Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

BSOD


  • Please log in to reply

#1
Xadam2

Xadam2

    Member

  • Member
  • PipPip
  • 10 posts
Hi I really didn't think this could be a virus but I was told by tech staff to come here and make sure before we go back to my hardware.

So the BSOD (physical memory dump) seems pretty random. At first it appeared to happen during games but then it happen 3 times in a row once on desktop once while typing on these forums and then again afk during skyrim. My system feels like it's slower then normal and I haven't changed any hardware for about 5 months but I can definitely tell my speed has fallen off the chart.


The OTL has made two txt logs one was marked Extra I will put both logs down.


OTL logfile created on: 11/17/2013 12:37:24 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Xadam\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.43 Gb Available Physical Memory | 80.37% Memory free
15.99 Gb Paging File | 14.16 Gb Available in Paging File | 88.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.66 Gb Total Space | 379.45 Gb Free Space | 83.83% Space Free | Partition Type: NTFS
Drive D: | 232.83 Gb Total Space | 59.65 Gb Free Space | 25.62% Space Free | Partition Type: NTFS
Drive E: | 100.00 Mb Total Space | 64.50 Mb Free Space | 64.51% Space Free | Partition Type: NTFS
Drive G: | 3.66 Gb Total Space | 3.61 Gb Free Space | 98.74% Space Free | Partition Type: NTFS

