Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: High Memory Usage

  1. #1
    Junior Member
    Join Date
    Jul 2014
    Posts
    11

    Default High Memory Usage

    Been having performance issues with my laptop recently, where my RAM usage builds up slowly over time, even with no programs running. I was told that the amazing people on this forum may be able to help me, so here I am

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 10.60.2
    Run by Matt at 13:52:41 on 2014-07-10
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.5997.3082 [GMT 2:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\FBAgent.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    C:\Windows\system32\atieclxx.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\P4G\BatteryLife.exe
    C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    C:\Windows\AsScrPro.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
    C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
    C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\Windows\SysWOW64\ACEngSvr.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    C:\Windows\System32\alg.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Elantech\ETDCtrl.exe
    C:\Users\Matt\AppData\Local\Akamai\netsession_win.exe
    C:\Users\Matt\AppData\Local\Akamai\netsession_win.exe
    C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
    C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
    C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
    C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
    C:\Program Files\Elantech\ETDCtrlHelper.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\AVAST Software\Avast\avastui.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Razer\Razer Game Booster\main.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uWindow Title = Internet Explorer, enhanced for Bing and MSN
    uDefault_Page_URL = hxxp://asus.msn.com
    uProxyOverride = <local>
    dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
    mWinlogon: Userinit = userinit.exe,
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    uRun: [Akamai NetSession Interface] "C:\Users\Matt\AppData\Local\Akamai\netsession_win.exe"
    uRun: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
    mRun: [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
    mRun: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
    mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    mRun: [RazerGameBooster] C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe -autorun
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    TCP: NameServer = 10.0.0.2
    TCP: Interfaces\{8AF79A28-A70A-4268-A5DB-466D5F09CCFB} : DHCPNameServer = 10.0.0.2
    TCP: Interfaces\{8AF79A28-A70A-4268-A5DB-466D5F09CCFB}\D4F62747F6E6 : DHCPNameServer = 10.0.0.2
    TCP: Interfaces\{8AF79A28-A70A-4268-A5DB-466D5F09CCFB}\E4544574541425 : DHCPNameServer = 41.221.230.35 41.221.230.36
    TCP: Interfaces\{ED5A26D1-AE13-4EC7-942A-05A1E49CDB93} : DHCPNameServer = 192.168.1.254
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    Notify: SDWinLogon - SDWinLogon.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
    x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
    x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
    x64-Run: [ETDWare] C:\Program Files (x86)\Elantech\ETDCtrl.exe
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-4-3 65776]
    R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-4-3 208416]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2013-2-5 1039096]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-2-5 423240]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-5-7 254528]
    R1 RzFilter;RzFilter;C:\Windows\System32\drivers\RzFilter.sys [2013-9-27 74432]
    R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-2-13 379520]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-11-7 203776]
    R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-26 29208]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-2-5 79184]
    R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-4 85328]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-5-26 50344]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-3 1809720]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-3 860472]
    R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2014-4-29 329920]
    R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2013-9-26 105448]
    R2 RzMaelstromVADStreamingService;Razer Surround Audio Service;C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [2014-6-9 4250624]
    R2 RzOvlMon;Razer Overlay Subsystem Emergency Service;C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe [2014-4-11 32960]
    R2 rzpmgrk;rzpmgrk;C:\Windows\System32\drivers\rzpmgrk.sys [2014-5-21 37184]
    R2 rzpnk;rzpnk;C:\Windows\System32\drivers\rzpnk.sys [2014-5-21 129856]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-7-8 1738168]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-7-8 2088408]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-7-8 171928]
    R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-8-7 13784]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-2-13 2314240]
    R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-11-7 115216]
    R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-4-13 135560]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-2-13 56344]
    R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-26 158976]
    R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-8-18 143472]
    R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\System32\drivers\JME.sys [2010-2-25 115312]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-7-3 25816]
    R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-7-3 122584]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-7-3 63704]
    R3 RzDxgk;RzDxgk;C:\Windows\System32\drivers\RzDxgk.sys [2013-9-27 129472]
    R3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;C:\Windows\System32\drivers\RzMaelstromVAD.sys [2014-5-23 32768]
    R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2014-5-19 155816]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-4-19 161384]
    S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files\BitComet\tools\BitCometService.exe -service --> C:\Program Files\BitComet\tools\BitCometService.exe -service [?]
    S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2009-12-14 53800]
    S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-2-13 35104]
    S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\System32\drivers\ggflt.sys [2014-3-8 14448]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-30 111616]
    S3 NMgamingmsFltr;USB Optical Mouse;C:\Windows\System32\drivers\NMgamingms.sys [2009-7-24 11264]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-6-30 19456]
    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
    S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2014-3-8 155824]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-6-30 56832]
    S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-8-7 118672]
    S3 vcd10bus;Virtual CD v10 Bus Enumerator;C:\Windows\System32\drivers\vcd10bus.sys [2012-12-14 40464]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-30 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
    .
    =============== Created Last 30 ================
    .
    2014-07-10 10:53:56 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1721AB1D-D3D7-4BAC-9A0D-F39E61793E9E}\offreg.dll
    2014-07-08 08:58:07 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
    2014-07-03 14:47:27 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2014-07-03 14:47:12 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2014-07-03 14:47:12 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2014-07-03 14:47:12 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2014-07-03 14:47:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-07-03 08:42:47 -------- d-sh--w- C:\found.000
    2014-07-02 21:18:35 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-07-02 21:04:00 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2014-07-01 19:11:18 -------- d-----w- C:\Users\Matt\AppData\Local\Macromedia
    2014-07-01 19:04:47 -------- d-----w- C:\Users\Matt\AppData\Local\Mozilla
    2014-07-01 18:53:02 -------- d-sh--w- C:\Users\Matt\AppData\Local\EmieUserList
    2014-07-01 18:53:02 -------- d-sh--w- C:\Users\Matt\AppData\Local\EmieSiteList
    2014-07-01 10:16:51 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1721AB1D-D3D7-4BAC-9A0D-F39E61793E9E}\mpengine.dll
    2014-07-01 10:03:49 6574592 ----a-w- C:\Windows\System32\mstscax.dll
    2014-07-01 10:03:49 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
    2014-07-01 10:00:02 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
    2014-07-01 10:00:02 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
    2014-07-01 09:59:18 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2014-07-01 09:02:27 -------- d-s---w- C:\Windows\System32\CompatTel
    2014-06-30 16:24:58 -------- d-----w- C:\Windows\System32\MRT
    2014-06-30 16:22:23 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
    2014-06-30 16:22:23 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    2014-06-30 16:22:19 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
    2014-06-30 16:22:18 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
    2014-06-30 16:06:35 -------- d-----w- C:\Windows\Migration
    2014-06-30 15:24:43 44544 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll
    2014-06-30 15:06:44 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
    2014-06-30 15:06:39 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
    2014-06-30 15:06:38 243200 ----a-w- C:\Windows\System32\rdpudd.dll
    2014-06-30 15:06:38 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
    2014-06-30 12:59:08 5550016 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2014-06-30 12:58:58 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
    2014-06-30 12:58:58 6656 ----a-w- C:\Windows\System32\apisetschema.dll
    2014-06-30 12:58:24 197120 ----a-w- C:\Windows\System32\credui.dll
    2014-06-30 12:58:24 1930752 ----a-w- C:\Windows\System32\authui.dll
    2014-06-30 12:58:24 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
    2014-06-30 12:58:24 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
    2014-06-30 12:58:24 168960 ----a-w- C:\Windows\SysWow64\credui.dll
    2014-06-30 12:58:24 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
    2014-06-30 12:54:26 3928064 ----a-w- C:\Windows\System32\d2d1.dll
    2014-06-30 12:54:26 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
    2014-06-30 12:54:26 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
    2014-06-30 12:54:26 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
    2014-06-30 12:53:08 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
    2014-06-30 12:53:08 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
    2014-06-30 12:53:08 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll
    2014-06-30 12:53:08 2048 ----a-w- C:\Windows\System32\iologmsg.dll
    2014-06-30 12:53:08 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
    2014-06-30 12:51:19 506368 ----a-w- C:\Windows\System32\aepdu.dll
    2014-06-30 12:51:19 424448 ----a-w- C:\Windows\System32\aeinv.dll
    2014-06-30 12:48:35 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
    2014-06-30 12:47:59 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
    2014-06-30 12:47:59 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
    2014-06-30 12:47:59 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
    2014-06-30 12:47:59 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
    2014-06-30 12:47:59 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
    2014-06-30 12:47:59 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
    2014-06-30 12:47:59 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
    2014-06-30 12:47:39 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
    2014-06-30 12:47:39 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
    2014-06-30 12:47:14 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
    2014-06-30 12:46:28 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
    2014-06-30 12:45:13 624128 ----a-w- C:\Windows\System32\qedit.dll
    2014-06-30 12:45:13 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
    2014-06-30 12:45:12 228864 ----a-w- C:\Windows\System32\wwansvc.dll
    2014-06-30 12:43:45 81408 ----a-w- C:\Windows\System32\imagehlp.dll
    2014-06-30 12:43:45 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
    2014-06-30 12:43:45 185344 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
    2014-06-30 12:43:45 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
    2014-06-30 12:43:45 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
    2014-06-30 12:43:45 109824 ----a-w- C:\Windows\System32\drivers\USBAUDIO.sys
    2014-06-30 12:43:45 100864 ----a-w- C:\Windows\System32\drivers\usbcir.sys
    2014-06-30 12:43:43 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
    2014-06-30 12:43:43 335360 ----a-w- C:\Windows\System32\msieftp.dll
    2014-06-30 12:43:43 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
    2014-06-30 12:40:26 461312 ----a-w- C:\Windows\System32\scavengeui.dll
    2014-06-30 12:40:14 202752 ----a-w- C:\Windows\System32\scrrun.dll
    2014-06-30 12:40:14 168960 ----a-w- C:\Windows\System32\wscript.exe
    2014-06-30 12:40:14 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
    2014-06-30 12:40:14 156160 ----a-w- C:\Windows\System32\cscript.exe
    2014-06-30 12:40:14 150016 ----a-w- C:\Windows\System32\wshom.ocx
    2014-06-30 12:40:14 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
    2014-06-30 12:40:14 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
    2014-06-30 12:40:14 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
    2014-06-30 12:39:08 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
    2014-06-30 12:39:07 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
    2014-06-30 12:39:07 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
    2014-06-30 12:39:07 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
    2014-06-30 12:38:57 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
    2014-06-30 12:38:57 830464 ----a-w- C:\Windows\System32\nshwfp.dll
    2014-06-30 12:38:57 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
    2014-06-30 12:38:57 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
    2014-06-30 12:38:57 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
    2014-06-30 12:36:47 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
    2014-06-30 12:35:14 -------- d-----w- C:\Users\Matt\AppData\Local\Adobe
    2014-06-30 12:22:42 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2014-06-29 21:52:01 -------- d-----w- C:\ProgramData\Malwarebytes
    2014-06-19 11:32:00 -------- d-----w- C:\Program Files (x86)\Microsoft WSE
    2014-06-15 11:38:15 -------- d-----w- C:\Users\Matt\AppData\Roaming\Curse
    .
    ==================== Find3M ====================
    .
    2014-07-10 10:54:00 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-07-10 10:54:00 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-07-05 19:23:59 45056 ----a-w- C:\Windows\System32\acovcnt.exe
    2014-06-09 09:49:00 69632 ----a-w- C:\Windows\System32\DriverInstallCA.dll
    2014-06-09 09:49:00 245760 ----a-w- C:\Windows\System32\DriverInstallCACMD.exe
    2014-06-09 09:49:00 136704 ----a-w- C:\Windows\SysWow64\RzVAD.dll
    2014-05-29 05:32:14 80384 ----a-w- C:\Windows\System32\RazerCoinstaller.dll
    2014-05-26 07:31:00 85328 ----a-w- C:\Windows\System32\drivers\aswstm.sys
    2014-05-26 07:31:00 1039096 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
    2014-05-26 07:30:20 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
    2014-05-26 07:30:20 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2014-05-26 07:30:20 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
    2014-05-26 07:30:20 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
    2014-05-26 07:30:20 208416 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
    2014-05-26 07:30:19 43152 ----a-w- C:\Windows\avastSS.scr
    2014-05-24 02:33:58 864256 ----a-w- C:\Windows\SysWow64\rzdevicedll.dll
    2014-05-24 02:33:56 325120 ----a-w- C:\Windows\SysWow64\rzaudiodll.dll
    2014-05-23 10:34:46 32768 ----a-w- C:\Windows\System32\drivers\RzMaelstromVAD.sys
    2014-05-19 06:47:28 155816 ----a-w- C:\Windows\System32\drivers\rzudd.sys
    2014-05-19 06:26:50 89088 ----a-w- C:\Windows\SysWow64\rzdevinfo.dll
    2014-05-19 06:26:50 155136 ----a-w- C:\Windows\SysWow64\rztouchdll.dll
    2014-05-19 06:26:46 117248 ----a-w- C:\Windows\SysWow64\rzdisplaydll.dll
    2014-04-29 21:41:35 37184 ----a-w- C:\Windows\System32\drivers\rzpmgrk.sys
    2014-04-25 18:45:43 129856 ----a-w- C:\Windows\System32\drivers\rzpnk.sys
    2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
    2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
    2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
    2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
    2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
    2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
    2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
    2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    .
    ============= FINISH: 13:53:31.87 ===============

    aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
    Run date: 2014-07-10 13:09:56
    -----------------------------
    13:09:56.539 OS Version: Windows x64 6.1.7601 Service Pack 1
    13:09:56.539 Number of processors: 4 586 0x2505
    13:09:56.541 ComputerName: ORANGE-SODA UserName: Matt
    13:09:58.678 Initialize success
    13:09:58.678 VM: initialized successfully
    13:09:58.683 VM: outdated driver version !
    13:10:03.159 AVAST engine defs: 14071000
    13:10:09.176 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    13:10:09.181 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
    13:10:09.333 Disk 0 MBR read successfully
    13:10:09.336 Disk 0 MBR scan
    13:10:09.339 Disk 0 Windows 7 default MBR code
    13:10:09.343 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 22000 MB offset 64
    13:10:09.361 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 122569 MB offset 45056064
    13:10:09.365 Disk 0 default boot code
    13:10:09.369 Disk 0 Partition - 00 0F Extended LBA 332370 MB offset 296078203
    13:10:09.401 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 332369 MB offset 296080251
    13:10:09.417 Disk 0 scanning C:\Windows\system32\drivers
    13:10:20.113 Service scanning
    13:10:54.196 Modules scanning
    13:10:54.207 Disk 0 trace - called modules:
    13:10:54.254 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys
    13:10:54.259 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006513060]
    13:10:54.264 3 CLASSPNP.SYS[fffff88001afc43f] -> nt!IofCallDriver -> [0xfffffa80062d3a90]
    13:10:54.272 5 ACPI.sys[fffff88000eff7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80062d9050]
    13:10:55.245 AVAST engine scan C:\Windows
    13:10:58.913 AVAST engine scan C:\Windows\system32
    13:17:20.323 AVAST engine scan C:\Windows\system32\drivers
    13:17:34.860 AVAST engine scan C:\Users\Matt
    13:31:44.790 AVAST engine scan C:\ProgramData
    13:33:52.427 Scan finished successfully
    13:34:16.824 Disk 0 MBR has been saved successfully to "C:\Users\Matt\Desktop\MBR.dat"
    13:34:16.829 The log file has been saved successfully to "C:\Users\Matt\Desktop\aswMBR.txt"

    Search results from Spybot - Search & Destroy

    7/10/2014 1:00:19 PM
    Scan took 00:35:26.
    38 items found.

    Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
    C:\Users\Matt\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WCEDE227\kaptcha.com\logo.swf\k.sol
    Properties.size=0
    Properties.md5=D41D8CD98F00B204E9800998ECF8427E

    DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)


    Statcounter: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)


    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2609389158-545349396-2406316527-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2609389158-545349396-2406316527-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

    MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2609389158-545349396-2406316527-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

    MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

    MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2609389158-545349396-2406316527-1000\Software\Microsoft\DirectInput\MostRecentApplication\Name

    MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2609389158-545349396-2406316527-1000\Software\Microsoft\DirectInput\MostRecentApplication\Id

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2609389158-545349396-2406316527-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

    Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2609389158-545349396-2406316527-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList

    Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2609389158-545349396-2406316527-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

    Windows.OpenWith: [SBI $99432203] Open with list - .CFG extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2609389158-545349396-2406316527-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CFG\OpenWithList

    Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2609389158-545349396-2406316527-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList

    Windows.OpenWith: [SBI $F34FE1D0] Open with list - .CUE extension (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2609389158-545349396-2406316527-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUE\OpenWithList

    Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2609389158-545349396-2406316527-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

    Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2609389158-545349396-2406316527-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

    Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
    HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

    Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2609389158-545349396-2406316527-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

    Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

    Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2609389158-545349396-2406316527-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

    Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
    HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

    Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
    HKEY_USERS\S-1-5-21-2609389158-545349396-2406316527-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

    Cookie: [SBI $49804B54] Browser: Cookie (6) (Browser: Cookie, nothing done)


    Cache: [SBI $49804B54] Browser: Cache (192) (Browser: Cache, nothing done)


    History: [SBI $49804B54] Browser: History (8) (Browser: History, nothing done)


    Cookie: [SBI $49804B54] Browser: Cookie (348) (Browser: Cookie, nothing done)


    History: [SBI $49804B54] Browser: History (2999) (Browser: History, nothing done)
    Attached Files Attached Files

  2. #2
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Hi and welcome

    Please download Farbar Recovery Scan Tool

    (use correct version for your system.....Which system am I using?)



    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #3
    Junior Member
    Join Date
    Jul 2014
    Posts
    11

    Default

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
    Ran by Matt (administrator) on ORANGE-SODA on 12-07-2014 11:42:30
    Running from C:\Users\Matt\Desktop
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/down...an-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/down...an-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (AMD) C:\Windows\System32\atiesrxx.exe
    (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
    (A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
    (Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Microsoft Corporation) C:\Windows\System32\alg.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    (Akamai Technologies, Inc.) C:\Users\Matt\AppData\Local\Akamai\netsession_win.exe
    (Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
    (Akamai Technologies, Inc.) C:\Users\Matt\AppData\Local\Akamai\netsession_win.exe
    (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
    () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
    (ASUS) C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
    () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
    (ASUS) C:\Program Files\P4G\BatteryLife.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    (ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\main.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
    (asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    (ASUS) C:\Windows\AsScrPro.exe
    () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    () C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
    HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
    HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-07] (CyberLink Corp.)
    HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2010-06-25] (CyberLink Corp.)
    HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
    HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
    HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-04] (ASUS)
    HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
    HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
    HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-07-02] ()
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-09] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-10] (AVAST Software)
    HKLM-x32\...\Run: [RazerGameBooster] => C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe [61152 2014-02-25] (Razer Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-21-2609389158-545349396-2406316527-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Matt\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-2609389158-545349396-2406316527-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466656 2014-05-23] (Sony)
    HKU\S-1-5-21-2609389158-545349396-2406316527-1000\...\MountPoints2: F - F:\autorun.exe
    HKU\S-1-5-21-2609389158-545349396-2406316527-1000\...\MountPoints2: {0892da8e-a228-11e3-bb69-bcaec5d267e1} - G:\Startme.exe
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
    ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
    ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    ShellIconOverlayIdentifiers: ADSMOverlayIcon -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll ()
    ShellIconOverlayIdentifiers: ADSMOverlayIcon1 -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll ()
    ShellIconOverlayIdentifiers-x32: ADSMOverlayIcon -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll ()
    ShellIconOverlayIdentifiers-x32: ADSMOverlayIcon1 -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll ()
    BootExecute: autocheck autochk * sdnclean64.exe

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://howzit.msn.com/?ocid=UP72DHP&pc=UP72&dt=051313
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
    SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
    SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
    SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
    SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={A4189F29-F82A-4E91-9733-6110FA5E7A3C}&mid=9d7867baaf7747d1bf83a5b92b2a5bc3-1a0c702eb57b3282f3b64945de2b2535b3b0d756&lang=en&ds=AVG&pr=fr&d=2012-02-20 18:54:45&v=10.0.0.7&sap=dsp&q={searchTerms}
    BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
    BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
    Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pu...sh/swflash.cab
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 10.0.0.2

    FireFox:
    ========
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
    FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-05]

    Chrome:
    =======
    CHR HomePage: hxxp://www.google.com
    CHR DefaultSearchKeyword: google.co.za
    CHR Extension: (Google Docs) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-03]
    CHR Extension: (Google Drive) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-03]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-03]
    CHR Extension: (YouTube) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-03]
    CHR Extension: (Google Search) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-03]
    CHR Extension: (AdBlock Premium) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-07-03]
    CHR Extension: (avast! Online Security) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-29]
    CHR Extension: (Ashish Mishra) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp [2014-07-03]
    CHR Extension: (Google Wallet) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-03]
    CHR Extension: (Gmail) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-03]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-10]

    ==================== Services (Whitelisted) =================

    R3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-10] (AVAST Software)
    S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
    R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [329920 2014-04-29] ()
    R3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-04-06] () [File not signed]
    R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
    R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-06-09] (A-Volute) [File not signed]
    R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-11] (Razer, Inc.)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    R3 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
    R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]

  4. #4
    Junior Member
    Join Date
    Jul 2014
    Posts
    11

    Default

    ==================== Drivers (Whitelisted) ====================

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-10] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-10] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-10] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-10] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-10] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-10] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-10] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-10] ()
    R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-05-07] (DT Soft Ltd)
    R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] ()
    R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-12] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
    S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
    S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
    R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-11] (Razer, Inc.)
    R1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-11] (Razer, Inc.)
    R3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows (R) Win 7 DDK provider)
    R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-04-29] (Razer, Inc.)
    R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129856 2014-04-25] (Razer, Inc.)
    R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
    R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-07] ()
    S3 ipswuio; System32\DRIVERS\ipswuio.sys [X]
    S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
    U3 tmlwf;
    U3 tmwfp;

