Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

General slowdown of new laptop.


  • This topic is locked This topic is locked
6 replies to this topic

#1 icarusbreathes

icarusbreathes

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 25 September 2014 - 07:03 PM

So I have a decent laptop that is only about 3 months old and started having some issues with my internet and slowdown. I ran a myriad of programs to clean it up and while it seems almost back to normal, it just doesn't seem as fast and has a couple little Flash crashes and lag spikes. I don't know if it's in my imagination or if there is something still lurking around. I have just about every program reommended on this site and have run them and they come up clean now, but please take a look and see if you can find anything amiss.



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,033 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:45 AM

Posted 29 September 2014 - 08:00 PM

Greetings icarusbreathes and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop <<< Important
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 icarusbreathes

icarusbreathes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 02 October 2014 - 07:52 AM

Hey Gary, thanks so much. I love what you guys are doing here, it's such a service in a world wrought with malware. I'm Joshua, endlessly troubleshooting.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-10-2014 01
Ran by Joshua (administrator) on JOSH on 02-10-2014 08:44:59
Running from C:\Users\Joshua\Desktop
Loaded Profile: Joshua (Available profiles: Joshua)
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Flux Software LLC) C:\Users\Joshua\AppData\Local\FluxSoftware\Flux\flux.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.223\deploy\LoLLauncher.exe
() C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\LoLPatcher.exe
() C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.112\deploy\LolClient.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Piriform Ltd) C:\Users\Joshua\Desktop\Maintenance\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s  RtHDVCpl    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s  kernel32.dll
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [UMonit64] => C:\Windows\SysWOW64\UMonit64.exe [40960 2013-03-14] ()
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890128 2013-04-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [466944 2011-09-19] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4867544 2014-09-18] (Emsisoft GmbH)
HKU\S-1-5-21-1522655316-1034720550-840088700-1002\...\Run: [f.lux] => C:\Users\Joshua\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1522655316-1034720550-840088700-1002\...\Run: [CCleaner Monitoring] => C:\Users\Joshua\Desktop\Maintenance\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
AppInit_DLLs: C:\Windows\Jaksta\AC\x64\jaudcap.dll => C:\Windows\Jaksta\AC\x64\jaudcap.dll [311584 2014-05-06] (Jaksta Technologies Pty Ltd)
AppInit_DLLs-x32: C:\Windows\Jaksta\AC\x86\jaudcap.dll => C:\Windows\Jaksta\AC\x86\jaudcap.dll [264480 2014-05-06] (Jaksta Technologies Pty Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2111A6F250D3CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Freecorder extension -> {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} -> C:\Program Files\Freecorder extension\ScriptHost64.dll (Applian Technologies Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Freecorder extension -> {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} -> C:\Program Files (x86)\Freecorder extension\ScriptHost.dll (Applian Technologies Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\Joshua\AppData\Roaming\Mozilla\Firefox\Profiles\mi0wltl5.default-1411051614040
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Joshua\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Joshua\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: Freecorder - C:\Users\Joshua\AppData\Roaming\Mozilla\Firefox\Profiles\mi0wltl5.default-1411051614040\Extensions\addon@freecorder.com [2014-09-23]
FF Extension: Adblock Plus - C:\Users\Joshua\AppData\Roaming\Mozilla\Firefox\Profiles\mi0wltl5.default-1411051614040\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-18]
FF Extension: Freecorder - C:\Program Files (x86)\Mozilla Firefox\extensions\addon@freecorder.com [2014-09-18]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2014-09-18]
FF Extension: Pin It Button - C:\Program Files (x86)\Mozilla Firefox\extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2014-09-18]
FF Extension: Adblock Plus - C:\Program Files (x86)\Mozilla Firefox\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4784144 2014-09-18] (Emsisoft GmbH)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-04-29] (ASUS)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2228440 2013-05-15] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99664 2013-04-11] (ELAN Microelectronics Corp.)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-04-11] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-04-11] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-25] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-25] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2013-04-28] (Microsoft Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [172760 2013-05-15] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [9463984 2013-12-12] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R3 BTWPANFL; C:\Windows\system32\drivers\btwpanfl.sys [44912 2013-01-19] (Broadcom Corporation.)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [91368 2013-03-21] (GenesysLogic)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-09-18] ()
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 msahci; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-02 08:44 - 2014-10-02 08:45 - 00016798 _____ () C:\Users\Joshua\Desktop\FRST.txt
2014-10-02 08:44 - 2014-10-02 08:45 - 00000000 ____D () C:\FRST
2014-10-02 08:44 - 2014-10-02 08:44 - 02108928 _____ (Farbar) C:\Users\Joshua\Desktop\FRST64.exe
2014-10-02 07:07 - 2014-10-02 07:07 - 04965896 _____ (Piriform Ltd) C:\Users\Joshua\Downloads\ccsetup418.exe
2014-10-02 07:07 - 2014-10-02 07:07 - 00002812 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-10-02 06:04 - 2014-10-02 06:04 - 00000000 ____D () C:\Users\Joshua\AppData\Roaming\Unity
2014-10-02 06:00 - 2014-10-02 06:00 - 01080584 _____ (Unity Technologies ApS) C:\Users\Joshua\Downloads\UnityWebPlayer.exe
2014-10-02 06:00 - 2014-10-02 06:00 - 00000000 ____D () C:\Users\Joshua\AppData\Local\Unity
2014-09-29 12:28 - 2014-09-29 12:28 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-09-29 12:27 - 2014-09-13 16:13 - 00613696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-09-29 12:26 - 2014-09-29 12:27 - 00000000 ____D () C:\Windows\LastGood
2014-09-29 12:25 - 2014-09-17 00:51 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-09-29 12:25 - 2014-09-17 00:51 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 31887680 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 24552592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 19954520 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 14026304 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 13939272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 13157696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-09-29 12:25 - 2014-09-13 19:48 - 11392576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 11330776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 04287296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 04008592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434411.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434411.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 00957584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 00925896 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 00919240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 00894096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 00501064 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 00417096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-09-29 12:25 - 2014-09-13 19:48 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-09-29 12:05 - 2014-10-02 07:08 - 00000000 ____D () C:\Users\Joshua\AppData\Local\CrashDumps
2014-09-24 03:19 - 2014-09-24 03:19 - 00000581 _____ () C:\Users\Joshua\Desktop\poetry.txt
2014-09-22 06:24 - 2014-09-22 06:24 - 00036456 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-09-21 03:17 - 2014-10-01 04:32 - 00000000 ____D () C:\Users\Joshua\AppData\Roaming\vlc
2014-09-21 03:15 - 2014-09-21 03:15 - 21501464 _____ () C:\Users\Joshua\Downloads\vlc-2.1.5-win32.7z
2014-09-20 15:49 - 2014-10-02 07:46 - 00970547 _____ () C:\Windows\WindowsUpdate.log
2014-09-19 15:53 - 2014-09-19 15:53 - 00000000 ____D () C:\Users\Public\CyberLink
2014-09-19 15:53 - 2014-09-19 15:53 - 00000000 ____D () C:\Users\Joshua\Documents\CyberLink
2014-09-19 15:53 - 2014-09-19 15:53 - 00000000 ____D () C:\Users\Joshua\AppData\Roaming\CyberLink
2014-09-19 15:53 - 2014-09-19 15:53 - 00000000 ____D () C:\Users\Joshua\AppData\Local\Cyberlink
2014-09-19 15:53 - 2014-09-19 15:53 - 00000000 ____D () C:\ProgramData\CyberLink
2014-09-18 21:33 - 2014-09-18 21:33 - 00000000 ____D () C:\Users\Joshua\AppData\Roaming\OBS
2014-09-18 21:33 - 2014-09-18 21:33 - 00000000 ____D () C:\Users\Joshua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-09-18 21:33 - 2014-09-18 21:33 - 00000000 ____D () C:\Program Files\OBS
2014-09-18 21:33 - 2014-09-18 21:33 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-09-18 21:32 - 2014-09-18 21:32 - 07406196 _____ () C:\Users\Joshua\Downloads\OBS_0_635b_Installer.exe
2014-09-18 12:12 - 2014-09-18 12:12 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-09-18 11:19 - 2014-09-18 11:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-09-18 11:18 - 2014-10-02 08:03 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-09-18 11:16 - 2014-09-18 11:17 - 163670496 _____ (Emsisoft GmbH ) C:\Users\Joshua\Downloads\EmsisoftAntiMalwareSetup.exe
2014-09-18 11:11 - 2014-09-18 11:11 - 00000390 _____ () C:\Windows\system32\.crusader
2014-09-18 11:06 - 2014-09-18 11:12 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-09-18 11:06 - 2014-09-18 11:11 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-18 11:06 - 2014-09-18 11:06 - 11194928 _____ (SurfRight B.V.) C:\Users\Joshua\Downloads\HitmanPro_x64.exe
2014-09-18 07:47 - 2014-09-18 07:47 - 00019229 _____ () C:\ComboFix.txt
2014-09-18 07:43 - 2014-09-18 07:47 - 00000000 ____D () C:\Qoobox
2014-09-18 07:43 - 2014-09-18 07:46 - 00000000 ____D () C:\Windows\erdnt
2014-09-18 07:43 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-18 07:43 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-18 07:43 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-18 07:43 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-18 07:43 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-18 07:43 - 2000-08-30 20:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-09-18 07:43 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-18 07:43 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-18 07:43 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-18 07:31 - 2014-09-22 06:22 - 00033512 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
2014-09-18 07:31 - 2014-09-18 07:31 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-09-18 07:21 - 2014-09-18 07:21 - 00102045 _____ () C:\Users\Joshua\AppData\Local\ars.cache
2014-09-18 07:08 - 2014-09-18 07:08 - 00000036 _____ () C:\Users\Joshua\AppData\Local\housecall.guid.cache