Computer Name: XADAM-PC | User Name: Xadam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/17 12:37:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Xadam\Downloads\OTL.exe
PRC - [2013/11/14 05:29:33 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/10/27 08:12:26 | 001,364,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/14 05:29:31 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppgooglenaclpluginchrome.dll
MOD - [2013/11/14 05:29:30 | 013,582,800 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll
MOD - [2013/11/14 05:29:29 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
MOD - [2013/11/14 05:28:37 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
MOD - [2013/11/14 05:28:36 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll
MOD - [2013/11/14 05:28:34 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/17 03:14:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/10/17 02:48:40 | 000,036,664 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/10/27 08:12:26 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/10/23 02:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/10/17 02:48:46 | 002,144,056 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2013/10/17 02:48:40 | 000,030,008 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/05 21:56:43 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/10/27 08:12:42 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/08/23 08:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 08:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/03/22 03:57:20 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/05/08 15:21:42 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosear...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.dosear...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.dosear...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosear...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.dosear...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.dosear...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 53 C2 CA F6 39 D7 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - Extension: Google Drive = C:\Users\Xadam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Xadam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Xadam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Xadam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\Xadam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKLM..\RunOnce: [GBTUpd] C:\Program Files (x86)\GIGABYTE\GBTUpd\PreRun.exe (PreRun)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8E3D136-2A8F-4DBE-A023-3220C7BDBC8C}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\dtlite.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\dtlite.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/15 15:37:32 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed
[2013/11/15 15:37:13 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Local\Programs
[2013/11/10 22:36:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013/11/10 16:05:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
[2013/11/10 15:55:24 | 000,000,000 | ---D | C] -- C:\Games
[2013/11/10 15:50:08 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Local\Black_Tree_Gaming
[2013/11/10 15:07:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2013/11/10 14:41:48 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Roaming\WinRAR
[2013/11/10 14:39:46 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013/11/07 02:05:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/11/07 01:38:52 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Local\EA Games
[2013/11/07 01:32:18 | 000,000,000 | ---D | C] -- C:\Users\Xadam\FrostWire
[2013/11/07 01:32:17 | 000,000,000 | ---D | C] -- C:\Users\Xadam\.frostwire5
[2013/11/07 01:24:45 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 5
[2013/11/07 01:24:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FrostWire 5
[2013/11/07 01:21:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2013/11/07 01:15:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Elder Scrolls V Skyrim
[2013/11/05 22:24:52 | 000,000,000 | ---D | C] -- C:\Users\Xadam\Documents\LOLReplay
[2013/11/05 22:24:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LOLReplay
[2013/11/05 22:15:08 | 000,000,000 | ---D | C] -- C:\Users\Xadam\Documents\RIFT
[2013/11/05 22:08:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2013/11/05 22:08:20 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Roaming\RIFT
[2013/11/05 22:08:20 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RIFT
[2013/11/05 21:56:43 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/11/05 21:56:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2013/11/05 20:43:52 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Roaming\DAEMON Tools Lite
[2013/11/05 20:42:39 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013/11/05 20:27:34 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Local\Skyrim
[2013/11/05 20:27:34 | 000,000,000 | ---D | C] -- C:\Users\Xadam\Documents\My Games
[2013/11/04 02:53:32 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Roaming\Skype
[2013/11/04 02:53:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/11/04 02:53:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/11/04 02:53:27 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013/11/04 02:53:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013/11/03 07:07:59 | 000,036,664 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2013/11/03 07:07:59 | 000,030,008 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2013/11/03 07:07:09 | 000,035,640 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2013/11/03 07:07:09 | 000,026,936 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2013/11/03 07:07:09 | 000,022,328 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2013/11/03 07:03:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013/11/03 06:36:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/11/03 06:36:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/11/03 06:36:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/11/03 05:19:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belarc