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-07-12 11:42 - 2014-07-12 11:42 - 00022060 _____ () C:\Users\Matt\Desktop\FRST.txt
    2014-07-12 11:41 - 2014-07-12 11:42 - 00000000 ____D () C:\FRST
    2014-07-12 11:28 - 2014-07-12 11:41 - 02084864 _____ (Farbar) C:\Users\Matt\Desktop\FRST64.exe
    2014-07-12 00:29 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-07-12 00:29 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-07-12 00:29 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-07-12 00:29 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-07-12 00:29 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-07-12 00:29 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-07-12 00:29 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-07-12 00:29 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-07-12 00:29 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-07-12 00:29 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-07-12 00:29 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-07-12 00:29 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-07-12 00:29 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-07-12 00:29 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-07-12 00:29 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-07-12 00:29 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-07-12 00:29 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-07-12 00:29 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-07-12 00:29 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-07-12 00:29 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-07-12 00:29 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-07-12 00:29 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-07-12 00:29 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-07-12 00:29 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-07-12 00:29 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-07-12 00:29 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-07-12 00:29 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-07-12 00:29 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-07-12 00:29 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-07-12 00:29 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-07-12 00:29 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-07-12 00:29 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-07-12 00:29 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-07-12 00:29 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-07-12 00:29 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-07-12 00:29 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-07-12 00:29 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-07-12 00:29 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-07-12 00:29 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-07-12 00:29 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-07-12 00:29 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-07-12 00:29 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-07-12 00:29 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-07-12 00:29 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-07-12 00:29 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-07-12 00:29 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-07-12 00:29 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-07-12 00:29 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-07-12 00:29 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-07-12 00:29 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-07-12 00:29 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-07-12 00:29 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-07-12 00:29 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-07-12 00:29 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-07-12 00:29 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-07-12 00:29 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-07-12 00:18 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
    2014-07-12 00:18 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
    2014-07-12 00:18 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-07-12 00:18 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-07-12 00:18 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2014-07-12 00:18 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2014-07-12 00:18 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2014-07-12 00:18 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2014-07-12 00:18 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2014-07-12 00:18 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2014-07-12 00:18 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2014-07-12 00:18 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2014-07-12 00:18 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2014-07-12 00:18 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2014-07-12 00:18 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2014-07-12 00:18 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2014-07-12 00:18 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2014-07-12 00:17 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-07-12 00:17 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-07-12 00:17 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2014-07-12 00:17 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2014-07-12 00:17 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-07-12 00:17 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2014-07-12 00:17 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2014-07-12 00:17 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2014-07-11 11:57 - 2014-07-11 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
    2014-07-11 11:57 - 2014-07-11 11:57 - 00000000 ____D () C:\Program Files\7-Zip
    2014-07-11 10:39 - 2014-07-11 10:39 - 00003616 _____ () C:\Windows\PFRO.log
    2014-07-10 22:26 - 2014-07-10 22:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2014-07-10 13:55 - 2014-07-10 13:55 - 00005722 _____ () C:\Users\Matt\Desktop\attach.zip
    2014-07-10 13:53 - 2014-07-10 13:53 - 00028954 _____ () C:\Users\Matt\Desktop\dds.txt
    2014-07-10 13:53 - 2014-07-10 13:53 - 00021324 _____ () C:\Users\Matt\Desktop\attach.txt
    2014-07-10 13:34 - 2014-07-10 13:34 - 00002227 _____ () C:\Users\Matt\Desktop\aswMBR.txt
    2014-07-10 13:00 - 2014-07-10 13:00 - 00013480 _____ () C:\Users\Matt\Desktop\Scan Results.140710-1300.txt
    2014-07-10 12:09 - 2014-07-10 12:09 - 00052022 _____ () C:\Windows\DPINST.LOG
    2014-07-08 11:28 - 2014-07-08 11:30 - 00276104 _____ () C:\Windows\Minidump\070814-28657-01.dmp
    2014-07-08 11:28 - 2014-07-08 11:28 - 1156191243 _____ () C:\Windows\MEMORY.DMP
    2014-07-08 11:06 - 2014-07-10 13:34 - 00000512 _____ () C:\Users\Matt\Desktop\MBR.dat
    2014-07-08 11:00 - 2014-07-08 11:00 - 00000000 ____D () C:\Users\Matt\Documents\ProcAlyzer Dumps
    2014-07-08 10:58 - 2014-07-08 10:58 - 00001393 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    2014-07-08 10:58 - 2014-07-08 10:58 - 00001381 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2014-07-08 10:58 - 2014-07-08 10:58 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
    2014-07-08 10:58 - 2014-07-08 10:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
    2014-07-08 10:58 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
    2014-07-08 10:47 - 2014-07-08 10:57 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Matt\Downloads\spybot-2.4.exe
    2014-07-08 10:41 - 2014-07-08 10:44 - 05185536 _____ (AVAST Software) C:\Users\Matt\Downloads\aswMBR.exe
    2014-07-08 10:40 - 2014-07-08 10:41 - 00688992 ____R (Swearware) C:\Users\Matt\Downloads\dds.scr
    2014-07-08 10:40 - 2014-07-08 10:40 - 00000000 ____D () C:\Windows\ERDNT
    2014-07-08 10:39 - 2014-07-08 10:39 - 00000907 _____ () C:\Users\Matt\Desktop\ERUNT.lnk
    2014-07-08 10:39 - 2014-07-08 10:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
    2014-07-08 10:39 - 2014-07-08 10:39 - 00000000 ____D () C:\Program Files (x86)\ERUNT
    2014-07-08 10:38 - 2014-07-08 10:38 - 00791393 _____ (Lars Hederer ) C:\Users\Matt\Downloads\erunt-setup.exe
    2014-07-08 00:25 - 2014-07-12 11:16 - 00000887 _____ () C:\Windows\setupact.log
    2014-07-08 00:25 - 2014-07-08 00:25 - 00000000 _____ () C:\Windows\setuperr.log
    2014-07-07 09:35 - 2014-07-07 09:35 - 00008242 _____ () C:\Users\Matt\Downloads\The_Class_of_92_2013_720p.torrent
    2014-07-03 16:47 - 2014-07-12 11:21 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-07-03 16:47 - 2014-07-03 16:47 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-07-03 16:47 - 2014-07-03 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-07-03 16:47 - 2014-07-03 16:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-07-03 16:47 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-07-03 16:47 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-07-03 16:47 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-07-03 16:42 - 2014-07-03 16:45 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Matt\Downloads\mbam-setup-2.0.2.1012 (1).exe
    2014-07-03 12:44 - 2014-07-03 12:44 - 00002257 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-07-03 10:42 - 2014-07-03 10:42 - 00000000 __SHD () C:\found.000
    2014-07-02 23:18 - 2014-07-08 10:59 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-07-02 23:04 - 2014-07-09 10:27 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-07-01 21:11 - 2014-07-01 21:11 - 00000000 ____D () C:\Users\Matt\AppData\Local\Macromedia
    2014-07-01 21:04 - 2014-07-03 12:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-07-01 21:04 - 2014-07-01 21:04 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Mozilla
    2014-07-01 21:04 - 2014-07-01 21:04 - 00000000 ____D () C:\Users\Matt\AppData\Local\Mozilla
    2014-07-01 21:04 - 2014-07-01 21:04 - 00000000 ____D () C:\ProgramData\Mozilla
    2014-07-01 20:53 - 2014-07-01 20:53 - 00000000 __SHD () C:\Users\Matt\AppData\Local\EmieUserList
    2014-07-01 20:53 - 2014-07-01 20:53 - 00000000 __SHD () C:\Users\Matt\AppData\Local\EmieSiteList
    2014-07-01 20:31 - 2014-07-01 20:35 - 10003156 _____ () C:\Users\Matt\Downloads\valgrind-3.9.0.tar.bz2
    2014-07-01 20:18 - 2014-07-01 20:18 - 01451756 _____ (VLD Team ) C:\Users\Matt\Downloads\vld-2.4rc2-setup.exe
    2014-07-01 20:15 - 2014-07-01 20:15 - 00023190 _____ () C:\Users\Matt\Downloads\winleak_1.1.3.zip
    2014-07-01 20:15 - 2014-07-01 20:15 - 00000000 ____D () C:\Users\Matt\Downloads\winleak_1.1.3
    2014-07-01 20:09 - 2014-07-01 20:10 - 00997536 _____ (Microsoft Corporation) C:\Users\Matt\Downloads\sdksetup.exe
    2014-07-01 12:03 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2014-07-01 12:03 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2014-07-01 12:00 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2014-07-01 12:00 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
    2014-07-01 11:02 - 2014-07-12 01:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-06-30 18:24 - 2014-07-12 00:34 - 00000000 ____D () C:\Windows\system32\MRT
    2014-06-30 18:22 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2014-06-30 18:22 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
    2014-06-30 18:22 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
    2014-06-30 18:22 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2014-06-30 17:55 - 2014-06-30 17:55 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
    2014-06-30 17:55 - 2014-06-30 17:55 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-06-30 17:55 - 2014-06-30 17:55 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2014-06-30 17:55 - 2014-06-30 17:55 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2014-06-30 17:55 - 2014-06-30 17:55 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2014-06-30 17:55 - 2014-06-30 17:55 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2014-06-30 17:24 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
    2014-06-30 17:24 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
    2014-06-30 17:24 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2014-06-30 17:24 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
    2014-06-30 17:24 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
    2014-06-30 17:24 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
    2014-06-30 17:24 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
    2014-06-30 17:24 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
    2014-06-30 17:24 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
    2014-06-30 17:24 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
    2014-06-30 17:24 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2014-06-30 17:24 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
    2014-06-30 17:24 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
    2014-06-30 17:24 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
    2014-06-30 17:24 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
    2014-06-30 17:24 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
    2014-06-30 17:06 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2014-06-30 17:06 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
    2014-06-30 17:06 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
    2014-06-30 17:06 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
    2014-06-30 15:05 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
    2014-06-30 15:05 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
    2014-06-30 15:05 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
    2014-06-30 15:05 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
    2014-06-30 15:05 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
    2014-06-30 15:05 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
    2014-06-30 15:05 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
    2014-06-30 15:05 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
    2014-06-30 15:05 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
    2014-06-30 15:05 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
    2014-06-30 15:05 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
    2014-06-30 15:05 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
    2014-06-30 15:05 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
    2014-06-30 15:05 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
    2014-06-30 15:05 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
    2014-06-30 15:05 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
    2014-06-30 15:05 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
    2014-06-30 15:05 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
    2014-06-30 14:59 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2014-06-30 14:59 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2014-06-30 14:59 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2014-06-30 14:59 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2014-06-30 14:59 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2014-06-30 14:59 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2014-06-30 14:59 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2014-06-30 14:59 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
    2014-06-30 14:59 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2014-06-30 14:59 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
    2014-06-30 14:59 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2014-06-30 14:59 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
    2014-06-30 14:59 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
    2014-06-30 14:59 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
    2014-06-30 14:59 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
    2014-06-30 14:59 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
    2014-06-30 14:59 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2014-06-30 14:59 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2014-06-30 14:59 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
    2014-06-30 14:59 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
    2014-06-30 14:59 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
    2014-06-30 14:59 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
    2014-06-30 14:59 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
    2014-06-30 14:59 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
    2014-06-30 14:59 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
    2014-06-30 14:59 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2014-06-30 14:59 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2014-06-30 14:59 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2014-06-30 14:59 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2014-06-30 14:58 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
    2014-06-30 14:58 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
    2014-06-30 14:58 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2014-06-30 14:58 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
    2014-06-30 14:58 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2014-06-30 14:58 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
    2014-06-30 14:58 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2014-06-30 14:58 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2014-06-30 14:54 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2014-06-30 14:54 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-06-30 14:54 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
    2014-06-30 14:54 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
    2014-06-30 14:53 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
    2014-06-30 14:53 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
    2014-06-30 14:53 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
    2014-06-30 14:53 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
    2014-06-30 14:53 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
    2014-06-30 14:50 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2014-06-30 14:50 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2014-06-30 14:50 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
    2014-06-30 14:50 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
    2014-06-30 14:50 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2014-06-30 14:50 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2014-06-30 14:50 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
    2014-06-30 14:50 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
    2014-06-30 14:50 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2014-06-30 14:50 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2014-06-30 14:50 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
    2014-06-30 14:50 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
    2014-06-30 14:50 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2014-06-30 14:50 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2014-06-30 14:50 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2014-06-30 14:50 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2014-06-30 14:50 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2014-06-30 14:50 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2014-06-30 14:50 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2014-06-30 14:50 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2014-06-30 14:50 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
    2014-06-30 14:50 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
    2014-06-30 14:50 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2014-06-30 14:50 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2014-06-30 14:50 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2014-06-30 14:50 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2014-06-30 14:50 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
    2014-06-30 14:50 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2014-06-30 14:50 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2014-06-30 14:50 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
    2014-06-30 14:48 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
    2014-06-30 14:48 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
    2014-06-30 14:48 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2014-06-30 14:48 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
    2014-06-30 14:48 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2014-06-30 14:48 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2014-06-30 14:48 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2014-06-30 14:48 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2014-06-30 14:48 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2014-06-30 14:48 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2014-06-30 14:48 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2014-06-30 14:48 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2014-06-30 14:48 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2014-06-30 14:48 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2014-06-30 14:48 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2014-06-30 14:48 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2014-06-30 14:48 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2014-06-30 14:48 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
    2014-06-30 14:48 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-06-30 14:48 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2014-06-30 14:48 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2014-06-30 14:48 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
    2014-06-30 14:48 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
    2014-06-30 14:48 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
    2014-06-30 14:48 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2014-06-30 14:48 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2014-06-30 14:48 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2014-06-30 14:48 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2014-06-30 14:48 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2014-06-30 14:48 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2014-06-30 14:48 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
    2014-06-30 14:48 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2014-06-30 14:48 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2014-06-30 14:48 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
    2014-06-30 14:48 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
    2014-06-30 14:48 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2014-06-30 14:48 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
    2014-06-30 14:48 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
    2014-06-30 14:48 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2014-06-30 14:48 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
    2014-06-30 14:47 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
    2014-06-30 14:47 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
    2014-06-30 14:47 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
    2014-06-30 14:47 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
    2014-06-30 14:47 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
    2014-06-30 14:47 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
    2014-06-30 14:47 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
    2014-06-30 14:47 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2014-06-30 14:47 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2014-06-30 14:47 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
    2014-06-30 14:46 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
    2014-06-30 14:45 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
    2014-06-30 14:44 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2014-06-30 14:44 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-06-30 14:44 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-06-30 14:44 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2014-06-30 14:44 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2014-06-30 14:44 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2014-06-30 14:44 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2014-06-30 14:44 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2014-06-30 14:44 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2014-06-30 14:44 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2014-06-30 14:44 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2014-06-30 14:44 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2014-06-30 14:44 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2014-06-30 14:43 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
    2014-06-30 14:43 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
    2014-06-30 14:43 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
    2014-06-30 14:43 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
    2014-06-30 14:43 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
    2014-06-30 14:43 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
    2014-06-30 14:43 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
    2014-06-30 14:43 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
    2014-06-30 14:43 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
    2014-06-30 14:43 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
    2014-06-30 14:40 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
    2014-06-30 14:40 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
    2014-06-30 14:40 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
    2014-06-30 14:40 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
    2014-06-30 14:40 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
    2014-06-30 14:40 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
    2014-06-30 14:40 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
    2014-06-30 14:40 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
    2014-06-30 14:40 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
    2014-06-30 14:39 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-06-30 14:39 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2014-06-30 14:39 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2014-06-30 14:39 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2014-06-30 14:38 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
    2014-06-30 14:38 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2014-06-30 14:38 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
    2014-06-30 14:38 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
    2014-06-30 14:38 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
    2014-06-30 14:36 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2014-06-30 14:35 - 2014-06-30 14:35 - 00000000 ____D () C:\Users\Matt\AppData\Local\Adobe
    2014-06-30 14:22 - 2014-07-03 12:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2014-06-30 14:22 - 2014-06-30 14:22 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-06-30 14:22 - 2014-06-30 14:22 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-06-30 14:22 - 2014-06-30 14:22 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-06-30 14:22 - 2014-06-30 14:22 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-06-30 14:22 - 2014-06-30 14:22 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-06-30 12:21 - 2014-06-30 12:22 - 00991232 _____ () C:\Users\Matt\Downloads\MicrosoftFixit50267.msi
    2014-06-30 09:07 - 2014-06-30 09:08 - 02347384 _____ (ESET) C:\Users\Matt\Downloads\esetsmartinstaller_enu.exe
    2014-06-29 23:52 - 2014-06-29 23:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-06-29 23:39 - 2014-06-29 23:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Matt\Downloads\mbam-setup-2.0.2.1012.exe
    2014-06-29 12:38 - 2014-07-01 19:43 - 00000000 ____D () C:\Users\Matt\Downloads\ProcessExplorer
    2014-06-29 12:37 - 2014-06-29 12:38 - 01243655 _____ () C:\Users\Matt\Downloads\ProcessExplorer.zip
    2014-06-28 09:11 - 2014-06-28 09:11 - 00008229 _____ () C:\Users\Matt\Downloads\Walk_of_Shame_2014_720p.torrent
    2014-06-20 12:50 - 2014-06-20 12:50 - 00000000 ____D () C:\Users\Matt\Documents\7 Days To Die
    2014-06-19 13:33 - 2014-06-19 13:33 - 00000000 ____D () C:\Users\Matt\Documents\Electronic Arts
    2014-06-19 13:32 - 2014-06-19 13:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
    2014-06-16 14:40 - 2014-06-16 14:40 - 00196980 _____ () C:\Users\Matt\Downloads\Pryor Computers May 01 2014.zip
    2014-06-15 13:38 - 2014-06-15 13:38 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Curse
    2014-06-15 13:30 - 2014-06-15 13:37 - 41232416 _____ (Curse) C:\Users\Matt\Downloads\CurseClientSetup_Eo36.exe
    2014-06-12 15:11 - 2014-06-12 15:12 - 00334704 _____ () C:\Users\Matt\Downloads\CAFEVIVA_PRICE_LIST.zip

  5. #5
    Junior Member
    Join Date
    Jul 2014
    Posts
    11

    Default

    ==================== One Month Modified Files and Folders =======

    2014-07-12 11:42 - 2014-07-12 11:42 - 00022060 _____ () C:\Users\Matt\Desktop\FRST.txt
    2014-07-12 11:42 - 2014-07-12 11:41 - 00000000 ____D () C:\FRST
    2014-07-12 11:41 - 2014-07-12 11:28 - 02084864 _____ (Farbar) C:\Users\Matt\Desktop\FRST64.exe
    2014-07-12 11:41 - 2011-02-13 05:02 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-07-12 11:26 - 2011-02-13 04:03 - 01198981 _____ () C:\Windows\WindowsUpdate.log
    2014-07-12 11:24 - 2009-07-14 06:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-07-12 11:24 - 2009-07-14 06:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-07-12 11:21 - 2014-07-03 16:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-07-12 11:19 - 2011-02-13 06:24 - 00000000 ____D () C:\Program Files\P4G
    2014-07-12 11:19 - 2011-02-13 05:02 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-07-12 11:18 - 2011-12-15 11:19 - 00000433 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
    2014-07-12 11:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-07-12 11:17 - 2009-07-14 06:45 - 00445360 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-07-12 11:16 - 2014-07-08 00:25 - 00000887 _____ () C:\Windows\setupact.log
    2014-07-12 01:05 - 2014-07-01 11:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-07-12 01:05 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal
    2014-07-12 01:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
    2014-07-12 01:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
    2014-07-12 00:52 - 2013-02-25 08:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-07-12 00:34 - 2014-06-30 18:24 - 00000000 ____D () C:\Windows\system32\MRT
    2014-07-12 00:31 - 2011-06-18 20:17 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-07-11 23:52 - 2013-11-20 12:03 - 00000000 ____D () C:\Program Files (x86)\Steam
    2014-07-11 12:09 - 2013-05-15 07:19 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2014-07-11 12:09 - 2013-03-01 15:39 - 00000000 ____D () C:\Users\Matt\AppData\Local\CrashDumps
    2014-07-11 11:57 - 2014-07-11 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
    2014-07-11 11:57 - 2014-07-11 11:57 - 00000000 ____D () C:\Program Files\7-Zip
    2014-07-11 10:39 - 2014-07-11 10:39 - 00003616 _____ () C:\Windows\PFRO.log
    2014-07-10 22:26 - 2014-07-10 22:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2014-07-10 22:26 - 2014-05-26 09:30 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
    2014-07-10 22:26 - 2014-01-04 09:09 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
    2014-07-10 22:26 - 2013-04-03 08:05 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
    2014-07-10 22:26 - 2013-04-03 08:05 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
    2014-07-10 22:26 - 2013-02-05 22:10 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2014-07-10 22:26 - 2013-02-05 22:10 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
    2014-07-10 22:26 - 2013-02-05 22:10 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2014-07-10 22:26 - 2013-02-05 22:10 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2014-07-10 22:26 - 2013-02-05 22:10 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2014-07-10 22:26 - 2013-02-05 22:10 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2014-07-10 22:26 - 2013-02-05 22:10 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    2014-07-10 16:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
    2014-07-10 13:55 - 2014-07-10 13:55 - 00005722 _____ () C:\Users\Matt\Desktop\attach.zip
    2014-07-10 13:53 - 2014-07-10 13:53 - 00028954 _____ () C:\Users\Matt\Desktop\dds.txt
    2014-07-10 13:53 - 2014-07-10 13:53 - 00021324 _____ () C:\Users\Matt\Desktop\attach.txt
    2014-07-10 13:34 - 2014-07-10 13:34 - 00002227 _____ () C:\Users\Matt\Desktop\aswMBR.txt
    2014-07-10 13:34 - 2014-07-08 11:06 - 00000512 _____ () C:\Users\Matt\Desktop\MBR.dat
    2014-07-10 13:00 - 2014-07-10 13:00 - 00013480 _____ () C:\Users\Matt\Desktop\Scan Results.140710-1300.txt
    2014-07-10 12:54 - 2013-02-25 08:38 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-07-10 12:54 - 2013-02-25 08:38 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-07-10 12:54 - 2012-02-18 12:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-07-10 12:09 - 2014-07-10 12:09 - 00052022 _____ () C:\Windows\DPINST.LOG
    2014-07-10 12:09 - 2013-10-12 09:59 - 00002448 _____ () C:\Users\Matt\Desktop\RzSynapse - Shortcut.lnk
    2014-07-10 12:00 - 2012-02-21 17:06 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\vlc
    2014-07-09 14:11 - 2013-04-09 18:56 - 00007603 _____ () C:\Users\Matt\AppData\Local\Resmon.ResmonCfg
    2014-07-09 10:27 - 2014-07-02 23:04 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-07-08 11:37 - 2011-02-13 06:26 - 00001617 _____ () C:\Windows\system32\ServiceFilter.ini
    2014-07-08 11:30 - 2014-07-08 11:28 - 00276104 _____ () C:\Windows\Minidump\070814-28657-01.dmp
    2014-07-08 11:30 - 2011-02-13 06:26 - 00002504 _____ () C:\Windows\system32\AutoRunFilter.ini
    2014-07-08 11:28 - 2014-07-08 11:28 - 1156191243 _____ () C:\Windows\MEMORY.DMP
    2014-07-08 11:28 - 2012-06-08 19:16 - 00000000 ____D () C:\Windows\Minidump
    2014-07-08 11:00 - 2014-07-08 11:00 - 00000000 ____D () C:\Users\Matt\Documents\ProcAlyzer Dumps
    2014-07-08 10:59 - 2014-07-02 23:18 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-07-08 10:58 - 2014-07-08 10:58 - 00001393 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    2014-07-08 10:58 - 2014-07-08 10:58 - 00001381 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2014-07-08 10:58 - 2014-07-08 10:58 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
    2014-07-08 10:58 - 2014-07-08 10:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
    2014-07-08 10:57 - 2014-07-08 10:47 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Matt\Downloads\spybot-2.4.exe
    2014-07-08 10:44 - 2014-07-08 10:41 - 05185536 _____ (AVAST Software) C:\Users\Matt\Downloads\aswMBR.exe
    2014-07-08 10:41 - 2014-07-08 10:40 - 00688992 ____R (Swearware) C:\Users\Matt\Downloads\dds.scr
    2014-07-08 10:40 - 2014-07-08 10:40 - 00000000 ____D () C:\Windows\ERDNT
    2014-07-08 10:39 - 2014-07-08 10:39 - 00000907 _____ () C:\Users\Matt\Desktop\ERUNT.lnk
    2014-07-08 10:39 - 2014-07-08 10:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
    2014-07-08 10:39 - 2014-07-08 10:39 - 00000000 ____D () C:\Program Files (x86)\ERUNT
    2014-07-08 10:38 - 2014-07-08 10:38 - 00791393 _____ (Lars Hederer ) C:\Users\Matt\Downloads\erunt-setup.exe
    2014-07-08 04:33 - 2013-02-22 08:59 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\BitComet
    2014-07-08 00:25 - 2014-07-08 00:25 - 00000000 _____ () C:\Windows\setuperr.log
    2014-07-07 10:50 - 2009-07-29 08:03 - 00000000 ____D () C:\Windows\Panther
    2014-07-07 09:35 - 2014-07-07 09:35 - 00008242 _____ () C:\Users\Matt\Downloads\The_Class_of_92_2013_720p.torrent
    2014-07-05 21:23 - 2011-05-13 08:50 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
    2014-07-03 23:11 - 2009-07-14 07:13 - 00801854 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-07-03 21:28 - 2012-12-08 14:41 - 00000000 ____D () C:\Users\Matt\Documents\My Games
    2014-07-03 20:48 - 2013-12-05 12:59 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2014-07-03 17:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Web
    2014-07-03 16:47 - 2014-07-03 16:47 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-07-03 16:47 - 2014-07-03 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-07-03 16:47 - 2014-07-03 16:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-07-03 16:45 - 2014-07-03 16:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Matt\Downloads\mbam-setup-2.0.2.1012 (1).exe
    2014-07-03 12:44 - 2014-07-03 12:44 - 00002257 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-07-03 12:20 - 2011-05-08 05:56 - 00000000 ____D () C:\Users\Matt
    2014-07-03 12:01 - 2014-07-01 21:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-07-03 12:01 - 2014-06-30 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2014-07-03 12:01 - 2013-06-15 14:45 - 00000000 ____D () C:\Users\Matt\AppData\Local\Akamai
    2014-07-03 12:01 - 2011-05-07 21:21 - 00000000 ____D () C:\Users\Matt\AppData\Local\Google
    2014-07-03 12:01 - 2011-02-13 06:24 - 00000000 ____D () C:\ProgramData\P4G
    2014-07-03 12:01 - 2011-02-13 05:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-07-03 12:01 - 2011-02-13 05:01 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-07-03 12:01 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
    2014-07-03 12:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
    2014-07-03 12:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-07-03 12:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
    2014-07-03 10:42 - 2014-07-03 10:42 - 00000000 __SHD () C:\found.000
    2014-07-01 21:11 - 2014-07-01 21:11 - 00000000 ____D () C:\Users\Matt\AppData\Local\Macromedia
    2014-07-01 21:04 - 2014-07-01 21:04 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Mozilla
    2014-07-01 21:04 - 2014-07-01 21:04 - 00000000 ____D () C:\Users\Matt\AppData\Local\Mozilla
    2014-07-01 21:04 - 2014-07-01 21:04 - 00000000 ____D () C:\ProgramData\Mozilla
    2014-07-01 20:53 - 2014-07-01 20:53 - 00000000 __SHD () C:\Users\Matt\AppData\Local\EmieUserList
    2014-07-01 20:53 - 2014-07-01 20:53 - 00000000 __SHD () C:\Users\Matt\AppData\Local\EmieSiteList
    2014-07-01 20:35 - 2014-07-01 20:31 - 10003156 _____ () C:\Users\Matt\Downloads\valgrind-3.9.0.tar.bz2
    2014-07-01 20:18 - 2014-07-01 20:18 - 01451756 _____ (VLD Team ) C:\Users\Matt\Downloads\vld-2.4rc2-setup.exe
    2014-07-01 20:15 - 2014-07-01 20:15 - 00023190 _____ () C:\Users\Matt\Downloads\winleak_1.1.3.zip
    2014-07-01 20:15 - 2014-07-01 20:15 - 00000000 ____D () C:\Users\Matt\Downloads\winleak_1.1.3
    2014-07-01 20:10 - 2014-07-01 20:09 - 00997536 _____ (Microsoft Corporation) C:\Users\Matt\Downloads\sdksetup.exe
    2014-07-01 19:43 - 2014-06-29 12:38 - 00000000 ____D () C:\Users\Matt\Downloads\ProcessExplorer
    2014-07-01 12:20 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
    2014-07-01 12:13 - 2011-05-08 12:52 - 00786164 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
    2014-07-01 11:13 - 2013-04-10 15:56 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
    2014-07-01 11:08 - 2011-05-08 14:58 - 00001415 _____ () C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2014-07-01 11:08 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    2014-06-30 17:55 - 2014-06-30 17:55 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2014-06-30 17:55 - 2014-06-30 17:55 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
    2014-06-30 17:55 - 2014-06-30 17:55 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-06-30 17:55 - 2014-06-30 17:55 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2014-06-30 17:55 - 2014-06-30 17:55 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2014-06-30 17:55 - 2014-06-30 17:55 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2014-06-30 17:55 - 2014-06-30 17:55 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2014-06-30 17:55 - 2014-06-30 17:55 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2014-06-30 17:55 - 2014-06-30 17:55 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2014-06-30 16:49 - 2013-06-13 15:56 - 00000000 ____D () C:\Program Files (x86)\Razer
    2014-06-30 14:35 - 2014-06-30 14:35 - 00000000 ____D () C:\Users\Matt\AppData\Local\Adobe
    2014-06-30 14:22 - 2014-06-30 14:22 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-06-30 14:22 - 2014-06-30 14:22 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-06-30 14:22 - 2014-06-30 14:22 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-06-30 14:22 - 2014-06-30 14:22 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-06-30 14:22 - 2014-06-30 14:22 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-06-30 14:14 - 2013-06-13 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
    2014-06-30 14:11 - 2014-05-29 12:35 - 00000000 ____D () C:\ProgramData\Origin
    2014-06-30 14:08 - 2014-03-08 09:34 - 00002028 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
    2014-06-30 14:08 - 2014-03-08 09:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
    2014-06-30 14:08 - 2011-02-13 04:49 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-06-30 12:22 - 2014-06-30 12:21 - 00991232 _____ () C:\Users\Matt\Downloads\MicrosoftFixit50267.msi
    2014-06-30 10:49 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2014-06-30 09:08 - 2014-06-30 09:07 - 02347384 _____ (ESET) C:\Users\Matt\Downloads\esetsmartinstaller_enu.exe
    2014-06-30 04:09 - 2014-07-12 00:17 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-06-30 04:04 - 2014-07-12 00:17 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-06-29 23:52 - 2014-06-29 23:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-06-29 23:42 - 2014-06-29 23:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Matt\Downloads\mbam-setup-2.0.2.1012.exe
    2014-06-29 23:03 - 2013-06-13 15:57 - 00000000 ____D () C:\Users\Matt\AppData\Local\Razer
    2014-06-29 22:59 - 2014-05-21 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Game Scanner Service
    2014-06-29 22:59 - 2013-06-13 15:56 - 00000000 ____D () C:\ProgramData\Razer
    2014-06-29 22:59 - 2009-07-14 09:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
    2014-06-29 22:58 - 2011-06-05 14:09 - 00000000 ____D () C:\ProgramData\Electronic Arts
    2014-06-29 12:38 - 2014-06-29 12:37 - 01243655 _____ () C:\Users\Matt\Downloads\ProcessExplorer.zip
    2014-06-28 09:11 - 2014-06-28 09:11 - 00008229 _____ () C:\Users\Matt\Downloads\Walk_of_Shame_2014_720p.torrent
    2014-06-24 12:32 - 2011-05-07 22:19 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\DAEMON Tools Lite
    2014-06-23 19:01 - 2013-09-27 17:16 - 00053248 _____ () C:\Users\Matt\AppData\Roaming\RZR_00605b3843f4b5706554561f13cc.db
    2014-06-20 22:14 - 2014-07-12 00:29 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-06-20 21:39 - 2014-07-12 00:29 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-06-20 12:50 - 2014-06-20 12:50 - 00000000 ____D () C:\Users\Matt\Documents\7 Days To Die
    2014-06-20 09:58 - 2009-07-14 07:08 - 00032644 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-06-20 09:58 - 2009-07-14 07:08 - 00032644 _____ () C:\Windows\Tasks\SCHEDLGU(16).TXT
    2014-06-19 13:33 - 2014-06-19 13:33 - 00000000 ____D () C:\Users\Matt\Documents\Electronic Arts
    2014-06-19 13:32 - 2014-06-19 13:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
    2014-06-19 13:18 - 2011-05-07 22:19 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
    2014-06-19 03:39 - 2014-07-12 00:29 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-06-19 03:06 - 2014-07-12 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-06-19 03:06 - 2014-07-12 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-06-19 02:48 - 2014-07-12 00:29 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-06-19 02:42 - 2014-07-12 00:29 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-06-19 02:42 - 2014-07-12 00:29 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-06-19 02:41 - 2014-07-12 00:29 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-06-19 02:41 - 2014-07-12 00:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-06-19 02:32 - 2014-07-12 00:29 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-06-19 02:31 - 2014-07-12 00:29 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-06-19 02:26 - 2014-07-12 00:29 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-06-19 02:24 - 2014-07-12 00:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-06-19 02:24 - 2014-07-12 00:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-06-19 02:23 - 2014-07-12 00:29 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-06-19 02:16 - 2014-07-12 00:29 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-06-19 02:14 - 2014-07-12 00:29 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-06-19 02:09 - 2014-07-12 00:29 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-06-19 01:59 - 2014-07-12 00:29 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-06-19 01:56 - 2014-07-12 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-06-19 01:53 - 2014-07-12 00:29 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-06-19 01:51 - 2014-07-12 00:29 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-06-19 01:50 - 2014-07-12 00:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-06-19 01:48 - 2014-07-12 00:29 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-06-19 01:39 - 2014-07-12 00:29 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-06-19 01:38 - 2014-07-12 00:29 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-06-19 01:37 - 2014-07-12 00:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-06-19 01:36 - 2014-07-12 00:29 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-06-19 01:35 - 2014-07-12 00:29 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-06-19 01:33 - 2014-07-12 00:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-06-19 01:32 - 2014-07-12 00:29 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-06-19 01:28 - 2014-07-12 00:29 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-06-19 01:28 - 2014-07-12 00:29 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-06-19 01:27 - 2014-07-12 00:29 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-06-19 01:27 - 2014-07-12 00:29 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-06-19 01:25 - 2014-07-12 00:29 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-06-19 01:23 - 2014-07-12 00:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-06-19 01:22 - 2014-07-12 00:29 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-06-19 01:12 - 2014-07-12 00:29 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-06-19 01:06 - 2014-07-12 00:29 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-06-19 01:01 - 2014-07-12 00:29 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-06-19 00:59 - 2014-07-12 00:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-06-19 00:58 - 2014-07-12 00:29 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-06-19 00:58 - 2014-07-12 00:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-06-19 00:52 - 2014-07-12 00:29 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-06-19 00:51 - 2014-07-12 00:29 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-06-19 00:49 - 2014-07-12 00:29 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-06-19 00:46 - 2014-07-12 00:29 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-06-19 00:45 - 2014-07-12 00:29 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-06-19 00:35 - 2014-07-12 00:29 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-06-19 00:34 - 2014-07-12 00:29 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-06-19 00:15 - 2014-07-12 00:29 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-06-19 00:13 - 2014-07-12 00:29 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-06-19 00:09 - 2014-07-12 00:29 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-06-19 00:07 - 2014-07-12 00:29 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-06-18 04:18 - 2014-07-12 00:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
    2014-06-18 03:51 - 2014-07-12 00:18 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
    2014-06-18 03:10 - 2014-07-12 00:18 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-06-17 10:36 - 2011-02-13 05:02 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-06-17 10:36 - 2011-02-13 05:02 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-06-16 14:40 - 2014-06-16 14:40 - 00196980 _____ () C:\Users\Matt\Downloads\Pryor Computers May 01 2014.zip
    2014-06-15 13:38 - 2014-06-15 13:38 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Curse
    2014-06-15 13:37 - 2014-06-15 13:30 - 41232416 _____ (Curse) C:\Users\Matt\Downloads\CurseClientSetup_Eo36.exe
    2014-06-12 15:12 - 2014-06-12 15:11 - 00334704 _____ () C:\Users\Matt\Downloads\CAFEVIVA_PRICE_LIST.zip

    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-07-10 15:13

    ==================== End Of Log ============================

  6. #6
    Junior Member
    Join Date
    Jul 2014
    Posts
    11

    Default

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2014
    Ran by Matt at 2014-07-12 11:43:38
    Running from C:\Users\Matt\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps)
    7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
    Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
    Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
    Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
    AMD APP SDK Runtime (Version: 2.4.595.1 - Advanced Micro Devices Inc.) Hidden
    ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
    ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0014 - ASUS)
    ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
    ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
    ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.40 - ASUS)
    ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0008 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
    ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4015 - CyberLink Corp.)
    ASUS Video Magic (x32 Version: 6.0.4015 - CyberLink Corp.) Hidden
    ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.20 - asus)
    ATI AVIVO64 Codecs (Version: 11.6.0.50811 - ATI Technologies Inc.) Hidden
    ATI Catalyst Install Manager (HKLM\...\{363836F9-D52D-8976-EC20-8C6965A4D045}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0006 - ASUS)
    avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
    BitComet 1.35 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.35 - CometNetwork)
    Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
    Castlevania: Lords of Shadow - Ultimate Edition (HKLM-x32\...\Castlevania: Lords of Shadow - Ultimate Edition_is1) (Version: - Konami Digital Entertainment)
    Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
    Catalyst Control Center (x32 Version: 2011.0309.2206.39672 - ATI) Hidden
    Catalyst Control Center InstallProxy (x32 Version: 2011.0309.2206.39672 - ATI Technologies, Inc.) Hidden
    Catalyst Control Center Localization All (x32 Version: 2011.0309.2206.39672 - ATI) Hidden
    CCC Help Chinese Standard (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Chinese Traditional (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Czech (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Danish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Dutch (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help English (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Finnish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help French (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help German (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Greek (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Hungarian (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Italian (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Japanese (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Korean (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Norwegian (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Polish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Portuguese (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Russian (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Spanish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Swedish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Thai (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    CCC Help Turkish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
    ccc-utility64 (Version: 2011.0309.2206.39672 - ATI) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
    Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.127.0.61 - Conexant)
    Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
    ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.8 - ASUS)
    Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
    CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
    CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
    CyberLink MediaShow Espresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.0.1606_25588 - CyberLink Corp.)
    CyberLink MediaShow Espresso (x32 Version: 5.0.1606_25588 - CyberLink Corp.) Hidden
    CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
    CyberLink PhotoNow (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
    CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
    CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
    CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2609a - CyberLink Corp.)
    CyberLink PowerDirector (x32 Version: 8.0.2609a - CyberLink Corp.) Hidden
    CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3009.50 - CyberLink Corp.)
    CyberLink PowerDVD 9 (x32 Version: 9.0.3009.50 - CyberLink Corp.) Hidden
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D0AC5F9F-1043-4569-ACE3-67EE990EB0E6}) (Version: - Microsoft)
    ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)
    ETDWare PS/2-x64 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
    Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.8 - ASUS)
    Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
    Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
    Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
    Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
    JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.)
    JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    K_Series_ScreenSaver_EN (HKLM-x32\...\K_Series_ScreenSaver_EN) (Version: - )
    Magic 2014 (HKLM-x32\...\Steam App 213850) (Version: - Stainless Games)
    Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
    Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
    MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
    MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
    NB Probe (HKLM-x32\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version: - )
    Net4Switch (HKLM-x32\...\{9D6D7811-43B3-463C-BC79-5D1755269989}) (Version: 1.00.0020 - ASUS)
    NVIDIA PhysX (HKLM-x32\...\{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}) (Version: 9.12.0213 - NVIDIA Corporation)
    OpenAL (HKLM-x32\...\OpenAL) (Version: - )
    Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
    Razer Comms (HKLM-x32\...\Razer Comms) (Version: 1.9 - Razer Inc.)
    Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.65 - Razer Inc)
    Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
    Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.10 - Razer Inc.)
    Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
    Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
    Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.7.201405202226 - Sony Mobile Communications AB)
    Sony PC Companion 2.10.211 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.211 - Sony)
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
    Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
    Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
    Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2553092) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}) (Version: - Microsoft)
    USB2.0 UVC VGA WebCam (HKLM\...\USB2.0 UVC VGA WebCam) (Version: 5.8.54000.207 - Sonix)
    Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
    WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.5.600 - Broadcom Corporation)
    Windows Driver Package - Broadcom (BTHUSB) Bluetooth (02/25/2010 6.2.0.9419) (HKLM\...\85CE3A3657FAE5FD305B143E90E6FC89BA53001C) (Version: 02/25/2010 6.2.0.9419 - Broadcom)
    Windows Driver Package - Broadcom Bluetooth (01/19/2010 6.2.0.1417) (HKLM\...\7341A1B43E7FE58942EB1E820A17C18305DFBCE6) (Version: 01/19/2010 6.2.0.1417 - Broadcom)
    Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) (HKLM\...\2AA10AB519DC7432D599A0E860206A7DDCC27764) (Version: 07/29/2009 6.1.7100.0 - Broadcom)
    Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
    Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
    Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
    Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live 照片库 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
    Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live 软件包 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.3 - ASUS)
    Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.17 - ASUS)
    بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
    معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย) (HKLM-x32\...\{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}) (Version: 15.4.5722.2 - Microsoft Corporation)
    用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
    適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

    ==================== Restore Points =========================

    03-07-2014 19:27:06 Installed DirectX
    10-07-2014 20:24:04 avast! antivirus system restore point
    11-07-2014 22:29:24 Windows Update

    ==================== Hosts content: ==========================

    2009-07-14 04:34 - 2013-09-03 17:19 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {0D38076C-3B7A-4F35-BF9D-B374940E3E0A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
    Task: {13719D70-6CC3-4462-99AB-A85FE493ECE4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-13] (Google Inc.)
    Task: {14743488-5BC5-441B-8DA6-A99EAD8524A7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
    Task: {1766853D-829B-4B2E-852A-7051709EC659} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\SymErr.exe
    Task: {1DE66FBF-7121-4ABB-9A61-80D05B39537C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-10] (AVAST Software)
    Task: {3C494AB7-ED29-4F5F-AA0F-6143C49FC3D1} - System32\Tasks\Net4Switch => C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe [2009-09-23] (ASUS)
    Task: {3C792145-56FE-415A-905F-E6B4229C9CA7} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
    Task: {4BFA6D63-7C3A-4513-8854-8EB94FE25BE5} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-08-12] (ASUS)
    Task: {51558D6E-2D16-44D9-B3E3-F5710C3F1FB6} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-18] (ASUS)
    Task: {53690412-A93D-4131-96DA-960AC0A59333} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
    Task: {8DA29465-8D31-4706-B356-DFCF209B8B7C} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
    Task: {AE267A52-36E8-4F3D-B13D-AF79E71F7654} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\SymErr.exe
    Task: {B0938E50-C35E-4360-83BD-8C269D6F418B} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-06-09] (asus)
    Task: {D61BACFD-2B73-491B-B69E-3F3808080758} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
    Task: {D999718B-CC92-4FFA-9D3B-8CFD84DE74FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-13] (Google Inc.)
    Task: {DA6DAA3D-DDED-4CFC-949D-3F091192B976} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10] (Adobe Systems Incorporated)
    Task: {E9BBAE71-C44F-4C9A-967B-7A9B0E6D37B8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2014-04-29 23:41 - 2014-04-29 23:42 - 00329920 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
    2007-06-15 10:28 - 2007-06-15 10:28 - 00104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
    2007-06-01 16:52 - 2007-06-01 16:52 - 00159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
    2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2014-03-08 09:34 - 2013-10-31 12:35 - 00070880 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
    2011-02-13 06:27 - 2007-11-30 21:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
    2010-07-15 02:11 - 2010-07-15 02:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
    2008-09-30 23:02 - 2008-09-30 23:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
    2010-07-02 13:36 - 2010-07-02 13:36 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    2011-03-14 14:21 - 2011-03-14 14:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
    2011-03-09 23:05 - 2011-03-09 23:05 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
    2011-02-13 04:49 - 2010-04-06 08:29 - 00244904 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    2012-02-05 11:51 - 2007-08-03 12:24 - 00125496 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    2014-07-10 22:26 - 2014-07-10 22:26 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
    2014-07-11 23:53 - 2014-07-11 23:53 - 02792448 _____ () C:\Program Files\AVAST Software\Avast\defs\14071101\algo.dll
    2014-07-02 23:18 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2014-07-02 23:18 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2014-07-02 23:18 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2014-07-08 10:58 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2014-07-08 10:58 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2007-06-15 10:28 - 2007-06-15 10:28 - 00147456 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
    2007-06-01 17:08 - 2007-06-01 17:08 - 00143360 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
    2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2013-09-26 22:19 - 2012-11-20 16:13 - 00264192 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\D3DX8Wrapper.dll
    2013-12-07 08:42 - 2013-11-12 09:57 - 00098304 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\EasyHook32.dll
    2014-03-08 09:34 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
    2014-03-08 09:34 - 2013-09-13 11:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
    2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
    2014-03-08 09:34 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
    2014-03-08 09:34 - 2010-01-11 16:44 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
    2014-04-24 11:14 - 2014-04-24 11:14 - 00590848 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
    2013-06-11 09:31 - 2013-06-11 09:31 - 00090112 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
    2012-04-04 14:33 - 2012-04-04 14:33 - 00139776 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
    2013-01-08 17:02 - 2013-01-08 17:02 - 00163840 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
    2012-07-26 11:51 - 2012-07-26 11:51 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
    2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
    2012-02-05 11:50 - 2009-09-15 10:47 - 00049152 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ResItf.dll
    2012-02-05 11:50 - 2009-09-11 16:40 - 00084992 _____ () C:\Program Files (x86)\ASUS\Net4Switch\cxcmrt.dll
    2012-02-05 11:50 - 2009-07-03 13:13 - 00074752 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ipswobj.dll
    2012-02-05 11:50 - 2009-07-01 16:46 - 00461824 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ipswresmgr.dll
    2012-02-05 11:50 - 2009-07-03 13:12 - 00049152 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ipswhlp.dll
    2012-02-05 11:50 - 2009-07-08 11:24 - 00167424 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ipsw_cfgmgr.dll
    2012-02-05 11:50 - 2009-07-03 13:12 - 00089088 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ipswds.dll
    2012-02-05 11:50 - 2009-07-03 13:12 - 00065024 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ipswgblset.dll
    2012-02-05 11:50 - 2009-07-03 13:40 - 00085504 _____ () C:\Program Files (x86)\ASUS\Net4Switch\LogonStartup.dll
    2012-02-05 11:50 - 2009-09-15 16:45 - 00228864 ____N () C:\Program Files (x86)\ASUS\Net4Switch\ipswsysmon.dll
    2012-02-05 11:50 - 2009-07-03 13:21 - 00042496 _____ () C:\Program Files (x86)\ASUS\Net4Switch\iphelper.dll
    2012-02-05 11:50 - 2009-09-17 13:41 - 00267264 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ipswcore.dll
    2012-02-05 11:50 - 2009-07-03 13:13 - 00297984 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ipswui.dll
    2014-07-10 22:26 - 2014-07-10 22:26 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-07-03 12:44 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
    2014-07-03 12:44 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
    2014-07-03 12:44 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
    2014-07-03 12:44 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
    2014-07-03 12:44 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
    2010-02-23 15:14 - 2010-02-23 15:14 - 00041472 _____ () C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
    2010-02-23 15:14 - 2010-02-23 15:14 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
    2010-02-23 15:11 - 2010-02-23 15:11 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
    2010-02-23 15:12 - 2010-02-23 15:12 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
    2010-02-23 15:14 - 2010-02-23 15:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll
    2009-11-03 00:20 - 2009-11-03 00:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
    2009-11-03 00:23 - 2009-11-03 00:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
    2012-02-05 11:51 - 2007-09-14 10:00 - 00147456 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdiskex.dll
    2012-02-05 11:51 - 2003-11-28 02:11 - 00135168 _____ () C:\Program Files\ASUS\NB Probe\SPM\spos.dll
    2012-02-05 11:51 - 2005-08-29 15:24 - 00081920 _____ () C:\Program Files\ASUS\NB Probe\SPM\spnbacpi.dll
    2012-02-05 11:51 - 2003-09-09 16:08 - 00049152 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdmi.dll
    2012-02-05 11:51 - 2006-04-04 10:24 - 00036864 _____ () C:\Program Files\ASUS\NB Probe\SPM\ghadmi.dll
    2012-02-05 11:51 - 2005-04-07 19:25 - 00077824 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmemory.dll
    2014-07-11 16:05 - 2014-07-08 08:18 - 14663856 _____ () C:\Users\Matt\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll

    ==================== Alternate Data Streams (whitelisted) =========

    AlternateDataStreams: C:\ProgramData\Temp:5D458568

    ==================== Safe Mode (whitelisted) ===================


    ==================== EXE Association (whitelisted) =============


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
    MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
    MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
    MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

    ==================== Faulty Device Manager Devices =============

    Name: BT-270
    Description: BT-270
    Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
    Manufacturer: Broadcom
    Service: BTHUSB
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (07/11/2014 11:08:47 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79f70
    Faulting module name: AdsmCredentialProvider.dll, version: 1.0.0.0, time stamp: 0x49d42725
    Exception code: 0xc0000005
    Fault offset: 0x0000000000004ed0
    Faulting process id: 0x2cac
    Faulting application start time: 0xLogonUI.exe0
    Faulting application path: LogonUI.exe1
    Faulting module path: LogonUI.exe2
    Report Id: LogonUI.exe3

    Error: (07/11/2014 00:09:03 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: LolClient.exe, version: 0.0.0.0, time stamp: 0x515663e0
    Faulting module name: Adobe AIR.dll, version: 3.7.0.1530, time stamp: 0x5156646c
    Exception code: 0xc0000005
    Fault offset: 0x0006dd76
    Faulting process id: 0x18a8
    Faulting application start time: 0xLolClient.exe0
    Faulting application path: LolClient.exe1
    Faulting module path: LolClient.exe2
    Report Id: LolClient.exe3

    Error: (07/11/2014 05:05:23 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79f70
    Faulting module name: AdsmCredentialProvider.dll, version: 1.0.0.0, time stamp: 0x49d42725
    Exception code: 0xc0000005
    Fault offset: 0x0000000000004ed0
    Faulting process id: 0x141c
    Faulting application start time: 0xLogonUI.exe0
    Faulting application path: LogonUI.exe1
    Faulting module path: LogonUI.exe2
    Report Id: LogonUI.exe3

    Error: (07/10/2014 04:31:24 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    Error: (07/07/2014 08:59:30 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79f70
    Faulting module name: AdsmCredentialProvider.dll, version: 1.0.0.0, time stamp: 0x49d42725
    Exception code: 0xc0000005
    Fault offset: 0x0000000000004ed0
    Faulting process id: 0x3996c
    Faulting application start time: 0xLogonUI.exe0
    Faulting application path: LogonUI.exe1
    Faulting module path: LogonUI.exe2
    Report Id: LogonUI.exe3

    Error: (07/06/2014 09:33:51 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79f70
    Faulting module name: AdsmCredentialProvider.dll, version: 1.0.0.0, time stamp: 0x49d42725
    Exception code: 0xc0000005
    Fault offset: 0x0000000000004ed0
    Faulting process id: 0x29438
    Faulting application start time: 0xLogonUI.exe0
    Faulting application path: LogonUI.exe1
    Faulting module path: LogonUI.exe2
    Report Id: LogonUI.exe3

    Error: (07/03/2014 08:14:34 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: LolClient.exe, version: 0.0.0.0, time stamp: 0x515663e0
    Faulting module name: Adobe AIR.dll, version: 3.7.0.1530, time stamp: 0x5156646c
    Exception code: 0xc0000005
    Fault offset: 0x0006dd76
    Faulting process id: 0x3e3c
    Faulting application start time: 0xLolClient.exe0
    Faulting application path: LolClient.exe1
    Faulting module path: LolClient.exe2
    Report Id: LolClient.exe3

    Error: (07/03/2014 04:29:02 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: FBAgent.exe, version: 1.0.8.0, time stamp: 0x4cf4889c
    Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
    Exception code: 0xc0000374
    Fault offset: 0x00000000000c4102
    Faulting process id: 0x530
    Faulting application start time: 0xFBAgent.exe0
    Faulting application path: FBAgent.exe1
    Faulting module path: FBAgent.exe2
    Report Id: FBAgent.exe3

    Error: (07/03/2014 00:34:45 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    Error: (07/03/2014 00:34:44 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


    System errors:
    =============
    Error: (07/12/2014 11:20:31 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (07/12/2014 11:18:55 AM) (Source: ipnathlp) (EventID: 30013) (User: )
    Description: 10.0.0.7192.168.137.0255.255.255.0

    Error: (07/12/2014 11:18:55 AM) (Source: ipnathlp) (EventID: 1233) (User: )
    Description:

    Error: (07/12/2014 11:18:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
    %%1053

    Error: (07/12/2014 11:18:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

    Error: (07/12/2014 11:17:18 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
    Description: The ATKGFNEX Service service depends the following service: ASMMAP64. This service might not be installed.

    Error: (07/12/2014 01:06:04 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {F40211E8-05C9-4430-B832-041A5ECD7FA2}

    Error: (07/12/2014 01:05:39 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

    Error: (07/11/2014 11:52:38 PM) (Source: ipnathlp) (EventID: 30013) (User: )
    Description: 10.0.0.7192.168.137.0255.255.255.0

    Error: (07/11/2014 11:06:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Steam Client Service service failed to start due to the following error:
    %%1053


    Microsoft Office Sessions:
    =========================
    Error: (07/11/2014 11:08:47 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: LogonUI.exe6.1.7601.175144ce79f70AdsmCredentialProvider.dll1.0.0.049d42725c00000050000000000004ed02cac01cf9d22569d7c31C:\Windows\system32\LogonUI.exeC:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll8be7a323-093f-11e4-b944-bcaec5d267e1

    Error: (07/11/2014 00:09:03 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: LolClient.exe0.0.0.0515663e0Adobe AIR.dll3.7.0.15305156646cc00000050006dd7618a801cf9cedd54e5260D:\Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.99\deploy\LolClient.exeD:\Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.99\deploy\Adobe AIR\Versions\1.0\Adobe AIR.dll624fce8c-08e3-11e4-b944-bcaec5d267e1

    Error: (07/11/2014 05:05:23 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: LogonUI.exe6.1.7601.175144ce79f70AdsmCredentialProvider.dll1.0.0.049d42725c00000050000000000004ed0141c01cf9c8b00357c71C:\Windows\system32\LogonUI.exeC:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll32e16dd7-08a8-11e4-b9f3-bcaec5d267e1

    Error: (07/10/2014 04:31:24 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Matt\downloads\esetsmartinstaller_enu.exe

    Error: (07/07/2014 08:59:30 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: LogonUI.exe6.1.7601.175144ce79f70AdsmCredentialProvider.dll1.0.0.049d42725c00000050000000000004ed03996c01cf9962f7bdcd30C:\Windows\system32\LogonUI.exeC:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll3db3002c-05a4-11e4-bbe7-bcaec5d267e1

    Error: (07/06/2014 09:33:51 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: LogonUI.exe6.1.7601.175144ce79f70AdsmCredentialProvider.dll1.0.0.049d42725c00000050000000000004ed02943801cf9927457a8209C:\Windows\system32\LogonUI.exeC:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll74d36f94-0544-11e4-bbe7-bcaec5d267e1

    Error: (07/03/2014 08:14:34 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: LolClient.exe0.0.0.0515663e0Adobe AIR.dll3.7.0.15305156646cc00000050006dd763e3c01cf96d26b5e1a96D:\Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.99\deploy\LolClient.exeD:\Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.99\deploy\Adobe AIR\Versions\1.0\Adobe AIR.dlle206f46d-02dd-11e4-8d77-bcaec5d267e1

    Error: (07/03/2014 04:29:02 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: FBAgent.exe1.0.8.04cf4889cntdll.dll6.1.7601.18247521eaf24c000037400000000000c410253001cf96a85a14f4ebC:\Windows\system32\FBAgent.exeC:\Windows\SYSTEM32\ntdll.dll60acb351-02be-11e4-9bfd-bcaec5d267e1

    Error: (07/03/2014 00:34:45 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Matt\Downloads\SoftonicDownloader_for_runtimechecker.exe

    Error: (07/03/2014 00:34:44 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Matt\Downloads\esetsmartinstaller_enu.exe


    ==================== Memory info ===========================

    Percentage of memory in use: 43%
    Total physical RAM: 5996.54 MB
    Available physical RAM: 3394.34 MB
    Total Pagefile: 11991.27 MB
    Available Pagefile: 8351.22 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.86 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:119.7 GB) (Free:24.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (Data) (Fixed) (Total:324.58 GB) (Free:108.46 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 783CD893)
    Partition 1: (Not Active) - (Size=21 GB) - (Type=1C)
    Partition 2: (Active) - (Size=120 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=325 GB) - (Type=OF Extended)

    ==================== End Of Log ============================

  7. #7
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Symerr.exe is Symantec's error reporting tool being run by Norton Antivirus. There is a possibility of CPU usage with this application running and by a conflict with avast.

    There are 2 running task updates for this product
    Task: {AE267A52-36E8-4F3D-B13D-AF79E71F7654} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\SymErr.exe

    SymErr.exe is part of Symantec Shared Component and developed by Symantec Corporation (Norton antivirus)
    Could be left behind by an incomplete uninstall.

    *****************

    Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
    Paste this into the open notepad. save it to the Desktop as fixlist.txt
    NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
    It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

    start
    SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
    SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={A4189F29-F82A-4E91-9733-6110FA5E7A3C}&mid=9d7867baaf7747d1bf83a5b92b2a5bc3-1a0c702eb57b3282f3b64945de2b2535b3b0d756&lang=en&ds=AVG&pr=fr&d=2012-02-20
    18:54:45&v=10.0.0.7&sap=dsp&q={searchTerms}
    BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
    Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    C:\Windows\SysWOW64\AI_RecycleBin
    AlternateDataStreams: C:\ProgramData\Temp:5D458568
    end
    Run FRST/FRST64 and press the Fix button just once and wait.
    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

    *********************

    AdwCleaner by Xplode

    Click on this link to download : ADWCleaner
    Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

    Do not click on any links in the top Advertisment.


    Close all open windows and browsers.



    Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.

    *****


    • Click the Scan button and wait for the scan to finish.
    • After the scan is complete click on "Clean"
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.
    • Click the Report button to get the log
    • Copy and Paste it into your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[R0].txt.
    • Click the X in the upper right corner of the program or click the File menu and click Exit to close the program.
    • NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.


    ******************


    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.



    Please post
    Fixlog.txt
    C:\AdwCleaner\AdwCleaner.txt
    JRT.txt
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  8. #8
    Junior Member
    Join Date
    Jul 2014
    Posts
    11

    Default

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-07-2014
    Ran by Matt at 2014-07-12 15:13:52 Run:1
    Running from C:\Users\Matt\Desktop
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    start
    SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
    SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={A4189F29-F82A-4E91-9733-6110FA5E7A3C}&mid=9d7867baaf7747d1bf83a5b92b2a5bc3-1a0c702eb57b3282f3b64945de2b2535b3b0d756&lang=en&ds=AVG&pr=fr&d=2012-02-20
    18:54:45&v=10.0.0.7&sap=dsp&q={searchTerms}
    BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
    Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    C:\Windows\SysWOW64\AI_RecycleBin
    AlternateDataStreams: C:\ProgramData\Temp:5D458568
    end
    *****************

    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
    'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
    'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
    'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}' => Key deleted successfully.
    'HKCR\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}'=> Key not found.
    'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}' => Key deleted successfully.
    'HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}'=> Key not found.
    'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}' => Key deleted successfully.
    'HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}'=> Key not found.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
    'HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}' => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
    'HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}'=> Key not found.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => value deleted successfully.
    'HKCR\Wow6432Node\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}'=> Key not found.
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => value deleted successfully.
    'HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}'=> Key not found.
    C:\Windows\SysWOW64\AI_RecycleBin => Moved successfully.
    C:\ProgramData\Temp => ":5D458568" ADS removed successfully.

    ==== End of Fixlog ====

    # AdwCleaner v3.215 - Report created 12/07/2014 at 15:17:13
    # Updated 09/07/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Matt - ORANGE-SODA
    # Running from : C:\Users\Matt\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\Partner

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_bitcomet_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_bitcomet_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_utorrent-64-bit_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_utorrent-64-bit_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_vlc-media-player_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_vlc-media-player_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
    Key Deleted : HKCU\Software\AppDataLow\Software\LyricsContainer
    Key Deleted : HKLM\Software\dlQUE

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17207


    -\\ Mozilla Firefox v

    -\\ Google Chrome v35.0.1916.153

    [ File : C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
    Deleted [Search Provider] : hxxp://movshare.us/?s={searchTerms}
    Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={A4189F29-F82A-4E91-9733-6110FA5E7A3C}&mid=9d7867baaf7747d1bf83a5b92b2a5bc3-1a0c702eb57b3282f3b64945de2b2535b3b0d756&lang=en&ds=AVG&pr=fr&d=2012-02-20 18:54:45&v=13.2.0.5&sap=dsp&q={searchTerms}
    Deleted [Search Provider] : hxxp://eu.wowarmory.com/search.xml?searchQuery={searchTerms}&searchType=all

    *************************

    AdwCleaner[R0].txt - [3320 octets] - [12/07/2014 15:15:42]
    AdwCleaner[S0].txt - [3672 octets] - [12/07/2014 15:17:13]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3732 octets] ##########

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.4 (04.06.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by Matt on 2014/07/12 at 15:27:34.21
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders

    Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{109131EE-EA06-48DA-B139-9E50F0256A53}
    Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{7439A315-6DE3-45C3-BD14-48795897E5D9}
    Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{84117D63-F445-4BB1-B02A-FBBEFE5FBE53}
    Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{C58C691D-4D23-477F-9AD8-0ADE1700A615}
    Successfully deleted: [Empty Folder] C:\Users\Matt\appdata\local\{EBF9549E-3509-45E7-89D8-88024B2C0084}



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 2014/07/12 at 15:38:07.51
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  9. #9
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Please run a Threat Scan with MBAM. If you're unable to run or complete the scan as shown below please see the following: MBAM Clean Removal Process 2x
    When reinstalling the program please try the latest version.

    Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link

    Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.

    Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.

    Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.


    *********************

    Please Run TFC by OldTimer to clear temporary files:

    Download TFC from here http://oldtimer.geekstogo.com/TFC.exe
    and save it to your desktop.

    Close any open programs and Internet browsers.
    Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
    Please be patient as clearing out temp files may take a while.
    Once it completes you may be prompted to restart your computer, please do so.
    Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

    *************************

    What we can do now is run an online scan with Eset, for the time being it is our most trusted scanner.
    Most reliable and thorough.
    The settings I suggest will show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find.
    This scanner can take quite a bit of time to run, depending of course how full your computer is.


    Go here to run an online scanner from ESET.
    • Turn off the real time scanner of any existing antivirus program while performing the online scan
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the activeX control to install
    • Click Start
    • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
    • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    • Click Scan
    • Wait for the scan to finish
    • When the scan completes, press the LIST OF THREATS FOUND button
    • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
    • Include the contents of this report in your next reply.
    • Press the BACK button.
    • Press Finish



    Please post:
    MBAM log
    Eset log

    How's your computer now?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  10. #10
    Junior Member
    Join Date
    Jul 2014
    Posts
    11

    Default

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 2014/07/13
    Scan Time: 10:47:23 AM
    Logfile:
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.07.13.01
    Rootkit Database: v2014.07.09.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Matt

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 296156
    Time Elapsed: 12 min, 35 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •