Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ColorMedia.dll problem! Need help


  • This topic is locked This topic is locked
7 replies to this topic

#1 Dalgyon

Dalgyon

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:33 PM

Posted 15 January 2015 - 04:03 PM

I've tried many things but I'm at a loss here. Anyone willing to give me a hand?

Attached Files



BC AdBot (Login to Remove)

 


m

#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:33 PM

Posted 15 January 2015 - 04:13 PM

Hey, :)
 
Which problem do you have?
 
Please download FRST (by Farbar) from the link below and save it to your Desktop.
 

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 Dalgyon

Dalgyon
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:33 PM

Posted 15 January 2015 - 04:20 PM

Hello :D and well I've been trying to open up several programs but I tend to get an error saying that it can't open because ColorMedia.dll has caused an issue with it.

 

Heres the first log:
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
Ran by Jay (administrator) on JAY-PC on 15-01-2015 15:16:11
Running from C:\Users\Jay\Downloads
Loaded Profiles: Jay (Available profiles: Jay)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Greatis Software) C:\Program Files (x86)\UnHackMe\hackmon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Akamai Technologies, Inc.) C:\Users\Jay\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Users\Jay\AppData\Local\Google\Update\GoogleUpdate.exe
(Akamai Technologies, Inc.) C:\Users\Jay\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(wifimouse.necta.us) C:\Program Files (x86)\MouseServer\MouseServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-31] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-09] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-17] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-393417265-3845936301-1206278323-1001\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4287536 2013-11-27] ()
HKU\S-1-5-21-393417265-3845936301-1206278323-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jay\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-393417265-3845936301-1206278323-1001\...\Run: [Google Update] => C:\Users\Jay\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-30] (Google Inc.)
HKU\S-1-5-21-393417265-3845936301-1206278323-1001\...\Run: [BitTorrent] => C:\Users\Jay\AppData\Roaming\BitTorrent\BitTorrent.exe [1381208 2014-12-17] (BitTorrent Inc.)
HKU\S-1-5-21-393417265-3845936301-1206278323-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-393417265-3845936301-1206278323-1001\...\MountPoints2: {b0c473b3-2423-11e4-9fd2-d485649bf85d} - H:\JurassicPark100_Setup.exe
BootExecute: autocheck autochk * Partizan
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-393417265-3845936301-1206278323-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\ColorMedia.dll [324776] (CartCrunch Israel Ltd.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\ColorMedia.dll [324776] (CartCrunch Israel Ltd.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\ColorMedia.dll [324776] (CartCrunch Israel Ltd.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\ColorMedia.dll [324776] (CartCrunch Israel Ltd.)
Winsock: Catalog9 15 C:\Windows\SysWOW64\ColorMedia.dll [324776] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 01 C:\Windows\system32\ColorMedia64.dll [370688] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 02 C:\Windows\system32\ColorMedia64.dll [370688] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 03 C:\Windows\system32\ColorMedia64.dll [370688] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 04 C:\Windows\system32\ColorMedia64.dll [370688] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 15 C:\Windows\system32\ColorMedia64.dll [370688] (CartCrunch Israel Ltd.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-393417265-3845936301-1206278323-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jay\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-393417265-3845936301-1206278323-1001: @talk.google.com/O1DPlugin -> C:\Users\Jay\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-393417265-3845936301-1206278323-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jay\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-393417265-3845936301-1206278323-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jay\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-393417265-3845936301-1206278323-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jay\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-393417265-3845936301-1206278323-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-393417265-3845936301-1206278323-1001: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Users\Jay\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jay\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKU\S-1-5-21-393417265-3845936301-1206278323-1001\...\Firefox\Extensions: [{D1CA2833-03CA-7F85-1EFD-A63E7A9E0BF4}] - C:\Program Files (x86)\ver0BlockAndSurf\186.xpi
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3767\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1504\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3289\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9326\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home323\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode9117\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release74\ff [Not Found]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-27]
CHR Extension: (Google Drive) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (YouTube) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-21]
CHR Extension: (Adblock Plus) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-09]
CHR Extension: (Google Search) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-21]
CHR Extension: (Google Wallet) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-27]
CHR Extension: (Gmail) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-21]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3384000 2014-06-08] (INCA Internet Co., Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-29] (Electronic Arts)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-08-28] (Razer Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 cmwf; C:\Windows\system32\Drivers\cmwf.sys [33952 2015-01-07] () [File not signed]
R1 cmwr; C:\Windows\system32\Drivers\cmwr.sys [45216 2015-01-07] () [File not signed]
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [6180832 2009-09-23] (Intel Corporation) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [35816 2015-01-14] (Greatis Software)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va019; \??\C:\Windows\SysWOW64\Drivers\X6va019 [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va023; \??\C:\Windows\SysWOW64\Drivers\X6va023 [X]
S3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
S3 X6va026; \??\C:\Windows\SysWOW64\Drivers\X6va026 [X]
S3 X6va027; \??\C:\Windows\SysWOW64\Drivers\X6va027 [X]
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-15 15:14 - 2015-01-15 15:14 - 02125312 _____ (Farbar) C:\Users\Jay\Downloads\FRST64.exe
2015-01-15 14:57 - 2015-01-15 14:57 - 00020562 _____ () C:\Users\Jay\Desktop\dds.txt
2015-01-15 14:57 - 2015-01-15 14:57 - 00011962 _____ () C:\Users\Jay\Desktop\attach.txt
2015-01-15 14:56 - 2015-01-15 14:56 - 00688992 ____R (Swearware) C:\Users\Jay\Downloads\dds.com
2015-01-15 14:52 - 2015-01-15 14:53 - 00075468 _____ () C:\Users\Jay\Downloads\SystemLook.txt
2015-01-15 14:51 - 2015-01-15 14:51 - 00165376 _____ () C:\Users\Jay\Downloads\SystemLook_x64 (1).exe
2015-01-15 14:51 - 2015-01-15 14:51 - 00139264 _____ () C:\Users\Jay\Downloads\SystemLook.exe
2015-01-15 03:16 - 2015-01-15 03:17 - 08166105 _____ () C:\Users\Jay\Downloads\PPFScan.zip
2015-01-15 03:00 - 2015-01-15 03:00 - 00051172 _____ () C:\Users\Jay\Downloads\Shortcut.txt
2015-01-15 02:59 - 2015-01-15 03:00 - 00030599 _____ () C:\Users\Jay\Downloads\Addition.txt
2015-01-15 02:57 - 2015-01-15 15:16 - 00000000 ____D () C:\FRST
2015-01-15 00:25 - 2015-01-15 00:33 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\FreeFixer
2015-01-15 00:25 - 2015-01-15 00:28 - 00000000 ____D () C:\Users\Jay\AppData\Local\FreeFixer
2015-01-15 00:24 - 2015-01-15 04:01 - 00000000 ____D () C:\Program Files\FreeFixer
2015-01-14 23:39 - 2015-01-14 23:39 - 00074706 _____ () C:\Users\Jay\Downloads\AutoRuns (1).txt
2015-01-14 23:12 - 2015-01-15 04:01 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Reason Software Company Inc
2015-01-14 23:12 - 2015-01-15 02:59 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2015-01-14 23:12 - 2015-01-14 23:12 - 02178048 _____ (Reason Software Company Inc.) C:\Users\Jay\Downloads\ShouldIRemoveIt_Setup.exe
2015-01-14 23:10 - 2015-01-15 04:02 - 00000248 _____ () C:\Windows\SysWOW64\PARTIZAL.EXE
2015-01-14 23:07 - 2015-01-14 23:08 - 00000000 ___SD () C:\ComboFix
2015-01-14 23:06 - 2015-01-14 23:06 - 05609736 ____R (Swearware) C:\Users\Jay\Downloads\ComboFix.exe
2015-01-14 23:06 - 2015-01-14 23:06 - 00001101 _____ () C:\Users\Jay\Desktop\ComboFix - Shortcut.lnk
2015-01-14 23:06 - 2011-06-26 00:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-14 23:06 - 2010-11-07 11:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-14 23:06 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-14 23:06 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-14 23:06 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-14 23:06 - 2000-08-30 18:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-14 23:06 - 2000-08-30 18:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-14 23:06 - 2000-08-30 18:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-14 23:00 - 2015-01-14 23:00 - 00380416 _____ () C:\Users\Jay\Downloads\pz3c4yft.exe
2015-01-14 22:59 - 2015-01-15 15:16 - 00015838 _____ () C:\Users\Jay\Downloads\FRST.txt
2015-01-14 22:46 - 2015-01-14 22:46 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Jay\Downloads\SpyHunter-Installer.exe
2015-01-14 22:16 - 2015-01-14 22:40 - 00000246 _____ () C:\Windows\SysWOW64\PARTLOGN.EXE
2015-01-14 22:14 - 2015-01-14 22:37 - 00000086 _____ () C:\Windows\SysWOW64\Partizan.RRI
2015-01-14 22:14 - 2015-01-14 22:14 - 00040208 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
2015-01-14 22:14 - 2015-01-14 22:14 - 00000000 ____D () C:\@RestoreQuarantine
2015-01-14 22:09 - 2015-01-15 04:02 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
2015-01-14 22:09 - 2015-01-15 04:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2015-01-14 22:09 - 2015-01-14 22:39 - 00000000 ____D () C:\ProgramData\RegRun
2015-01-14 22:09 - 2015-01-14 22:32 - 00000000 ____D () C:\Users\Jay\Documents\RegRun2
2015-01-14 22:09 - 2015-01-14 22:09 - 16599280 _____ () C:\Users\Jay\Downloads\unhackme.zip
2015-01-14 22:09 - 2015-01-14 22:09 - 00035816 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
2015-01-14 22:09 - 2015-01-14 22:09 - 00003316 _____ () C:\Windows\System32\Tasks\UnHackMe Task Scheduler
2015-01-14 22:09 - 2015-01-14 22:09 - 00001014 _____ () C:\Users\Jay\Desktop\UnHackMe.lnk
2015-01-14 22:09 - 2015-01-14 22:09 - 00000002 RSHOT () C:\Windows\winstart.bat
2015-01-14 22:09 - 2015-01-14 22:09 - 00000002 RSHOT () C:\Windows\SysWOW64\CONFIG.NT
2015-01-14 22:09 - 2015-01-14 22:09 - 00000002 RSHOT () C:\Windows\SysWOW64\AUTOEXEC.NT
2015-01-14 22:09 - 2014-12-29 12:45 - 00012800 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys
2015-01-14 22:04 - 2014-04-28 14:44 - 00396480 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\PsExec.exe
2015-01-14 22:04 - 2014-01-29 08:23 - 00227520 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\psping.exe
2015-01-14 22:04 - 2012-10-17 18:28 - 00171608 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\pspasswd.exe
2015-01-14 22:04 - 2012-06-21 23:34 - 00468592 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\pskill.exe
2015-01-14 22:04 - 2012-03-22 15:53 - 00232232 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\pslist.exe
2015-01-14 22:04 - 2010-04-27 11:04 - 00390520 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\PsInfo.exe
2015-01-14 22:04 - 2010-04-27 11:04 - 00333176 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\PsGetsid.exe
2015-01-14 22:04 - 2010-04-27 11:04 - 00183160 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\PsLoggedon.exe
2015-01-14 22:04 - 2010-04-27 11:04 - 00178040 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\psloglist.exe
2015-01-14 22:04 - 2010-04-27 11:04 - 00169848 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\PsService.exe
2015-01-14 22:04 - 2006-12-04 17:53 - 00207664 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\psshutdown.exe
2015-01-14 22:04 - 2006-12-04 17:53 - 00187184 _____ (Sysinternals) C:\Windows\system32\pssuspend.exe
2015-01-14 22:04 - 2006-12-04 17:53 - 00105264 _____ (Sysinternals) C:\Windows\system32\psfile.exe
2015-01-14 22:03 - 2014-04-28 14:44 - 00396480 _____ (Sysinternals - www.sysinternals.com) C:\Windows\SysWOW64\PsExec.exe
2015-01-14 22:03 - 2014-01-29 08:23 - 00227520 _____ (Sysinternals - www.sysinternals.com) C:\Windows\SysWOW64\psping.exe
2015-01-14 22:03 - 2012-10-17 18:28 - 00171608 _____ (Sysinternals - www.sysinternals.com) C:\Windows\SysWOW64\pspasswd.exe
2015-01-14 22:03 - 2012-06-21 23:34 - 00468592 _____ (Sysinternals - www.sysinternals.com) C:\Windows\SysWOW64\pskill.exe
2015-01-14 22:03 - 2012-03-22 15:53 - 00232232 _____ (Sysinternals - www.sysinternals.com) C:\Windows\SysWOW64\pslist.exe
2015-01-14 22:03 - 2010-04-27 11:04 - 00390520 _____ (Sysinternals - www.sysinternals.com) C:\Windows\SysWOW64\PsInfo.exe
2015-01-14 22:03 - 2010-04-27 11:04 - 00333176 _____ (Sysinternals - www.sysinternals.com) C:\Windows\SysWOW64\PsGetsid.exe
2015-01-14 22:03 - 2010-04-27 11:04 - 00183160 _____ (Sysinternals - www.sysinternals.com) C:\Windows\SysWOW64\PsLoggedon.exe
2015-01-14 22:03 - 2010-04-27 11:04 - 00178040 _____ (Sysinternals - www.sysinternals.com) C:\Windows\SysWOW64\psloglist.exe
2015-01-14 22:03 - 2010-04-27 11:04 - 00169848 _____ (Sysinternals - www.sysinternals.com) C:\Windows\SysWOW64\PsService.exe
2015-01-14 22:03 - 2006-12-04 17:53 - 00207664 _____ (Sysinternals - www.sysinternals.com) C:\Windows\SysWOW64\psshutdown.exe
2015-01-14 22:03 - 2006-12-04 17:53 - 00187184 _____ (Sysinternals) C:\Windows\SysWOW64\pssuspend.exe
2015-01-14 22:03 - 2006-12-04 17:53 - 00105264 _____ (Sysinternals) C:\Windows\SysWOW64\psfile.exe
2015-01-14 21:45 - 2015-01-14 21:45 - 01686759 _____ () C:\Users\Jay\Downloads\PSTools.zip
2015-01-14 21:45 - 2015-01-14 21:45 - 00000000 ____D () C:\Users\Jay\Desktop\PsTools
2015-01-14 21:36 - 2015-01-14 21:36 - 00074706 _____ () C:\Users\Jay\Downloads\AutoRuns.txt
2015-01-14 21:24 - 2015-01-14 23:37 - 00056758 _____ () C:\Users\Jay\Documents\AutoRuns.txt
2015-01-14 21:23 - 2015-01-14 21:23 - 00000000 ____D () C:\Users\Jay\Desktop\faf
2015-01-14 21:22 - 2015-01-14 21:22 - 00511633 _____ () C:\Users\Jay\Downloads\Autoruns.zip
2015-01-14 21:16 - 2015-01-15 04:01 - 00000000 ____D () C:\Program Files\Unlocker
2015-01-14 21:16 - 2015-01-14 21:16 - 01078591 _____ () C:\Users\Jay\Downloads\Unlocker1.9.2.exe
2015-01-14 21:16 - 2015-01-14 21:16 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2015-01-14 21:05 - 2015-01-14 21:05 - 00000000 ____D () C:\CFLog
2015-01-14 20:51 - 2015-01-14 20:51 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Malwarebytes
2015-01-14 20:50 - 2015-01-14 21:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-01-14 19:07 - 2015-01-14 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-01-14 19:07 - 2015-01-14 21:00 - 00000000 ____D () C:\ProgramData\IObit
2015-01-14 19:07 - 2015-01-14 19:07 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-01-14 18:48 - 2015-01-14 21:00 - 00000000 ____D () C:\!KillBox
2015-01-14 18:02 - 2015-01-14 21:00 - 00000000 ____D () C:\Users\Jay\Desktop\Windows
2015-01-14 17:52 - 2015-01-14 17:52 - 04909382 _____ () C:\Users\Jay\Downloads\mbam-chameleon-3.1.7.0.zip
2015-01-14 17:49 - 2015-01-14 21:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-14 17:49 - 2015-01-14 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-14 17:19 - 2015-01-14 23:06 - 00000000 ____D () C:\Qoobox
2015-01-14 17:19 - 2015-01-14 21:00 - 00000000 ____D () C:\Windows\erdnt
2015-01-14 17:17 - 2015-01-14 17:17 - 00000000 ____D () C:\_OTL
2015-01-14 17:07 - 2015-01-14 17:07 - 00085098 _____ () C:\Users\Jay\Downloads\OTL.Txt
2015-01-14 17:07 - 2015-01-14 17:07 - 00049326 _____ () C:\Users\Jay\Downloads\Extras.Txt
2015-01-14 16:47 - 2015-01-14 16:47 - 00002755 _____ () C:\Users\Jay\Downloads\FSS.txt
2015-01-14 16:34 - 2015-01-14 16:34 - 00001045 _____ () C:\Users\Jay\Desktop\JRT.txt
2015-01-14 16:15 - 2015-01-14 21:00 - 00000000 ____D () C:\Users\Jay\Desktop\mbar
2015-01-14 16:15 - 2015-01-14 20:49 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-14 16:15 - 2015-01-14 16:25 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-14 16:08 - 2015-01-14 21:00 - 00000000 ____D () C:\Program Files (x86)\System Explorer
2015-01-14 15:51 - 2015-01-14 21:00 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-01-14 15:37 - 2015-01-14 15:38 - 05317104 _____ (Piriform Ltd) C:\Users\Jay\Downloads\ccsetup501.exe
2015-01-14 04:04 - 2015-01-15 04:01 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeFixer
2015-01-14 03:51 - 2015-01-14 03:51 - 00165376 _____ () C:\Users\Jay\Downloads\SystemLook_x64.exe
2015-01-14 03:49 - 2015-01-14 03:50 - 02191360 _____ () C:\Users\Jay\Downloads\adwcleaner_4.107.exe
2015-01-14 03:41 - 2015-01-14 03:41 - 00550854 _____ () C:\Users\Jay\Desktop\X-TRAP 2015114.bmp
2015-01-14 03:30 - 2015-01-14 03:30 - 00001143 _____ () C:\Users\Jay\Desktop\CrossFire.lnk
2015-01-14 03:30 - 2015-01-14 03:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games
2015-01-14 02:50 - 2015-01-14 02:50 - 00275664 _____ () C:\Windows\Minidump\011415-17019-01.dmp
2015-01-14 02:44 - 2010-03-08 04:10 - 00013824 _____ (Kephyr) C:\Windows\system32\ffnd.exe
2015-01-14 02:37 - 2015-01-14 02:37 - 02666167 _____ (Kephyr) C:\Users\Jay\Downloads\freefixersetup.exe
2015-01-13 22:32 - 2015-01-14 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pangya
2015-01-13 22:32 - 2015-01-13 22:32 - 00001618 _____ () C:\Users\Public\Desktop\Pangya.lnk
2015-01-13 22:32 - 2015-01-13 22:26 - 00000310 _____ () C:\Users\Jay\Desktop\Resume Pangya Downloader.url
2015-01-13 22:27 - 2015-01-13 22:27 - 00000000 ____D () C:\Program Files (x86)\Pangya
2015-01-13 22:26 - 2015-01-13 22:26 - 02125328 _____ (Reloaded Technologies) C:\Users\Jay\Downloads\Pangya_downloader.exe
2015-01-13 21:48 - 2015-01-13 21:48 - 04877488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-01-13 17:43 - 2015-01-13 17:43 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Apple Computer
2015-01-13 17:22 - 2015-01-13 17:42 - 00000000 ____D () C:\ProgramData\TsohTOXcRTn
2015-01-13 17:15 - 2015-01-13 17:15 - 00000000 ____D () C:\shoplog
2015-01-13 17:15 - 2015-01-07 21:07 - 00045216 _____ () C:\Windows\system32\Drivers\cmwr.sys
2015-01-13 17:15 - 2015-01-07 21:07 - 00033952 _____ () C:\Windows\system32\Drivers\cmwf.sys
2015-01-13 17:14 - 2015-01-13 17:14 - 00001910 _____ () C:\Windows\patsearch.bin
2015-01-13 17:14 - 2015-01-13 17:14 - 00000000 ____D () C:\ProgramData\10c181ed534b40978531f65cf5ecd3a8
2015-01-13 17:14 - 2015-01-07 20:54 - 00370688 _____ (CartCrunch Israel Ltd.) C:\Windows\system32\ColorMedia64.dll
2015-01-13 17:14 - 2015-01-07 20:54 - 00324776 _____ (CartCrunch Israel Ltd.) C:\Windows\SysWOW64\ColorMedia.dll
2015-01-13 17:13 - 2015-01-15 04:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\HitsBlender
2015-01-13 17:13 - 2015-01-13 17:13 - 00000045 _____ () C:\user.js
2015-01-13 17:12 - 2015-01-13 17:12 - 04033256 _____ (New Monte Inc) C:\Users\Jay\Downloads\Isarcextract_isdone.dll_64bit_downloader.exe
2015-01-13 17:02 - 2015-01-13 17:02 - 00000000 ____D () C:\Users\Jay\Downloads\crossfire
2015-01-13 16:47 - 2015-01-13 17:02 - 1260401707 _____ () C:\Users\Jay\Downloads\crossfire.exe
2015-01-09 22:49 - 2015-01-09 22:49 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-09 22:49 - 2015-01-09 22:49 - 00000000 ____D () C:\ProgramData\ATI
2015-01-09 22:47 - 2015-01-14 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-09 22:47 - 2015-01-09 22:47 - 00061880 _____ () C:\Windows\SysWOW64\CCCInstall_201501092247192371.log
2015-01-09 22:37 - 2015-01-09 22:39 - 286079600 _____ (AMD Inc.) C:\Users\Jay\Downloads\amd-catalyst-14.11.2beta-64bit-win8.1-win7-nov19.exe
2015-01-08 19:48 - 2015-01-08 19:48 - 26667268 _____ (Advanced Micro Devices, Inc.) C:\Users\Jay\Downloads\13-1-legacy_vista_win7_win8_32-64_hydravision.exe
2015-01-08 19:45 - 2015-01-08 19:45 - 05451464 _____ (Advanced Micro Devices, Inc.) C:\Users\Jay\Downloads\autodetectutility.exe
2015-01-08 19:43 - 2015-01-08 19:43 - 01176984 _____ (Copyright © 2013 eSupport.com, Inc • All Rights Reserved ) C:\Users\Jay\Downloads\driveragent-setup-987.exe
2015-01-08 19:43 - 2015-01-08 19:43 - 01176984 _____ (Copyright © 2013 eSupport.com, Inc • All Rights Reserved ) C:\Users\Jay\Downloads\driveragent-setup-987 (1).exe
2015-01-08 19:43 - 2015-01-08 19:43 - 00021712 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2015-01-08 19:26 - 2015-01-08 19:26 - 00002978 _____ () C:\Windows\System32\Tasks\{6BD7E167-93B9-43CA-AAAD-EDC1A7F2E0D0}
2015-01-08 19:26 - 2015-01-08 19:26 - 00002978 _____ () C:\Windows\System32\Tasks\{5ADD1EBA-C6F2-4E5B-96A8-7CEF5BDD5C89}
2015-01-07 20:28 - 2015-01-07 20:28 - 19716582 _____ () C:\Users\Jay\Downloads\FIFA-15-Ultimate-Team-Game-Downloader-Crack-v3.rar
2015-01-07 19:48 - 2015-01-07 19:48 - 00000110 _____ () C:\Users\Jay\AppData\Roaming\net.telestream.wirecast.webstream.xml
2015-01-07 19:38 - 2015-01-07 19:48 - 00024715 _____ () C:\Users\Jay\AppData\Roaming\net.telestream.producer.xml
2015-01-07 19:38 - 2015-01-07 19:38 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Vara Software
2015-01-07 19:38 - 2015-01-07 19:38 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Ustream Producer
2015-01-07 19:38 - 2015-01-07 19:38 - 00000000 ____D () C:\ProgramData\Telestream
2015-01-07 19:38 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-01-07 19:38 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-01-07 19:38 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-01-07 19:38 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-01-07 19:38 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-01-07 19:38 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-01-07 19:38 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-01-07 19:38 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-01-07 19:38 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-01-07 19:38 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-01-07 19:38 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-01-07 19:38 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-01-07 19:36 - 2015-01-07 19:36 - 00001852 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-01-07 19:36 - 2015-01-07 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-01-07 19:36 - 2015-01-07 19:36 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-01-07 19:36 - 2015-01-07 19:36 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-01-07 19:35 - 2015-01-07 19:35 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-01-07 19:35 - 2015-01-07 19:35 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-01-07 19:35 - 2015-01-07 19:35 - 00000000 ____D () C:\Users\Jay\AppData\Local\Apple
2015-01-07 19:35 - 2015-01-07 19:35 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-01-07 19:33 - 2015-01-07 19:34 - 64581448 _____ () C:\Users\Jay\Downloads\UstreamProducer_5.0.3.exe
2015-01-07 19:28 - 2015-01-14 17:24 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-07 19:21 - 2015-01-07 19:21 - 22487376 _____ (Livestream) C:\Users\Jay\Downloads\LivestreamProducer.exe
2015-01-02 16:43 - 2015-01-02 16:43 - 00000000 __SHD () C:\Users\Jay\AppData\Local\EmieUserList
2015-01-02 16:43 - 2015-01-02 16:43 - 00000000 __SHD () C:\Users\Jay\AppData\Local\EmieSiteList
2015-01-02 16:43 - 2015-01-02 16:43 - 00000000 __SHD () C:\Users\Jay\AppData\Local\EmieBrowserModeList
2014-12-30 02:16 - 2014-12-30 02:16 - 14119792 _____ () C:\Users\Jay\Downloads\com.teamspeak.ts3client_4.apk
2014-12-29 23:23 - 2014-12-29 23:23 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-29 22:36 - 2014-12-29 22:39 - 00443532 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-12-29 22:29 - 2014-10-17 20:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-29 22:29 - 2014-10-17 19:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-29 22:29 - 2014-07-06 20:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-29 22:29 - 2014-07-06 20:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-29 22:29 - 2014-07-06 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-29 22:29 - 2014-07-06 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-29 22:29 - 2014-07-06 19:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-29 22:29 - 2014-07-06 19:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-29 22:29 - 2014-07-06 19:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-29 22:29 - 2014-07-06 19:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-29 22:24 - 2014-12-29 22:24 - 00000000 ____D () C:\ProgramData\KONAMI
2014-12-29 22:19 - 2014-06-26 20:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-12-29 22:19 - 2014-06-26 19:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-12-29 22:18 - 2015-01-14 02:22 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-29 22:18 - 2014-12-29 22:18 - 01142392 _____ () C:\Users\Jay\Downloads\SteamSetup (1).exe
2014-12-29 22:18 - 2014-12-29 22:18 - 00000970 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-12-29 22:18 - 2014-12-29 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-29 22:16 - 2014-06-30 16:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-12-29 22:16 - 2014-06-30 16:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-12-29 22:16 - 2014-06-06 00:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-12-29 22:16 - 2014-06-06 00:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-12-29 22:16 - 2014-03-09 15:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-12-29 22:16 - 2014-03-09 15:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-12-29 22:16 - 2014-03-09 15:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-12-29 22:16 - 2014-03-09 15:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-12-29 22:14 - 2014-11-26 19:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-29 22:14 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-29 22:14 - 2014-11-21 21:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-29 22:14 - 2014-11-21 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-29 22:14 - 2014-11-21 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-29 22:14 - 2014-11-21 20:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-29 22:14 - 2014-11-21 20:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-29 22:14 - 2014-11-21 20:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-29 22:14 - 2014-11-21 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-29 22:14 - 2014-11-21 20:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-29 22:14 - 2014-11-21 20:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-29 22:14 - 2014-11-21 20:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-29 22:14 - 2014-11-21 20:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-29 22:14 - 2014-11-21 20:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-29 22:14 - 2014-11-21 20:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-29 22:14 - 2014-11-21 20:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-29 22:14 - 2014-11-21 20:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-29 22:14 - 2014-11-21 20:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-29 22:14 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-29 22:14 - 2014-11-21 20:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-29 22:14 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-29 22:14 - 2014-11-21 20:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-29 22:14 - 2014-11-21 20:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-29 22:14 - 2014-11-21 20:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-29 22:14 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-29 22:14 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-29 22:14 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-29 22:14 - 2014-11-21 20:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-29 22:14 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-29 22:14 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-29 22:14 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-29 22:14 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-29 22:14 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-29 22:14 - 2014-11-21 19:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-29 22:14 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-29 22:14 - 2014-11-21 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-29 22:14 - 2014-11-21 19:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-29 22:14 - 2014-11-21 19:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-29 22:14 - 2014-11-21 19:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-29 22:14 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-29 22:14 - 2014-11-21 19:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-29 22:14 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-29 22:14 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-29 22:14 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-29 22:14 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-29 22:14 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-29 22:14 - 2014-11-21 19:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-29 22:14 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-29 22:14 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-29 22:14 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-29 22:14 - 2014-11-21 19:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-29 22:14 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-29 22:14 - 2014-11-21 19:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-29 22:14 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-29 22:14 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-29 22:14 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-29 22:12 - 2014-11-07 21:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-29 22:12 - 2014-11-07 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-29 22:12 - 2014-07-16 20:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-12-29 22:12 - 2014-07-16 20:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-12-29 22:12 - 2014-07-16 19:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-12-29 22:12 - 2014-03-04 03:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-12-29 22:12 - 2014-03-04 03:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-12-29 22:12 - 2014-03-04 03:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-12-29 22:12 - 2014-03-04 03:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-12-29 22:12 - 2014-03-04 03:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-12-29 22:12 - 2014-03-04 03:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-12-29 22:12 - 2014-03-04 03:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-12-29 22:12 - 2014-03-04 03:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-12-29 22:12 - 2014-03-04 03:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-12-29 22:12 - 2014-03-04 03:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-12-29 22:12 - 2014-03-04 03:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-12-29 22:12 - 2014-03-04 03:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-12-29 22:12 - 2014-03-04 03:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-12-29 22:12 - 2014-03-04 03:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-12-29 22:12 - 2014-03-04 03:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-12-29 22:12 - 2014-03-04 03:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-12-29 22:12 - 2014-03-04 03:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-12-29 22:12 - 2014-03-04 03:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-12-29 22:12 - 2014-03-04 03:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-12-29 22:11 - 2014-11-10 21:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-12-29 22:11 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-12-29 22:11 - 2014-11-10 20:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-12-29 22:11 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-12-29 22:11 - 2014-10-13 20:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-12-29 22:11 - 2014-10-13 20:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-12-29 22:11 - 2014-10-13 19:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-12-29 22:11 - 2014-10-13 19:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-12-29 22:11 - 2014-09-19 03:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-29 22:11 - 2014-09-19 03:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-12-29 22:11 - 2014-09-19 03:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-12-29 22:11 - 2014-09-19 03:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-12-29 22:11 - 2014-09-19 03:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-12-29 22:11 - 2014-09-19 03:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-12-29 22:11 - 2014-09-19 03:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-12-29 22:11 - 2014-09-19 03:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-12-29 22:11 - 2014-09-19 03:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-12-29 22:11 - 2014-09-19 03:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-12-29 22:11 - 2014-09-19 03:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-12-29 22:11 - 2014-09-19 03:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-12-29 22:11 - 2014-08-11 20:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-12-29 22:11 - 2014-08-11 19:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-12-29 22:11 - 2014-07-16 20:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-12-29 22:11 - 2014-07-16 20:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-12-29 22:11 - 2014-07-16 20:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-12-29 22:11 - 2014-07-16 20:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-12-29 22:11 - 2014-07-16 19:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-12-29 22:11 - 2014-07-16 19:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-12-29 22:11 - 2014-07-16 19:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-12-29 22:11 - 2014-07-16 19:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-12-29 22:11 - 2014-07-16 19:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-12-29 22:11 - 2014-04-11 20:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-12-29 22:11 - 2014-04-11 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-12-29 22:11 - 2014-04-11 20:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-12-29 22:11 - 2014-04-11 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-12-29 22:11 - 2014-04-11 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-12-29 22:10 - 2014-11-10 21:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-29 22:10 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-29 22:10 - 2014-11-10 19:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-29 22:10 - 2014-10-29 20:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-29 22:10 - 2014-10-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-29 22:10 - 2014-10-24 19:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-12-29 22:10 - 2014-10-24 19:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-12-29 22:10 - 2014-10-09 18:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-12-29 22:10 - 2014-10-02 20:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-29 22:10 - 2014-10-02 20:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-12-29 22:10 - 2014-10-02 20:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-29 22:10 - 2014-10-02 20:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-29 22:10 - 2014-10-02 20:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-29 22:10 - 2014-10-02 20:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-12-29 22:10 - 2014-10-02 20:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-12-29 22:10 - 2014-10-02 20:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-12-29 22:10 - 2014-10-02 20:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-12-29 22:10 - 2014-10-02 20:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-29 22:10 - 2014-10-02 19:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-29 22:10 - 2014-10-02 19:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-29 22:10 - 2014-10-02 19:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-29 22:10 - 2014-10-02 19:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-29 22:10 - 2014-10-02 19:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-12-29 22:10 - 2014-10-02 19:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-12-29 22:10 - 2014-10-02 19:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-29 22:10 - 2014-10-02 19:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-12-29 22:10 - 2014-09-24 20:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-12-29 22:10 - 2014-09-24 19:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-12-29 22:10 - 2014-09-03 23:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-12-29 22:10 - 2014-09-03 23:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-12-29 22:10 - 2014-08-22 20:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-12-29 22:10 - 2014-08-22 19:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-12-29 22:10 - 2014-08-21 00:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-12-29 22:10 - 2014-08-21 00:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-12-29 22:10 - 2014-08-21 00:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-12-29 22:10 - 2014-08-21 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-12-29 22:10 - 2014-06-24 20:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-12-29 22:10 - 2014-06-24 19:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-12-29 22:10 - 2014-06-17 20:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-12-29 22:10 - 2014-06-17 19:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-12-29 22:10 - 2014-06-15 20:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-12-29 22:10 - 2014-06-06 04:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-12-29 22:10 - 2014-06-06 03:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-12-29 22:10 - 2014-05-30 00:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-12-29 22:10 - 2014-03-04 03:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-12-29 22:10 - 2014-03-04 03:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-12-29 22:10 - 2014-03-04 03:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-12-29 22:10 - 2014-03-04 03:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-12-29 22:10 - 2014-03-04 03:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-12-29 22:10 - 2014-03-04 03:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-12-29 22:10 - 2014-03-04 03:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-12-29 22:10 - 2014-03-04 03:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-12-29 22:10 - 2014-03-04 03:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-12-29 22:10 - 2014-03-04 02:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-12-29 22:10 - 2014-03-04 02:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-12-29 22:10 - 2014-02-03 20:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-12-29 22:10 - 2014-02-03 20:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-12-29 22:10 - 2014-02-03 20:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-12-29 22:10 - 2014-02-03 20:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-12-29 22:10 - 2014-02-03 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-12-29 22:07 - 2014-12-29 22:12 - 00000000 ____D () C:\Users\Jay\Downloads\Pro.Evolution.Soccer.2015.Online.Mode.Crack.v1.02.00DataPackV2.0CARLOS17_201412
2014-12-29 22:07 - 2014-12-29 22:07 - 00029961 _____ () C:\Users\Jay\Downloads\[kickass.so]pro.evolution.soccer.2015.online.mode.crack.v1.02.00.data.pack.v2.0.carlos17.torrent
2014-12-29 22:05 - 2014-01-23 20:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-12-29 22:03 - 2014-10-17 20:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-12-29 22:03 - 2014-10-17 19:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-12-29 22:03 - 2014-07-13 20:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-12-29 22:03 - 2014-07-13 19:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-12-29 22:02 - 2014-12-29 22:02 - 01109743 _____ () C:\Users\Jay\Downloads\SweetFX_settings PES 2015.rar
2014-12-29 21:51 - 2014-12-29 21:51 - 00000000 ____D () C:\Users\Jay\Documents\KONAMI
2014-12-29 21:45 - 2014-12-01 21:58 - 00000000 ____D () C:\Users\Jay\Desktop\PES Exe Switcher by MichW Studio
2014-12-29 21:41 - 2014-12-29 21:41 - 00002032 _____ () C:\Users\Public\Desktop\Pro Evolution Soccer 2015.lnk
2014-12-29 21:41 - 2014-12-29 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Evolution Soccer 2015
2014-12-29 21:41 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-12-29 21:41 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-12-29 21:41 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-12-29 20:50 - 2015-01-14 02:17 - 00000000 ____D () C:\Program Files (x86)\Pro Evolution Soccer 2015
2014-12-29 20:08 - 2014-12-29 20:31 - 00000000 ____D () C:\Users\Jay\Downloads\Pro Evolution Soccer 2015 [RePack]
2014-12-29 20:07 - 2014-12-29 20:07 - 00018682 _____ () C:\Users\Jay\Downloads\PES_2015_-_Pro_Evolution_Soccer_2015_[Update_1]_(2014)_PC_-_RePack_By_R.G._Steamgames.torrent
2014-12-29 20:07 - 2014-12-29 20:07 - 00018682 _____ () C:\Users\Jay\Downloads\PES_2015_-_Pro_Evolution_Soccer_2015_[Update_1]_(2014)_PC_-_RePack_By_R.G._Steamgames (1).torrent
2014-12-29 20:00 - 2014-12-29 20:00 - 00202634 _____ () C:\Users\Jay\Downloads\PES.2015.zip
2014-12-29 19:57 - 2014-12-29 19:57 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-12-29 19:57 - 2014-12-29 19:57 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-12-29 19:54 - 2014-12-29 19:55 - 00638888 _____ (Oracle Corporation) C:\Users\Jay\Downloads\chromeinstall-8u25.exe
2014-12-29 19:54 - 2014-12-29 19:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-29 19:54 - 2014-12-29 19:55 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-29 19:54 - 2014-12-29 19:54 - 00005728 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-12-29 19:54 - 2014-12-29 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-29 19:54 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-12-29 19:54 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-12-29 19:54 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-12-29 17:30 - 2014-12-29 17:30 - 00000000 ____D () C:\ProgramData\Sun
2014-12-29 17:29 - 2014-12-29 19:55 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-29 17:28 - 2014-12-29 17:28 - 00251611 _____ () C:\Users\Jay\Downloads\JDownloader1 Setup.zip
2014-12-29 17:27 - 2014-12-29 17:27 - 00000880 _____ () C:\Users\Jay\Downloads\4be5979a31d6455e49dc2f71b8d78843.dlc
2014-12-29 17:26 - 2014-12-29 17:26 - 00000880 _____ () C:\Users\Jay\Downloads\f8246e200f6c9e1d15a9d8063b6ffc5d.dlc
2014-12-29 17:26 - 2014-12-29 17:26 - 00000084 _____ () C:\Users\Jay\Downloads\f8246e200f6c9e1d15a9d8063b6ffc5d.rsdf
2014-12-26 19:26 - 2014-12-26 19:26 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\raidcall
2014-12-26 19:26 - 2014-12-26 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall
2014-12-26 18:26 - 2014-12-26 18:26 - 20972861 _____ () C:\Users\Jay\Downloads\Fifa 15 generator cd key.rar
2014-12-26 18:18 - 2014-12-26 18:18 - 19716403 _____ () C:\Users\Jay\Downloads\FIFA-15-Ultimate-Team-Game-Downloader-PC.rar
2014-12-26 18:14 - 2014-12-26 18:15 - 2202278844 _____ () C:\Users\Jay\Downloads\The Interview - Kernel.mp4
2014-12-24 13:46 - 2014-12-24 13:46 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\gtk-2.0
2014-12-24 13:34 - 2014-12-24 13:49 - 00000000 ____D () C:\Users\Jay\youwave
2014-12-24 13:34 - 2014-12-24 13:34 - 00000008 _____ () C:\Users\Public\youwave_size
2014-12-24 13:34 - 2014-12-24 13:34 - 00000000 ____D () C:\Users\Jay\Documents\webkit
2014-12-24 13:26 - 2014-12-24 13:27 - 150612432 _____ () C:\Users\Jay\Downloads\YouWave-Android-Home-3-20.exe
2014-12-23 23:22 - 2014-12-23 23:22 - 182005568 _____ () C:\Users\Jay\Downloads\Tales of the World - Radiant Mythology.7z
2014-12-23 23:20 - 2014-12-23 23:20 - 00762704 _____ ( ) C:\Users\Jay\Downloads\CR_Downloader_for_tales-of-the-world---radiant-mythology.exe
2014-12-23 23:03 - 2014-12-23 23:08 - 523856570 _____ () C:\Users\Jay\Downloads\Jeanne d'Arc (U)(EMiNENT).7z
2014-12-19 17:39 - 2014-12-19 18:05 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-12-19 17:39 - 2014-12-19 17:40 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\vlc
2014-12-19 17:36 - 2014-12-19 17:38 - 24743106 _____ () C:\Users\Jay\Downloads\vlc-2.1.5-win32.exe
2014-12-16 18:34 - 2014-12-16 18:34 - 00525008 _____ () C:\Users\Jay\Desktop\DyeLite.rar
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-15 15:16 - 2013-11-27 17:08 - 00000000 ____D () C:\Users\Jay\AppData\Local\PMB Files
2015-01-15 15:10 - 2013-12-01 14:15 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Skype
2015-01-15 15:05 - 2014-05-21 20:00 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-15 14:54 - 2014-07-30 10:49 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-393417265-3845936301-1206278323-1001UA.job
2015-01-15 14:48 - 2014-06-11 02:37 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-15 14:39 - 2014-07-30 10:49 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-393417265-3845936301-1206278323-1001Core.job
2015-01-15 14:39 - 2013-11-27 14:09 - 01713509 _____ () C:\Windows\WindowsUpdate.log
2015-01-15 04:09 - 2009-07-13 22:45 - 00021904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 04:09 - 2009-07-13 22:45 - 00021904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 04:07 - 2009-07-13 23:13 - 00006178 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-15 04:02 - 2014-10-28 23:18 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-15 04:02 - 2014-09-22 22:30 - 00003498 _____ () C:\Windows\setupact.log
2015-01-15 04:02 - 2014-05-21 20:00 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-15 04:02 - 2014-02-10 16:19 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\BitTorrent
2015-01-15 04:02 - 2013-11-27 12:10 - 00000000 ____D () C:\Users\Jay
2015-01-15 04:02 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 04:01 - 2014-05-15 20:10 - 00000000 ____D () C:\Users\Jay\AppData\Local\Akamai
2015-01-15 04:01 - 2013-11-27 17:08 - 00000000 ____D () C:\ProgramData\PMB Files
2015-01-15 04:01 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-15 04:01 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\registration
2015-01-14 23:10 - 2014-09-22 22:59 - 00086898 _____ () C:\Windows\PFRO.log
2015-01-14 22:17 - 2014-10-28 23:18 - 00000000 ____D () C:\ProgramData\Origin
2015-01-14 21:01 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-14 21:00 - 2013-12-12 18:49 - 00000000 ____D () C:\Windows\system32\Macromed
2015-01-14 21:00 - 2009-07-13 21:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-01-14 20:57 - 2014-06-17 12:22 - 00000000 ____D () C:\Users\Jay\AppData\Local\Comodo
2015-01-14 20:57 - 2014-06-17 12:22 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2015-01-14 20:57 - 2014-06-17 12:22 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2015-01-14 20:57 - 2014-06-17 12:22 - 00000000 ____D () C:\Users\Guest
2015-01-14 20:57 - 2014-06-17 12:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2015-01-14 20:57 - 2014-06-17 12:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2015-01-14 20:57 - 2014-06-17 12:22 - 00000000 ____D () C:\Users\Administrator
2015-01-14 20:57 - 2014-05-21 18:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-14 20:57 - 2009-07-13 21:20 - 00000000 __RHD () C:\Users\Default
2015-01-14 15:38 - 2014-05-27 18:38 - 00000829 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-14 15:38 - 2014-05-27 18:38 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-14 15:28 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-01-14 03:53 - 2014-05-21 19:02 - 00000000 ____D () C:\AdwCleaner
2015-01-14 02:50 - 2014-09-28 00:19 - 430818554 _____ () C:\Windows\MEMORY.DMP
2015-01-14 02:50 - 2013-11-27 11:36 - 00000000 ____D () C:\Windows\Minidump
2015-01-13 22:26 - 2013-12-25 14:36 - 00001760 _____ () C:\console.log
2015-01-13 21:48 - 2014-06-11 02:37 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-13 21:48 - 2013-12-12 18:49 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-13 21:48 - 2013-12-12 18:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-13 17:42 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-13 17:21 - 2009-07-13 20:34 - 00000505 _____ () C:\Windows\win.ini
2015-01-13 17:14 - 2014-02-01 04:10 - 00001768 __RSH () C:\ProgramData\ntuser.pol
2015-01-09 22:46 - 2014-09-22 22:55 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-01-09 22:46 - 2013-05-24 12:41 - 00000000 ____D () C:\ProgramData\AMD
2015-01-09 22:42 - 2014-09-17 01:51 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-01-09 22:42 - 2014-06-10 17:49 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-09 22:41 - 2013-11-27 16:53 - 00000000 ____D () C:\AMD
2015-01-04 14:29 - 2014-09-18 12:14 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-04 14:29 - 2013-12-01 14:15 - 00000000 ____D () C:\ProgramData\Skype
2015-01-03 14:52 - 2014-10-29 15:41 - 00001182 _____ () C:\Users\Jay\Desktop\ Mabinogi .lnk
2015-01-01 21:17 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-12-31 05:14 - 2010-11-20 21:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-29 23:24 - 2014-01-16 14:23 - 00000000 ____D () C:\Users\Jay\AppData\Local\Adobe
2014-12-29 23:20 - 2009-07-13 22:45 - 00266992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-29 23:18 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-12-29 23:18 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-12-29 23:06 - 2013-11-27 11:55 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-29 22:29 - 2013-11-30 03:14 - 00002155 _____ () C:\Windows\epplauncher.mif
2014-12-29 22:29 - 2013-11-30 03:14 - 00002124 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-12-29 22:29 - 2013-11-30 03:14 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-12-29 22:29 - 2013-11-30 03:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-12-29 21:52 - 2014-09-30 23:16 - 00000000 ____D () C:\ProgramData\Steam
2014-12-27 23:44 - 2014-12-06 18:56 - 00000000 ____D () C:\Users\Jay\Documents\PPSSPP
2014-12-26 18:11 - 2014-01-14 15:24 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-12-17 11:31 - 2014-11-16 14:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
 
Some content of TEMP:
====================
C:\Users\Jay\AppData\Local\Temp\13-9-legacy_vista_win7_32_dd_ccc_whql.exe
C:\Users\Jay\AppData\Local\Temp\130643693001444861.exe
C:\Users\Jay\AppData\Local\Temp\13064369325395930434.exe
C:\Users\Jay\AppData\Local\Temp\15skvU281V.exe
C:\Users\Jay\AppData\Local\Temp\1JIekdqFkC.exe
C:\Users\Jay\AppData\Local\Temp\1ZXHNzskJ8.exe
C:\Users\Jay\AppData\Local\Temp\2QRky99djc.exe
C:\Users\Jay\AppData\Local\Temp\41D4AD36-C3E1-FA2F-FC07-C85189603914.dll
C:\Users\Jay\AppData\Local\Temp\41D4AD36-C3E1-FA2F-FC07-C85189603914.exe
C:\Users\Jay\AppData\Local\Temp\60yBNdT38z.exe
C:\Users\Jay\AppData\Local\Temp\772EA.exe
C:\Users\Jay\AppData\Local\Temp\airE9F.exe
C:\Users\Jay\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Jay\AppData\Local\Temp\C2ABE2A9-1D6F-64AE-1E7B-C6DEB4E623CF.exe
C:\Users\Jay\AppData\Local\Temp\DeltaTB.exe
C:\Users\Jay\AppData\Local\Temp\devcon.exe
C:\Users\Jay\AppData\Local\Temp\DivXSetup.exe
C:\Users\Jay\AppData\Local\Temp\IQdHIOUhHr.exe
C:\Users\Jay\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Jay\AppData\Local\Temp\Quarantine.exe
C:\Users\Jay\AppData\Local\Temp\sdf81B3.exe
C:\Users\Jay\AppData\Local\Temp\SimpleFilesQTWf9wyqrh.exe
C:\Users\Jay\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jay\AppData\Local\Temp\SpOrder.dll
C:\Users\Jay\AppData\Local\Temp\sqlite3.dll
C:\Users\Jay\AppData\Local\Temp\SRLDetectionLibrary2407789020666506046.dll
C:\Users\Jay\AppData\Local\Temp\vubdhByplX.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-14 20:37
 
==================== End Of Log ============================

Heres the addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015 01
Ran by Jay at 2015-01-15 15:16:59
Running from C:\Users\Jay\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
«The Walking Dead»  1.0.0.23 (HKLM-x32\...\The Walking Dead_is1) (Version: 1.0.0.23 - Telltale Games)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-393417265-3845936301-1206278323-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{A3808FE1-6B99-1B1F-F18A-FE658F175C0E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version:  - Trion Worlds, Inc.)
Ares 2.2.7 (HKLM-x32\...\Ares) (Version: 2.2.7-Build#3051 - Seekar Ltd)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
BitTorrent (HKU\S-1-5-21-393417265-3845936301-1206278323-1001\...\BitTorrent) (Version: 7.9.2.36804 - BitTorrent Inc.)
Broadcom NetXtreme II Driver Installer (HKLM\...\{1327336D-5F38-44A5-B8C2-7A3AF0DDE672}) (Version: 16.2.2.9 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CL-Eye Driver (HKLM-x32\...\CL-Eye Driver) (Version: 5.3.0.0341 - Code Laboratories, Inc.)
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version:  - Z8Games.com)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.1 - Dolphin Development Team)
FreeFixer (HKLM-x32\...\FreeFixer1.12) (Version: 1.12 - Kephyr)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Happy Cloud Client (HKU\S-1-5-21-393417265-3845936301-1206278323-1001\...\HappyCloud) (Version: 3.72 - Happy Cloud, Inc.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Mabinogi (HKLM-x32\...\Mabinogi) (Version:  - devCAT)
Mabinogi Frontend (HKLM-x32\...\Mabinogi Frontend) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MicroVolts (HKLM-x32\...\{5E7A8F05-013C-44FD-B450-5434CA581098}_is1) (Version:  - Rock Hippo Productions Ltd.)
MouseServer version 1.5.0.0 (HKLM-x32\...\{E13018F5-FFC7-4729-9C1B-1A85807D03E6}_is1) (Version: 1.5.0.0 - Necta Co.)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
OGPlanet Game Launcher (HKLM-x32\...\OGPlanet Game Launcher) (Version: 3.0.0 - OGPlanet, Inc.)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{7fe667f0-1fbb-4a01-bc80-56b757bae1af}) (Version: latest - ppy Pty Ltd)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.7.0.0 - Pando Networks Inc.)
Pangya (Ntreev USA) (HKLM-x32\...\Pangya) (Version:  - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PPSSPP version 0.9.8 (HKLM-x32\...\PPSSPP_is1) (Version: 0.9.8 - )
Pro Evolution Soccer 2015 (HKLM-x32\...\Pro Evolution Soccer 2015_is1) (Version: 1.01.01 - Релиз от R.G. Steamgames)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.0.89.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6383 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
TERA (HKU\S-1-5-21-393417265-3845936301-1206278323-1001\...\teraenmasse) (Version:  - )
The Sims 4 Deluxe Edition version 1.0 Update 1 (HKLM-x32\...\The Sims 4 Deluxe Edition_is1) (Version: 1.0 Update 1 - GMT-MAX.ORG)
The Wolf Among Us (HKLM-x32\...\The Wolf Among Us_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
UnHackMe 7.60 release (HKLM-x32\...\UnHackMe_is1) (Version:  - Greatis Software, LLC.)
Unity Web Player (HKU\S-1-5-21-393417265-3845936301-1206278323-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vindictus (HKLM-x32\...\Vindictus) (Version:  - )
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-393417265-3845936301-1206278323-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Jay\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-393417265-3845936301-1206278323-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jay\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
 
==================== Restore Points  =========================
 
14-01-2015 15:22:46 Restore Operation
14-01-2015 15:42:29 Windows Update
14-01-2015 19:35:31 Restore Operation
14-01-2015 20:11:01 Installed Microsoft Fix it 50199
14-01-2015 20:55:36 Restore Operation
14-01-2015 21:19:35 Windows Update
14-01-2015 22:20:53 RegRun Virus Scan
14-01-2015 22:23:57 RegRun Virus Scan
14-01-2015 22:29:09 RegRun Virus Scan
14-01-2015 22:30:00 RegRun Virus Scan
14-01-2015 22:36:29 RegRun Virus Scan
14-01-2015 23:12:29 Installed Should I Remove It
15-01-2015 02:59:02 Removed Should I Remove It
15-01-2015 03:59:09 Restore Operation
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {13A03637-09B8-4839-A982-31059845A6EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {1518F6A0-ABC2-4376-AC23-5A5FC33885A0} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [2014-12-29] (Greatis Software)
Task: {1B377133-66FA-45CA-8D5F-7DD88C7F055B} - System32\Tasks\Games\UpdateCheck_S-1-5-21-393417265-3845936301-1206278323-1001
Task: {222129AE-C00D-413C-B5BD-66A9563264EE} - System32\Tasks\{EF781BEE-00D8-4913-BFB6-D3903C9C22C5} => C:\Program Files (x86)\GMT-MAX.ORG\The Sims 4 Deluxe Edition\Game\Bin\The.Sims.4.Launcher.exe [2014-09-01] ()
Task: {3C985537-5482-4077-B516-5F913A9D772E} - System32\Tasks\{5ADD1EBA-C6F2-4E5B-96A8-7CEF5BDD5C89} => C:\Program Files (x86)\Pro Evolution Soccer 2015\PES2015.exe [2014-12-16] (Konami Digital Entertainment Co., Ltd.)
Task: {46679C84-DC95-48BC-8AE7-E108271DC008} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-393417265-3845936301-1206278323-1001UA => C:\Users\Jay\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-30] (Google Inc.)
Task: {4A475A4E-19C7-46D0-973E-DA6A11134F25} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-393417265-3845936301-1206278323-1001Core => C:\Users\Jay\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-30] (Google Inc.)
Task: {590E81A0-BA6A-49BB-BC92-948A9941D144} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated)
Task: {8F108835-E263-4110-8EFA-64555878E265} - System32\Tasks\{8A7E97C6-6E12-40B9-9F26-92C5FF7A4104} => pcalua.exe -a C:\Users\Jay\Downloads\VirtualBox-4.3.20-96997-Win.exe -d C:\Users\Jay\Downloads
Task: {9DF19697-BC6D-4F88-875E-A3D128FCD793} - System32\Tasks\{5D3CCE35-B884-452E-8B22-A26572F11C08} => pcalua.exe -a "C:\Program Files (x86)\Torntv V9.0\Uninstall.exe" -c /fcp=1
Task: {AF4BDDC5-C4C7-4309-9829-CFBC45603850} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {B11E8A9A-3A65-4D51-91FC-9CC25D32EB5A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BCF65355-6D5D-4CB8-8DF8-04B9E430209D} - System32\Tasks\{44C70CCD-74C2-4D7D-A201-85F6A9E392D9} => pcalua.exe -a "C:\Program Files (x86)\BlueStacks\HD-RuntimeUninstaller.exe"
Task: {BFDFDD81-C70B-4439-BBC1-DAE2723EAA65} - System32\Tasks\{6BD7E167-93B9-43CA-AAAD-EDC1A7F2E0D0} => C:\Program Files (x86)\Pro Evolution Soccer 2015\PES2015.exe [2014-12-16] (Konami Digital Entertainment Co., Ltd.)
Task: {C019B5F6-3B6F-4222-9BB5-F65FCD7B5914} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {EAFF6F03-7BAE-4E4A-9587-B48C0E9080D8} - System32\Tasks\{EF242650-141F-4C74-BB7A-7EA3B5CFB62F} => C:\Program Files (x86)\GMT-MAX.ORG\The Sims 4 Deluxe Edition\Game\Bin\The.Sims.4.Launcher.exe [2014-09-01] ()
Task: {EF346680-5413-44BA-9470-A2CFFF41E283} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-393417265-3845936301-1206278323-1001Core.job => C:\Users\Jay\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-393417265-3845936301-1206278323-1001UA.job => C:\Users\Jay\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-11-27 17:08 - 2013-11-27 17:08 - 04287536 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2014-01-09 23:26 - 2014-01-09 23:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-01-09 23:28 - 2014-01-09 23:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-06-11 12:15 - 2014-06-05 07:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-11 12:15 - 2014-06-05 07:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-11 12:15 - 2014-06-05 07:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-11 12:15 - 2014-06-05 07:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-11 12:15 - 2014-06-05 07:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cmwf.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cmwr.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\cmwf.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\cmwr.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: BitTorrent => "C:\Users\Jay\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-393417265-3845936301-1206278323-500 - Administrator - Disabled)
Guest (S-1-5-21-393417265-3845936301-1206278323-501 - Limited - Disabled)
Jay (S-1-5-21-393417265-3845936301-1206278323-1001 - Administrator - Enabled) => C:\Users\Jay
 