[2013/11/03 05:07:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/11/03 05:02:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2013/11/03 05:02:15 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Roaming\TuneUp Software
[2013/11/03 05:01:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2012
[2013/11/03 05:00:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013/11/03 03:50:07 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Roaming\LolClient
[2013/11/03 03:50:05 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Roaming\Macromedia
[2013/11/03 03:49:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2013/11/03 03:49:10 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/11/02 15:46:32 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Roaming\NVIDIA
[2013/11/02 15:31:54 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2013/11/02 15:31:48 | 000,000,000 | ---D | C] -- C:\Riot Games
[2013/11/02 15:23:50 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Local\PMB Files
[2013/11/02 15:23:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013/11/02 15:23:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2013/11/02 15:23:03 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Roaming\Riot Games
[2013/11/02 13:53:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2013/11/02 13:53:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2013/11/02 07:20:30 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2013/11/02 07:20:09 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2013/11/02 02:01:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013/11/01 15:46:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/11/01 15:46:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013/11/01 14:06:56 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/11/01 13:38:35 | 002,719,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2013/11/01 13:38:34 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013/11/01 13:38:34 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013/11/01 13:38:34 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013/11/01 13:38:34 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013/11/01 13:38:25 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013/11/01 13:38:25 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013/11/01 13:38:25 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013/11/01 13:38:25 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013/11/01 13:38:24 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013/11/01 13:38:24 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013/11/01 13:38:19 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2013/11/01 13:38:18 | 000,325,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013/11/01 13:38:14 | 000,331,168 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013/11/01 13:38:08 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2013/11/01 13:38:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013/11/01 13:37:26 | 000,347,680 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013/11/01 13:37:26 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013/11/01 13:37:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013/11/01 13:37:03 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/11/01 13:31:58 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Local\Diagnostics
[2013/11/01 13:28:36 | 000,000,000 | R--D | C] -- C:\Users\Xadam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/11/01 13:28:36 | 000,000,000 | R--D | C] -- C:\Users\Xadam\Searches
[2013/11/01 13:28:36 | 000,000,000 | R--D | C] -- C:\Users\Xadam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/11/01 13:28:36 | 000,000,000 | -H-D | C] -- C:\Users\Xadam\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/11/01 13:28:18 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Roaming\Identities
[2013/11/01 13:28:08 | 000,000,000 | R--D | C] -- C:\Users\Xadam\Contacts
[2013/11/01 13:28:05 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Local\VirtualStore
[2013/11/01 13:27:37 | 000,000,000 | -HSD | C] -- C:\Users\Xadam\AppData\Local\Temporary Internet Files
[2013/11/01 13:27:37 | 000,000,000 | -HSD | C] -- C:\Users\Xadam\Templates
[2013/11/01 13:27:37 | 000,000,000 | -HSD | C] -- C:\Users\Xadam\Start Menu
[2013/11/01 13:27:37 | 000,000,000 | -HSD | C] -- C:\Users\Xadam\SendTo
[2013/11/01 13:27:37 | 000,000,000 | -HSD | C] -- C:\Users\Xadam\Recent
[2013/11/01 13:27:37 | 000,000,000 | -HSD | C] -- C:\Users\Xadam\PrintHood
[2013/11/01 13:27:37 | 000,000,000 | -HSD | C] -- C:\Users\Xadam\NetHood
[2013/11/01 13:27:37 | 000,000,000 | -HSD | C] -- C:\Users\Xadam\Documents\My Videos
[2013/11/01 13:27:37 | 000,000,000 | -HSD | C] -- C:\Users\Xadam\Documents\My Pictures
[2013/11/01 13:27:37 | 000,000,000 | -HSD | C] -- C:\Users\Xadam\Documents\My Music
[2013/11/01 13:27:37 | 000,000,000 | -HSD | C] -- C:\Users\Xadam\My Documents
[2013/11/01 13:27:37 | 000,000,000 | -HSD | C] -- C:\Users\Xadam\Local Settings
[2013/11/01 13:27:37 | 000,000,000 | -HSD | C] -- C:\Users\Xadam\AppData\Local\History
[2013/11/01 13:27:37 | 000,000,000 | -HSD | C] -- C:\Users\Xadam\Cookies
[2013/11/01 13:27:37 | 000,000,000 | -HSD | C] -- C:\Users\Xadam\Application Data
[2013/11/01 13:27:37 | 000,000,000 | -HSD | C] -- C:\Users\Xadam\AppData\Local\Application Data
[2013/11/01 13:27:36 | 000,000,000 | --SD | C] -- C:\Users\Xadam\AppData\Roaming\Microsoft
[2013/11/01 13:27:36 | 000,000,000 | R--D | C] -- C:\Users\Xadam\Videos
[2013/11/01 13:27:36 | 000,000,000 | R--D | C] -- C:\Users\Xadam\Saved Games
[2013/11/01 13:27:36 | 000,000,000 | R--D | C] -- C:\Users\Xadam\Pictures
