Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Horse Generic_c found


  • This topic is locked This topic is locked
8 replies to this topic

#1 Deust

Deust

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:52 AM

Posted 22 August 2014 - 12:22 AM

I recently started having my wireless network disappear or have no internet connection, when running a diagnosis on the connection, the result is usually "a problem with your wireless router or access point has been detected" or something related to the DNS servers being unavailable. A friend of mine suggested a full reformat and reinstalling windows, which I did, only for the issue to come back 48 hours later, AVG found Trojan Horse Generic_c and removed it, but the issue continues to pop up.

 

DDS Log

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 8.0.7601.17514
Run by gaming at 1:12:27 on 2014-08-22
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.8142.4599 [GMT -4:00]
.
AV: AVG Internet Security 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\gaming\AppData\Roaming\Spotify\spotify.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\taskhost.exe
C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Spotify] "C:\Users\gaming\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 192.168.2.1 192.168.33.1
TCP: Interfaces\{6E88A410-8874-42CD-A276-E9C85557E999} : DHCPNameServer = 192.168.2.1 192.168.33.1
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2014-6-17 190744]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-6-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-6-17 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-6-17 31512]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-6-30 152344]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2013-9-26 57144]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2014-6-17 242968]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-6-17 235800]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-6-17 269080]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-8-19 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-6 344064]
R2 AODDriver4.2.0;AODDriver4.2.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2013-9-19 59648]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-8-11 3244048]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-8-11 289328]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2014-8-19 94208]
S2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2014-8-11 1417160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
.
=============== Created Last 30 ================
.
2014-08-22 04:24:55 -------- d-----w- C:\Users\gaming\AppData\Local\ElevatedDiagnostics
2014-08-22 04:20:20 -------- d-----w- C:\Users\gaming\AppData\Roaming\AVG2014
2014-08-22 04:19:25 -------- d-----w- C:\Users\gaming\AppData\Roaming\TuneUp Software
2014-08-22 04:19:06 -------- d--h--w- C:\$AVG
2014-08-22 04:19:06 -------- d-----w- C:\ProgramData\AVG2014
2014-08-22 04:18:51 -------- d-----w- C:\Program Files (x86)\AVG
2014-08-22 03:41:15 -------- d--h--w- C:\ProgramData\Common Files
2014-08-22 03:41:15 -------- d-----w- C:\Users\gaming\AppData\Local\MFAData
2014-08-22 03:41:15 -------- d-----w- C:\Users\gaming\AppData\Local\Avg2014
2014-08-22 03:41:15 -------- d-----w- C:\ProgramData\MFAData
2014-08-21 00:19:07 733184 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll
2014-08-21 00:19:07 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll
2014-08-21 00:19:07 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe
2014-08-21 00:19:07 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2014-08-21 00:19:07 303236 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll
2014-08-21 00:19:07 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll
2014-08-21 00:19:07 180356 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll
2014-08-21 00:19:07 172032 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll
2014-08-20 23:33:43 -------- d-----w- C:\Users\gaming\AppData\Local\Mag_SuitBuilder
2014-08-20 15:27:58 -------- d-----w- C:\Users\gaming\AppData\Local\Targem
2014-08-20 04:23:38 -------- d-----w- C:\Windows\Panther
2014-08-20 04:23:24 -------- d-sh--w- C:\Boot
2014-08-20 03:08:33 -------- d-----w- C:\Users\gaming\AppData\Local\Spotify
2014-08-20 03:06:18 -------- d-----w- C:\Users\gaming\AppData\Roaming\Spotify
2014-08-20 02:36:38 -------- d-----w- C:\Users\gaming\AppData\Local\AMD
2014-08-20 02:36:17 -------- d-----w- C:\Users\gaming\AppData\Local\ATI
2014-08-20 02:35:48 0 ----a-w- C:\Windows\ativpsrm.bin
2014-08-20 02:35:47 0 ----a-w- C:\Windows\System32\spu_storage.bin
2014-08-20 02:34:38 -------- d-----w- C:\AMD
2014-08-20 02:34:36 -------- d-----w- C:\Program Files (x86)\AMD AVT
2014-08-20 02:34:35 -------- d-----w- C:\Program Files (x86)\AMD
2014-08-20 02:34:32 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2014-08-20 02:33:53 -------- d-----w- C:\ProgramData\AMD
2014-08-20 02:33:41 -------- d-----w- C:\Program Files\AMD
2014-08-20 02:33:29 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2014-08-20 02:33:23 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2014-08-20 01:27:59 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2014-08-20 01:11:14 -------- d-----w- C:\Users\gaming\AppData\Local\Skype
2014-08-20 01:11:08 -------- d-----r- C:\Program Files (x86)\Skype
2014-08-20 01:11:05 -------- d-sh--w- C:\Windows\Installer
2014-08-20 01:10:09 -------- d-----w- C:\Users\gaming\AppData\Local\Google
2014-08-20 01:09:34 -------- d-----w- C:\Users\gaming\AppData\Local\Deployment
2014-08-20 01:09:34 -------- d-----w- C:\Users\gaming\AppData\Local\Apps
2014-08-20 00:51:29 -------- d-----w- C:\Users\gaming\AppData\Local\Diagnostics
2014-08-20 00:50:06 -------- d-----w- C:\Users\gaming\AppData\Local\VirtualStore
.
==================== Find3M  ====================
.
2014-06-30 16:43:02 152344 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
2014-06-17 20:21:34 235800 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2014-06-17 20:07:12 328984 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2014-06-17 20:06:58 269080 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2014-06-17 20:06:24 190744 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2014-06-17 20:06:22 242968 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2014-06-17 20:06:20 123672 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2014-06-17 20:06:06 31512 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
.
============= FINISH:  1:12:39.11 ===============
 


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:52 AM

Posted 27 August 2014 - 12:25 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/545260 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Deust

Deust
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:52 AM

Posted 27 August 2014 - 10:43 AM

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 8.0.7601.17514
Run by gaming at 11:41:55 on 2014-08-27
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.8142.4474 [GMT -4:00]
.
AV: AVG Internet Security 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\gaming\AppData\Roaming\Spotify\spotify.exe
C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Spotify] "C:\Users\gaming\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [Spotify Web Helper] "C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 192.168.2.1 192.168.33.1
TCP: Interfaces\{6E88A410-8874-42CD-A276-E9C85557E999} : DHCPNameServer = 192.168.2.1 192.168.33.1
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2014-6-17 190744]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-6-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-6-17 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-6-17 31512]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-6-30 152344]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2013-9-26 57144]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2014-6-17 242968]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-6-17 235800]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-6-17 269080]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-8-19 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-6 344064]
R2 AODDriver4.2.0;AODDriver4.2.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2013-9-19 59648]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2014-8-11 1417160]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-8-11 3244048]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-8-11 289328]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2014-8-19 94208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
.
=============== Created Last 30 ================
.
2014-08-25 23:52:39 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-25 23:52:39 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-08-25 23:49:51 -------- d-----w- C:\Program Files (x86)\Yahoo!
2014-08-22 18:55:08 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2014-08-22 18:55:07 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll
2014-08-22 04:24:55 -------- d-----w- C:\Users\gaming\AppData\Local\ElevatedDiagnostics
2014-08-22 04:20:20 -------- d-----w- C:\Users\gaming\AppData\Roaming\AVG2014
2014-08-22 04:19:25 -------- d-----w- C:\Users\gaming\AppData\Roaming\TuneUp Software
2014-08-22 04:19:06 -------- d--h--w- C:\$AVG
2014-08-22 04:19:06 -------- d-----w- C:\ProgramData\AVG2014
2014-08-22 04:18:51 -------- d-----w- C:\Program Files (x86)\AVG
2014-08-22 03:41:15 -------- d--h--w- C:\ProgramData\Common Files
2014-08-22 03:41:15 -------- d-----w- C:\Users\gaming\AppData\Local\MFAData
2014-08-22 03:41:15 -------- d-----w- C:\Users\gaming\AppData\Local\Avg2014
2014-08-22 03:41:15 -------- d-----w- C:\ProgramData\MFAData
2014-08-21 00:19:07 733184 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll
2014-08-21 00:19:07 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll
2014-08-21 00:19:07 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe
2014-08-21 00:19:07 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2014-08-21 00:19:07 303236 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll
2014-08-21 00:19:07 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll
2014-08-21 00:19:07 180356 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll
2014-08-21 00:19:07 172032 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll
2014-08-20 23:33:43 -------- d-----w- C:\Users\gaming\AppData\Local\Mag_SuitBuilder
2014-08-20 15:27:58 -------- d-----w- C:\Users\gaming\AppData\Local\Targem
2014-08-20 04:23:38 -------- d-----w- C:\Windows\Panther
2014-08-20 04:23:24 -------- d-sh--w- C:\Boot
2014-08-20 03:08:33 -------- d-----w- C:\Users\gaming\AppData\Local\Spotify
2014-08-20 03:06:18 -------- d-----w- C:\Users\gaming\AppData\Roaming\Spotify
2014-08-20 02:36:38 -------- d-----w- C:\Users\gaming\AppData\Local\AMD
2014-08-20 02:36:17 -------- d-----w- C:\Users\gaming\AppData\Local\ATI
2014-08-20 02:35:48 0 ----a-w- C:\Windows\ativpsrm.bin
2014-08-20 02:35:47 0 ----a-w- C:\Windows\System32\spu_storage.bin
2014-08-20 02:34:38 -------- d-----w- C:\AMD
2014-08-20 02:34:36 -------- d-----w- C:\Program Files (x86)\AMD AVT
2014-08-20 02:34:35 -------- d-----w- C:\Program Files (x86)\AMD
2014-08-20 02:34:32 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2014-08-20 02:33:53 -------- d-----w- C:\ProgramData\AMD
2014-08-20 02:33:41 -------- d-----w- C:\Program Files\AMD
2014-08-20 02:33:29 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2014-08-20 02:33:23 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2014-08-20 01:27:59 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2014-08-20 01:11:14 -------- d-----w- C:\Users\gaming\AppData\Local\Skype
2014-08-20 01:11:08 -------- d-----r- C:\Program Files (x86)\Skype
2014-08-20 01:11:05 -------- d-sh--w- C:\Windows\Installer
2014-08-20 01:10:09 -------- d-----w- C:\Users\gaming\AppData\Local\Google
2014-08-20 01:09:34 -------- d-----w- C:\Users\gaming\AppData\Local\Deployment
2014-08-20 01:09:34 -------- d-----w- C:\Users\gaming\AppData\Local\Apps
2014-08-20 00:51:29 -------- d-----w- C:\Users\gaming\AppData\Local\Diagnostics
2014-08-20 00:50:06 -------- d-----w- C:\Users\gaming\AppData\Local\VirtualStore
.
==================== Find3M  ====================
.
2014-06-30 16:43:02 152344 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
2014-06-17 20:21:34 235800 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2014-06-17 20:07:12 328984 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2014-06-17 20:06:58 269080 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2014-06-17 20:06:24 190744 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2014-06-17 20:06:22 242968 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2014-06-17 20:06:20 123672 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2014-06-17 20:06:06 31512 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
.
============= FINISH: 11:42:06.33 ===============


#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,749 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:52 AM

Posted 28 August 2014 - 07:46 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

How is the computer running?
Wait for further instructions.

#5 Deust

Deust
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:52 AM

Posted 28 August 2014 - 02:07 PM

Attached File  Addition.txt   22.83KB   0 downloadscomputer is running fine, just the occasional loss of internet as before

 

Farbar log

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by gaming (administrator) on BUDDHA on 28-08-2014 15:03:24
Running from C:\Users\gaming\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal


The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/


==================== Processes (Whitelisted) =================


(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)


(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\gaming\AppData\Roaming\Spotify\spotify.exe
(Spotify Ltd) C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
() C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe




==================== Registry (Whitelisted) ==================


(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-08-11] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2466993877-103656080-2965736852-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2466993877-103656080-2965736852-1000\...\Run: [Spotify] => C:\Users\gaming\AppData\Roaming\Spotify\Spotify.exe [6621752 2014-08-27] (Spotify Ltd)
HKU\S-1-5-21-2466993877-103656080-2965736852-1000\...\Run: [Spotify Web Helper] => C:\Users\gaming\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-27] (Spotify Ltd)
HKU\S-1-5-21-2466993877-103656080-2965736852-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-2466993877-103656080-2965736852-1000\...\MountPoints2: {abc54548-2812-11e4-ae9d-9fb28f769ff6} - F:\Autorun.exe /s


==================== Internet (Whitelisted) ====================


(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)


HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8746294313BCCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.33.1


FireFox:
========
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)


Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://search.speedbit.com/?s=D2Fa", "hxxp://home.speedbit.com/?pid=%s&aid=%s"
CHR DefaultSearchKeyword: Default -> EBEE1893EC1EE3C249D75E21FF9EAD43B1CE55D3491B6C89130A15ED2E8A51C5
CHR DefaultSearchURL: Default -> F59B972C86451E9F6379E2B5D775E5026D1A360B20D24DCC867F1E2A9226672D
CHR Profile: C:\Users\gaming\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-08-19]
CHR Extension: (Google Docs) - C:\Users\gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-19]
CHR Extension: (Google Drive) - C:\Users\gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-19]
CHR Extension: (YouTube) - C:\Users\gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-19]
CHR Extension: (Google Search) - C:\Users\gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-19]
CHR Extension: (Mine Blocks) - C:\Users\gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\eagcpcjinnifbekjocgniignloefabfh [2014-08-19]
CHR Extension: (AdBlock) - C:\Users\gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-19]
CHR Extension: (Command & Conquer Tiberium Alliances) - C:\Users\gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaeopgjojikeoiidmfaejkifhgjoooe [2014-08-19]
CHR Extension: (Sand 2) - C:\Users\gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\klicmgamjpclmbhppmdeamffedflmkcn [2014-08-19]
CHR Extension: (Morpheon Dark) - C:\Users\gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2014-08-19]
CHR Extension: (Google Wallet) - C:\Users\gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-19]
CHR Extension: (Gmail) - C:\Users\gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-19]
CHR Extension: (Cargo Bridge 2) - C:\Users\gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmphjijgcdpmmnfjbemolkdiidinogml [2014-08-19]


==================== Services (Whitelisted) =================


(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)


R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1417160 2014-08-11] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-08-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-11] (AVG Technologies CZ, s.r.o.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)


==================== Drivers (Whitelisted) ====================


(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)


R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)


==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)




==================== One Month Created Files and Folders ========


(If an entry is included in the fixlist, the file\folder will be moved.)


2014-08-28 15:03 - 2014-08-28 15:03 - 00012724 _____ () C:\Users\gaming\Desktop\FRST.txt
2014-08-28 15:02 - 2014-08-28 15:03 - 00000000 ____D () C:\FRST
2014-08-28 15:02 - 2014-08-28 15:02 - 02103296 _____ (Farbar) C:\Users\gaming\Desktop\FRST64.exe
2014-08-28 14:49 - 2014-08-28 14:58 - 00000000 ____D () C:\AdwCleaner
2014-08-28 14:47 - 2014-08-28 15:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-28 14:47 - 2014-08-28 14:47 - 01364531 _____ () C:\Users\gaming\Downloads\adwcleaner_3.308.exe
2014-08-28 14:47 - 2014-08-28 14:47 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-28 14:47 - 2014-08-28 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-28 14:47 - 2014-08-28 14:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-28 14:47 - 2014-08-28 14:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-28 14:47 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-28 14:47 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-28 14:47 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-28 14:45 - 2014-08-28 14:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\gaming\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-28 07:44 - 2014-08-28 07:44 - 00541358 _____ () C:\Users\gaming\Downloads\CleanersACCalcSetup.zip
2014-08-28 07:38 - 2014-08-28 07:38 - 00190359 _____ () C:\Users\gaming\Downloads\CharStats1053.zip
2014-08-28 01:26 - 2014-08-28 01:26 - 00401052 _____ () C:\Users\gaming\Desktop\LootSnobV4.utl
2014-08-28 00:44 - 2014-08-28 00:44 - 08421376 _____ (IBM Corporation and others) C:\Windows\SysWOW64\icudt38.dll
2014-08-28 00:44 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-28 00:43 - 2014-08-28 00:43 - 08667136 _____ () C:\Windows\SysWOW64\Awesomium.dll
2014-08-28 00:42 - 2014-08-28 00:42 - 00000000 ____D () C:\Users\gaming\Desktop\New folder
2014-08-28 00:40 - 2014-08-28 00:40 - 02723264 _____ (Microsoft Corporation) C:\Users\gaming\Downloads\vcredist_x86.exe
2014-08-28 00:26 - 2014-08-28 00:26 - 00091803 _____ () C:\Users\gaming\Downloads\VirindiInstaller1008.zip
2014-08-28 00:25 - 2014-08-28 00:25 - 00001455 _____ () C:\Users\Public\Desktop\Decal 3.0.lnk
2014-08-28 00:25 - 2014-08-28 00:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Decal 3.0
2014-08-28 00:22 - 2014-08-28 00:22 - 00465408 _____ () C:\Users\gaming\Downloads\setup (1).exe
2014-08-27 12:30 - 2014-08-27 12:30 - 00010047 _____ () C:\Windows\DirectX.log
2014-08-27 12:30 - 2014-08-27 12:30 - 00000000 ____D () C:\Users\gaming\AppData\Local\CrashRpt
2014-08-27 12:30 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-08-27 12:30 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-08-27 12:30 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-08-27 12:30 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-08-27 12:30 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-08-27 12:30 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-08-27 12:30 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-08-27 12:30 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-08-27 12:30 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-08-27 12:30 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-08-27 12:30 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-08-27 12:30 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-08-27 12:30 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-08-27 12:30 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-08-27 12:30 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-08-27 12:30 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-08-27 12:30 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-08-27 12:30 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-08-27 12:30 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-08-27 12:30 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-08-27 12:30 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-08-27 12:30 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-08-27 12:30 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-08-27 12:30 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-08-27 12:30 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-08-27 12:30 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-08-27 12:30 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-08-27 12:30 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-08-27 12:30 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-08-27 12:30 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-08-27 12:30 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-08-27 12:30 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-08-27 12:30 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-08-27 12:30 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-08-27 12:30 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-08-27 12:30 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-08-27 12:30 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-08-27 12:30 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-08-27 12:30 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-08-27 12:30 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-08-27 12:30 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-08-27 12:30 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-08-27 12:30 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-08-27 12:30 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-08-27 12:30 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-08-27 12:30 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-08-27 12:30 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-08-27 12:30 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-08-27 12:30 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-08-27 12:30 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-08-27 12:30 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-08-27 12:30 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-08-27 12:30 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-08-27 12:30 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-08-27 12:30 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-08-27 12:30 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-08-27 12:30 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-08-27 12:30 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-08-27 12:30 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-08-27 12:30 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-08-27 12:30 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-08-27 12:30 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-08-27 12:30 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-08-27 12:30 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-08-27 12:30 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-08-27 12:30 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-08-27 12:30 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-08-27 12:30 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-08-27 12:30 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-08-27 12:30 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-08-27 12:30 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-08-27 12:30 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-08-27 12:30 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-08-27 12:30 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-08-27 12:30 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-08-27 12:30 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-08-27 12:30 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-08-27 12:30 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-08-27 12:30 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-08-27 12:30 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-08-27 12:30 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-08-27 12:30 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-08-27 12:30 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-08-27 12:30 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-08-27 12:30 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-08-27 12:30 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-08-27 12:30 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-08-27 12:30 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-08-27 12:30 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-08-27 12:30 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-08-27 12:30 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-08-27 12:30 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-08-27 12:30 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-08-27 12:30 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-08-27 12:30 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-08-27 12:30 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-08-27 12:30 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-08-27 12:30 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-08-27 12:30 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-08-27 12:30 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-08-27 12:30 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-08-27 12:30 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-08-27 12:30 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-08-27 12:30 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-08-27 12:30 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-08-27 12:30 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-08-27 12:30 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-08-27 12:30 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-08-27 12:30 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-08-27 12:30 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-08-27 12:30 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-08-27 12:30 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-08-27 12:30 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-08-27 12:30 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-08-27 12:30 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-08-27 12:30 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-08-27 12:30 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-08-27 12:30 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-08-27 12:30 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-08-27 12:30 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-08-27 12:30 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-08-27 12:30 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-08-27 12:30 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-08-27 12:30 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-08-27 12:30 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-08-27 12:30 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-08-27 12:30 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-08-27 12:30 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-08-27 12:30 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-08-27 12:30 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-08-27 12:30 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-08-27 12:30 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-08-27 12:30 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-08-27 12:30 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-08-27 12:30 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-08-27 12:30 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-08-27 12:30 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-08-27 12:30 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-08-27 12:30 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-08-27 12:30 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-08-27 12:30 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-08-27 12:30 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-08-27 12:30 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-08-27 12:30 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-08-27 12:30 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-08-27 12:30 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-08-27 12:30 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-08-27 12:30 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-08-27 12:30 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-08-27 12:30 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-08-27 12:30 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-08-27 12:30 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-08-27 12:30 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-08-27 12:30 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-08-27 12:30 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-08-27 12:30 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-08-27 12:30 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-08-27 12:30 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-08-27 12:30 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-08-27 12:30 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-08-27 12:30 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-08-27 12:30 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-08-27 12:30 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-08-27 12:30 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-08-27 12:30 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-08-27 12:30 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-08-27 12:30 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-08-27 12:30 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-08-27 12:30 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-08-27 12:30 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-08-27 12:30 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-08-27 12:30 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-08-27 12:30 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-08-27 12:30 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-08-27 12:30 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-08-27 12:30 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-08-27 12:30 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-08-27 12:30 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-08-27 12:30 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-08-27 12:30 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-08-27 12:23 - 2014-08-27 12:30 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-08-27 12:23 - 2014-08-27 12:23 - 00292184 _____ (Microsoft Corporation) C:\Users\gaming\Downloads\dxwebsetup.exe
2014-08-27 12:21 - 2014-08-27 12:21 - 00000000 _____ () C:\Users\gaming\Desktop\New Text Document.txt
2014-08-26 23:49 - 2014-08-26 23:49 - 00000000 ____D () C:\Users\gaming\Desktop\Tor Browser
2014-08-26 23:45 - 2014-08-26 23:49 - 27281991 _____ () C:\Users\gaming\Downloads\torbrowser-install-3.6.4_en-US.exe
2014-08-26 22:28 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-26 22:28 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-26 22:28 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-26 22:28 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-26 22:28 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-26 22:28 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-26 22:28 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-26 22:28 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-26 22:28 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-26 22:28 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-26 22:28 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-26 22:28 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-26 22:28 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-26 22:28 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-25 19:53 - 2014-08-25 19:53 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\Yahoo!
2014-08-25 19:52 - 2014-08-28 14:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-25 19:52 - 2014-08-25 19:52 - 00419488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-25 19:52 - 2014-08-25 19:52 - 00070304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-25 19:52 - 2014-08-25 19:52 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-25 19:52 - 2014-08-25 19:52 - 00001137 _____ () C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2014-08-25 19:52 - 2014-08-25 19:52 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-08-25 19:52 - 2014-08-25 19:52 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\Macromedia
2014-08-25 19:52 - 2014-08-25 19:52 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\Adobe
2014-08-25 19:52 - 2014-08-25 19:52 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-08-25 19:52 - 2014-08-25 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2014-08-25 19:49 - 2014-08-25 19:52 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-08-25 19:49 - 2014-08-25 19:49 - 00691576 _____ (Yahoo! Inc.) C:\Users\gaming\Downloads\msgr11us.exe
2014-08-22 14:55 - 2014-08-22 14:55 - 00000000 ____D () C:\Users\gaming\Documents\Square Enix
2014-08-22 14:55 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-08-22 14:55 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-08-22 01:13 - 2014-08-22 01:13 - 00001873 _____ () C:\Users\gaming\Desktop\attach.rar
2014-08-22 01:12 - 2014-08-27 11:42 - 00012963 _____ () C:\Users\gaming\Desktop\dds.txt
2014-08-22 01:12 - 2014-08-27 11:42 - 00004486 _____ () C:\Users\gaming\Desktop\attach.txt
2014-08-22 01:09 - 2014-08-22 01:09 - 00688992 ____R (Swearware) C:\Users\gaming\Downloads\dds.com
2014-08-22 00:20 - 2014-08-22 00:20 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\AVG2014
2014-08-22 00:19 - 2014-08-22 00:19 - 00000965 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-22 00:19 - 2014-08-22 00:19 - 00000000 ___HD () C:\$AVG
2014-08-22 00:19 - 2014-08-22 00:19 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\TuneUp Software
2014-08-22 00:19 - 2014-08-22 00:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-22 00:19 - 2014-08-22 00:19 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-22 00:18 - 2014-08-22 00:18 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-08-21 23:41 - 2014-08-28 14:34 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-21 23:41 - 2014-08-22 00:44 - 00000000 ____D () C:\Users\gaming\AppData\Local\Avg2014
2014-08-21 23:41 - 2014-08-21 23:41 - 00000000 ____D () C:\Users\gaming\AppData\Local\MFAData
2014-08-21 23:35 - 2014-08-21 23:38 - 04763296 _____ (AVG Technologies) C:\Users\gaming\Downloads\avg_free_stb_all_2014_4745_cnet.exe
2014-08-21 14:07 - 2014-08-21 14:07 - 00000000 ____D () C:\Users\gaming\Documents\7 Days To Die
2014-08-21 02:15 - 2014-08-21 02:15 - 472553076 _____ () C:\Windows\MEMORY.DMP
2014-08-21 02:15 - 2014-08-21 02:15 - 00000000 ____D () C:\Windows\Minidump
2014-08-20 20:21 - 2014-08-28 01:38 - 00000000 ____D () C:\Users\gaming\Documents\Asheron's Call
2014-08-20 20:20 - 2014-08-20 20:20 - 00000433 _____ () C:\Users\Public\Desktop\Asheron's Call.lnk
2014-08-20 20:20 - 2014-08-20 20:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-20 20:20 - 2014-08-20 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turbine
2014-08-20 20:16 - 2014-08-20 20:16 - 01921024 _____ () C:\Users\gaming\Downloads\winrar-x64-511b1.exe
2014-08-20 20:16 - 2014-08-20 20:16 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\WinRAR
2014-08-20 20:16 - 2014-08-20 20:16 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-20 20:16 - 2014-08-20 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-20 20:16 - 2014-08-20 20:16 - 00000000 ____D () C:\Program Files\WinRAR
2014-08-20 20:07 - 2014-08-20 20:09 - 10355636 _____ () C:\Users\gaming\Downloads\dfhack-0.40.08-r2-Windows.7z
2014-08-20 19:37 - 2014-08-20 19:37 - 08385024 _____ () C:\Users\gaming\Downloads\GoArrow.msi
2014-08-20 19:37 - 2014-08-20 19:37 - 00465408 _____ () C:\Users\gaming\Downloads\setup.exe
2014-08-20 19:35 - 2014-08-20 19:35 - 00688640 _____ () C:\Users\gaming\Downloads\SkunkVision1007.msi
2014-08-20 19:35 - 2014-08-20 19:35 - 00156958 _____ () C:\Users\gaming\Downloads\RadarAddOn_v1.2.0.53.zip
2014-08-20 19:34 - 2014-08-20 19:34 - 00036267 _____ () C:\Users\gaming\Downloads\Squire_V1.0.1.0.zip
2014-08-20 19:33 - 2014-08-20 19:33 - 00000000 ____D () C:\Users\gaming\AppData\Local\Mag_SuitBuilder
2014-08-20 19:25 - 2014-08-20 19:25 - 01020928 _____ () C:\Users\gaming\Downloads\Mag-SuitBuilder.exe
2014-08-20 17:41 - 2014-08-20 20:17 - 64077887 _____ () C:\Users\gaming\Downloads\Dwarf Fortress 40_09 Starter Pack r1.zip
2014-08-20 17:15 - 2014-08-20 20:11 - 598884909 _____ (InstallShield Software Corporation) C:\Users\gaming\Downloads\ac1install.exe
2014-08-20 13:14 - 2014-08-20 13:14 - 442497012 _____ (InstallShield Software Corporation) C:\Users\gaming\Downloads\Unconfirmed 570524.crdownload
2014-08-20 12:10 - 2014-08-20 12:10 - 00311040 __RSH () C:\BMWFS
2014-08-20 11:27 - 2014-08-20 11:27 - 00000000 ____D () C:\Users\gaming\Documents\My Games
2014-08-20 11:27 - 2014-08-20 11:27 - 00000000 ____D () C:\Users\gaming\AppData\Local\Targem
2014-08-20 00:50 - 2014-08-20 00:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-08-20 00:23 - 2014-08-20 00:23 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-08-20 00:23 - 2014-08-19 20:49 - 00000000 ____D () C:\Windows\Panther
2014-08-20 00:23 - 2010-11-20 23:23 - 00383786 __RSH () C:\bootmgr
2014-08-19 23:44 - 2014-08-19 23:44 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-08-19 23:44 - 2014-08-19 23:44 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-08-19 23:43 - 2014-08-19 23:43 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-08-19 23:35 - 2014-08-26 21:22 - 00000202 _____ () C:\Users\gaming\Desktop\Just Cause 2 Multiplayer Mod.url
2014-08-19 23:22 - 2014-08-19 23:22 - 00000202 _____ () C:\Users\gaming\Desktop\7 Days to Die.url
2014-08-19 23:08 - 2014-08-27 00:52 - 00000000 ____D () C:\Users\gaming\AppData\Local\Spotify
2014-08-19 23:08 - 2014-08-19 23:08 - 00001808 _____ () C:\Users\gaming\Desktop\Spotify.lnk
2014-08-19 23:08 - 2014-08-19 23:08 - 00001794 _____ () C:\Users\gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-08-19 23:06 - 2014-08-28 15:00 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\Spotify
2014-08-19 23:06 - 2014-08-19 23:06 - 00127136 _____ (Spotify Ltd) C:\Users\gaming\Downloads\SpotifySetup.exe
2014-08-19 22:36 - 2014-08-19 22:36 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\ATI
2014-08-19 22:36 - 2014-08-19 22:36 - 00000000 ____D () C:\Users\gaming\AppData\Local\ATI
2014-08-19 22:36 - 2014-08-19 22:36 - 00000000 ____D () C:\Users\gaming\AppData\Local\AMD
2014-08-19 22:36 - 2014-08-19 22:36 - 00000000 ____D () C:\ProgramData\ATI
2014-08-19 22:35 - 2014-08-19 22:35 - 00000000 _____ () C:\Windows\system32\spu_storage.bin
2014-08-19 22:35 - 2014-08-19 22:35 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-08-19 22:34 - 2014-08-19 22:34 - 00066505 _____ () C:\Windows\SysWOW64\CCCInstall_201408192234291481.log
2014-08-19 22:34 - 2014-08-19 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-08-19 22:34 - 2014-08-19 22:34 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-08-19 22:34 - 2014-08-19 22:34 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-08-19 22:34 - 2014-08-19 22:34 - 00000000 ____D () C:\AMD
2014-08-19 22:33 - 2014-08-19 22:34 - 00000000 ____D () C:\ProgramData\AMD
2014-08-19 22:33 - 2014-08-19 22:34 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-08-19 22:33 - 2014-08-19 22:34 - 00000000 ____D () C:\Program Files\AMD
2014-08-19 22:33 - 2014-08-19 22:33 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-08-19 22:31 - 2014-08-19 22:31 - 00757660 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-19 22:30 - 2014-08-21 14:05 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 22:30 - 2014-08-19 22:34 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-19 22:30 - 2014-08-19 22:30 - 00000000 ____D () C:\Program Files\ATI
2014-08-19 22:30 - 2013-12-07 06:08 - 00157736 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-08-19 22:30 - 2013-12-07 06:08 - 00142304 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-08-19 22:30 - 2013-12-07 06:07 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-08-19 22:30 - 2013-12-07 06:07 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-08-19 22:30 - 2013-12-07 06:07 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-08-19 22:30 - 2013-12-07 06:07 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-08-19 22:30 - 2013-12-07 06:04 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-08-19 22:30 - 2013-12-07 06:03 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-08-19 22:30 - 2013-12-07 06:03 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-08-19 22:30 - 2013-12-07 06:02 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-08-19 22:30 - 2013-12-07 06:01 - 01318552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-08-19 22:30 - 2013-12-07 06:01 - 01100216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-08-19 22:30 - 2013-12-07 06:00 - 09753752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-08-19 22:30 - 2013-12-07 05:59 - 08406024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-08-19 22:30 - 2013-12-07 05:59 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-08-19 22:30 - 2013-12-07 05:58 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-08-19 22:30 - 2013-12-07 05:57 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-08-19 22:30 - 2013-12-07 05:56 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-08-19 22:30 - 2013-12-07 05:52 - 13207552 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-08-19 22:30 - 2013-12-07 05:38 - 01187342 _____ () C:\Windows\system32\amdocl_as64.exe
2014-08-19 22:30 - 2013-12-07 05:38 - 01061902 _____ () C:\Windows\system32\amdocl_ld64.exe
2014-08-19 22:30 - 2013-12-07 05:38 - 00995342 _____ () C:\Windows\SysWOW64\amdocl_as32.exe
2014-08-19 22:30 - 2013-12-07 05:38 - 00798734 _____ () C:\Windows\SysWOW64\amdocl_ld32.exe
2014-08-19 22:30 - 2013-12-07 05:38 - 00230912 _____ () C:\Windows\system32\clinfo.exe
2014-08-19 22:30 - 2013-12-07 05:38 - 00099840 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-08-19 22:30 - 2013-12-07 05:38 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-08-19 22:30 - 2013-12-07 05:38 - 00083968 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-08-19 22:30 - 2013-12-07 05:38 - 00073728 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-08-19 22:30 - 2013-12-07 05:37 - 29382144 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-08-19 22:30 - 2013-12-07 05:35 - 24860160 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-08-19 22:30 - 2013-12-07 05:33 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-08-19 22:30 - 2013-12-07 05:33 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-08-19 22:30 - 2013-12-07 05:26 - 00129536 _____ (AMD) C:\Windows\system32\coinst_13.251.dll
2014-08-19 22:30 - 2013-12-07 05:16 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-08-19 22:30 - 2013-12-07 05:13 - 00550456 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-08-19 22:30 - 2013-12-07 05:13 - 00550456 _____ () C:\Windows\system32\atiapfxx.blb
2014-08-19 22:30 - 2013-12-07 05:13 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-08-19 22:30 - 2013-12-07 05:12 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-08-19 22:30 - 2013-12-07 05:12 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-08-19 22:30 - 2013-12-07 05:12 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-08-19 22:30 - 2013-12-07 05:12 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-08-19 22:30 - 2013-12-07 05:12 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-08-19 22:30 - 2013-12-07 05:09 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-08-19 22:30 - 2013-12-07 04:58 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-08-19 22:30 - 2013-12-07 04:53 - 00588288 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-08-19 22:30 - 2013-12-07 04:53 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-08-19 22:30 - 2013-12-07 04:53 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-08-19 22:30 - 2013-12-07 04:52 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-08-19 22:30 - 2013-12-07 04:50 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-08-19 22:30 - 2013-12-07 04:42 - 03426688 _____ () C:\Windows\system32\atiumd6a.cap
2014-08-19 22:30 - 2013-12-07 04:39 - 00204952 _____ () C:\Windows\SysWOW64\ativvsvl.dat
2014-08-19 22:30 - 2013-12-07 04:39 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2014-08-19 22:30 - 2013-12-07 04:39 - 00157144 _____ () C:\Windows\SysWOW64\ativvsva.dat
2014-08-19 22:30 - 2013-12-07 04:39 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2014-08-19 22:30 - 2013-12-07 04:31 - 03461040 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-08-19 22:30 - 2013-12-07 04:22 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-08-19 22:30 - 2013-12-07 04:22 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-08-19 22:30 - 2013-12-07 04:22 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-08-19 22:30 - 2013-12-07 04:22 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-08-19 22:30 - 2013-12-07 04:22 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-08-19 22:30 - 2013-12-07 04:22 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-08-19 22:30 - 2013-12-07 04:22 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-08-19 22:30 - 2013-12-07 04:22 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-08-19 22:30 - 2013-12-07 04:22 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-08-19 22:30 - 2013-12-07 04:22 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-08-19 22:30 - 2013-12-07 04:21 - 00626176 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-08-19 22:30 - 2013-12-07 04:21 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-08-19 22:30 - 2013-12-07 04:18 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-08-19 22:30 - 2013-11-01 16:08 - 00721296 _____ () C:\Windows\system32\atiicdxx.dat
2014-08-19 22:30 - 2013-10-01 04:48 - 00047887 _____ () C:\Windows\atiogl.xml
2014-08-19 22:30 - 2013-09-27 05:14 - 00083552 _____ () C:\Windows\system32\ativce02.dat
2014-08-19 22:30 - 2013-09-24 22:53 - 00094208 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2014-08-19 22:30 - 2013-09-24 22:51 - 00110080 _____ (TODO: <Company name>) C:\Windows\system32\DelayAPO.dll
2014-08-19 22:30 - 2013-09-13 00:31 - 00233776 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat
2014-08-19 22:30 - 2013-09-13 00:30 - 00234036 _____ () C:\Windows\system32\ativvaxy_cik.dat
2014-08-19 22:30 - 2013-04-10 23:34 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2014-08-19 22:30 - 2013-04-10 23:34 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atibtmon.exe
2014-08-19 22:30 - 2013-04-10 23:34 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2014-08-19 22:30 - 2011-09-13 06:06 - 00003917 _____ () C:\Windows\SysWOW64\atipblag.dat
2014-08-19 22:30 - 2011-09-13 06:06 - 00003917 _____ () C:\Windows\system32\atipblag.dat
2014-08-19 22:18 - 2014-08-19 22:18 - 00000202 _____ () C:\Users\gaming\Desktop\Star Conflict.url
2014-08-19 21:30 - 2014-08-19 21:31 - 04720267 _____ () C:\Users\gaming\Downloads\GrowArashAsghari.themepack
2014-08-19 21:27 - 2014-08-19 21:27 - 01141680 _____ () C:\Users\gaming\Downloads\SteamSetup.exe
2014-08-19 21:27 - 2014-08-19 21:27 - 00000512 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-08-19 21:27 - 2014-08-19 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-19 21:25 - 2014-08-19 22:29 - 311557268 _____ () C:\Users\gaming\Downloads\amd_13.12_78.zip
2014-08-19 21:15 - 2014-08-27 10:18 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-19 21:15 - 2014-08-19 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-19 21:11 - 2014-08-28 15:00 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\Skype
2014-08-19 21:11 - 2014-08-19 21:11 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-19 21:11 - 2014-08-19 21:11 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-19 21:11 - 2014-08-19 21:11 - 00000000 ____D () C:\Users\gaming\AppData\Local\Skype
2014-08-19 21:11 - 2014-08-19 21:11 - 00000000 ____D () C:\ProgramData\Skype
2014-08-19 21:11 - 2014-08-19 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-19 21:10 - 2014-08-28 14:59 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-19 21:10 - 2014-08-28 14:15 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-19 21:10 - 2014-08-19 21:15 - 00000000 ____D () C:\Users\gaming\AppData\Local\Google
2014-08-19 21:10 - 2014-08-19 21:15 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-19 21:10 - 2014-08-19 21:10 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-19 21:10 - 2014-08-19 21:10 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-19 21:09 - 2014-08-19 21:10 - 00000000 ____D () C:\Users\gaming\AppData\Local\Deployment
2014-08-19 21:09 - 2014-08-19 21:09 - 00057560 _____ () C:\Users\gaming\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-19 21:09 - 2014-08-19 21:09 - 00000000 ____D () C:\Users\gaming\AppData\Local\Apps\2.0
2014-08-19 20:50 - 2014-08-28 15:03 - 00753832 _____ () C:\Windows\WindowsUpdate.log
2014-08-19 20:50 - 2014-08-25 19:52 - 00000000 ____D () C:\Users\gaming\AppData\Local\VirtualStore
2014-08-19 20:50 - 2014-08-19 20:50 - 00001443 _____ () C:\Users\gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-19 20:50 - 2014-08-19 20:50 - 00001409 _____ () C:\Users\gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-08-19 20:49 - 2014-08-19 20:50 - 00000000 ____D () C:\Users\gaming
2014-08-19 20:49 - 2014-08-19 20:49 - 00000020 ___SH () C:\Users\gaming\ntuser.ini
2014-08-19 20:49 - 2014-08-19 20:49 - 00000000 __SHD () C:\Recovery
2014-08-19 20:49 - 2009-07-14 00:54 - 00000000 ___RD () C:\Users\gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-19 20:49 - 2009-07-14 00:49 - 00000000 ___RD () C:\Users\gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance


==================== One Month Modified Files and Folders =======


(If an entry is included in the fixlist, the file\folder will be moved.)


2014-08-28 15:03 - 2014-08-28 15:03 - 00012724 _____ () C:\Users\gaming\Desktop\FRST.txt
2014-08-28 15:03 - 2014-08-28 15:02 - 00000000 ____D () C:\FRST
2014-08-28 15:03 - 2014-08-19 20:50 - 00753832 _____ () C:\Windows\WindowsUpdate.log
2014-08-28 15:02 - 2014-08-28 15:02 - 02103296 _____ (Farbar) C:\Users\gaming\Desktop\FRST64.exe
2014-08-28 15:01 - 2009-07-14 00:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-28 15:01 - 2009-07-14 00:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-28 15:00 - 2014-08-28 14:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-28 15:00 - 2014-08-19 23:06 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\Spotify
2014-08-28 15:00 - 2014-08-19 21:11 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\Skype
2014-08-28 14:59 - 2014-08-19 21:10 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 14:59 - 2010-11-20 23:47 - 00005202 _____ () C:\Windows\PFRO.log
2014-08-28 14:59 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-28 14:59 - 2009-07-14 00:51 - 00024985 _____ () C:\Windows\setupact.log
2014-08-28 14:58 - 2014-08-28 14:49 - 00000000 ____D () C:\AdwCleaner
2014-08-28 14:47 - 2014-08-28 14:47 - 01364531 _____ () C:\Users\gaming\Downloads\adwcleaner_3.308.exe
2014-08-28 14:47 - 2014-08-28 14:47 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-28 14:47 - 2014-08-28 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-28 14:47 - 2014-08-28 14:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-28 14:47 - 2014-08-28 14:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-28 14:46 - 2014-08-28 14:45 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\gaming\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-28 14:38 - 2014-08-25 19:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-28 14:34 - 2014-08-21 23:41 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-28 14:15 - 2014-08-19 21:10 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 07:44 - 2014-08-28 07:44 - 00541358 _____ () C:\Users\gaming\Downloads\CleanersACCalcSetup.zip
2014-08-28 07:38 - 2014-08-28 07:38 - 00190359 _____ () C:\Users\gaming\Downloads\CharStats1053.zip
2014-08-28 01:38 - 2014-08-20 20:21 - 00000000 ____D () C:\Users\gaming\Documents\Asheron's Call
2014-08-28 01:26 - 2014-08-28 01:26 - 00401052 _____ () C:\Users\gaming\Desktop\LootSnobV4.utl
2014-08-28 00:44 - 2014-08-28 00:44 - 08421376 _____ (IBM Corporation and others) C:\Windows\SysWOW64\icudt38.dll
2014-08-28 00:43 - 2014-08-28 00:43 - 08667136 _____ () C:\Windows\SysWOW64\Awesomium.dll
2014-08-28 00:42 - 2014-08-28 00:42 - 00000000 ____D () C:\Users\gaming\Desktop\New folder
2014-08-28 00:40 - 2014-08-28 00:40 - 02723264 _____ (Microsoft Corporation) C:\Users\gaming\Downloads\vcredist_x86.exe
2014-08-28 00:26 - 2014-08-28 00:26 - 00091803 _____ () C:\Users\gaming\Downloads\VirindiInstaller1008.zip
2014-08-28 00:25 - 2014-08-28 00:25 - 00001455 _____ () C:\Users\Public\Desktop\Decal 3.0.lnk
2014-08-28 00:25 - 2014-08-28 00:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Decal 3.0
2014-08-28 00:22 - 2014-08-28 00:22 - 00465408 _____ () C:\Users\gaming\Downloads\setup (1).exe
2014-08-27 12:30 - 2014-08-27 12:30 - 00010047 _____ () C:\Windows\DirectX.log
2014-08-27 12:30 - 2014-08-27 12:30 - 00000000 ____D () C:\Users\gaming\AppData\Local\CrashRpt
2014-08-27 12:30 - 2014-08-27 12:23 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-08-27 12:23 - 2014-08-27 12:23 - 00292184 _____ (Microsoft Corporation) C:\Users\gaming\Downloads\dxwebsetup.exe
2014-08-27 12:21 - 2014-08-27 12:21 - 00000000 _____ () C:\Users\gaming\Desktop\New Text Document.txt
2014-08-27 11:42 - 2014-08-22 01:12 - 00012963 _____ () C:\Users\gaming\Desktop\dds.txt
2014-08-27 11:42 - 2014-08-22 01:12 - 00004486 _____ () C:\Users\gaming\Desktop\attach.txt
2014-08-27 10:18 - 2014-08-19 21:15 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-27 04:13 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-08-27 00:56 - 2009-07-14 01:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-27 00:52 - 2014-08-19 23:08 - 00000000 ____D () C:\Users\gaming\AppData\Local\Spotify
2014-08-27 00:47 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-26 23:49 - 2014-08-26 23:49 - 00000000 ____D () C:\Users\gaming\Desktop\Tor Browser
2014-08-26 23:49 - 2014-08-26 23:45 - 27281991 _____ () C:\Users\gaming\Downloads\torbrowser-install-3.6.4_en-US.exe
2014-08-26 21:22 - 2014-08-19 23:35 - 00000202 _____ () C:\Users\gaming\Desktop\Just Cause 2 Multiplayer Mod.url
2014-08-25 19:53 - 2014-08-25 19:53 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\Yahoo!
2014-08-25 19:52 - 2014-08-25 19:52 - 00419488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-25 19:52 - 2014-08-25 19:52 - 00070304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-25 19:52 - 2014-08-25 19:52 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-25 19:52 - 2014-08-25 19:52 - 00001137 _____ () C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2014-08-25 19:52 - 2014-08-25 19:52 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-08-25 19:52 - 2014-08-25 19:52 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\Macromedia
2014-08-25 19:52 - 2014-08-25 19:52 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\Adobe
2014-08-25 19:52 - 2014-08-25 19:52 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-08-25 19:52 - 2014-08-25 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2014-08-25 19:52 - 2014-08-25 19:49 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-08-25 19:52 - 2014-08-19 20:50 - 00000000 ____D () C:\Users\gaming\AppData\Local\VirtualStore
2014-08-25 19:49 - 2014-08-25 19:49 - 00691576 _____ (Yahoo! Inc.) C:\Users\gaming\Downloads\msgr11us.exe
2014-08-22 14:55 - 2014-08-22 14:55 - 00000000 ____D () C:\Users\gaming\Documents\Square Enix
2014-08-22 13:42 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-22 01:13 - 2014-08-22 01:13 - 00001873 _____ () C:\Users\gaming\Desktop\attach.rar
2014-08-22 01:09 - 2014-08-22 01:09 - 00688992 ____R (Swearware) C:\Users\gaming\Downloads\dds.com
2014-08-22 00:44 - 2014-08-21 23:41 - 00000000 ____D () C:\Users\gaming\AppData\Local\Avg2014
2014-08-22 00:20 - 2014-08-22 00:20 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\AVG2014
2014-08-22 00:19 - 2014-08-22 00:19 - 00000965 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-22 00:19 - 2014-08-22 00:19 - 00000000 ___HD () C:\$AVG
2014-08-22 00:19 - 2014-08-22 00:19 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\TuneUp Software
2014-08-22 00:19 - 2014-08-22 00:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-22 00:19 - 2014-08-22 00:19 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-22 00:18 - 2014-08-22 00:18 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-08-21 23:41 - 2014-08-21 23:41 - 00000000 ____D () C:\Users\gaming\AppData\Local\MFAData
2014-08-21 23:38 - 2014-08-21 23:35 - 04763296 _____ (AVG Technologies) C:\Users\gaming\Downloads\avg_free_stb_all_2014_4745_cnet.exe
2014-08-21 14:07 - 2014-08-21 14:07 - 00000000 ____D () C:\Users\gaming\Documents\7 Days To Die
2014-08-21 14:05 - 2014-08-19 22:30 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-21 14:05 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-21 02:15 - 2014-08-21 02:15 - 472553076 _____ () C:\Windows\MEMORY.DMP
2014-08-21 02:15 - 2014-08-21 02:15 - 00000000 ____D () C:\Windows\Minidump
2014-08-20 20:20 - 2014-08-20 20:20 - 00000433 _____ () C:\Users\Public\Desktop\Asheron's Call.lnk
2014-08-20 20:20 - 2014-08-20 20:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-20 20:20 - 2014-08-20 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turbine
2014-08-20 20:17 - 2014-08-20 17:41 - 64077887 _____ () C:\Users\gaming\Downloads\Dwarf Fortress 40_09 Starter Pack r1.zip
2014-08-20 20:16 - 2014-08-20 20:16 - 01921024 _____ () C:\Users\gaming\Downloads\winrar-x64-511b1.exe
2014-08-20 20:16 - 2014-08-20 20:16 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\WinRAR
2014-08-20 20:16 - 2014-08-20 20:16 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-20 20:16 - 2014-08-20 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-20 20:16 - 2014-08-20 20:16 - 00000000 ____D () C:\Program Files\WinRAR
2014-08-20 20:11 - 2014-08-20 17:15 - 598884909 _____ (InstallShield Software Corporation) C:\Users\gaming\Downloads\ac1install.exe
2014-08-20 20:09 - 2014-08-20 20:07 - 10355636 _____ () C:\Users\gaming\Downloads\dfhack-0.40.08-r2-Windows.7z
2014-08-20 19:37 - 2014-08-20 19:37 - 08385024 _____ () C:\Users\gaming\Downloads\GoArrow.msi
2014-08-20 19:37 - 2014-08-20 19:37 - 00465408 _____ () C:\Users\gaming\Downloads\setup.exe
2014-08-20 19:35 - 2014-08-20 19:35 - 00688640 _____ () C:\Users\gaming\Downloads\SkunkVision1007.msi
2014-08-20 19:35 - 2014-08-20 19:35 - 00156958 _____ () C:\Users\gaming\Downloads\RadarAddOn_v1.2.0.53.zip
2014-08-20 19:34 - 2014-08-20 19:34 - 00036267 _____ () C:\Users\gaming\Downloads\Squire_V1.0.1.0.zip
2014-08-20 19:33 - 2014-08-20 19:33 - 00000000 ____D () C:\Users\gaming\AppData\Local\Mag_SuitBuilder
2014-08-20 19:25 - 2014-08-20 19:25 - 01020928 _____ () C:\Users\gaming\Downloads\Mag-SuitBuilder.exe
2014-08-20 16:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-08-20 13:14 - 2014-08-20 13:14 - 442497012 _____ (InstallShield Software Corporation) C:\Users\gaming\Downloads\Unconfirmed 570524.crdownload
2014-08-20 12:10 - 2014-08-20 12:10 - 00311040 __RSH () C:\BMWFS
2014-08-20 11:27 - 2014-08-20 11:27 - 00000000 ____D () C:\Users\gaming\Documents\My Games
2014-08-20 11:27 - 2014-08-20 11:27 - 00000000 ____D () C:\Users\gaming\AppData\Local\Targem
2014-08-20 00:50 - 2014-08-20 00:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-08-20 00:23 - 2014-08-20 00:23 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-08-20 00:23 - 2009-07-14 01:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-08-20 00:23 - 2009-07-14 01:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-08-19 23:45 - 2009-07-14 00:45 - 00274320 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-19 23:44 - 2014-08-19 23:44 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-08-19 23:44 - 2014-08-19 23:44 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-08-19 23:44 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-19 23:43 - 2014-08-19 23:43 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-08-19 23:43 - 2009-07-14 00:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-08-19 23:43 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-08-19 23:41 - 2011-04-12 04:28 - 00000000 ____D () C:\Windows\CSC
2014-08-19 23:22 - 2014-08-19 23:22 - 00000202 _____ () C:\Users\gaming\Desktop\7 Days to Die.url
2014-08-19 23:08 - 2014-08-19 23:08 - 00001808 _____ () C:\Users\gaming\Desktop\Spotify.lnk
2014-08-19 23:08 - 2014-08-19 23:08 - 00001794 _____ () C:\Users\gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-08-19 23:06 - 2014-08-19 23:06 - 00127136 _____ (Spotify Ltd) C:\Users\gaming\Downloads\SpotifySetup.exe
2014-08-19 22:36 - 2014-08-19 22:36 - 00000000 ____D () C:\Users\gaming\AppData\Roaming\ATI
2014-08-19 22:36 - 2014-08-19 22:36 - 00000000 ____D () C:\Users\gaming\AppData\Local\ATI
2014-08-19 22:36 - 2014-08-19 22:36 - 00000000 ____D () C:\Users\gaming\AppData\Local\AMD
2014-08-19 22:36 - 2014-08-19 22:36 - 00000000 ____D () C:\ProgramData\ATI
2014-08-19 22:35 - 2014-08-19 22:35 - 00000000 _____ () C:\Windows\system32\spu_storage.bin
2014-08-19 22:35 - 2014-08-19 22:35 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-08-19 22:34 - 2014-08-19 22:34 - 00066505 _____ () C:\Windows\SysWOW64\CCCInstall_201408192234291481.log
2014-08-19 22:34 - 2014-08-19 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-08-19 22:34 - 2014-08-19 22:34 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-08-19 22:34 - 2014-08-19 22:34 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-08-19 22:34 - 2014-08-19 22:34 - 00000000 ____D () C:\AMD
2014-08-19 22:34 - 2014-08-19 22:33 - 00000000 ____D () C:\ProgramData\AMD
2014-08-19 22:34 - 2014-08-19 22:33 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-08-19 22:34 - 2014-08-19 22:33 - 00000000 ____D () C:\Program Files\AMD
2014-08-19 22:34 - 2014-08-19 22:30 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-19 22:33 - 2014-08-19 22:33 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-08-19 22:31 - 2014-08-19 22:31 - 00757660 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-19 22:30 - 2014-08-19 22:30 - 00000000 ____D () C:\Program Files\ATI
2014-08-19 22:29 - 2014-08-19 21:25 - 311557268 _____ () C:\Users\gaming\Downloads\amd_13.12_78.zip
2014-08-19 22:18 - 2014-08-19 22:18 - 00000202 _____ () C:\Users\gaming\Desktop\Star Conflict.url
2014-08-19 21:31 - 2014-08-19 21:30 - 04720267 _____ () C:\Users\gaming\Downloads\GrowArashAsghari.themepack
2014-08-19 21:27 - 2014-08-19 21:27 - 01141680 _____ () C:\Users\gaming\Downloads\SteamSetup.exe
2014-08-19 21:27 - 2014-08-19 21:27 - 00000512 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-08-19 21:27 - 2014-08-19 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-19 21:15 - 2014-08-19 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-19 21:15 - 2014-08-19 21:10 - 00000000 ____D () C:\Users\gaming\AppData\Local\Google
2014-08-19 21:15 - 2014-08-19 21:10 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-19 21:13 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-08-19 21:11 - 2014-08-19 21:11 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-19 21:11 - 2014-08-19 21:11 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-19 21:11 - 2014-08-19 21:11 - 00000000 ____D () C:\Users\gaming\AppData\Local\Skype
2014-08-19 21:11 - 2014-08-19 21:11 - 00000000 ____D () C:\ProgramData\Skype
2014-08-19 21:11 - 2014-08-19 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-19 21:10 - 2014-08-19 21:10 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-19 21:10 - 2014-08-19 21:10 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-19 21:10 - 2014-08-19 21:09 - 00000000 ____D () C:\Users\gaming\AppData\Local\Deployment
2014-08-19 21:09 - 2014-08-19 21:09 - 00057560 _____ () C:\Users\gaming\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-19 21:09 - 2014-08-19 21:09 - 00000000 ____D () C:\Users\gaming\AppData\Local\Apps\2.0
2014-08-19 21:07 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\restore
2014-08-19 20:50 - 2014-08-19 20:50 - 00001443 _____ () C:\Users\gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-19 20:50 - 2014-08-19 20:50 - 00001409 _____ () C:\Users\gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-08-19 20:50 - 2014-08-19 20:49 - 00000000 ____D () C:\Users\gaming
2014-08-19 20:49 - 2014-08-20 00:23 - 00000000 ____D () C:\Windows\Panther
2014-08-19 20:49 - 2014-08-19 20:49 - 00000020 ___SH () C:\Users\gaming\ntuser.ini
2014-08-19 20:49 - 2014-08-19 20:49 - 00000000 __SHD () C:\Recovery


Some content of TEMP:
====================
C:\Users\gaming\AppData\Local\Temp\Quarantine.exe




==================== Bamital & volsnap Check =================


(There is no automatic fix for files that do not pass verification.)


C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed




LastRegBack: 2014-08-27 04:05


==================== End Of Log ============================

 



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,749 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:52 AM

Posted 29 August 2014 - 06:35 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://search.speedbit.com/?s=D2Fa", "hxxp://home.speedbit.com/?pid=%s&aid=%s"
CHR DefaultSearchKeyword: Default -> EBEE1893EC1EE3C249D75E21FF9EAD43B1CE55D3491B6C89130A15ED2E8A51C5
CHR DefaultSearchURL: Default -> F59B972C86451E9F6379E2B5D775E5026D1A360B20D24DCC867F1E2A9226672D
cmd: ipconfig /flushdns
cmd: ipconfig /release
cmd: ipconfig /renew

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/
===

How is the computer running now?

#7 Deust

Deust
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:52 AM

Posted 29 August 2014 - 07:15 AM

computer seems to be doing ok, for now lol
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-08-2014
Ran by gaming at 2014-08-29 08:07:09 Run:1
Running from C:\Users\gaming\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://search.speedbit.com/?s=D2Fa", "hxxp://home.speedbit.com/?pid=%s&aid=%s"
CHR DefaultSearchKeyword: Default -> EBEE1893EC1EE3C249D75E21FF9EAD43B1CE55D3491B6C89130A15ED2E8A51C5
CHR DefaultSearchURL: Default -> F59B972C86451E9F6379E2B5D775E5026D1A360B20D24DCC867F1E2A9226672D
cmd: ipconfig /flushdns
cmd: ipconfig /release
cmd: ipconfig /renew

End
*****************

Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSearchURL deleted successfully.

=========  ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========  ipconfig /release =========


Windows IP Configuration


Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::5da0:1583:4269:c3a4%11
   Default Gateway . . . . . . . . . : 

Tunnel adapter isatap.{6E88A410-8874-42CD-A276-E9C85557E999}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:1403:cbe8:b8cc:ecc
   Link-local IPv6 Address . . . . . : fe80::1403:cbe8:b8cc:ecc%12
   Default Gateway . . . . . . . . . : ::

========= End of CMD: =========


=========  ipconfig /renew =========


Windows IP Configuration


Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::5da0:1583:4269:c3a4%11
   IPv4 Address. . . . . . . . . . . : 192.168.33.140
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.33.1

Tunnel adapter isatap.{6E88A410-8874-42CD-A276-E9C85557E999}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:2411:be36:b8cc:ecc
   Link-local IPv6 Address . . . . . : fe80::2411:be36:b8cc:ecc%12
   Default Gateway . . . . . . . . . : ::

========= End of CMD: =========


==== End of Fixlog ====
Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is enabled)
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Internet Security 2014
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Google Chrome 37.0.2062.102
Google Chrome 37.0.2062.94
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
AVG avgwdsvc.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````

Edited by nasdaq, 29 August 2014 - 07:28 AM.


#8 nasdaq

nasdaq

  • Malware Response Team
  • 40,749 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:52 AM

Posted 29 August 2014 - 07:29 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,749 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:52 AM

Posted 04 September 2014 - 09:02 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users