==================== Faulty Device Manager Devices =============
 
Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/15/2015 03:02:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (01/15/2015 03:02:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (01/15/2015 04:07:15 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (01/15/2015 04:07:15 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (01/15/2015 04:02:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/15/2015 03:30:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/15/2015 03:30:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Skype.exe, version: 7.0.60.102, time stamp: 0x5489935b
Faulting module name: Skype.exe, version: 7.0.60.102, time stamp: 0x5489935b
Exception code: 0xc0000005
Fault offset: 0x00005db6
Faulting process id: 0xf9c
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3
 
Error: (01/15/2015 03:29:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TeamViewer_Service.exe, version: 9.0.29947.0, time stamp: 0x53b3d40e
Faulting module name: TeamViewer_Service.exe, version: 9.0.29947.0, time stamp: 0x53b3d40e
Exception code: 0x40000015
Fault offset: 0x002bc689
Faulting process id: 0xcd0
Faulting application start time: 0xTeamViewer_Service.exe0
Faulting application path: TeamViewer_Service.exe1
Faulting module path: TeamViewer_Service.exe2
Report Id: TeamViewer_Service.exe3
 
Error: (01/15/2015 03:29:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TeamViewer_Service.exe, version: 9.0.29947.0, time stamp: 0x53b3d40e
Faulting module name: TeamViewer_Service.exe, version: 9.0.29947.0, time stamp: 0x53b3d40e
Exception code: 0x40000015
Fault offset: 0x002bc689
Faulting process id: 0x374
Faulting application start time: 0xTeamViewer_Service.exe0
Faulting application path: TeamViewer_Service.exe1
Faulting module path: TeamViewer_Service.exe2
Report Id: TeamViewer_Service.exe3
 
Error: (01/15/2015 03:29:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TeamViewer_Service.exe, version: 9.0.29947.0, time stamp: 0x53b3d40e
Faulting module name: TeamViewer_Service.exe, version: 9.0.29947.0, time stamp: 0x53b3d40e
Exception code: 0x40000015
Fault offset: 0x002bc689
Faulting process id: 0x6f8
Faulting application start time: 0xTeamViewer_Service.exe0
Faulting application path: TeamViewer_Service.exe1
Faulting module path: TeamViewer_Service.exe2
Report Id: TeamViewer_Service.exe3
 
 
System errors:
=============
Error: (01/15/2015 04:02:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.3 service failed to start due to the following error: 
%%2
 
Error: (01/15/2015 04:02:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.1 service failed to start due to the following error: 
%%2
 
Error: (01/15/2015 03:59:58 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (01/15/2015 03:29:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The TeamViewer 9 service terminated unexpectedly.  It has done this 3 time(s).
 
Error: (01/15/2015 03:29:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TeamViewer 9 service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 2000 milliseconds: Restart the service.
 
Error: (01/15/2015 03:29:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TeamViewer 9 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 2000 milliseconds: Restart the service.
 
Error: (01/15/2015 03:29:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.3 service failed to start due to the following error: 
%%2
 
Error: (01/15/2015 03:29:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.1 service failed to start due to the following error: 
%%2
 
Error: (01/15/2015 03:28:18 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (01/15/2015 02:34:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.3 service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (01/15/2015 03:02:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files\CCleaner\CCleaner64.exe
 
Error: (01/15/2015 03:02:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files\CCleaner\CCleaner64.exe
 
Error: (01/15/2015 04:07:15 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (01/15/2015 04:07:15 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (01/15/2015 04:02:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/15/2015 03:30:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/15/2015 03:30:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Skype.exe7.0.60.1025489935bSkype.exe7.0.60.1025489935bc000000500005db6f9c01d030a5d757c13fC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Skype\Phone\Skype.exe17849e49-9c99-11e4-8654-d485649bf85d
 
Error: (01/15/2015 03:29:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: TeamViewer_Service.exe9.0.29947.053b3d40eTeamViewer_Service.exe9.0.29947.053b3d40e40000015002bc689cd001d030a5c1a76107C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exeC:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe00f96864-9c99-11e4-8654-d485649bf85d
 
Error: (01/15/2015 03:29:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: TeamViewer_Service.exe9.0.29947.053b3d40eTeamViewer_Service.exe9.0.29947.053b3d40e40000015002bc68937401d030a5bff80a58C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exeC:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exefe0d51c4-9c98-11e4-8654-d485649bf85d
 
Error: (01/15/2015 03:29:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: TeamViewer_Service.exe9.0.29947.053b3d40eTeamViewer_Service.exe9.0.29947.053b3d40e40000015002bc6896f801d030a5b41c2bbfC:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exeC:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exefb40d392-9c98-11e4-8654-d485649bf85d
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-01-14 19:59:01.968
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-14 19:59:01.906
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-14 19:59:01.828
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-14 19:59:01.765
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-14 17:27:01.287
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-14 17:27:01.225
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-24 15:43:17.503
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\x86\VBoxRT-x86.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-11-24 15:43:11.590
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\x86\VBoxRT-x86.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-11-24 15:43:07.222
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\x86\VBoxRT-x86.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II X2 B24 Processor
Percentage of memory in use: 22%
Total physical RAM: 7679.39 MB
Available physical RAM: 5968.64 MB
Total Pagefile: 15356.57 MB
Available Pagefile: 13203.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:1397.07 GB) (Free:1114.92 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 06CA8FFF)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1397.1 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:33 PM

Posted 15 January 2015 - 04:33 PM

Hello, :)
Please move FRST to your Desktop.

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 Dalgyon

Dalgyon
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:33 PM

Posted 15 January 2015 - 05:30 PM

Heres all the logs.

Attached Files


Edited by Dalgyon, 15 January 2015 - 05:31 PM.


#6 Dalgyon

Dalgyon
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:33 PM

Posted 15 January 2015 - 07:57 PM

Any help?



#7 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:33 PM

Posted 16 January 2015 - 08:02 AM

Why bump me?

Please post the logs in the thread rather than attaching them.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#8 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:33 PM

Posted 20 January 2015 - 11:36 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users