[2013/11/01 13:27:36 | 000,000,000 | R--D | C] -- C:\Users\Xadam\Music
[2013/11/01 13:27:36 | 000,000,000 | R--D | C] -- C:\Users\Xadam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/11/01 13:27:36 | 000,000,000 | R--D | C] -- C:\Users\Xadam\Links
[2013/11/01 13:27:36 | 000,000,000 | R--D | C] -- C:\Users\Xadam\Favorites
[2013/11/01 13:27:36 | 000,000,000 | R--D | C] -- C:\Users\Xadam\Downloads
[2013/11/01 13:27:36 | 000,000,000 | R--D | C] -- C:\Users\Xadam\Documents
[2013/11/01 13:27:36 | 000,000,000 | R--D | C] -- C:\Users\Xadam\Desktop
[2013/11/01 13:27:36 | 000,000,000 | R--D | C] -- C:\Users\Xadam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/11/01 13:27:36 | 000,000,000 | -H-D | C] -- C:\Users\Xadam\AppData
[2013/11/01 13:27:36 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Local\Temp
[2013/11/01 13:27:36 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Local\Microsoft
[2013/11/01 13:27:36 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Roaming\Media Center Programs
[2013/11/01 13:23:04 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Local\Blizzard
[2013/11/01 13:11:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/11/01 13:10:51 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/11/01 13:08:39 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/11/01 12:34:52 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Local\Blizzard Entertainment
[2013/11/01 12:34:50 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Roaming\Battle.net
[2013/11/01 12:34:50 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Local\Battle.net
[2013/11/01 12:34:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2013/11/01 12:34:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2013/11/01 12:34:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2013/11/01 12:31:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2013/11/01 12:24:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/11/01 12:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/11/01 12:23:48 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Local\Google
[2013/11/01 12:23:42 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Local\Deployment
[2013/11/01 12:23:42 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Local\Apps
[2013/11/01 12:19:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013/11/01 12:18:34 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/11/01 12:18:34 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/11/01 12:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013/11/01 12:18:25 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/11/01 12:18:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/11/01 12:17:39 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Local\Logitech
[2013/11/01 12:17:39 | 000,000,000 | ---D | C] -- C:\Users\Xadam\AppData\Roaming\Adobe
[2013/11/01 12:17:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2013/11/01 12:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2013/11/01 12:17:04 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2013/11/01 12:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2013/11/01 12:16:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/11/01 11:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
[2013/11/01 11:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2013/11/01 11:51:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2013/11/01 11:39:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013/11/01 11:39:05 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/10/27 14:55:37 | 000,000,000 | ---D | C] -- C:\BOSS
[2013/10/23 16:45:13 | 000,000,000 | ---D | C] -- C:\Users\Xadam\Documents\Nexus Mod Manager
[2013/10/23 11:30:22 | 000,000,000 | ---D | C] -- C:\Users\Xadam\Documents\Skyrim
[2013/10/23 09:22:55 | 000,000,000 | ---D | C] -- C:\NVIDIA
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/17 12:33:20 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/17 12:30:37 | 000,018,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/17 12:30:37 | 000,018,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/17 12:27:30 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/17 12:27:30 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/17 12:27:30 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/17 12:23:30 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/17 12:23:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/17 03:14:49 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/17 03:14:49 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/17 03:13:47 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/11/15 15:48:05 | 557,452,716 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/11/15 15:37:33 | 000,000,845 | ---- | M] () -- C:\Users\Xadam\Desktop\WhoCrashed.lnk
[2013/11/15 00:37:53 | 000,002,192 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/11/10 16:18:57 | 000,002,087 | ---- | M] () -- C:\Users\Xadam\Desktop\Skyrim (SKSE).lnk
[2013/11/10 16:05:40 | 000,000,711 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2013/11/10 15:24:59 | 000,002,292 | ---- | M] () -- C:\Users\Xadam\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/11/10 15:24:59 | 000,001,450 | ---- | M] () -- C:\Users\Xadam\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/10 15:07:23 | 000,000,571 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk
[2013/11/10 14:40:01 | 000,000,988 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2013/11/07 01:24:45 | 000,001,254 | ---- | M] () -- C:\Users\Xadam\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.6.7.lnk
[2013/11/07 01:24:45 | 000,001,230 | ---- | M] () -- C:\Users\Xadam\Desktop\FrostWire 5.6.7.lnk
[2013/11/06 22:45:01 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/11/05 22:24:46 | 000,001,914 | ---- | M] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
[2013/11/05 22:08:20 | 000,000,601 | ---- | M] () -- C:\Users\Xadam\Desktop\RIFT.lnk