2014-09-18 06:37 - 2014-09-18 08:06 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-18 06:36 - 2014-09-18 06:36 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-18 06:35 - 2014-09-18 06:37 - 00000000 ____D () C:\Users\Joshua\AppData\Local\Adobe
2014-09-18 06:34 - 2014-09-22 08:44 - 00000000 ____D () C:\AdwCleaner
2014-09-17 17:24 - 2014-08-09 04:30 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-09-17 17:24 - 2014-08-09 04:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2014-09-14 19:13 - 2014-09-14 19:13 - 00002278 _____ () C:\Users\Joshua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2014-09-14 19:13 - 2014-09-14 19:13 - 00000000 ___RD () C:\Users\Joshua\SkyDrive
2014-09-14 19:13 - 2014-09-14 19:13 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-09-11 04:37 - 2014-08-16 05:34 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 04:37 - 2014-08-16 05:34 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 04:37 - 2014-08-16 05:34 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-09-11 04:37 - 2014-08-16 05:34 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 04:37 - 2014-08-16 05:33 - 19280384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 04:37 - 2014-08-16 05:33 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 04:37 - 2014-08-16 05:33 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 04:37 - 2014-08-16 05:32 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 04:37 - 2014-08-16 05:32 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 04:37 - 2014-08-16 05:32 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 04:37 - 2014-08-16 05:32 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 04:37 - 2014-08-16 05:32 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-11 04:37 - 2014-08-16 05:32 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 04:37 - 2014-08-16 05:32 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 04:37 - 2014-08-16 05:32 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 04:37 - 2014-08-16 03:37 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 04:37 - 2014-08-16 03:37 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 04:37 - 2014-08-16 03:36 - 14369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 04:37 - 2014-08-16 03:36 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 04:37 - 2014-08-16 03:36 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 04:37 - 2014-08-16 03:36 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 04:37 - 2014-08-16 03:36 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-11 04:37 - 2014-08-16 03:36 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 04:37 - 2014-08-16 03:36 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 04:37 - 2014-08-16 03:36 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 04:37 - 2014-08-16 03:36 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 04:37 - 2014-08-16 03:36 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 04:37 - 2014-08-16 03:35 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 04:37 - 2014-03-06 20:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 04:37 - 2013-05-15 18:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-11 04:37 - 2013-05-15 18:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-11 04:37 - 2013-05-14 09:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 04:37 - 2013-05-14 05:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 04:37 - 2013-02-21 06:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-11 04:37 - 2013-02-21 06:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 04:37 - 2013-02-21 06:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 04:37 - 2013-02-21 06:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 04:37 - 2013-02-21 06:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-11 04:37 - 2013-02-21 06:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 04:37 - 2013-02-19 05:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-09-11 04:37 - 2012-11-08 00:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 04:37 - 2012-11-08 00:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 04:37 - 2012-07-25 23:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 04:02 - 2014-08-28 07:34 - 00059400 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-11 04:02 - 2014-08-28 02:05 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-11 04:02 - 2014-08-28 02:05 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-11 04:02 - 2014-08-28 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-11 04:02 - 2014-08-28 02:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-11 04:02 - 2014-08-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-11 04:02 - 2014-08-28 02:01 - 03285504 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-11 04:02 - 2014-08-28 02:01 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-11 04:02 - 2014-08-28 02:01 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-11 04:02 - 2014-08-28 02:01 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-11 04:02 - 2014-08-28 02:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-09-11 04:02 - 2014-08-28 02:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-11 04:02 - 2014-08-28 02:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-11 04:02 - 2014-08-28 02:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-09-11 04:02 - 2014-07-31 19:40 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-11 04:02 - 2014-07-23 23:33 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-11 04:02 - 2014-07-23 23:33 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-11 04:02 - 2014-06-04 21:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2014-09-11 04:02 - 2014-06-03 19:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2014-09-06 07:06 - 2014-09-06 07:19 - 00000000 ____D () C:\Users\Joshua\AppData\Local\Windows Live

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-02 08:11 - 2014-07-15 23:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-02 08:00 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\sru
2014-10-02 07:30 - 2014-07-15 18:20 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1522655316-1034720550-840088700-1002
2014-10-02 07:08 - 2014-07-15 21:05 - 00000000 ____D () C:\Users\Joshua\AppData\Roaming\uTorrent
2014-10-02 05:55 - 2014-08-28 23:49 - 00000942 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1522655316-1034720550-840088700-1002UA.job
2014-10-02 03:38 - 2014-07-24 00:49 - 00000000 ____D () C:\Users\Joshua\AppData\Roaming\Mumble
2014-10-01 23:55 - 2014-08-28 23:49 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1522655316-1034720550-840088700-1002Core.job
2014-10-01 01:24 - 2014-08-12 20:32 - 00000000 ____D () C:\Users\Joshua\Desktop\Movies
2014-09-29 13:01 - 2014-07-15 18:33 - 00000000 ____D () C:\Users\Joshua\AppData\Local\PMB Files
2014-09-29 12:30 - 2014-07-15 18:33 - 00000000 ____D () C:\ProgramData\PMB Files
2014-09-29 12:27 - 2013-12-12 09:12 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-29 12:27 - 2013-12-12 09:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-28 08:21 - 2014-07-15 18:13 - 00000000 ____D () C:\Users\Joshua\AppData\Local\VirtualStore
2014-09-27 06:35 - 2014-07-16 04:29 - 00000000 ____D () C:\Users\Joshua\AppData\Roaming\SongManager
2014-09-26 22:09 - 2012-07-26 03:28 - 00848230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-26 06:09 - 2014-08-20 18:12 - 00000000 ____D () C:\Users\Joshua\AppData\Roaming\Skype
2014-09-24 21:59 - 2014-07-15 18:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 03:20 - 2014-07-15 18:32 - 00000000 ____D () C:\Users\Joshua\Desktop\Gaming
2014-09-22 06:25 - 2014-07-15 18:55 - 00000000 ____D () C:\Users\Joshua\Desktop\Maintenance
2014-09-22 06:20 - 2012-07-26 03:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-21 02:24 - 2014-07-16 18:22 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-21 00:28 - 2014-07-16 02:19 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-21 00:28 - 2014-07-16 02:18 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-21 00:23 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-19 02:34 - 2014-07-15 18:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-18 09:29 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-18 07:46 - 2012-07-26 01:26 - 00000215 _____ () C:\Windows\system.ini
2014-09-18 06:49 - 2013-04-28 04:26 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-17 17:33 - 2012-07-26 03:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-17 00:51 - 2013-12-12 09:11 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-09-14 19:13 - 2014-07-15 18:12 - 00000000 ____D () C:\Users\Joshua
2014-09-14 05:25 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\rescache
2014-09-14 04:58 - 2014-07-16 19:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 04:56 - 2014-07-16 19:17 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 19:48 - 2014-07-30 17:45 - 18106152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-09-13 19:48 - 2013-12-12 09:11 - 20589536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-09-13 19:48 - 2013-12-12 09:11 - 16875856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-09-13 19:48 - 2013-12-12 09:11 - 03223120 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-09-13 19:48 - 2013-12-12 09:11 - 02838424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-09-13 19:48 - 2013-12-12 09:11 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-09-13 19:48 - 2013-12-12 09:11 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-09-13 19:48 - 2013-12-12 09:11 - 00026956 _____ () C:\Windows\system32\nvinfo.pb
2014-09-13 17:53 - 2013-12-12 09:11 - 06890696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-09-13 17:53 - 2013-12-12 09:11 - 03529872 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-09-13 17:53 - 2013-12-12 09:11 - 02557640 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-09-13 17:53 - 2013-12-12 09:11 - 00934216 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-09-13 17:53 - 2013-12-12 09:11 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-09-13 17:53 - 2013-12-12 09:11 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-09-11 11:37 - 2014-07-16 18:31 - 03961833 _____ () C:\Windows\system32\nvcoproc.bin
2014-09-10 11:49 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-09-09 14:11 - 2014-07-15 23:15 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-03 21:09 - 2014-08-25 17:48 - 00000000 ____D () C:\Users\Joshua\Desktop\Microsoft Office
2014-09-02 15:32 - 2014-07-18 15:25 - 00104904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-02 15:32 - 2014-07-16 20:37 - 00705480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-01 04:54

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-10-2014 01
Ran by Joshua at 2014-10-02 08:45:39
Running from C:\Users\Joshua\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32354 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Asheron's Call (HKLM-x32\...\{F0EE55BA-193D-4670-90C0-76E0E25F3A08}) (Version: 1.00.0000 - Turbine)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.2 - ASUS)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.020 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5230.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5230.52 - CyberLink Corp.) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0028 - ASUS)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.64 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deckadance 2 (HKLM-x32\...\Deckadance 2) (Version: 2.0 - Image-Line)
Electric Sheep 2.7b34 (HKLM-x32\...\Electric Sheep) (Version: 2.7b34 - Electricsheep)
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
ETDWare PS/2-X64 11.5.9.1_WHQL (HKLM\...\Elantech) (Version: 11.5.9.1 - ELAN Microelectronic Corp.)
f.lux (HKCU\...\Flux) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Freecorder 8 Applications (8.0.1.48) (HKLM-x32\...\Freecorder 8 Applications) (Version: 8.0.1.48 - Applian Technologies)
Freecorder extension (HKLM-x32\...\Freecorder extension) (Version: 7.0.2.0 - Applian Technologies Inc.)
Freecorder extension for Firefox (HKLM-x32\...\Freecorder extension for Firefox) (Version: 7.0.0.13 - Applian Technologies, Inc.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.3 - Genesys Logic)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Mumble 1.2.7 (HKLM-x32\...\{CF8BBFA2-5502-4904-A9E9-8D5CAA8DF785}) (Version: 1.2.7 - Thorvald Natvig)
NVIDIA 3D Vision Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.11 - NVIDIA Corporation)
NVIDIA Control Panel 344.11 (Version: 344.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.17 - Qualcomm Atheros Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2247.4 - Hi-Rez Studios)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.6955 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1522655316-1034720550-840088700-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Joshua\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1522655316-1034720550-840088700-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Joshua\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1522655316-1034720550-840088700-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Joshua\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1522655316-1034720550-840088700-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Joshua\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1522655316-1034720550-840088700-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Joshua\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

14-09-2014 08:56:30 Windows Update
17-09-2014 21:32:45 Windows Update
24-09-2014 22:17:02 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 01:26 - 2014-09-18 07:46 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0BB0B660-8120-463F-9CBE-33A088074E8E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-09-14] (Microsoft Corporation)
Task: {0F789459-A59C-45D5-A268-A69E12FE74AC} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {30A97D91-6451-40D2-AC24-831AE7461D41} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1522655316-1034720550-840088700-1002UA => C:\Users\Joshua\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-28] (Facebook Inc.)
Task: {35780F40-5255-4226-81EB-939D34BAEB46} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-04-29] (ASUS)
Task: {6195B516-91CB-40A6-8AB9-9BCF6E3F1C8B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1522655316-1034720550-840088700-1002Core => C:\Users\Joshua\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-28] (Facebook Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {ABC4195B-9E11-42A5-A4A3-CF2687CC4C6A} - System32\Tasks\CCleanerSkipUAC => C:\Users\Joshua\Desktop\Maintenance\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {DD102628-3E80-4B4C-83C2-D4CB480C8C96} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {ED33DF1F-1BC3-455B-A7EE-AB4C1B62E4FB} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-30] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1522655316-1034720550-840088700-1002Core.job => C:\Users\Joshua\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1522655316-1034720550-840088700-1002UA.job => C:\Users\Joshua\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-05-20 16:52 - 2013-05-20 16:52 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2013-04-29 20:03 - 2013-04-29 20:03 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-04-28 05:46 - 2013-01-02 02:55 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-12-12 09:21 - 2013-03-14 05:46 - 00040960 _____ () C:\Windows\SysWOW64\UMonit64.exe
2013-12-12 09:27 - 2011-09-19 14:40 - 00466944 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
2013-12-12 09:11 - 2014-09-13 17:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-05-07 13:26 - 2013-05-07 13:26 - 01302080 _____ () C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\system\rads_user_kernel.exe
2014-07-15 18:39 - 2014-09-25 19:32 - 02453496 _____ () C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.223\deploy\LoLLauncher.exe
2014-09-25 19:32 - 2014-09-25 19:32 - 04081656 _____ () C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\LoLPatcher.exe
2014-07-15 18:51 - 2014-07-15 18:51 - 00074752 _____ () C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.112\deploy\LolClient.exe
2014-09-18 11:18 - 2014-09-18 11:27 - 00751680 _____ () C:\Program Files (x86)\Emsisoft Anti-Malware\fw32.dll
2013-12-12 09:15 - 2013-04-11 19:30 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-07-15 18:22 - 2014-09-24 21:59 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-25 19:32 - 2014-09-25 19:32 - 01636856 _____ () C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\RiotLauncher.dll
2014-09-10 12:01 - 2014-09-10 12:01 - 42975744 _____ () C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\libcef.dll
2014-09-10 12:01 - 2014-09-10 12:01 - 01559552 _____ () C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\icui18n.dll
2014-09-10 12:01 - 2014-09-10 12:01 - 01241088 _____ () C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\icuuc.dll
2014-09-10 12:01 - 2014-09-10 12:01 - 04945408 _____ () C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\v8.dll
2014-09-25 19:32 - 2014-09-25 19:32 - 01712640 _____ () C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\RiotRadsIO.dll
2014-07-15 18:48 - 2014-07-15 18:48 - 04774248 _____ () C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.112\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"

========================= Accounts: ==========================

Administrator (S-1-5-21-1522655316-1034720550-840088700-500 - Administrator - Disabled)
Guest (S-1-5-21-1522655316-1034720550-840088700-501 - Limited - Disabled)
Joshua (S-1-5-21-1522655316-1034720550-840088700-1002 - Administrator - Enabled) => C:\Users\Joshua

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/02/2014 06:04:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FlashPlayerPlugin_15_0_0_152.exe, version: 15.0.0.152, time stamp: 0x53fe814b
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00aa73f8
Faulting process id: 0x2e0c
Faulting application start time: 0xFlashPlayerPlugin_15_0_0_152.exe0
Faulting application path: FlashPlayerPlugin_15_0_0_152.exe1
Faulting module path: FlashPlayerPlugin_15_0_0_152.exe2
Report Id: FlashPlayerPlugin_15_0_0_152.exe3
Faulting package full name: FlashPlayerPlugin_15_0_0_152.exe4
Faulting package-relative application ID: FlashPlayerPlugin_15_0_0_152.exe5

Error: (09/29/2014 00:27:57 PM) (Source: MsiInstaller) (EventID: 1002) (User: Josh)
Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'

Error: (09/29/2014 00:05:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LolClient.exe, version: 0.0.0.0, time stamp: 0x515663e0
Faulting module name: MMDevApi.dll, version: 6.2.9200.16420, time stamp: 0x505a95dd
Exception code: 0xc0000005
Fault offset: 0x000186a2
Faulting process id: 0x8f0
Faulting application start time: 0xLolClient.exe0
Faulting application path: LolClient.exe1
Faulting module path: LolClient.exe2
Report Id: LolClient.exe3
Faulting package full name: LolClient.exe4
Faulting package-relative application ID: LolClient.exe5

Error: (09/24/2014 09:42:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FlashPlayerPlugin_15_0_0_152.exe version 15.0.0.152 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 11b4

Start Time: 01cfd7517e21863b

Termination Time: 46

Application Path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe

Report Id: 2675d754-4455-11e4-be91-240a64079439

Faulting package full name:

Faulting package-relative application ID:

Error: (09/22/2014 10:16:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FL.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1748

Start Time: 01cfd6ca7a70e912

Termination Time: 12

Application Path: C:\Users\Joshua\Desktop\FL Studio\FL.exe

Report Id: a1853267-42c7-11e4-be91-240a64079439

Faulting package full name:

Faulting package-relative application ID:

Error: (09/18/2014 08:11:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program rads_user_kernel.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ef0

Start Time: 01cfd39ce867aa59

Termination Time: 1

Application Path: C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\system\rads_user_kernel.exe

Report Id: 7eb3c18b-3f91-11e4-be8e-240a64079439

Faulting package full name:

Faulting package-relative application ID:

Error: (09/18/2014 08:11:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program rads_user_kernel.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1848

Start Time: 01cfd39e398f4678

Termination Time: 1

Application Path: C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\system\rads_user_kernel.exe

Report Id: 7bda60a4-3f91-11e4-be8e-240a64079439

Faulting package full name:

Faulting package-relative application ID:

Error: (09/18/2014 01:54:26 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (09/18/2014 06:36:31 AM) (Source: MsiInstaller) (EventID: 1002) (User: Josh)
Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'

Error: (09/18/2014 00:26:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PSIA.exe, version: 3.0.0.9016, time stamp: 0x52a1d50f
Faulting module name: ntdll.dll, version: 6.2.9200.16912, time stamp: 0x53645e25
Exception code: 0xc0000005
Fault offset: 0x00051d8a
Faulting process id: 0x11f4
Faulting application start time: 0xPSIA.exe0
Faulting application path: PSIA.exe1
Faulting module path: PSIA.exe2
Report Id: PSIA.exe3
Faulting package full name: PSIA.exe4
Faulting package-relative application ID: PSIA.exe5


System errors:
=============
Error: (09/25/2014 07:18:57 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.0.2.
The computer with the IP address 192.168.0.5 did not allow the name to be claimed by
this computer.

Error: (09/22/2014 06:22:11 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\SysWow64\drivers\TrueSight.sys

Error: (09/22/2014 06:20:29 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:03:24 AM on ‎9/‎22/‎2014 was unexpected.

Error: (09/22/2014 06:03:45 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.0.14.
The computer with the IP address 192.168.0.5 did not allow the name to be claimed by
this computer.

Error: (09/19/2014 02:33:00 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:24:11 AM on ‎9/‎19/‎2014 was unexpected.

Error: (09/19/2014 01:45:00 AM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video3Graphics Exception: ESR 0x408030=0x80000003

Error: (09/19/2014 01:45:00 AM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video3Graphics Exception: Const out of Bound

Error: (09/18/2014 11:12:42 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service terminated with the following service-specific error:
%%0

Error: (09/18/2014 07:46:30 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (09/18/2014 07:46:13 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys


Microsoft Office Sessions:
=========================
Error: (10/02/2014 06:04:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_15_0_0_152.exe15.0.0.15253fe814bunknown0.0.0.000000000c000000500aa73f82e0c01cfdd35964fb446C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exeunknown78f8e32b-4a1b-11e4-be91-240a64079439

Error: (09/29/2014 00:27:57 PM) (Source: MsiInstaller) (EventID: 1002) (User: Josh)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (09/29/2014 00:05:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LolClient.exe0.0.0.0515663e0MMDevApi.dll6.2.9200.16420505a95ddc0000005000186a28f001cfdadcd61ec997C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.112\deploy\LolClient.exeC:\Windows\System32\MMDevApi.dll799b2ced-47f2-11e4-be91-240a64079439

Error: (09/24/2014 09:42:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FlashPlayerPlugin_15_0_0_152.exe15.0.0.15211b401cfd7517e21863b46C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe2675d754-4455-11e4-be91-240a64079439

Error: (09/22/2014 10:16:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FL.exe0.0.0.0174801cfd6ca7a70e91212C:\Users\Joshua\Desktop\FL Studio\FL.exea1853267-42c7-11e4-be91-240a64079439

Error: (09/18/2014 08:11:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: rads_user_kernel.exe0.0.0.0ef001cfd39ce867aa591C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\system\rads_user_kernel.exe7eb3c18b-3f91-11e4-be8e-240a64079439

Error: (09/18/2014 08:11:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: rads_user_kernel.exe0.0.0.0184801cfd39e398f46781C:\Users\Joshua\Desktop\Gaming\League of Legends\RADS\system\rads_user_kernel.exe7bda60a4-3f91-11e4-be8e-240a64079439

Error: (09/18/2014 01:54:26 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (09/18/2014 06:36:31 AM) (Source: MsiInstaller) (EventID: 1002) (User: Josh)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (09/18/2014 00:26:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.901652a1d50fntdll.dll6.2.9200.1691253645e25c000000500051d8a11f401cfd2f69bf65ab9C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Windows\SYSTEM32\ntdll.dll0037ea9c-3eec-11e4-be8b-240a64079439


CodeIntegrity Errors:
===================================
  Date: 2014-10-01 09:24:51.081
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2014-10-01 09:24:50.713
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2014-10-01 09:24:48.945
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2014-09-30 03:02:02.333
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2014-09-30 03:02:01.912
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2014-09-30 03:01:58.530
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2014-09-29 07:11:46.462
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2014-09-29 07:11:46.108
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2014-09-29 07:11:44.826
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2014-09-28 04:46:54.300
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.


==================== Memory info ===========================

Processor: Intel® Core™ i7-4700HQ CPU @ 2.40GHz
Percentage of memory in use: 48%
Total physical RAM: 8109.48 MB
Available physical RAM: 4166.68 MB
Total Pagefile: 9325.48 MB
Available Pagefile: 4508.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:910.21 GB) (Free:807.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 115DA0F7)

Partition: GPT Partition Type.

==================== End Of Log ============================




Attached File  Summary.zip   98.83KB   1 downloads



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,033 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:45 AM

Posted 02 October 2014 - 08:23 AM

Hi Joshua and on behalf of the entire crew here thank you for your kind words.

There really isn't anything of concern that I see. My impression in reviewing your logs is that this issue is most prominent when you are playing online games. Would that be a fair statement?

Also, I would like to caution you regarding uTorrent or any other Peer to Peer programs as they can be quite dangerous and files downloaded can easily compromise your computer. And finally CCleaner is good but be careful regarding any registry manipulations. You seem knowledgeable but I would be remiss if I didn't at least mention these 2 things.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 icarusbreathes

icarusbreathes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 02 October 2014 - 09:32 AM

Hi Joshua and on behalf of the entire crew here thank you for your kind words.

There really isn't anything of concern that I see. My impression in reviewing your logs is that this issue is most prominent when you are playing online games. Would that be a fair statement?

Also, I would like to caution you regarding uTorrent or any other Peer to Peer programs as they can be quite dangerous and files downloaded can easily compromise your computer. And finally CCleaner is good but be careful regarding any registry manipulations. You seem knowledgeable but I would be remiss if I didn't at least mention these 2 things.

I haven't really been noticing too many issues now, so if there was one I may have managed to clean it up. I may just be paranoid that things don't feel quite as fast as they initially did, or perhaps they weren't at one point. The only issue I'm having now is Windows 8 minimizing games if I click in the bottom left corner, but I am not the only one having this issue and have at least a temporary workaround by maximizing clients through the task manager. Thanks!


Edited by icarusbreathes, 02 October 2014 - 09:34 AM.


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,033 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:45 AM

Posted 02 October 2014 - 01:54 PM

You are welcome. Is there anything else you might need assistance with?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,033 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:45 AM

Posted 04 October 2014 - 01:32 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users