30 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-07-02 15:30 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-07-02 15:30 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-07-02 15:30 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-07-02 15:30 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-07-02 15:30 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-07-02 15:30 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-07-02 15:29 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-07-02 15:29 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-07-02 15:29 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-02 15:29 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-07-02 15:29 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-07-02 15:29 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-07-02 15:29 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-07-02 15:29 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-02 15:29 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-02 15:29 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-02 15:29 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-02 15:29 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-07-02 15:29 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-07-02 15:29 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-02 15:29 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-02 15:29 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-02 15:29 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-02 15:29 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-07-02 15:29 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-07-02 15:29 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-07-02 15:29 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-07-02 15:29 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-07-02 15:29 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-07-02 15:29 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-07-02 15:29 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-02 15:29 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-07-02 15:29 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-07-02 15:29 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-02 15:29 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-07-02 15:29 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-02 15:29 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-02 15:29 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-02 15:29 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-02 15:29 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-07-02 15:29 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-07-02 15:29 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-07-02 15:29 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-07-02 15:29 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-07-02 15:29 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-07-02 15:29 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-02 15:29 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-07-02 15:28 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-07-02 15:28 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-07-02 15:28 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-07-02 15:28 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-07-02 15:28 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-07-02 15:28 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-07-02 15:28 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-07-02 15:28 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-07-02 15:28 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-07-02 15:28 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-07-02 15:28 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-07-02 15:28 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-02 15:28 - 2014-02-03 22:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-07-02 15:28 - 2014-02-03 22:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-07-02 15:28 - 2014-02-03 22:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-07-02 15:28 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-02 15:28 - 2014-02-03 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-07-02 15:28 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-02 15:28 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-07-02 15:28 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-07-02 15:28 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-07-02 15:28 - 2014-01-23 22:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-07-02 15:26 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-07-02 15:26 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-07-02 15:09 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-02 15:09 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-02 15:09 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-02 15:09 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-02 15:08 - 2014-07-02 15:09 - 00004416 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-02 00:53 - 2014-07-02 00:53 - 00001343 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-07-02 00:52 - 2014-07-02 00:54 - 00000000 ____D () C:\Users\shade\AppData\Local\NVIDIA
2014-07-02 00:52 - 2014-07-02 00:53 - 00000000 ____D () C:\Users\shade\AppData\Local\NVIDIA Corporation
2014-07-02 00:52 - 2014-04-30 14:27 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-07-02 00:52 - 2014-04-30 14:26 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-07-02 00:51 - 2014-07-02 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-02 00:51 - 2014-07-02 00:51 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-07-02 00:50 - 2014-05-19 19:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-07-02 00:45 - 2014-06-11 04:57 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-07-02 00:45 - 2014-06-11 04:57 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-07-02 00:45 - 2014-06-11 04:57 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-02 00:45 - 2014-05-19 22:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 00492376 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 00416712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 00335704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-02 00:45 - 2014-05-19 22:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-07-02 00:45 - 2014-03-31 12:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-07-02 00:45 - 2014-03-31 12:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-07-02 00:45 - 2014-03-31 12:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-07-02 00:38 - 2014-07-02 00:38 - 00000000 ____D () C:\NVIDIA
2014-06-30 17:55 - 2014-06-30 17:55 - 00000000 ____D () C:\Users\shade\Documents\Razer
2014-06-30 17:55 - 2014-06-30 17:55 - 00000000 ____D () C:\Users\shade\AppData\Local\Razer_Inc
2014-06-30 17:53 - 2014-07-01 21:51 - 00000000 ____D () C:\Users\shade\AppData\Local\Razer
2014-06-30 17:52 - 2014-07-01 21:51 - 00000000 ____D () C:\ProgramData\Razer
2014-06-30 17:52 - 2014-06-30 17:52 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-06-28 18:02 - 2014-06-28 19:49 - 00000000 ____D () C:\Users\shade\Desktop\FalloutMods
2014-06-28 17:59 - 2014-06-28 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2014-06-28 17:59 - 2014-06-28 17:59 - 00000000 ____D () C:\Program Files\Nexus Mod Manager
2014-06-28 17:41 - 2014-06-28 17:41 - 00000000 ____D () C:\Users\shade\AppData\Local\FalloutNV
2014-06-24 17:41 - 2014-06-24 17:41 - 00361110 _____ () C:\Users\shade\Documents\ts3_clientui-win64-1382530211-2014-06-24 17_41_18.925734.dmp
2014-06-22 23:13 - 2014-06-22 23:13 - 00000000 ____D () C:\Users\shade\Documents\NBGI
2014-06-22 23:13 - 2014-06-22 23:13 - 00000000 ____D () C:\Users\shade\Documents\Games for Windows - LIVE Demos
2014-06-22 23:12 - 2014-06-22 23:12 - 00000000 ____D () C:\Users\shade\AppData\Local\NBGI
2014-06-22 23:12 - 2014-06-22 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-06-22 16:58 - 2014-06-22 16:58 - 00320734 _____ () C:\Users\shade\Documents\ts3_clientui-win64-1382530211-2014-06-22 16_58_40.479805.dmp
2014-06-20 15:38 - 2014-06-20 15:38 - 00359614 _____ () C:\Users\shade\Documents\ts3_clientui-win64-1382530211-2014-06-20 15_38_40.251324.dmp
2014-06-20 00:34 - 2014-06-24 20:10 - 00000000 ____D () C:\Users\shade\Desktop\Dark Souls Fix
2014-06-19 09:37 - 2014-06-19 09:37 - 00344066 _____ () C:\Users\shade\Documents\ts3_clientui-win64-1382530211-2014-06-19 09_37_05.861679.dmp
2014-06-17 15:47 - 2014-06-17 15:47 - 00306266 _____ () C:\Users\shade\Documents\ts3_clientui-win64-1382530211-2014-06-17 15_47_06.357880.dmp
2014-06-16 17:06 - 2014-06-16 17:06 - 00000000 ____D () C:\Users\shade\AppData\Roaming\WTablet
2014-06-16 16:33 - 2014-06-16 16:33 - 00287455 _____ () C:\Users\shade\Documents\ts3_clientui-win64-1382530211-2014-06-16 16_33_15.682479.dmp
2014-06-16 15:12 - 2014-06-16 15:12 - 00389911 _____ () C:\Users\shade\Documents\ts3_clientui-win64-1382530211-2014-06-16 15_12_30.960377.dmp
2014-06-14 17:38 - 2014-06-14 17:38 - 00001931 _____ () C:\Users\Public\Desktop\NETGEAR A6200 Genie.lnk
2014-06-14 17:38 - 2014-06-14 17:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
2014-06-14 17:38 - 2014-06-14 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR A6200 Genie
2014-06-14 17:38 - 2010-06-26 01:07 - 00035344 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2014-06-14 17:37 - 2014-06-14 17:37 - 00000000 ____D () C:\Program Files (x86)\NETGEAR
2014-06-14 17:37 - 2013-02-28 17:54 - 02567984 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWLHIGH664.SYS
2014-06-14 17:37 - 2013-02-28 17:53 - 00096560 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2014-06-14 17:37 - 2013-02-28 16:56 - 03659264 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2014-06-14 17:37 - 2013-02-28 16:55 - 04395008 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2014-06-14 17:36 - 2014-06-14 17:36 - 00000000 ____D () C:\ProgramData\NETGEAR
2014-06-14 17:35 - 2014-06-14 17:35 - 00000000 ____D () C:\Users\shade\Desktop\network setup
 