[2013/11/05 21:57:07 | 000,001,963 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/11/05 21:56:43 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/11/04 02:53:28 | 000,002,697 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/11/03 07:07:01 | 000,002,222 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2013/11/03 07:07:01 | 000,002,196 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2013/11/03 04:49:53 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/02 15:31:49 | 000,001,613 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2013/11/01 13:12:28 | 000,041,962 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/11/01 13:12:28 | 000,041,962 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/11/01 13:10:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/11/01 12:34:49 | 000,000,876 | ---- | M] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2013/11/01 12:16:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2013/11/01 11:52:22 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2013/11/01 09:28:19 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/10/27 08:12:54 | 000,061,216 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/10/27 08:12:54 | 000,053,024 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/10/27 08:12:44 | 000,023,287 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013/10/23 02:20:03 | 003,426,956 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/17 03:14:49 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/17 03:14:49 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/15 15:37:33 | 000,000,845 | ---- | C] () -- C:\Users\Xadam\Desktop\WhoCrashed.lnk
[2013/11/10 16:18:57 | 000,002,087 | ---- | C] () -- C:\Users\Xadam\Desktop\Skyrim (SKSE).lnk
[2013/11/10 16:05:40 | 000,000,711 | ---- | C] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2013/11/10 15:07:23 | 000,000,571 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk
[2013/11/10 14:40:01 | 000,000,988 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2013/11/07 02:04:50 | 557,452,716 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/11/07 01:24:45 | 000,001,254 | ---- | C] () -- C:\Users\Xadam\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.6.7.lnk
[2013/11/07 01:24:45 | 000,001,230 | ---- | C] () -- C:\Users\Xadam\Desktop\FrostWire 5.6.7.lnk
[2013/11/06 22:45:01 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/11/05 22:24:46 | 000,001,914 | ---- | C] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
[2013/11/05 22:08:20 | 000,000,601 | ---- | C] () -- C:\Users\Xadam\Desktop\RIFT.lnk
[2013/11/05 21:57:07 | 000,001,963 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/11/04 02:53:28 | 000,002,697 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/11/03 07:07:01 | 000,002,222 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2013/11/03 07:07:01 | 000,002,196 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2013/11/03 07:07:00 | 000,002,208 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2013/11/03 07:03:31 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/11/03 07:03:26 | 000,002,126 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/11/02 15:31:49 | 000,001,613 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2013/11/02 07:21:42 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2013/11/02 07:20:03 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2013/11/02 07:19:59 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2013/11/02 07:19:59 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2013/11/02 07:19:51 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2013/11/01 13:38:15 | 000,001,450 | ---- | C] () -- C:\Users\Xadam\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/01 13:37:26 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2013/11/01 13:36:11 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2013/11/01 13:28:39 | 000,001,426 | ---- | C] () -- C:\Users\Xadam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/11/01 13:27:36 | 000,000,290 | ---- | C] () -- C:\Users\Xadam\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/11/01 13:27:36 | 000,000,272 | ---- | C] () -- C:\Users\Xadam\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/11/01 13:12:05 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/11/01 13:12:01 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/11/01 13:10:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/11/01 12:35:49 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/11/01 12:34:49 | 000,000,876 | ---- | C] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2013/11/01 12:24:20 | 000,002,292 | ---- | C] () -- C:\Users\Xadam\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/11/01 12:24:20 | 000,002,192 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/11/01 12:23:56 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/01 12:23:53 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/01 12:21:33 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/11/01 12:18:48 | 003,426,956 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013/11/01 12:16:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2013/11/01 11:51:04 | 000,031,272 | ---- | C] () -- C:\Windows\SysNative\AppleChargerSrv.exe
[2013/11/01 11:51:04 | 000,021,544 | ---- | C] () -- C:\Windows\SysNative\drivers\AppleCharger.sys
[2013/10/27 08:12:44 | 000,023,287 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/01 12:35:07 | 000,000,000 | ---D | M] -- C:\Users\Xadam\AppData\Roaming\Battle.net
[2013/11/05 20:47:38 | 000,000,000 | ---D | M] -- C:\Users\Xadam\AppData\Roaming\DAEMON Tools Lite
[2013/11/03 03:50:07 | 000,000,000 | ---D | M] -- C:\Users\Xadam\AppData\Roaming\LolClient
[2013/11/05 22:18:03 | 000,000,000 | ---D | M] -- C:\Users\Xadam\AppData\Roaming\RIFT
[2013/11/02 15:23:41 | 000,000,000 | ---D | M] -- C:\Users\Xadam\AppData\Roaming\Riot Games
[2013/11/03 05:02:15 | 000,000,000 | ---D | M] -- C:\Users\Xadam\AppData\Roaming\TuneUp Software

========== Purity Check ==========



< End of report >


That was the OTL.txt and this next part they marked as Extras.txt

OTL Extras logfile created on: 11/17/2013 12:37:24 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Xadam\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.43 Gb Available Physical Memory | 80.37% Memory free
15.99 Gb Paging File | 14.16 Gb Available in Paging File | 88.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.66 Gb Total Space | 379.45 Gb Free Space | 83.83% Space Free | Partition Type: NTFS
Drive D: | 232.83 Gb Total Space | 59.65 Gb Free Space | 25.62% Space Free | Partition Type: NTFS
Drive E: | 100.00 Mb Total Space | 64.50 Mb Free Space | 64.51% Space Free | Partition Type: NTFS
Drive G: | 3.66 Gb Total Space | 3.61 Gb Free Space | 98.74% Space Free | Partition Type: NTFS

Computer Name: XADAM-PC | User Name: Xadam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0ACF1692-8628-4A30-B57A-D0EDA278E0EF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2816EB20-E590-4CD1-91DC-27E26B8AE9E8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3501C757-2707-4D2D-8B43-03199F535F2F}" = lport=139 | protocol=6 | dir=in | app=system |
"{3DC9788E-FF6D-41EE-813E-8F479ABA2C64}" = rport=137 | protocol=17 | dir=out | app=system |
"{44D26541-4CFB-4BD2-AEBA-0C0959643F4F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4C08CAE1-AABF-45C6-AEEE-1109DCCAC488}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5EE7C0D8-78E9-4618-B5BC-4730829185EE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6168F570-AD47-4D86-959F-E7C855A025D9}" = lport=137 | protocol=17 | dir=in | app=system |
"{6C8B8513-FB13-4778-8F80-CA6747C74FF9}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6CDA309E-602B-47BF-9BE6-B3224581C292}" = rport=445 | protocol=6 | dir=out | app=system |
"{6F150A19-14B2-424E-83E1-3410DAF6074D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{7BDC3E89-54F3-4AFF-918E-EA70A6D804BA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7F11645E-79E1-43ED-81F3-71C19BC272D8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8D9A08C1-DD2B-4834-9FEF-8F8187EFA36E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A8E711FD-0565-4716-9F17-76930CB52BB4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A9F2C5D3-B449-4A86-9FAD-5FF12A4B99FD}" = lport=138 | protocol=17 | dir=in | app=system |
"{B407F68F-5743-4DCC-BBB6-0AF4A0E386DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BC1D009F-F874-4112-8B1C-69EDD6A903D4}" = rport=138 | protocol=17 | dir=out | app=system |
"{CE0896AE-6E78-483C-B34C-A02DDECD6FF5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D41D601B-AD5A-45DC-88CB-104A0676B3CA}" = lport=445 | protocol=6 | dir=in | app=system |
"{D724C3BF-ABA4-4148-B1E1-6DBE344DA944}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FDEDB7-FB6D-4A25-9CB7-85C5A5C5E938}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1500BA0A-ED65-4BF5-88AA-6C0C2C6B018A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1FE24C3E-9309-4776-8D32-0C90F3490EA3}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{27CEDC58-DB35-4AA4-8343-97D6BC8E236D}" = protocol=1 | dir=out | [email protected],-28544 |
"{33615EF3-AA4A-4E7A-99C2-58665F31A198}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{41BA7B6B-5CEE-4B58-8540-C9B2C10EB5E3}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"{4417A878-5EB5-4509-BD18-A19B1B8657A6}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4450A045-9DC7-4EB9-AA71-5AD179EFDD9B}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4486F18A-A1BC-4F03-B787-45E27A85BCD4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4AC85E5C-A8D3-4EB3-A1EE-9803454B6E4F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5146D162-06B7-4063-8EAB-0EC06479B278}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5CA75914-57CC-4632-A1A1-2B5F1FAC6417}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5E3DA7E1-3680-48FD-887F-2F0A199DC033}" = protocol=17 | dir=in | app=d:\games\battle.net\battle.net\battle.net.exe |
"{65196EFD-FD15-4D31-AC8D-5C2F9283AE5C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{65EF4F34-E730-4455-90D6-FD7E173A76D9}" = protocol=1 | dir=in | [email protected],-28543 |
"{6CF62B35-6771-4433-9E86-597B241351BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6F399A95-04A1-44A1-9005-14545812D310}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2391\agent.exe |