==================== One Month Modified Files and Folders =======
 
2014-07-09 15:11 - 2014-07-09 15:10 - 00022516 _____ () C:\Users\shade\Downloads\FRST.txt
2014-07-09 15:11 - 2014-07-09 15:10 - 00000000 ____D () C:\FRST
2014-07-09 15:10 - 2014-07-09 15:10 - 02084352 _____ (Farbar) C:\Users\shade\Downloads\FRST64.exe
2014-07-09 15:08 - 2014-07-09 15:08 - 00000796 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-07-09 15:08 - 2014-07-09 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2014-07-09 15:08 - 2014-07-09 15:07 - 00000000 ____D () C:\Program Files\Speccy
2014-07-09 15:08 - 2012-08-31 22:14 - 00010536 _____ () C:\Windows\system32\lvcoinst.log
2014-07-09 15:07 - 2014-07-09 15:07 - 04890736 _____ (Piriform Ltd) C:\Users\shade\Downloads\spsetup126.exe
2014-07-09 14:50 - 2014-07-07 02:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-09 14:36 - 2014-07-07 01:31 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-09 14:14 - 2014-07-07 02:14 - 00000292 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-07-09 09:36 - 2012-08-15 03:54 - 01922874 _____ () C:\Windows\WindowsUpdate.log
2014-07-09 04:09 - 2013-08-15 17:09 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-09 04:09 - 2012-10-13 15:57 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-09 04:05 - 2013-08-15 17:09 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-07-09 04:04 - 2009-07-14 00:45 - 00026240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-09 04:04 - 2009-07-14 00:45 - 00026240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-09 04:01 - 2013-08-14 23:56 - 00000000 ____D () C:\ProgramData\Origin
2014-07-09 04:00 - 2013-08-14 23:56 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-09 03:56 - 2014-07-07 01:31 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-09 03:56 - 2014-07-06 05:46 - 00001064 _____ () C:\Windows\setupact.log
2014-07-09 03:55 - 2014-07-06 05:45 - 00007934 _____ () C:\Windows\PFRO.log
2014-07-09 03:55 - 2012-08-15 17:43 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-09 03:55 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-09 03:52 - 2014-07-08 23:03 - 00000000 ____D () C:\AdwCleaner
2014-07-09 03:50 - 2014-07-07 02:14 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 03:50 - 2014-07-07 02:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 03:50 - 2014-07-07 02:14 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 03:42 - 2014-07-09 03:42 - 00002162 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-07-09 03:42 - 2014-07-09 03:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-07-09 03:42 - 2014-07-09 03:42 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-07-09 03:42 - 2013-07-21 15:20 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-07-09 02:27 - 2012-12-25 16:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-08 23:03 - 2014-07-08 23:03 - 01348263 _____ () C:\Users\shade\Downloads\AdwCleaner.exe
2014-07-08 05:27 - 2014-07-03 04:03 - 00025628 _____ () C:\Users\shade\Desktop\dds.txt
2014-07-08 05:27 - 2014-07-03 04:03 - 00018880 _____ () C:\Users\shade\Desktop\attach.txt
2014-07-08 05:25 - 2014-07-08 05:25 - 00688992 ____R (Swearware) C:\Users\shade\Downloads\dds (1).com
2014-07-08 01:59 - 2012-11-10 05:38 - 00000000 ____D () C:\Users\shade\AppData\Local\CrashDumps
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT WWED1
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT WW2
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT WW1
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT WTUE1
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT WTHUR1
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT WMON1
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT WFRI1
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT W2
2014-07-07 15:49 - 2014-07-07 15:49 - 00003446 _____ () C:\Windows\System32\Tasks\WOT W1
2014-07-07 15:49 - 2014-07-07 15:49 - 00001891 _____ () C:\Users\shade\Desktop\WorldofTanks.lnk
2014-07-07 15:49 - 2014-07-07 15:49 - 00000000 ____D () C:\Users\shade\AppData\Roaming\WorldofTanks
2014-07-07 15:49 - 2014-07-07 15:49 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks
2014-07-07 15:49 - 2014-07-07 15:49 - 00000000 ____D () C:\Users\shade\AppData\Local\WorldofTanks
2014-07-07 15:48 - 2014-07-07 15:48 - 28114944 _____ () C:\Users\shade\Downloads\SkypeSetup.exe
2014-07-07 15:23 - 2014-07-07 15:23 - 00838296 _____ ( ) C:\Users\shade\Downloads\Skype_Setup.exe
2014-07-07 03:29 - 2014-07-06 01:12 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-07 03:26 - 2012-08-15 00:57 - 00000000 ____D () C:\Users\shade
2014-07-07 03:24 - 2014-07-07 02:35 - 00001648 _____ () C:\Windows\system32\ASOROSet.bin
2014-07-07 03:24 - 2009-07-13 22:34 - 67895296 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-07-07 03:24 - 2009-07-13 22:34 - 24903680 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-07-07 03:24 - 2009-07-13 22:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-07-07 03:21 - 2009-07-13 22:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-07-07 03:17 - 2014-05-12 22:34 - 00007610 _____ () C:\Users\shade\AppData\Local\Resmon.ResmonCfg
2014-07-07 03:15 - 2012-10-09 00:20 - 00000000 ____D () C:\Users\shade\AppData\Roaming\TS3Client
2014-07-07 02:35 - 2014-07-07 02:34 - 00000000 ____D () C:\Windows\system32\config\RCCBakup
2014-07-07 02:15 - 2014-07-07 02:15 - 00838296 _____ ( ) C:\Users\shade\Downloads\Adobe_Flash_Setup (1).exe
2014-07-07 02:14 - 2014-07-07 02:14 - 00003232 _____ () C:\Windows\System32\Tasks\Rocket Updater
2014-07-07 02:14 - 2014-07-07 02:13 - 00002577 _____ () C:\Users\shade\Desktop\StormFall.lnk
2014-07-07 02:13 - 2014-07-07 02:13 - 18583216 _____ (Adobe Systems Incorporated) C:\Users\shade\Downloads\install_flash_player_ax.exe
2014-07-07 02:13 - 2014-07-07 02:13 - 00003690 _____ () C:\Windows\System32\Tasks\StormFall W2
2014-07-07 02:13 - 2014-07-07 02:13 - 00003690 _____ () C:\Windows\System32\Tasks\StormFall W1
2014-07-07 02:13 - 2014-07-07 02:13 - 00003690 _____ () C:\Windows\System32\Tasks\StormFall TW2
2014-07-07 02:13 - 2014-07-07 02:13 - 00003690 _____ () C:\Windows\System32\Tasks\StormFall TW1
2014-07-07 02:13 - 2014-07-07 02:13 - 00000000 ____D () C:\Users\shade\AppData\Roaming\StormFall
2014-07-07 02:13 - 2014-07-07 02:13 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall
2014-07-07 02:12 - 2014-07-07 02:12 - 00838296 _____ ( ) C:\Users\shade\Downloads\Adobe_Flash_Setup.exe
2014-07-07 02:12 - 2014-07-07 02:12 - 00000000 ____D () C:\Users\shade\AppData\Local\StormFall
2014-07-07 01:37 - 2014-07-07 01:37 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-07 01:36 - 2014-07-07 01:37 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-07 01:36 - 2014-07-07 01:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-07 01:36 - 2014-07-07 01:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-07 01:36 - 2014-07-07 01:36 - 00000000 ____D () C:\Program Files\Java
2014-07-07 01:32 - 2014-07-07 01:32 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-07 01:32 - 2014-07-07 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-07 01:32 - 2012-08-15 14:00 - 00000000 ____D () C:\Users\shade\AppData\Local\Google
2014-07-07 01:32 - 2012-08-15 14:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-07 01:31 - 2014-07-07 01:31 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-07 01:31 - 2014-07-07 01:31 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-07 01:30 - 2014-07-07 01:30 - 00895120 _____ (Google Inc.) C:\Users\shade\Downloads\ChromeSetup.exe
2014-07-07 01:17 - 2012-11-20 19:36 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-07 01:16 - 2012-08-15 14:01 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Adobe
2014-07-07 01:16 - 2012-08-15 13:59 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-07 01:14 - 2012-08-15 14:00 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-07-07 01:12 - 2014-07-07 01:10 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Trillian
2014-07-07 01:10 - 2014-07-07 01:10 - 00001105 _____ () C:\Users\shade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trillian.lnk
2014-07-07 01:10 - 2014-07-07 01:10 - 00001075 _____ () C:\Users\shade\Desktop\Trillian.lnk
2014-07-07 01:10 - 2014-07-07 01:09 - 00000000 ____D () C:\Program Files (x86)\Trillian
2014-07-07 01:05 - 2014-07-07 01:04 - 21966664 _____ () C:\Users\shade\Downloads\trillian-v5.4.0.16.exe
2014-07-07 01:05 - 2012-08-29 19:51 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-07 01:04 - 2012-08-29 19:51 - 00000000 ____D () C:\ProgramData\Skype
2014-07-07 01:01 - 2014-07-07 01:01 - 00000000 ____D () C:\Users\shade\AppData\Local\Macromedia
2014-07-07 01:00 - 2014-07-07 01:00 - 00003128 _____ () C:\Windows\System32\Tasks\{142164B2-7F42-43BA-8801-FF8A1FCEE699}
2014-07-07 00:52 - 2014-07-07 00:51 - 00000000 ____D () C:\Users\shade\AppData\Local\Mozilla
2014-07-07 00:51 - 2014-07-07 00:51 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-07 00:51 - 2014-07-07 00:51 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-07 00:51 - 2014-07-07 00:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-07 00:50 - 2014-07-07 00:50 - 00284224 _____ (Mozilla) C:\Users\shade\Documents\Firefox Setup Stub 30.0.exe
2014-07-06 21:47 - 2012-08-29 19:51 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Skype
2014-07-06 06:03 - 2012-11-20 09:15 - 00000000 ____D () C:\Users\shade\AppData\Roaming\vlc
2014-07-06 05:46 - 2014-07-06 05:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-06 05:46 - 2014-07-06 05:45 - 04966136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-06 03:10 - 2014-07-06 03:10 - 02347384 _____ (ESET) C:\Users\shade\Documents\esetsmartinstaller_enu.exe
2014-07-06 01:26 - 2014-07-06 01:25 - 00000000 ____D () C:\Users\shade\AppData\Roaming\DropboxMaster
2014-07-06 01:26 - 2014-07-06 01:22 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Dropbox
2014-07-06 01:25 - 2014-07-06 01:25 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-06 01:12 - 2014-07-06 01:12 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-06 01:12 - 2014-07-06 01:12 - 00000000 ____D () C:\Users\shade\AppData\Roaming\AVAST Software
2014-07-06 01:12 - 2014-07-06 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-06 01:12 - 2014-07-06 01:11 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-06 01:10 - 2014-07-06 01:11 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-06 01:10 - 2014-07-06 01:11 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-06 01:10 - 2014-07-06 01:11 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-06 01:10 - 2014-07-06 01:11 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-06 01:10 - 2014-07-06 01:11 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-06 01:10 - 2014-07-06 01:11 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-06 01:10 - 2014-07-06 01:11 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-06 01:10 - 2014-07-06 01:10 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-06 01:10 - 2014-07-06 01:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-06 01:08 - 2014-07-06 01:08 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-06 01:08 - 2014-07-06 01:07 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-06 01:06 - 2014-07-06 01:06 - 04862664 _____ (AVAST Software) C:\Users\shade\Downloads\avast_free_antivirus_setup_online.exe
2014-07-06 01:06 - 2014-07-06 01:06 - 00065384 _____ () C:\Users\shade\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-06 00:58 - 2014-07-06 00:58 - 00032950 _____ () C:\Users\shade\Desktop\cc_20140706_005813.reg
2014-07-06 00:56 - 2013-10-16 13:26 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Winamp
2014-07-06 00:56 - 2012-08-15 04:50 - 00000000 ____D () C:\Windows\Panther
2014-07-05 21:53 - 2013-01-20 17:25 - 00000000 ____D () C:\Windows\pss
2014-07-05 20:59 - 2012-10-07 22:53 - 00000000 ____D () C:\Users\shade\AppData\Local\CRE
2014-07-05 20:08 - 2014-07-05 20:08 - 02388336 _____ (Reason Company Software Inc.) C:\Users\shade\Downloads\herdProtectScan_Setup.exe
2014-07-05 20:08 - 2014-07-05 20:08 - 00001113 _____ () C:\Users\Public\Desktop\herdProtect.lnk
2014-07-05 20:08 - 2014-07-05 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect
2014-07-05 20:08 - 2014-07-05 20:08 - 00000000 ____D () C:\Program Files\Reason
2014-07-05 02:35 - 2009-07-14 01:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-07-04 19:05 - 2014-07-04 19:03 - 00000339 _____ () C:\ProgramData\1404514982.3008.bin
2014-07-04 19:03 - 2014-07-04 19:03 - 00040838 _____ () C:\ProgramData\1404514982.6420.bin
2014-07-04 19:03 - 2014-07-04 19:03 - 00002052 _____ () C:\ProgramData\1404514982.7660.bin
2014-07-04 19:03 - 2014-07-04 19:03 - 00000000 ____D () C:\Users\shade\AppData\Roaming\QuickScan
2014-07-04 19:02 - 2014-07-04 19:02 - 10447328 _____ () C:\Users\shade\Downloads\Antivirus_Free_Edition_x64.exe
2014-07-04 19:02 - 2014-07-04 19:02 - 00162208 _____ () C:\Users\shade\Downloads\Antivirus_Free_Edition.exe
2014-07-03 22:54 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-03 22:26 - 2014-07-03 22:26 - 02682880 _____ () C:\Users\shade\Downloads\AdbeRdrSecUpd11005.msp
2014-07-03 22:21 - 2013-07-30 22:08 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Malwarebytes
2014-07-03 22:21 - 2013-07-30 22:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-03 22:21 - 2013-07-30 22:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-03 17:43 - 2014-07-03 17:42 - 35314816 _____ (Skype Technologies S.A.) C:\Users\shade\Downloads\SkypeSetupFull.exe
2014-07-03 05:24 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-03 05:17 - 2014-07-03 05:17 - 04991400 _____ (Adobe Systems Inc.) C:\Users\shade\Downloads\Shockwave_Installer_Slim.exe
2014-07-03 04:08 - 2014-07-03 04:08 - 00011960 _____ () C:\Users\shade\Downloads\attach.txt
2014-07-03 04:01 - 2014-07-03 04:01 - 00688992 ____R (Swearware) C:\Users\shade\Downloads\dds.com
2014-07-03 01:30 - 2014-07-03 01:30 - 01243655 _____ () C:\Users\shade\Downloads\ProcessExplorer.zip
2014-07-02 21:04 - 2014-07-02 21:04 - 00000000 __SHD () C:\Users\shade\AppData\Local\EmieUserList
2014-07-02 21:04 - 2014-07-02 21:04 - 00000000 __SHD () C:\Users\shade\AppData\Local\EmieSiteList
2014-07-02 18:56 - 2012-08-15 00:58 - 00001409 _____ () C:\Users\shade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-02 18:55 - 2012-10-07 22:53 - 00000660 __RSH () C:\Users\shade\ntuser.pol
2014-07-02 18:40 - 2013-03-20 04:30 - 00000000 ____D () C:\Windows\rescache
2014-07-02 18:10 - 2009-07-14 01:13 - 00006206 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-02 18:02 - 2013-03-13 03:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-02 18:02 - 2013-03-13 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-02 17:59 - 2014-07-02 17:59 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-02 17:59 - 2009-07-14 03:47 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-02 17:59 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-07-02 17:59 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-07-02 17:59 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-02 17:49 - 2014-02-27 20:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-02 17:02 - 2014-07-02 17:02 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-02 17:02 - 2014-07-02 17:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-02 17:02 - 2014-07-02 17:02 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-02 17:02 - 2014-07-02 17:02 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-02 17:02 - 2014-07-02 17:02 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-07-02 17:02 - 2014-07-02 17:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-07-02 17:02 - 2014-07-02 17:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-07-02 17:02 - 2014-07-02 17:02 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-07-02 17:02 - 2014-07-02 17:02 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00266456 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00240856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-07-02 17:02 - 2014-07-02 17:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-07-02 17:02 - 2014-07-02 17:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-07-02 17:02 - 2014-07-02 17:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-02 17:02 - 2014-07-02 17:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-02 16:10 - 2013-07-30 21:02 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-07-02 16:10 - 2013-07-30 21:02 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-07-02 16:09 - 2013-07-30 21:01 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-02 16:09 - 2013-07-30 21:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-07-02 15:41 - 2013-03-13 03:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-02 15:10 - 2014-01-18 19:45 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-02 15:09 - 2014-07-02 15:08 - 00004416 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-02 15:09 - 2013-06-16 08:09 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-02 14:31 - 2014-05-02 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD
2014-07-02 14:31 - 2014-03-28 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2014-07-02 00:54 - 2014-07-02 00:52 - 00000000 ____D () C:\Users\shade\AppData\Local\NVIDIA
2014-07-02 00:53 - 2014-07-02 00:53 - 00001343 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-07-02 00:53 - 2014-07-02 00:52 - 00000000 ____D () C:\Users\shade\AppData\Local\NVIDIA Corporation
2014-07-02 00:53 - 2012-08-15 17:43 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-07-02 00:52 - 2012-08-15 17:43 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-02 00:52 - 2012-08-15 17:42 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-02 00:51 - 2014-07-02 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-02 00:51 - 2014-07-02 00:51 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-07-02 00:38 - 2014-07-02 00:38 - 00000000 ____D () C:\NVIDIA
2014-07-01 23:12 - 2013-08-20 15:15 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-07-01 21:51 - 2014-06-30 17:53 - 00000000 ____D () C:\Users\shade\AppData\Local\Razer
2014-07-01 21:51 - 2014-06-30 17:52 - 00000000 ____D () C:\ProgramData\Razer
2014-07-01 21:48 - 2012-12-08 04:07 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-07-01 21:10 - 2013-06-05 02:36 - 00000000 ___RD () C:\Users\shade\Dropbox
2014-07-01 00:20 - 2013-07-12 16:35 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Xfire
2014-07-01 00:20 - 2013-07-12 16:35 - 00000000 ____D () C:\ProgramData\Xfire
2014-07-01 00:19 - 2013-03-19 11:58 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Splashtop
2014-07-01 00:19 - 2012-08-15 01:07 - 00000000 ____D () C:\ProgramData\Splashtop
2014-07-01 00:19 - 2012-08-15 01:02 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Splashtop
2014-07-01 00:14 - 2013-10-16 00:28 - 00000919 _____ () C:\Users\shade\AppData\Roaming\trace_FilterInstaller.txt
2014-07-01 00:14 - 2013-10-16 00:28 - 00000000 _____ () C:\Users\shade\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2014-07-01 00:03 - 2012-08-15 01:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-30 23:52 - 2013-03-28 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
2014-06-30 23:52 - 2013-03-28 23:05 - 00000000 ____D () C:\Program Files (x86)\MagicDisc
2014-06-30 23:51 - 2013-03-28 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
2014-06-30 23:47 - 2014-05-11 11:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AsfTools
2014-06-30 23:47 - 2013-08-25 21:39 - 00000000 ____D () C:\Users\shade\Desktop\Desktop Games
2014-06-30 23:46 - 2012-10-11 02:22 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-06-30 23:46 - 2012-10-11 02:22 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-06-30 23:43 - 2013-09-28 16:18 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2
2014-06-30 23:43 - 2013-09-28 15:43 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Guild Wars 2
2014-06-30 23:21 - 2013-10-12 18:00 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-30 23:18 - 2013-10-12 18:04 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-06-30 23:08 - 2012-08-15 01:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2014-06-30 23:08 - 2012-08-15 01:06 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2014-06-30 23:07 - 2012-12-08 04:08 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-06-30 17:55 - 2014-06-30 17:55 - 00000000 ____D () C:\Users\shade\Documents\Razer
2014-06-30 17:55 - 2014-06-30 17:55 - 00000000 ____D () C:\Users\shade\AppData\Local\Razer_Inc
2014-06-30 17:52 - 2014-06-30 17:52 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-06-30 17:44 - 2013-08-15 17:09 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-29 21:38 - 2012-09-04 19:08 - 00000000 ____D () C:\Users\shade\Documents\My Games
2014-06-29 21:06 - 2013-12-17 15:26 - 00000000 ____D () C:\Users\shade\AppData\Local\DayZ
2014-06-28 19:49 - 2014-06-28 18:02 - 00000000 ____D () C:\Users\shade\Desktop\FalloutMods
2014-06-28 18:51 - 2013-07-02 21:26 - 00000000 ____D () C:\Users\shade\AppData\Local\Skyrim
2014-06-28 17:59 - 2014-06-28 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2014-06-28 17:59 - 2014-06-28 17:59 - 00000000 ____D () C:\Program Files\Nexus Mod Manager
2014-06-28 17:59 - 2013-07-10 01:08 - 00000000 ____D () C:\Users\shade\AppData\Local\Black_Tree_Gaming
2014-06-28 17:41 - 2014-06-28 17:41 - 00000000 ____D () C:\Users\shade\AppData\Local\FalloutNV
2014-06-28 15:22 - 2012-10-28 13:33 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT
2014-06-27 21:23 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-24 20:10 - 2014-06-20 00:34 - 00000000 ____D () C:\Users\shade\Desktop\Dark Souls Fix
2014-06-24 17:41 - 2014-06-24 17:41 - 00361110 _____ () C:\Users\shade\Documents\ts3_clientui-win64-1382530211-2014-06-24 17_41_18.925734.dmp
2014-06-22 23:13 - 2014-06-22 23:13 - 00000000 ____D () C:\Users\shade\Documents\NBGI
2014-06-22 23:13 - 2014-06-22 23:13 - 00000000 ____D () C:\Users\shade\Documents\Games for Windows - LIVE Demos
2014-06-22 23:12 - 2014-06-22 23:12 - 00000000 ____D () C:\Users\shade\AppData\Local\NBGI
2014-06-22 23:12 - 2014-06-22 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-06-22 23:12 - 2013-01-20 06:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-06-22 16:58 - 2014-06-22 16:58 - 00320734 _____ () C:\Users\shade\Documents\ts3_clientui-win64-1382530211-2014-06-22 16_58_40.479805.dmp
2014-06-21 00:36 - 2012-09-01 01:22 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Mumble
2014-06-20 20:57 - 2012-08-15 15:27 - 00000000 ____D () C:\Users\shade\AppData\Local\ArmA 2 OA
2014-06-20 15:38 - 2014-06-20 15:38 - 00359614 _____ () C:\Users\shade\Documents\ts3_clientui-win64-1382530211-2014-06-20 15_38_40.251324.dmp
2014-06-19 09:37 - 2014-06-19 09:37 - 00344066 _____ () C:\Users\shade\Documents\ts3_clientui-win64-1382530211-2014-06-19 09_37_05.861679.dmp
2014-06-17 15:47 - 2014-06-17 15:47 - 00306266 _____ () C:\Users\shade\Documents\ts3_clientui-win64-1382530211-2014-06-17 15_47_06.357880.dmp
2014-06-16 21:07 - 2012-08-31 22:14 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-06-16 17:06 - 2014-06-16 17:06 - 00000000 ____D () C:\Users\shade\AppData\Roaming\WTablet
2014-06-16 16:33 - 2014-06-16 16:33 - 00287455 _____ () C:\Users\shade\Documents\ts3_clientui-win64-1382530211-2014-06-16 16_33_15.682479.dmp
2014-06-16 15:12 - 2014-06-16 15:12 - 00389911 _____ () C:\Users\shade\Documents\ts3_clientui-win64-1382530211-2014-06-16 15_12_30.960377.dmp
2014-06-16 13:51 - 2014-03-28 22:14 - 00000000 ____D () C:\Users\shade\Zomboid
2014-06-16 11:43 - 2013-07-01 09:22 - 00000000 ____D () C:\Users\shade\AppData\Roaming\quassel-irc.org
2014-06-15 18:07 - 2012-08-15 01:24 - 00000000 ____D () C:\Users\shade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-14 17:38 - 2014-06-14 17:38 - 00001931 _____ () C:\Users\Public\Desktop\NETGEAR A6200 Genie.lnk
2014-06-14 17:38 - 2014-06-14 17:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
2014-06-14 17:38 - 2014-06-14 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR A6200 Genie
2014-06-14 17:37 - 2014-06-14 17:37 - 00000000 ____D () C:\Program Files (x86)\NETGEAR
2014-06-14 17:36 - 2014-06-14 17:36 - 00000000 ____D () C:\ProgramData\NETGEAR
2014-06-14 17:36 - 2014-02-02 04:06 - 00000000 ____D () C:\Users\shade\Desktop\End of the World
2014-06-14 17:35 - 2014-06-14 17:35 - 00000000 ____D () C:\Users\shade\Desktop\network setup
2014-06-11 04:57 - 2014-07-02 00:45 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-06-11 04:57 - 2014-07-02 00:45 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-06-11 04:57 - 2014-07-02 00:45 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
 
Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\Users\shade\jagex_cl_runescape_LIVE.dat
 
 
Some content of TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\WarThunderLauncher_1.0.1.171_updHMSVMTBF.exe
C:\Users\Guest\AppData\Local\Temp\WarThunderLauncher_1.0.1.171_updQNXVGYGP.exe
C:\Users\shade\AppData\Local\Temp\95059uninstall.exe
C:\Users\shade\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqu4n3g.dll
C:\Users\shade\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\shade\AppData\Local\Temp\Quarantine.exe
C:\Users\shade\AppData\Local\Temp\speccycpuid.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-08 11:53
 
==================== End Of Log ============================
 
 
And now for the addition: 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2014
Ran by shade at 2014-07-09 15:12:52
Running from C:\Users\shade\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Addon Sync 2009 (HKLM-x32\...\{D0F8E1A1-55DC-4B8A-925A-CD4BAFB797F9}) (Version: 1.0.66 - YomaTools)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 2.5.775.2 - Advanced Micro Devices Inc.) Hidden
America's Army: Proving Grounds Beta (HKLM-x32\...\Steam App 203290) (Version:  - )
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Arma 2: Private Military Company (HKLM-x32\...\Steam App 65720) (Version:  - Bohemia Interactive)
ArmA II Launcher (HKLM-x32\...\{EACFCDA4-3286-4DEB-92D8-53006239F347}) (Version: 1.4.1.0 - Spirited Machine)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - Dylan Fitterer)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.3.0 - Auslogics Labs Pty Ltd)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
AVG PC TuneUp Language Pack (en-US) (x32 Version: 12.0.4000.108 - AVG Technologies) Hidden
Battle for Wesnoth 1.10.5 (HKCU\...\Battle for Wesnoth 1.10.5) (Version: 1.10.5 - )
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield Play4Free (HKCU\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version:  - DICE)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version:  - )
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Broforce (HKLM-x32\...\Steam App 274190) (Version:  - Free Lives)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version:  - Criterion Games)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{DC1F4DB8-FC61-4669-93D3-80722348102D}) (Version: 1.09.67 - Dotjosh Studios)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Dead Space 2 (HKLM-x32\...\Steam App 47780) (Version:  - Visceral Games)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Electric Sheep 2.7b34c (HKLM-x32\...\Electric Sheep) (Version: 2.7b34c - Electricsheep)
Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
File Splitter and Joiner (FFSJ v3.3) (HKLM-x32\...\File Splitter and Joiner_is1) (Version:  - Le Minh Hoang)
Floating Point (HKLM-x32\...\Steam App 302380) (Version:  - Suspicious Developments)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)
HydraVision (x32 Version: 4.2.216.0 - Advanced Micro Devices, Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version:  - JC2-MP Team)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
Medal of Honor™ Multiplayer (HKLM-x32\...\Steam App 47830) (Version:  - Electronic Arts)
Medal of Honor™ Single Player (HKLM-x32\...\Steam App 47790) (Version:  - Electronic Arts)
Metal Slug 3 (HKLM-x32\...\Steam App 250180) (Version:  - DotEmu)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - Tale Worlds)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig)
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version:  - Unknown Worlds Entertainment)
NETGEAR A6200 Genie (HKLM-x32\...\{48E61F3E-61D4-42A3-9D29-D0CF40838779}) (Version: 26.0.0.0 - NETGEAR)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.50.3 - Black Tree Gaming)
NightSky (HKLM-x32\...\Steam App 99700) (Version:  - Nicalis)
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version:  - No More Room in Hell Team)
NVIDIA 3D Vision Controller Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
openCanvas 5.5.14 (HKLM-x32\...\{CE1A5F24-49C6-456A-93D1-5A860A711D53}}_is1) (Version: 5.5.14 - PGN Co. Ltd.)
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Penumbra: Black Plague (HKLM-x32\...\Steam App 22120) (Version:  - Frictional Games)
Penumbra: Overture (HKLM-x32\...\Steam App 22180) (Version:  - Frictional Games)
Penumbra: Requiem (HKLM-x32\...\Steam App 22140) (Version:  - Frictional Games)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Poker Night at the Inventory (HKLM-x32\...\Steam App 31280) (Version:  - Telltale Games)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Project Zomboid (HKLM-x32\...\Steam App 108600) (Version:  - Indie Stone Studios)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Quassel (remove only) (HKLM-x32\...\Quassel) (Version: 0.9.0 - KDE)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.5 r1842 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.531.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6423 - Realtek Semiconductor Corp.)
Red Faction: Armageddon (HKLM-x32\...\Steam App 55110) (Version:  - Volition)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
S.T.A.L.K.E.R.: Call of Pripyat (HKLM-x32\...\Steam App 41700) (Version:  - GSC Game World)
S.T.A.L.K.E.R.: Clear Sky (HKLM-x32\...\Steam App 20510) (Version:  - GSC Game World)
S.T.A.L.K.E.R.: Shadow of Chernobyl (HKLM-x32\...\Steam App 4500) (Version:  - GSC Game World)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Smart 6 B11.0824.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version:  - Mike Bithell)
Tom Clancy's Ghost Recon Phantoms - NA (HKLM-x32\...\Steam App 243870) (Version:  - Ubisoft Singapore)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Tribes: Ascend (HKLM-x32\...\Steam App 17080) (Version:  - Hi-Rez Studios)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Ventrilo Client (HKLM-x32\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VVVVVV version 2.0 (HKLM-x32\...\{C39601A7-9FF4-4148-A41B-93181E35D122}_is1) (Version: 2.0 - Terry Cavanagh)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WorldofTanks (HKCU\...\WorldofTanks) (Version:  - WorldofTanks)
Worms Clan Wars (HKLM-x32\...\Steam App 233840) (Version:  - Team17 Digital Ltd)
 
==================== Restore Points  =========================
 
07-07-2014 05:01:22 Removed Skype Click to Call
07-07-2014 05:02:13 Removed Skype™ 6.16
07-07-2014 05:15:20 Removed Adobe Reader XI.
07-07-2014 06:22:09 RegClean Pro Mon, Jul 07, 14  02:22
09-07-2014 08:09:30 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0ADB3D3B-EAF4-4540-9BC6-AC8969042CE0} - System32\Tasks\StormFall W1 => Chrome.exe --app=http://plarium.com/play/en/stormfall/dragon04?adCampaign=23637&amp;clickID=zytDtB0BtAyEtCtDtC0FyCyE0F0B0B0E&amp;publisherID=2_1_2_28_33 --app-window-size=1920,1080
Task: {0BD2BDA6-5A96-463D-BF05-273D9BB43F46} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {419A7DF7-7CF2-4F02-8561-04B36D0B5364} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-07] (Google Inc.)
Task: {41A90164-0420-402D-BC40-B7878CFEFF15} - System32\Tasks\WOT W1 => Iexplore.exe http://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {4457EFFC-9F0D-498C-A7B5-71A17EF25BF7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {448652E2-D823-4278-A9E0-8F6DC6826E4D} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {4FD44F00-C69E-45E1-B8C1-F55DCCDBF0E8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {518000E9-4497-494F-92F3-0319EC25F38F} - System32\Tasks\StormFall TW1 => Chrome.exe --app=http://plarium.com/play/en/stormfall/dragon04?adCampaign=23637&amp;clickID=zytDtB0BtAyEtCtDtC0FyCyE0F0B0B0E&amp;publisherID=2_1_2_28_33 --app-window-size=1920,1080
Task: {60C82452-D072-4184-B1A8-7F025AAE7B2F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-07] (Google Inc.)
Task: {63DF5D36-4D27-48BC-9689-5FD821E5CDC9} - System32\Tasks\Rocket Updater => C:\Users\shade\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {65B5CBEB-5DAC-46D5-8D44-889327198833} - System32\Tasks\{A613A1C8-A284-45EA-8E99-2F7451BB1372} => C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Redist\pbsvc_blr.exe
Task: {69A278A1-F662-4A25-BF3E-965319AA6F5C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {75857B62-DDBB-4C94-B7E1-6B2CF39862ED} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {7B9798BB-E03A-4E9A-B173-91936D15D80B} - System32\Tasks\WOT WWED1 => Iexplore.exe http://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {7D0261C1-3D32-4BBA-B8FE-C33FCE9B4A2A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {8CE3B7BD-E570-407B-B2D2-8254012115EB} - System32\Tasks\{D056391D-4EA5-498D-AD80-6DAEEDC27AFB} => C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Redist\pbsvc_blr.exe
Task: {91D5B87F-2472-4E68-B8CA-F850D29129ED} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {94AC94B7-AD5C-4B69-BA35-5BF140F7FA46} - System32\Tasks\WOT WMON1 => Iexplore.exe http://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {9EEE8CF6-5AB3-440C-A044-2D38064A95D5} - System32\Tasks\WOT W2 => Iexplore.exe http://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {A07D4943-E915-4F6C-865C-C565FFE7D78A} - System32\Tasks\WOT WW2 => Iexplore.exe http://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {A5ABAB92-69BE-49F8-B9B3-3940269C933A} - System32\Tasks\StormFall TW2 => Chrome.exe --app=http://plarium.com/play/en/stormfall/dragon04?adCampaign=23637&amp;clickID=zytDtB0BtAyEtCtDtC0FyCyE0F0B0B0E&amp;publisherID=2_1_2_28_33 --app-window-size=1920,1080
Task: {BA0CF482-E57C-40C4-821D-B0EA228FCE77} - System32\Tasks\WOT WW1 => Iexplore.exe http://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {BD2D8D1D-C55B-4D43-A2C5-3462EF9C1EF8} - System32\Tasks\{5D1DFFA0-A64A-4F9F-8A12-1DD9D64215EB} => C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Redist\pbsvc_blr.exe
Task: {BD6EA0BA-C18F-43B0-A1F1-3E47A3BEC2AC} - System32\Tasks\{F7942E41-11EC-469F-B281-55BA1811A0F8} => C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Redist\pbsvc_blr.exe
Task: {C08CF9CC-5993-4921-A06F-44696D736066} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-06] (AVAST Software)
Task: {CE4AC383-2445-4706-A51B-10D808340E1F} - System32\Tasks\StormFall W2 => Chrome.exe --app=http://plarium.com/play/en/stormfall/dragon04?adCampaign=23637&amp;clickID=zytDtB0BtAyEtCtDtC0FyCyE0F0B0B0E&amp;publisherID=2_1_2_28_33 --app-window-size=1920,1080
Task: {CF7BB7F3-F6F6-442D-A57A-F2F0DB60486B} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {D05B2B2D-B83D-4877-9FF1-A3280A39F5C7} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {D648110D-42D6-44D4-812A-7FA62D975EBA} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {DF752AA2-FA16-471C-8B71-2E85794D5843} - System32\Tasks\WOT WTHUR1 => Iexplore.exe http://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {F20BA4D5-15D4-44EC-8C97-A1521E850DF8} - System32\Tasks\WOT WTUE1 => Iexplore.exe http://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {F40346BD-08F4-44B7-B2CD-7A8A05E3B82D} - System32\Tasks\PCHB_shade_PCHealthBoost_SG24 => C:\Program Files (x86)\PC HealthBoost\PCHealthBoost.exe
Task: {F7BF01A7-8B33-4454-9F89-8D4268259D2A} - System32\Tasks\WOT WFRI1 => Iexplore.exe http://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\shade\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2012-08-15 17:43 - 2014-05-19 21:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-15 17:09 - 2014-06-30 17:44 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-14 17:37 - 2014-03-14 16:31 - 00018944 _____ () C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe
2014-03-12 01:41 - 2014-01-13 12:24 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2009-10-14 13:36 - 2009-10-14 13:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2014-07-06 01:10 - 2014-07-06 01:10 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-08 11:24 - 2014-07-08 11:24 - 02789888 _____ () C:\Program Files\AVAST Software\Avast\defs\14070801\algo.dll
2014-07-09 07:56 - 2014-07-09 07:56 - 02789888 _____ () C:\Program Files\AVAST Software\Avast\defs\14070900\algo.dll
2014-06-14 17:37 - 2014-03-11 15:21 - 00106496 _____ () C:\Program Files (x86)\NETGEAR\A6200\GWlanController.dll
2014-06-14 17:37 - 2013-03-26 17:00 - 00018944 _____ () C:\Program Files (x86)\NETGEAR\A6200\GWPSController.dll
2014-07-06 01:10 - 2014-07-06 01:10 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-06-09 22:44 - 2014-05-30 21:27 - 01116672 _____ () D:\steam\libavcodec-55.dll
2014-05-01 10:39 - 2014-05-30 21:27 - 00438784 _____ () D:\steam\libavutil-53.dll
2014-06-09 22:44 - 2014-05-30 21:27 - 00399360 _____ () D:\steam\libavformat-55.dll
2014-01-08 00:32 - 2014-05-30 21:27 - 00331264 _____ () D:\steam\libavresample-1.dll
2013-03-12 17:10 - 2014-06-26 18:40 - 00764416 _____ () D:\steam\SDL2.dll
2014-06-09 22:44 - 2014-06-30 17:47 - 02139328 _____ () D:\steam\video.dll
2014-06-09 22:44 - 2014-04-28 20:37 - 00519168 _____ () D:\steam\libswscale-2.dll
2012-08-15 01:21 - 2014-06-30 17:46 - 01116864 _____ () D:\steam\bin\chromehtml.DLL
2012-08-15 01:21 - 2014-05-01 19:35 - 20628160 _____ () D:\steam\bin\libcef.dll
2012-08-15 01:21 - 2013-06-14 19:49 - 01100800 _____ () D:\steam\bin\avcodec-53.dll
2012-08-15 01:21 - 2013-06-14 19:49 - 00124416 _____ () D:\steam\bin\avutil-51.dll
2012-08-15 01:21 - 2013-06-14 19:49 - 00192000 _____ () D:\steam\bin\avformat-53.dll
2014-02-22 13:09 - 2014-06-25 22:25 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-02-22 13:09 - 2014-06-25 22:25 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-02-22 13:09 - 2014-06-25 22:25 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-02-22 13:09 - 2014-06-25 22:25 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-02-22 13:09 - 2014-06-25 22:25 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-02-22 13:09 - 2014-06-25 22:25 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-02-22 13:09 - 2014-06-25 22:25 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-02-22 13:09 - 2014-06-25 22:25 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-07-07 01:32 - 2014-06-05 09:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-07-07 01:32 - 2014-06-05 09:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-07-07 01:32 - 2014-06-05 09:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-07-07 01:32 - 2014-06-05 09:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-07-07 01:32 - 2014-06-05 09:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-07-07 01:32 - 2014-06-05 09:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
MSCONFIG\startupreg: DW7 => "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/08/2014 01:59:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rstrui.exe, version: 6.1.7601.17514, time stamp: 0x4ce7990c
Faulting module name: rstrui.exe, version: 6.1.7601.17514, time stamp: 0x4ce7990c
Exception code: 0xc000041d
Fault offset: 0x000000000001d4f9
Faulting process id: 0x2b9c
Faulting application start time: 0xrstrui.exe0
Faulting application path: rstrui.exe1
Faulting module path: rstrui.exe2
Report Id: rstrui.exe3
 
Error: (07/08/2014 01:59:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rstrui.exe, version: 6.1.7601.17514, time stamp: 0x4ce7990c
Faulting module name: rstrui.exe, version: 6.1.7601.17514, time stamp: 0x4ce7990c
Exception code: 0xc0000005
Fault offset: 0x000000000001d4f9
Faulting process id: 0x2b9c
Faulting application start time: 0xrstrui.exe0
Faulting application path: rstrui.exe1
Faulting module path: rstrui.exe2
Report Id: rstrui.exe3
 
Error: (07/07/2014 03:29:02 AM) (Source: WTabletServiceCon) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
 
Error: (07/07/2014 03:16:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ts3client_win64.exe version 3.0.13.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 19d4
 
Start Time: 01cf99b32ea42ddf
 
Termination Time: 9
 
Application Path: C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
 
Report Id: 9a926edd-05a6-11e4-896a-902b34101f64
 
Error: (07/07/2014 01:26:13 AM) (Source: WTabletServiceCon) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
 
Error: (07/06/2014 07:13:24 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (07/06/2014 06:37:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Skype.exe version 6.16.60.105 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1130
 
Start Time: 01cf98ff64980db1
 
Termination Time: 60000
 
Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe
 
Report Id: 633ecd49-04f9-11e4-8913-902b34101f64
 
Error: (07/06/2014 06:00:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rstrui.exe, version: 6.1.7601.17514, time stamp: 0x4ce7990c
Faulting module name: rstrui.exe, version: 6.1.7601.17514, time stamp: 0x4ce7990c
Exception code: 0xc0000005
Fault offset: 0x000000000001d4f9
Faulting process id: 0x97c
Faulting application start time: 0xrstrui.exe0
Faulting application path: rstrui.exe1
Faulting module path: rstrui.exe2
Report Id: rstrui.exe3
 
Error: (07/06/2014 04:39:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program perfmon.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: cc8
 
Start Time: 01cf98d4e0ad7ba4
 
Termination Time: 66
 
Application Path: C:\Windows\System32\perfmon.exe
 
Report Id: 12084fa9-04e9-11e4-ab7e-902b34101f64
 
Error: (07/06/2014 03:11:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 
System errors:
=============
Error: (07/09/2014 10:54:29 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (07/09/2014 10:54:27 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (07/09/2014 05:50:28 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (07/09/2014 05:50:26 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (07/09/2014 05:23:31 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (07/09/2014 05:23:29 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (07/09/2014 04:18:36 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (07/09/2014 04:18:34 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (07/09/2014 04:18:32 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (07/09/2014 04:18:30 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
 
Microsoft Office Sessions:
=========================
Error: (07/08/2014 01:59:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: rstrui.exe6.1.7601.175144ce7990crstrui.exe6.1.7601.175144ce7990cc000041d000000000001d4f92b9c01cf9a71a4a09e75C:\Windows\system32\rstrui.exeC:\Windows\system32\rstrui.exe05b37a60-0665-11e4-b086-902b34101f64
 
Error: (07/08/2014 01:59:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: rstrui.exe6.1.7601.175144ce7990crstrui.exe6.1.7601.175144ce7990cc0000005000000000001d4f92b9c01cf9a71a4a09e75C:\Windows\system32\rstrui.exeC:\Windows\system32\rstrui.exe027978f8-0665-11e4-b086-902b34101f64
 
Error: (07/07/2014 03:29:02 AM) (Source: WTabletServiceCon) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
 
Error: (07/07/2014 03:16:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ts3client_win64.exe3.0.13.019d401cf99b32ea42ddf9C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe9a926edd-05a6-11e4-896a-902b34101f64
 
Error: (07/07/2014 01:26:13 AM) (Source: WTabletServiceCon) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
 
Error: (07/06/2014 07:13:24 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (07/06/2014 06:37:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe6.16.60.105113001cf98ff64980db160000C:\Program Files (x86)\Skype\Phone\Skype.exe633ecd49-04f9-11e4-8913-902b34101f64
 
Error: (07/06/2014 06:00:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: rstrui.exe6.1.7601.175144ce7990crstrui.exe6.1.7601.175144ce7990cc0000005000000000001d4f997c01cf9901171fafb5C:\Windows\system32\rstrui.exeC:\Windows\system32\rstrui.exe6a8b2ad1-04f4-11e4-8913-902b34101f64
 
Error: (07/06/2014 04:39:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: perfmon.exe6.1.7601.17514cc801cf98d4e0ad7ba466C:\Windows\System32\perfmon.exe12084fa9-04e9-11e4-ab7e-902b34101f64
 
Error: (07/06/2014 03:11:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\shade\Documents\esetsmartinstaller_enu.exe
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-07-04 20:30:45.483
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\268508fd4ccc167ed4a39a80b42d2570\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-04 20:30:44.829
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\268508fd4ccc167ed4a39a80b42d2570\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-04 20:30:44.142
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\268508fd4ccc167ed4a39a80b42d2570\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-04 20:30:42.725
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\268508fd4ccc167ed4a39a80b42d2570\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-04 20:30:41.752
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\268508fd4ccc167ed4a39a80b42d2570\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-04 20:30:40.778
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\268508fd4ccc167ed4a39a80b42d2570\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-04 20:30:37.827
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\268508fd4ccc167ed4a39a80b42d2570\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_b5abe389e220f951\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-04 20:30:37.421
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\268508fd4ccc167ed4a39a80b42d2570\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_b5abe389e220f951\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-04 20:30:36.814
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\268508fd4ccc167ed4a39a80b42d2570\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_b5abe389e220f951\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-04 20:30:36.223
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\268508fd4ccc167ed4a39a80b42d2570\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_b5abe389e220f951\appid.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 56%
Total physical RAM: 8175.12 MB
Available physical RAM: 3531.71 MB
Total Pagefile: 16348.41 MB
Available Pagefile: 10978.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:148.95 GB) (Free:37.55 GB) NTFS
Drive d: (UNTITLED 1) (Fixed) (Total:596.17 GB) (Free:74.99 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 472A4729)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 596 GB) (Disk ID: 1A547D89)
Partition 1: (Not Active) - (Size=596 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 
 
Thank you again. But my only question is about the iso in the previous reply. Please don't take it in the way that I don't think you could help me. This would only be considered as a last resort. And thank you again, so much

Edited by jameswils100, 09 July 2014 - 02:23 PM.


#12 jameswils100

jameswils100
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:35 AM

Posted 09 July 2014 - 04:59 PM

And once again, you were correct! It was a hardware issue. I saw that in the link i'd sent from Speccy that my CPU was running at over 90 degrees C, I tried pushing my fan against the motherboard. Sure enough, it was loose on the board, Pushing it and eventually epoxying it brought it down to 50 C. If you see anything in the logs that looks a little suspect, please let me know!

 

And any tips on what i could do about the mentioned issues  and ISO would be great, i'll work on those personally. You have done me a great service, I couldn't ask for someone better 

 

But if you don't see anything of concern, I think that would just about do it. I'll send you a Pm after this message :)


Edited by jameswils100, 09 July 2014 - 05:00 PM.


#13 polskamachina

polskamachina

  • Malware Response Team
  • 4,002 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:35 PM

Posted 10 July 2014 - 04:36 PM

Hi jameswils100 :)
 
I'm glad you had such a good outcome with the help I provided. Here is a link to show you how to make a Windows 7 iso disk. Also, there was a warning in your report that showed the temperature of your hard drive needed checking. I would suggest that you make sure that you have enough space between your computer and any solid objects that could possibly block the air flow. Again, make sure your case fan is operating properly.
 
Regarding your FRST scan, we still have some work to do. You still have signs of adware.
 
Please download Malwarebytes Anti-Malware photo.jpg?sz=48 and save it to your desktop.

  • Double-click on the setup file (mbam-setup.exe), then click on Run to install.
  • Malwarebytes will automatically open to it's Dashboard. If you have never run this version, you should see a red note at the top indicating "A scan has never been run on your system"

    malwarebytes-anti-malware-fix-now.jpg
    .
  • Click on Update Now to download the current database definitions, then click the Scan Now >> button.
    .
  • If you have run this version before, you should see a green note at the top indicating "Your system is fully protected".
  • You will be prompted to update Malwarebytes...click on the Update Now button.

    malwarebytes-anti-malware-2-0-update-now
    .
  • The THREAT SCAN will automatically begin.

    malwarebytes-anti-malware-scan.jpg
    .
  • When the scan has completed, the results will be displayed. Click on Quarantine All, then click on Apply Actions.

    malwarebytes-anti-malware-potential-thre
    .
  • To complete any actions taken you will be prompted to restart your computer...click on Yes. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

    mbam4_zps490948cc.png
    .
  • After rebooting the computer, copy and past the mbam.log in your next reply.

.
To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)

  • Open Malwarebytes Anti-Malware.
  • Click the History Tab at the top and select Application Logs.
  • Select (check) the box next to Scan Log. Choose the most current scan.
  • Click the View button.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)

  • Open Malwarebytes Anti-Malware.
  • Click the Scan Tab at the top.
  • Click the View detailed log link on the right.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following location:
 C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd

 
Finally, please run FRST again and copy and paste the results in your next reply to me.
 
Let me know if you have any questions.
 
polskamachina



#14 jameswils100

jameswils100
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:35 AM

Posted 11 July 2014 - 08:46 PM

Thank you so much for all of your help. I've done the scan and my computer works as well as it did before, perhaps even better! I feel that I can rule the world now, thanks again :) All of my issues have been resolved. You may feel free to close the thread. And i'll never forget your effort <3



#15 polskamachina

polskamachina

  • Malware Response Team
  • 4,002 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:35 PM

Posted 15 July 2014 - 10:08 PM

Hi jameswils100,
 
You're very welcome. :thumbup2:
 
As far as I can see, your machine is clean!
 
If you'd like to do a quick cleanup of all the tools we ran plus set a new restore point, the directions are below.
 
bwebb7v.jpgDownload Delfix from here and save it to your desktop.

  • Ensure Remove disinfection tools is checked.
  • Also place a checkmark next to:
    • Create registry backup
    • Purge system restore
    delfix.jpg
  • Click the Run button.

Be safe :hello:
 
Please acknowledge that you've read this post and feel free to ask any questions.
 
polskamachina






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users