"{7A83F585-6EA9-4E5D-A965-248C7ECFBFB9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7DAA9376-47D8-4355-9F85-AD54B7711125}" = protocol=58 | dir=out | [email protected],-28546 |
"{7E4C7B45-EC96-441D-97F7-1BCD296B3096}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{8A9C4F63-E1E8-4C58-B9AF-700290D1F262}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8B7143F8-29F0-4442-802D-E1EE73F6061C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9D6477CA-C815-4E5E-8229-05D67196DB57}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A0A2D61E-7575-4605-A2BB-B4C4F9553FC1}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"{AA38C373-BE29-4F8E-B756-1DBB093F0D6A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C460AC9E-6D5A-46AD-BE48-B767127550EE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C6791712-0D56-4A49-8CB6-2AFFC88F4047}" = protocol=6 | dir=in | app=d:\games\battle.net\battle.net\battle.net.exe |
"{C98088F5-5096-48A8-ADBD-2BAE7B9AA6E2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2391\agent.exe |
"{CAA9903B-940F-4ACE-BA0D-3A64F73BD331}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CD5EB76C-9CD7-41EB-8BA5-F9975D5A2932}" = protocol=58 | dir=in | [email protected],-28545 |
"{CF6CD1D1-94CB-4537-B8B6-542141FA104B}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D099D2BA-9DD6-46AA-91DF-5D76D6CD509C}" = protocol=6 | dir=out | app=system |
"{D871BF2F-EC21-41CB-9133-1938B761A8BE}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{D8A1349B-1E4A-4715-B2D2-65761485CD6B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EB0DC8BC-18B3-42B9-8B00-A579B9A7C4EF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{26951048-9A82-482F-8FE4-68E034EF352E}C:\program files (x86)\gigabyte\gbtupd\gbtupd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\gbtupd\gbtupd.exe |
"TCP Query User{3116E712-8032-4F70-B57B-D59AA830E84A}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{5CE3D621-DD83-46F5-9E69-605CB54AACAB}C:\program files (x86)\gigabyte\gbtupd\runupd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\gbtupd\runupd.exe |
"TCP Query User{6199ECC3-996C-4316-A0A5-8803B665C474}D:\games\deadspace2\deadspace2.exe" = protocol=6 | dir=in | app=d:\games\deadspace2\deadspace2.exe |
"TCP Query User{D17A1A93-C7B9-4CCA-805F-193D3F81A57D}D:\games\hearthstone\hearthstone\hearthstone.exe" = protocol=6 | dir=in | app=d:\games\hearthstone\hearthstone\hearthstone.exe |
"UDP Query User{052B2021-58B7-46A9-A754-AE7174EF6157}C:\program files (x86)\gigabyte\gbtupd\runupd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\gbtupd\runupd.exe |
"UDP Query User{21633C85-EB3B-4376-9E10-688CF24C3A9F}D:\games\hearthstone\hearthstone\hearthstone.exe" = protocol=17 | dir=in | app=d:\games\hearthstone\hearthstone\hearthstone.exe |
"UDP Query User{4D77AAAD-12C5-4420-BBFA-13B52CCC5309}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{CB812648-FE2F-472E-AFEC-DFA8A2A601B2}D:\games\deadspace2\deadspace2.exe" = protocol=17 | dir=in | app=d:\games\deadspace2\deadspace2.exe |
"UDP Query User{E3B20524-7D48-4787-B0C3-A8D172D41A5B}C:\program files (x86)\gigabyte\gbtupd\gbtupd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\gbtupd\gbtupd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{6CC95B76-D380-46B2-9022-9353938E48BA}" = Logitech GamePanel Software 3.03.133
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.15.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"WhoCrashed_is1" = WhoCrashed 5.00
"WinRAR archiver" = WinRAR 5.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B09.1008.1
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95A76C9-6F65-477E-83A0-9F884B6DC21B}" = TuneUp Utilities Language Pack (en-US)
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Battle.net" = Battle.net
"DAEMON Tools Lite" = DAEMON Tools Lite
"Fraps" = Fraps (remove only)
"FrostWire 5" = FrostWire 5.6.7
"Google Chrome" = Google Chrome
"InstallShield_{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B09.1008.1
"League of Legends 3.0.0" = League of Legends
"LOLReplay" = LOLReplay
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"The Elder Scrolls V Skyrim Dragonborn © Bethes~300CD4A2_is1" = The Elder Scrolls V Skyrim Dragonborn © Bethesda Softworks version 1
"TuneUp Utilities 2012" = TuneUp Utilities 2012

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"RIFT" = RIFT

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/2/2013 4:51:48 PM | Computer Name = Xadam-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32)
- Failed to compile: napsnap, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35,
processorArchitecture=msil . Error code = 0x80070020

Error - 11/2/2013 4:51:48 PM | Computer Name = Xadam-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32)
- Failed to compile Narrator, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35,
processorArchitecture=msil because of the following error: Exception from HRESULT:
0x80070020.

Error - 11/2/2013 4:51:48 PM | Computer Name = Xadam-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32)
- Failed to compile PresentationBuildTasks, Version=3.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35,
processorArchitecture=msil because of the following error: Exception from HRESULT:
0x80070020.

Error - 11/2/2013 4:56:20 PM | Computer Name = Xadam-PC | Source = .NET Runtime Optimization Service | ID = 1107
Description = .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32)
- Failed to execute command from the offline queue: uninstall "Microsoft.VisualBasic,
Version=8.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil"
/NoDependencies . The error returned was Error: The specified assembly is not
installed. .

Error - 11/2/2013 4:59:31 PM | Computer Name = Xadam-PC | Source = ESENT | ID = 215
Description = WinMail (2960) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.

Error - 11/2/2013 4:59:38 PM | Computer Name = Xadam-PC | Source = ESENT | ID = 215
Description = WinMail (2456) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.

Error - 11/10/2013 5:23:07 PM | Computer Name = Xadam-PC | Source = Application Hang | ID = 1002
Description = The program StartUpManager.exe version 12.0.3600.122 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: f90 Start
Time: 01cede5ace31dca1 Termination Time: 3 Application Path: C:\Program Files (x86)\TuneUp
Utilities 2012\StartUpManager.exe Report Id: 42eb6d9e-4a4e-11e3-8d96-1c6f65d0b909


Error - 11/12/2013 10:24:32 AM | Computer Name = Xadam-PC | Source = Application Hang | ID = 1002
Description = The program Steam.exe version 1.97.82.80 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 13b8 Start
Time: 01cedfad49f266b9 Termination Time: 94 Application Path: C:\Program Files (x86)\Steam\Steam.exe

Report
Id: 129089e0-4ba6-11e3-987c-1c6f65d0b909

Error - 11/12/2013 11:42:08 AM | Computer Name = Xadam-PC | Source = Application Error | ID = 1000
Description = Faulting application name: League of Legends.exe, version: 3.13.0.399,
time stamp: 0x526ed0a3 Faulting module name: nvd3dum.dll, version: 9.18.13.3165,
time stamp: 0x52676a41 Exception code: 0xc0000005 Fault offset: 0x00630c3f Faulting
process id: 0x102c Faulting application start time: 0x01cedfb89e667861 Faulting application
path: C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.251\deploy\League
of Legends.exe Faulting module path: C:\Windows\system32\nvd3dum.dll Report Id: fc60ec34-4bb0-11e3-987c-1c6f65d0b909

Error - 11/12/2013 11:44:17 AM | Computer Name = Xadam-PC | Source = Application Error | ID = 1000
Description = Faulting application name: League of Legends.exe, version: 3.13.0.399,
time stamp: 0x526ed0a3 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x730ccfc4 Faulting process id:
0x10cc Faulting application start time: 0x01cedfbdc0c4e9e8 Faulting application path:
C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.251\deploy\League
of Legends.exe Faulting module path: unknown Report Id: 49a6f01c-4bb1-11e3-987c-1c6f65d0b909

[ System Events ]
Error - 11/11/2013 3:36:44 AM | Computer Name = Xadam-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 1:35:14 AM on ?11/?11/?2013 was unexpected.

Error - 11/11/2013 3:36:46 AM | Computer Name = XADAM-PC | Source = BugCheck | ID = 1001
Description =

Error - 11/12/2013 9:44:25 AM | Computer Name = Xadam-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.

Error - 11/12/2013 9:44:25 AM | Computer Name = Xadam-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053

Error - 11/13/2013 6:39:05 AM | Computer Name = Xadam-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 4:36:56 AM on ?11/?13/?2013 was unexpected.

Error - 11/13/2013 6:39:06 AM | Computer Name = XADAM-PC | Source = BugCheck | ID = 1001
Description =

Error - 11/15/2013 4:44:38 PM | Computer Name = Xadam-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:38:09 PM on ?11/?15/?2013 was unexpected.

Error - 11/15/2013 4:44:40 PM | Computer Name = XADAM-PC | Source = BugCheck | ID = 1001
Description =

Error - 11/15/2013 5:48:15 PM | Computer Name = Xadam-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:46:28 PM on ?11/?15/?2013 was unexpected.

Error - 11/15/2013 5:48:16 PM | Computer Name = XADAM-PC | Source = BugCheck | ID = 1001
Description =


< End of report >
  • 0

Advertisements


#2
Xadam2

Xadam2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
bump
  • 0

#3
Xadam2

Xadam2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
BUMP?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP