Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer Slowdown - 99% CPU and Physical Memory Usage [Closed]


  • This topic is locked This topic is locked

#1
bnguyen100

bnguyen100

    Member

  • Member
  • PipPip
  • 35 posts

Yesterday when I logged into my PC, my computer started to have an incredible slowdown, it took minutes before my google chrome opened up. So I tried to open my task manager to see whats wrong, opened after like 2 minutes, I found that my CPU and Physical Memory usage is at 99%, this was unusual to see as my usual usage was at 10% CPU and sometimes 20% max on physical memory. I looked through the processes from all users and I noticed this services.exe process using a majority of my CPU and almost all of my Physical memory. I thought this was virus based so I scanned my PC with MBAM and found nothing. Then scanned with SUPERAntiSpyware and it found some kind of threat called Trojan-Gen-Zcrypt, not sure what it is. But my problem still remains. I would love to know what could be causing this. Right now its at a normal stage, but later it becomes super used.

 

=========

 

OTL logfile created on: 9/17/2014 4:05:27 PM - Run 9
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Brandon\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.97 Gb Total Physical Memory | 1.13 Gb Available Physical Memory | 14.24% Memory free
15.93 Gb Paging File | 8.82 Gb Available in Paging File | 55.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 575.21 Gb Free Space | 61.76% Space Free | Partition Type: NTFS
 
Computer Name: AXIOM | User Name: Brandon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Brandon\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:64bit: - (gzserv) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe (Bitdefender)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (RzKLService) -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (asHmComSvc) -- C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe ()
SRV - (asComSvc) -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe ()
SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe ()
SRV - (RalinkRegistryWriter64) -- C:\Program Files (x86)\ZyXEL\N220\Common\RaRegistry64.exe (Ralink Technology, Corp.)
SRV - (RalinkRegistryWriter) -- C:\Program Files (x86)\ZyXEL\N220\Common\RaRegistry.exe (Ralink Technology, Corp.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (mbamchameleon) -- C:\Windows\SysNative\drivers\mbamchameleon.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (rzudd) -- C:\Windows\SysNative\drivers\rzudd.sys (Razer Inc)
DRV:64bit: - (rzendpt) -- C:\Windows\SysNative\drivers\rzendpt.sys (Razer Inc)
DRV:64bit: - (bdfwfpf) -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys (Bitdefender SRL)
DRV:64bit: - (taphss6) -- C:\Windows\SysNative\drivers\taphss6.sys (Anchorfree Inc.)
DRV:64bit: - (trufos) -- C:\Windows\SysNative\drivers\trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (gzflt) -- C:\Windows\SysNative\drivers\gzflt.sys (BitDefender LLC)
DRV:64bit: - (avckf) -- C:\Windows\SysNative\drivers\avckf.sys (BitDefender)
DRV:64bit: - (avc3) -- C:\Windows\SysNative\drivers\avc3.sys (BitDefender)
DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)
DRV:64bit: - (USBPNPA) -- C:\Windows\SysNative\drivers\CM10864.sys (C-Media Electronics Inc)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (PCASp60) -- C:\Windows\SysNative\drivers\PcaSp60.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:64bit: - (RtNdPt60) -- C:\Windows\SysNative\drivers\RtNdPt60.sys (Realtek                                            )
DRV:64bit: - (TEAM) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
DRV:64bit: - (RTTEAMPT) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
DRV:64bit: - (RTVLANPT) -- C:\Windows\SysNative\drivers\RtVlan60.sys (Windows ® Codename Longhorn DDK provider)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (PCASp60) -- C:\Windows\SysWOW64\drivers\PcaSp60.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox"
FF - prefs.js..extensions.enabledAddons: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:8.8.1
FF - prefs.js..extensions.enabledAddons: %7B888d99e7-e8b5-46a3-851e-1ec45da1e644%7D:28.0.2
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.15
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - prefs.js..keyword.URL: "http://www.google.co...-8&oe=utf-8&q="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.20.2: C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.20.2: C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Brandon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Brandon\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Brandon\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Brandon\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Brandon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
 
 
[2013/09/18 14:53:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandon\AppData\Roaming\Mozilla\Extensions
[2014/05/08 19:22:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\1q2vnfo0.default\extensions
[2014/05/08 19:22:04 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\1q2vnfo0.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2014/05/08 19:22:03 | 000,033,235 | ---- | M] () (No name found) -- C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\1q2vnfo0.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
[2014/05/08 19:22:03 | 000,287,566 | ---- | M] () (No name found) -- C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\1q2vnfo0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
 
========== Chrome  ==========
 
CHR - plugin: Error reading preferences file
CHR - Extension: Magic Actions for YouTubeâ„¢ = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\6.7.9.2_1\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_1\
CHR - Extension: Adblock Plus = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_1\
CHR - Extension: Enhance Views = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippgbgjbkciiodailobdhilppmfglgma\2.2_1\
CHR - Extension: Ghostery = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.4.0_1\
CHR - Extension: Google Wallet = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
 
O1 HOSTS File: ([2014/09/17 15:13:20 | 000,000,019 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O1364bit: - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{850CDAD2-7454-460F-99BB-4C9B1FAA6A80}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A70AC1A-AECD-465C-B421-8C7B72ADB943}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/09/17 19:47:00 | 000,000,047 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/09/17 16:04:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Brandon\Desktop\OTL.exe
[2014/09/17 16:02:41 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Brandon\Desktop\HijackThis.exe
[2014/09/17 15:31:25 | 000,000,000 | ---D | C] -- C:\SUPERDelete
[2014/09/17 15:28:14 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\SUPERAntiSpyware.com
[2014/09/17 15:28:04 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2014/09/17 15:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/09/17 14:37:54 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\ElevatedDiagnostics
[2014/09/16 15:45:19 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\SC2 Ep 10 Audio_data
[2014/09/12 13:47:31 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\Twitch
[2014/09/12 13:40:51 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
[2014/09/12 13:40:35 | 000,000,000 | ---D | C] -- C:\Program Files\OBS
[2014/09/12 13:40:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OBS
[2014/09/12 13:38:32 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\NVIDIA
[2014/09/12 13:11:28 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\GameCompanion
[2014/09/11 21:17:07 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\Unfinished Episodes
[2014/09/10 14:39:29 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\Coding
[2014/09/10 14:38:43 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\Youtube
[2014/09/10 14:34:17 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\HALO
[2014/09/08 16:39:29 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\American Dad Music Video
[2014/09/05 14:57:43 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\java
[2014/08/31 18:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/08/31 18:44:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
[2014/08/29 17:40:25 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Documents\LOLReplay
[2014/08/27 15:39:21 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/08/26 20:10:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
[2014/08/26 20:10:05 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2014/08/26 20:10:04 | 000,718,840 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2014/08/26 20:10:04 | 000,593,144 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2014/08/26 20:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2014/08/26 20:02:03 | 000,148,696 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys
[2014/08/26 20:02:00 | 000,382,536 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2014/08/26 19:53:41 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\QuickScan
[2014/08/24 13:54:01 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\Adobe
[2014/08/23 15:30:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/08/23 12:03:16 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\MMFApplications
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/09/17 16:08:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/09/17 16:04:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brandon\Desktop\OTL.exe
[2014/09/17 16:03:18 | 000,035,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/17 16:03:18 | 000,035,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/17 16:02:43 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Brandon\Desktop\HijackThis.exe
[2014/09/17 15:59:36 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/09/17 15:59:30 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/09/17 15:57:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/17 15:57:31 | 2121,629,695 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/17 15:50:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/17 15:43:00 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-98706136-930436416-2056340936-1000.job
[2014/09/17 15:37:14 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000Core.job
[2014/09/17 15:29:52 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000UA.job
[2014/09/17 15:28:04 | 000,001,768 | ---- | M] () -- C:\Users\Brandon\Desktop\SUPERAntiSpyware Professional.lnk
[2014/09/17 15:13:20 | 000,000,019 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/09/17 14:39:05 | 000,007,598 | ---- | M] () -- C:\Users\Brandon\AppData\Local\resmon.resmoncfg
[2014/09/17 05:19:00 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\update-sys.job
[2014/09/16 18:23:07 | 005,339,416 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/09/16 17:57:38 | 359,971,884 | ---- | M] () -- C:\Users\Brandon\Desktop\Starcraft 2 Episode 10 Audio.wav
[2014/09/16 15:45:47 | 000,108,088 | ---- | M] () -- C:\Users\Brandon\Desktop\SC2 Ep 10 Audio.aup
[2014/09/15 20:29:07 | 001,966,772 | ---- | M] () -- C:\Users\Brandon\Desktop\backgrounds-26474-27166-hd-wallpapers.jpg
[2014/09/15 20:21:06 | 000,221,450 | ---- | M] () -- C:\Users\Brandon\Desktop\Woof.jpg
[2014/09/15 19:04:25 | 000,000,440 | ---- | M] () -- C:\Users\Brandon\AppData\Local\UserProducts.xml
[2014/09/14 20:38:58 | 001,517,138 | ---- | M] () -- C:\Users\Brandon\Desktop\4.png
[2014/09/14 20:38:56 | 000,000,132 | ---- | M] () -- C:\Users\Brandon\AppData\Roaming\Adobe PNG Format CC Prefs
[2014/09/14 20:30:25 | 1170,741,481 | ---- | M] () -- C:\Users\Brandon\Desktop\Borderlands 2 Episode 4.mp4
[2014/09/13 16:39:26 | 229,919,200 | ---- | M] () -- C:\Users\Brandon\Desktop\FiveNightsDEMO_INSTALL.exe
[2014/09/12 13:40:51 | 000,000,931 | ---- | M] () -- C:\Users\Brandon\Desktop\Open Broadcaster Software.lnk
[2014/09/12 13:40:30 | 000,001,343 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014/09/11 21:39:46 | 177,569,324 | ---- | M] () -- C:\Users\Brandon\Desktop\Ep5.wav
[2014/09/11 19:41:29 | 253,209,644 | ---- | M] () -- C:\Users\Brandon\Desktop\Ep4.wav
[2014/09/10 17:06:15 | 1395,468,432 | ---- | M] () -- C:\Users\Brandon\Desktop\3 vid.mp4
[2014/09/10 16:23:57 | 001,517,545 | ---- | M] () -- C:\Users\Brandon\Desktop\3.png
[2014/09/10 16:23:34 | 001,517,459 | ---- | M] () -- C:\Users\Brandon\Desktop\2.png
[2014/09/10 16:10:53 | 1631,549,923 | ---- | M] () -- C:\Users\Brandon\Desktop\Borderlands ep 2.mp4
[2014/09/10 14:36:57 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/09/10 14:36:57 | 000,662,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/09/10 14:36:57 | 000,122,252 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/09/09 14:52:11 | 000,774,592 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/09/05 14:57:16 | 000,675,988 | ---- | M] () -- C:\Users\Brandon\Desktop\Minecraft.exe
[2014/08/27 16:28:49 | 000,001,258 | RHS- | M] () -- C:\Users\Brandon\ntuser.pol
[2014/08/26 20:10:18 | 000,322,919 | ---- | M] () -- C:\ProgramData\1409097707.bdinstall.bin
[2014/08/26 19:56:50 | 000,041,637 | ---- | M] () -- C:\ProgramData\1409097383.4804.bin
[2014/08/26 19:56:38 | 000,002,058 | ---- | M] () -- C:\ProgramData\1409097383.5252.bin
[2014/08/26 19:54:11 | 000,045,573 | ---- | M] () -- C:\ProgramData\1409097221.bdinstall.bin
[2014/08/23 12:58:48 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/09/17 15:28:04 | 000,001,768 | ---- | C] () -- C:\Users\Brandon\Desktop\SUPERAntiSpyware Professional.lnk
[2014/09/16 18:22:42 | 005,339,416 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/09/16 15:45:47 | 000,108,088 | ---- | C] () -- C:\Users\Brandon\Desktop\SC2 Ep 10 Audio.aup
[2014/09/16 15:44:46 | 359,971,884 | ---- | C] () -- C:\Users\Brandon\Desktop\Starcraft 2 Episode 10 Audio.wav
[2014/09/15 20:29:06 | 001,966,772 | ---- | C] () -- C:\Users\Brandon\Desktop\backgrounds-26474-27166-hd-wallpapers.jpg
[2014/09/15 20:21:04 | 000,221,450 | ---- | C] () -- C:\Users\Brandon\Desktop\Woof.jpg
[2014/09/14 20:38:55 | 001,517,138 | ---- | C] () -- C:\Users\Brandon\Desktop\4.png
[2014/09/14 20:01:37 | 1170,741,481 | ---- | C] () -- C:\Users\Brandon\Desktop\Borderlands 2 Episode 4.mp4
[2014/09/13 16:36:44 | 229,919,200 | ---- | C] () -- C:\Users\Brandon\Desktop\FiveNightsDEMO_INSTALL.exe
[2014/09/12 13:40:50 | 000,000,931 | ---- | C] () -- C:\Users\Brandon\Desktop\Open Broadcaster Software.lnk
[2014/09/12 13:40:30 | 000,001,343 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014/09/11 21:39:39 | 177,569,324 | ---- | C] () -- C:\Users\Brandon\Desktop\Ep5.wav
[2014/09/11 19:41:21 | 253,209,644 | ---- | C] () -- C:\Users\Brandon\Desktop\Ep4.wav
[2014/09/10 16:33:08 | 1395,468,432 | ---- | C] () -- C:\Users\Brandon\Desktop\3 vid.mp4
[2014/09/10 16:23:54 | 001,517,545 | ---- | C] () -- C:\Users\Brandon\Desktop\3.png
[2014/09/10 16:23:29 | 001,517,459 | ---- | C] () -- C:\Users\Brandon\Desktop\2.png
[2014/09/10 15:37:31 | 1631,549,923 | ---- | C] () -- C:\Users\Brandon\Desktop\Borderlands ep 2.mp4
[2014/09/05 14:57:12 | 000,675,988 | ---- | C] () -- C:\Users\Brandon\Desktop\Minecraft.exe
[2014/08/26 20:10:18 | 000,322,919 | ---- | C] () -- C:\ProgramData\1409097707.bdinstall.bin
[2014/08/26 19:56:27 | 000,002,058 | ---- | C] () -- C:\ProgramData\1409097383.5252.bin
[2014/08/26 19:56:23 | 000,041,637 | ---- | C] () -- C:\ProgramData\1409097383.4804.bin
[2014/08/26 19:54:11 | 000,045,573 | ---- | C] () -- C:\ProgramData\1409097221.bdinstall.bin
[2014/08/23 12:58:48 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2014/08/09 00:22:35 | 000,215,416 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/08/09 00:22:34 | 000,076,152 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014/07/04 14:50:31 | 000,013,931 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2014/06/17 16:07:03 | 000,007,598 | ---- | C] () -- C:\Users\Brandon\AppData\Local\resmon.resmoncfg
[2014/06/05 16:50:49 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix108.dll
[2014/06/05 16:50:49 | 000,000,169 | ---- | C] () -- C:\Windows\Cm108.ini.cfl
[2014/06/05 16:50:13 | 000,001,459 | ---- | C] () -- C:\Windows\Cm108.ini.cfg
[2014/06/05 16:50:13 | 000,000,307 | ---- | C] () -- C:\Windows\Cm108.ini.imi
[2014/06/05 16:50:11 | 000,001,353 | ---- | C] () -- C:\Windows\cm108.ini
[2014/05/28 20:37:28 | 000,001,646 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2014/03/09 15:54:17 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\qttask.exe
[2014/01/28 19:14:02 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2014/01/15 13:29:46 | 000,001,456 | ---- | C] () -- C:\Users\Brandon\AppData\Local\Adobe Save for Web 13.0 Prefs
[2014/01/15 13:26:09 | 000,000,132 | ---- | C] () -- C:\Users\Brandon\AppData\Roaming\Adobe GIF Format CC Prefs
[2013/12/30 17:31:20 | 000,000,132 | ---- | C] () -- C:\Users\Brandon\AppData\Roaming\Adobe PNG Format CC Prefs
[2013/12/05 19:14:34 | 000,002,706 | ---- | C] () -- C:\Users\Brandon\AppData\Local\recently-used.xbel
[2013/10/14 15:00:58 | 000,000,440 | ---- | C] () -- C:\Users\Brandon\AppData\Local\UserProducts.xml
[2013/09/09 20:23:00 | 000,004,909 | ---- | C] () -- C:\Windows\wininit.ini
[2013/08/29 20:29:05 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2013/08/29 20:29:05 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2013/08/29 20:29:05 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2013/08/26 16:21:09 | 003,211,264 | ---- | C] () -- C:\Users\Brandon\DevelopmentStorageDb21.mdf
[2013/08/26 16:21:09 | 000,851,968 | ---- | C] () -- C:\Users\Brandon\DevelopmentStorageDb21_log.ldf
[2013/08/01 17:32:10 | 000,001,258 | RHS- | C] () -- C:\Users\Brandon\ntuser.pol
[2013/07/27 20:52:12 | 000,774,592 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/07/27 20:33:20 | 000,014,464 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2013/07/27 20:31:26 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013/07/27 20:31:25 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2013/07/27 20:31:25 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2013/07/27 20:22:26 | 000,027,085 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2013/07/27 20:22:15 | 000,023,024 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2013/07/27 20:22:15 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2013/07/27 20:22:15 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 22:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/02/17 12:58:12 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\.aethericcrusade
[2014/08/06 16:30:36 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\.beta-jurassiccraft
[2014/08/06 16:30:36 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\.beta-pokepack
[2014/08/06 16:30:36 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\.crazycraft
[2014/08/06 17:44:16 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\.crazycraft2
[2014/08/06 16:31:38 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\.dreamcraft
[2014/08/06 16:31:31 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\.electriciansjourney
[2014/08/06 16:31:34 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\.fellowship
[2014/08/06 16:31:34 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\.jurassiccraft
[2014/09/05 15:29:25 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\.minecraft
[2014/08/06 16:31:36 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\.pokepack
[2013/11/17 16:23:50 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\.technic
[2014/08/06 16:31:37 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\.vanilla1.5.2
[2014/02/17 12:58:17 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\.vanilla1.6.2
[2014/02/17 12:58:17 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\.vanilla1.6.4
[2014/02/17 12:58:17 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\.voidswrath
[2014/09/16 18:48:53 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Audacity
[2014/05/23 19:58:12 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\BANDISOFT
[2014/03/15 21:47:32 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Battle.net
[2014/04/12 12:11:16 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Bioshock
[2014/06/15 13:06:24 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Bioshock2Steam
[2013/08/28 19:23:35 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\DG
[2014/07/23 11:26:47 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Elgato
[2014/09/12 13:14:39 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\GameCompanion
[2014/09/05 14:57:43 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\java
[2013/08/03 20:49:19 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\LolClient
[2014/08/04 19:51:11 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\MAXON
[2014/08/23 12:03:16 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\MMFApplications
[2013/08/30 22:14:03 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Natural Selection 2
[2014/03/02 18:14:04 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\New Technology Studio
[2014/08/08 20:23:09 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Notepad++
[2014/09/14 12:20:48 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\OBS
[2014/06/02 20:38:58 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\OmniCoin
[2014/03/27 17:09:34 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Origin
[2013/10/10 16:03:41 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\PDAppFlex
[2013/08/28 19:53:26 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\poclbm
[2013/07/31 02:28:18 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Publish Providers
[2013/07/27 23:36:36 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\puush
[2014/08/26 20:03:25 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\QuickScan
[2013/08/03 01:33:44 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Riot Games
[2014/05/02 22:02:53 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Screaming Bee
[2013/11/06 15:49:26 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Se7en Soft
[2013/07/31 02:28:17 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Sony
[2014/06/03 16:16:08 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\SplitmediaLabs
[2014/02/09 15:49:39 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014/07/08 16:54:05 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\StunlockStudios
[2013/08/15 22:06:30 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Synthesia
[2014/05/14 20:51:46 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\TeamViewer
[2014/03/15 22:19:54 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\TS3Client
[2014/09/07 14:53:42 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Ubisoft
[2013/10/02 18:39:53 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\UBot Studio
[2013/09/13 21:58:06 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Unity
[2014/07/28 14:52:49 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
< End of report >
 

  • 0

Advertisements


#2
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Minion%20Welcome.jpg


My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

icon_arrow.gif Analysis and research take some time, also sometimes real life gets in the way, please be patient.
icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif Paste the logs in your posts, attachments make my work harder and more complicated.
icon_arrow.gif Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.

icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)



FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > Windows 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content in your next reply.


Cheers,
Naat :)


  • 0

#3
bnguyen100

bnguyen100

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

Farbar Recovery Scan Results

 

Oh and by the way, I wont be home on my PC tomorrow and maybe Sunday, but tomorrow i wont be able to do the future steps.

 

 

FRST.txt:

============

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Brandon (administrator) on AXIOM on 19-09-2014 14:36:49
Running from C:\Users\Brandon\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-17] (AVAST Software)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-07-28] (Microsoft Corporation)
HKU\S-1-5-21-98706136-930436416-2056340936-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7763736 2014-09-09] (SUPERAntiSpyware)
HKU\S-1-5-21-98706136-930436416-2056340936-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-98706136-930436416-2056340936-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-98706136-930436416-2056340936-1004\User: Group Policy restriction detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.searc...x={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\1q2vnfo0.default
FF NewTab: hxxp://www.google.com/firefox
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Brandon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Brandon\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Brandon\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Brandon\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Brandon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Users\Brandon\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Brandon\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Brandon\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: iMacros for Firefox - C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\1q2vnfo0.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-05-08]
FF Extension: ReloadEvery - C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\1q2vnfo0.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2013-09-18]
FF Extension: Greasemonkey - C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\1q2vnfo0.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-10-10]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-17]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR Profile: C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-06-08]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-08]
CHR Extension: (Enhance Views) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippgbgjbkciiodailobdhilppmfglgma [2014-09-07]
CHR Extension: (Ghostery) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-06-08]
CHR Extension: (Google Wallet) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-17]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
S4 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-17] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1721800 2014-08-08] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18974152 2014-08-08] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-09] ()
S4 RalinkRegistryWriter; C:\Program Files (x86)\ZyXEL\N220\Common\RaRegistry.exe [185632 2009-07-14] (Ralink Technology, Corp.)
S4 RalinkRegistryWriter64; C:\Program Files (x86)\ZyXEL\N220\Common\RaRegistry64.exe [211232 2009-07-14] (Ralink Technology, Corp.)
S4 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-17] ()
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-10] (ManyCam LLC)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [21448 2014-08-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 PCASp60; C:\Windows\SysWOW64\Drivers\PCASp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-10-13] (Razer Inc)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-20] (Anchorfree Inc.)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-19 14:36 - 2014-09-19 14:37 - 00017635 _____ () C:\Users\Brandon\Desktop\FRST.txt
2014-09-19 14:36 - 2014-09-19 14:36 - 02105856 _____ (Farbar) C:\Users\Brandon\Desktop\FRST64.exe
2014-09-19 14:36 - 2014-09-19 14:36 - 00000000 ____D () C:\FRST
2014-09-18 20:58 - 2014-09-18 20:58 - 00001596 _____ () C:\Users\Brandon\Desktop\HW QWUiz.txt
2014-09-18 18:12 - 2014-09-18 18:17 - 06508723 _____ () C:\Users\Brandon\Desktop\Test 2.mp4
2014-09-18 15:37 - 2014-09-18 15:39 - 00000000 ____D () C:\Users\Brandon\Desktop\BACKUP ON STORE N GO
2014-09-18 15:32 - 2014-09-18 15:33 - 02347384 _____ (ESET) C:\Users\Brandon\Desktop\esetsmartinstaller_enu.exe
2014-09-18 15:19 - 2014-09-18 15:19 - 00000000 ____D () C:\Users\Brandon\Desktop\ProcessExplorer
2014-09-18 15:18 - 2014-09-18 15:19 - 00448512 _____ (OldTimer Tools) C:\Users\Brandon\Desktop\TFC.exe
2014-09-17 20:04 - 2014-09-17 20:06 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-09-17 20:04 - 2014-09-17 20:04 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-09-17 18:51 - 2014-09-17 18:51 - 00001926 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-17 18:51 - 2014-09-17 18:51 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\AVAST Software
2014-09-17 18:51 - 2014-09-17 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-17 18:50 - 2014-09-17 18:51 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-17 18:50 - 2014-09-17 18:51 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-17 18:50 - 2014-09-17 18:49 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-17 18:50 - 2014-09-17 18:49 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-17 18:50 - 2014-09-17 18:49 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-17 18:50 - 2014-09-17 18:49 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-17 18:50 - 2014-09-17 18:49 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-17 18:50 - 2014-09-17 18:49 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-17 18:50 - 2014-09-17 18:49 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-17 18:50 - 2014-09-17 18:49 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-17 18:49 - 2014-09-17 18:49 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-17 18:47 - 2014-09-17 18:47 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-17 18:41 - 2014-09-17 18:41 - 00096579 _____ () C:\ProgramData\1410993664.bdinstall.bin
2014-09-17 18:41 - 2014-09-17 18:41 - 00037823 _____ () C:\ProgramData\1410993663.bdinstall.bin
2014-09-17 18:28 - 2014-09-18 20:23 - 00000000 ____D () C:\Users\Brandon\Desktop\Youtube Outro Project
2014-09-17 16:19 - 2014-09-17 16:33 - 00000000 ____D () C:\Users\Brandon\Desktop\Xbox Live Giver
2014-09-17 16:14 - 2014-09-17 16:14 - 00084304 _____ () C:\Users\Brandon\Desktop\OTL.Txt
2014-09-17 16:04 - 2014-09-17 16:04 - 00602112 _____ (OldTimer Tools) C:\Users\Brandon\Desktop\OTL.exe
2014-09-17 15:40 - 2014-09-17 19:36 - 00113132 _____ () C:\Windows\PFRO.log
2014-09-17 15:31 - 2014-09-17 15:31 - 00000000 ____D () C:\SUPERDelete
2014-09-17 15:28 - 2014-09-17 19:45 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-17 15:28 - 2014-09-17 15:34 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-17 15:28 - 2014-09-17 15:28 - 00001768 _____ () C:\Users\Brandon\Desktop\SUPERAntiSpyware Professional.lnk
2014-09-17 15:28 - 2014-09-17 15:28 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\SUPERAntiSpyware.com
2014-09-16 18:27 - 2014-09-19 14:34 - 00000952 _____ () C:\Windows\setupact.log
2014-09-16 18:27 - 2014-09-16 18:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-16 18:22 - 2014-09-16 18:23 - 05339416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-16 17:46 - 2014-09-16 17:46 - 00127480 _____ () C:\Users\Brandon\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-14 20:01 - 2014-09-14 20:30 - 1170741481 _____ () C:\Users\Brandon\Desktop\Borderlands 2 Episode 4.mp4
2014-09-14 16:31 - 2014-09-14 16:31 - 00003050 _____ () C:\Windows\System32\Tasks\{F62E8F14-31C3-4FA0-BBC8-D6D11563E8F5}
2014-09-12 13:47 - 2014-09-16 14:55 - 00000000 ____D () C:\Users\Brandon\Desktop\Twitch
2014-09-12 13:40 - 2014-09-12 13:40 - 00000931 _____ () C:\Users\Brandon\Desktop\Open Broadcaster Software.lnk
2014-09-12 13:40 - 2014-09-12 13:40 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-09-12 13:40 - 2014-09-12 13:40 - 00000000 ____D () C:\Program Files\OBS
2014-09-12 13:40 - 2014-09-12 13:40 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-09-12 13:38 - 2014-09-12 13:41 - 00000000 ____D () C:\Users\Brandon\AppData\Local\NVIDIA
2014-09-12 13:38 - 2014-08-08 20:28 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-09-12 13:38 - 2014-08-08 20:28 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-09-12 13:38 - 2014-08-08 20:28 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-09-12 13:38 - 2014-08-08 20:28 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-09-12 13:38 - 2014-03-31 12:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-12 13:38 - 2014-03-31 12:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-09-12 13:38 - 2014-03-31 12:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-12 13:27 - 2014-09-12 13:27 - 00000969 _____ () C:\Users\Family\Desktop\ShiftWindow.lnk
2014-09-12 13:11 - 2014-09-12 13:14 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\GameCompanion
2014-09-11 21:39 - 2014-09-11 21:39 - 177569324 _____ () C:\Users\Brandon\Desktop\Ep5.wav
2014-09-11 21:17 - 2014-09-18 18:17 - 00000000 ____D () C:\Users\Brandon\Desktop\Unfinished Episodes
2014-09-11 19:41 - 2014-09-11 19:41 - 253209644 _____ () C:\Users\Brandon\Desktop\Ep4.wav
2014-09-10 16:33 - 2014-09-10 17:06 - 1395468432 _____ () C:\Users\Brandon\Desktop\3 vid.mp4
2014-09-10 15:37 - 2014-09-10 16:10 - 1631549923 _____ () C:\Users\Brandon\Desktop\Borderlands ep 2.mp4
2014-09-10 14:39 - 2014-09-16 17:46 - 00000000 ____D () C:\Users\Brandon\Desktop\Coding
2014-09-10 14:38 - 2014-09-16 17:45 - 00000000 ____D () C:\Users\Brandon\Desktop\Youtube
2014-09-09 14:53 - 2014-08-15 11:48 - 17868288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-09 14:53 - 2014-08-15 11:36 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-09 14:53 - 2014-08-15 11:35 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-09 14:53 - 2014-08-15 11:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-09 14:53 - 2014-08-15 11:31 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-09 14:53 - 2014-08-15 11:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-09 14:53 - 2014-08-15 11:30 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-09 14:53 - 2014-08-15 11:30 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-09 14:53 - 2014-08-15 11:29 - 02156032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-09 14:53 - 2014-08-15 11:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-09 14:53 - 2014-08-15 11:29 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-09 14:53 - 2014-08-15 11:29 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-09 14:53 - 2014-08-15 11:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-09 14:53 - 2014-08-15 11:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-09 14:53 - 2014-08-15 11:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-09 14:53 - 2014-08-15 11:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-09 14:53 - 2014-08-15 11:29 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-09 14:53 - 2014-08-15 11:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-09 14:53 - 2014-08-15 11:28 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-09 14:53 - 2014-08-15 11:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-09 14:53 - 2014-08-15 11:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-09 14:53 - 2014-08-15 10:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-09 14:53 - 2014-08-15 10:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-09 14:53 - 2014-08-15 10:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-09 14:53 - 2014-08-15 10:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-09 14:53 - 2014-08-15 10:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-09 14:53 - 2014-08-15 10:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-09 14:53 - 2014-08-15 10:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-09 14:53 - 2014-08-15 10:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-09 14:53 - 2014-08-15 10:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-09 14:53 - 2014-08-15 10:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-09 14:53 - 2014-08-15 10:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-09 14:53 - 2014-08-15 10:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-09 14:53 - 2014-08-15 10:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-09 14:53 - 2014-08-15 10:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-09 14:53 - 2014-08-15 10:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-09 14:53 - 2014-08-15 10:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-09 14:53 - 2014-08-15 10:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-09 14:53 - 2014-08-15 10:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-09 14:53 - 2014-08-15 10:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-09 14:53 - 2014-08-15 10:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-09 14:53 - 2014-08-15 10:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-09 14:40 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-09 14:40 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-09 14:40 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-09 14:40 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-09 14:39 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-09 14:39 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-09 14:39 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-09 14:39 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-09 14:39 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-08 17:43 - 2014-09-08 17:43 - 00001076 _____ () C:\Users\Brandon\Desktop\Video Descriptions.txt
2014-09-08 16:39 - 2014-09-09 15:20 - 00000000 ____D () C:\Users\Brandon\Desktop\American Dad Music Video
2014-09-05 14:57 - 2014-09-05 14:57 - 00675988 _____ () C:\Users\Brandon\Desktop\Minecraft.exe
2014-09-05 14:57 - 2014-09-05 14:57 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\java
2014-08-31 18:44 - 2014-08-31 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-08-29 17:40 - 2014-08-29 17:40 - 00000000 ____D () C:\Users\Brandon\Documents\LOLReplay
2014-08-27 15:39 - 2014-09-16 17:41 - 00000000 ____D () C:\AdwCleaner
2014-08-27 15:39 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 15:39 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 15:39 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 20:19 - 2014-08-26 20:19 - 00003160 _____ () C:\Windows\System32\Tasks\{3E67EDF1-372E-41D8-8F9D-ED2AA1DD263E}
2014-08-26 20:10 - 2014-08-26 20:10 - 00322919 _____ () C:\ProgramData\1409097707.bdinstall.bin
2014-08-26 19:56 - 2014-08-26 19:56 - 00041637 _____ () C:\ProgramData\1409097383.4804.bin
2014-08-26 19:56 - 2014-08-26 19:56 - 00002058 _____ () C:\ProgramData\1409097383.5252.bin
2014-08-26 19:54 - 2014-08-26 19:54 - 00045573 _____ () C:\ProgramData\1409097221.bdinstall.bin
2014-08-26 19:53 - 2014-08-26 20:03 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\QuickScan
2014-08-24 13:54 - 2014-09-18 15:25 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Adobe
2014-08-23 15:30 - 2014-09-17 18:47 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-23 12:58 - 2014-08-23 12:58 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-08-23 12:03 - 2014-08-23 12:03 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\MMFApplications
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-19 14:37 - 2014-09-19 14:36 - 00017635 _____ () C:\Users\Brandon\Desktop\FRST.txt
2014-09-19 14:36 - 2014-09-19 14:36 - 02105856 _____ (Farbar) C:\Users\Brandon\Desktop\FRST64.exe
2014-09-19 14:36 - 2014-09-19 14:36 - 00000000 ____D () C:\FRST
2014-09-19 14:35 - 2014-05-31 19:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-19 14:35 - 2013-07-27 21:05 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-19 14:34 - 2014-09-16 18:27 - 00000952 _____ () C:\Windows\setupact.log
2014-09-19 14:34 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-18 21:00 - 2014-07-10 16:06 - 01743550 _____ () C:\Windows\WindowsUpdate.log
2014-09-18 20:58 - 2014-09-18 20:58 - 00001596 _____ () C:\Users\Brandon\Desktop\HW QWUiz.txt
2014-09-18 20:54 - 2013-09-11 17:36 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Skype
2014-09-18 20:51 - 2013-07-27 21:05 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-18 20:29 - 2013-08-16 19:29 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000UA.job
2014-09-18 20:23 - 2014-09-17 18:28 - 00000000 ____D () C:\Users\Brandon\Desktop\Youtube Outro Project
2014-09-18 20:08 - 2013-09-18 14:59 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-18 19:51 - 2014-01-30 16:49 - 00000000 ____D () C:\Users\Brandon\AppData\Local\CrashDumps
2014-09-18 19:49 - 2013-12-30 17:31 - 00000132 _____ () C:\Users\Brandon\AppData\Roaming\Adobe PNG Format CC Prefs
2014-09-18 19:43 - 2014-03-05 16:52 - 00000392 _____ () C:\Windows\Tasks\update-S-1-5-21-98706136-930436416-2056340936-1000.job
2014-09-18 19:29 - 2014-07-17 11:20 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Audacity
2014-09-18 18:17 - 2014-09-18 18:12 - 06508723 _____ () C:\Users\Brandon\Desktop\Test 2.mp4
2014-09-18 18:17 - 2014-09-11 21:17 - 00000000 ____D () C:\Users\Brandon\Desktop\Unfinished Episodes
2014-09-18 17:49 - 2013-07-27 20:31 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Adobe
2014-09-18 17:48 - 2014-02-19 17:51 - 00000000 ____D () C:\Users\Brandon\Documents\Adobe
2014-09-18 17:19 - 2014-06-02 20:48 - 00000390 _____ () C:\Windows\Tasks\update-sys.job
2014-09-18 16:42 - 2014-06-17 16:07 - 00007598 _____ () C:\Users\Brandon\AppData\Local\resmon.resmoncfg
2014-09-18 16:27 - 2014-07-27 19:07 - 00000000 ____D () C:\Users\Brandon\Desktop\Graphics Folder
2014-09-18 15:47 - 2014-03-02 18:14 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\New Technology Studio
2014-09-18 15:39 - 2014-09-18 15:37 - 00000000 ____D () C:\Users\Brandon\Desktop\BACKUP ON STORE N GO
2014-09-18 15:36 - 2009-07-14 00:45 - 00035072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-18 15:36 - 2009-07-14 00:45 - 00035072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-18 15:33 - 2014-09-18 15:32 - 02347384 _____ (ESET) C:\Users\Brandon\Desktop\esetsmartinstaller_enu.exe
2014-09-18 15:29 - 2013-08-16 19:29 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000Core.job
2014-09-18 15:25 - 2014-08-24 13:54 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Adobe
2014-09-18 15:19 - 2014-09-18 15:19 - 00000000 ____D () C:\Users\Brandon\Desktop\ProcessExplorer
2014-09-18 15:19 - 2014-09-18 15:18 - 00448512 _____ (OldTimer Tools) C:\Users\Brandon\Desktop\TFC.exe
2014-09-17 20:28 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-17 20:06 - 2014-09-17 20:04 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-09-17 20:04 - 2014-09-17 20:04 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-09-17 19:45 - 2014-09-17 15:28 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-17 19:36 - 2014-09-17 15:40 - 00113132 _____ () C:\Windows\PFRO.log
2014-09-17 18:51 - 2014-09-17 18:51 - 00001926 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-17 18:51 - 2014-09-17 18:51 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\AVAST Software
2014-09-17 18:51 - 2014-09-17 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-17 18:51 - 2014-09-17 18:50 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-17 18:51 - 2014-09-17 18:50 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-17 18:49 - 2014-09-17 18:50 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-17 18:49 - 2014-09-17 18:50 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-17 18:49 - 2014-09-17 18:50 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-17 18:49 - 2014-09-17 18:50 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-17 18:49 - 2014-09-17 18:50 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-17 18:49 - 2014-09-17 18:50 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-17 18:49 - 2014-09-17 18:50 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-17 18:49 - 2014-09-17 18:50 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-17 18:49 - 2014-09-17 18:49 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-17 18:47 - 2014-09-17 18:47 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-17 18:47 - 2014-08-23 15:30 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-17 18:44 - 2013-07-27 22:18 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-09-17 18:44 - 2013-07-27 20:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-17 18:42 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-17 18:41 - 2014-09-17 18:41 - 00096579 _____ () C:\ProgramData\1410993664.bdinstall.bin
2014-09-17 18:41 - 2014-09-17 18:41 - 00037823 _____ () C:\ProgramData\1410993663.bdinstall.bin
2014-09-17 16:33 - 2014-09-17 16:19 - 00000000 ____D () C:\Users\Brandon\Desktop\Xbox Live Giver
2014-09-17 16:14 - 2014-09-17 16:14 - 00084304 _____ () C:\Users\Brandon\Desktop\OTL.Txt
2014-09-17 16:04 - 2014-09-17 16:04 - 00602112 _____ (OldTimer Tools) C:\Users\Brandon\Desktop\OTL.exe
2014-09-17 15:34 - 2014-09-17 15:28 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-17 15:31 - 2014-09-17 15:31 - 00000000 ____D () C:\SUPERDelete
2014-09-17 15:31 - 2013-07-28 20:40 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-09-17 15:28 - 2014-09-17 15:28 - 00001768 _____ () C:\Users\Brandon\Desktop\SUPERAntiSpyware Professional.lnk
2014-09-17 15:28 - 2014-09-17 15:28 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\SUPERAntiSpyware.com
2014-09-17 15:12 - 2014-03-09 16:42 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-16 18:33 - 2014-02-26 19:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-16 18:33 - 2014-02-26 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-16 18:33 - 2013-07-27 21:28 - 00000000 ____D () C:\ProgramData\Skype
2014-09-16 18:27 - 2014-09-16 18:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-16 18:23 - 2014-09-16 18:22 - 05339416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-16 17:46 - 2014-09-16 17:46 - 00127480 _____ () C:\Users\Brandon\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-16 17:46 - 2014-09-10 14:39 - 00000000 ____D () C:\Users\Brandon\Desktop\Coding
2014-09-16 17:45 - 2014-09-10 14:38 - 00000000 ____D () C:\Users\Brandon\Desktop\Youtube
2014-09-16 17:41 - 2014-08-27 15:39 - 00000000 ____D () C:\AdwCleaner
2014-09-16 17:36 - 2013-08-03 01:19 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-16 15:36 - 2014-03-14 20:37 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Battle.net
2014-09-16 14:55 - 2014-09-12 13:47 - 00000000 ____D () C:\Users\Brandon\Desktop\Twitch
2014-09-15 19:37 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-09-15 19:04 - 2013-10-14 15:00 - 00003270 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-98706136-930436416-2056340936-1000
2014-09-15 19:04 - 2013-10-14 15:00 - 00000440 _____ () C:\Users\Brandon\AppData\Local\UserProducts.xml
2014-09-15 19:04 - 2013-10-14 15:00 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
2014-09-14 20:30 - 2014-09-14 20:01 - 1170741481 _____ () C:\Users\Brandon\Desktop\Borderlands 2 Episode 4.mp4
2014-09-14 16:31 - 2014-09-14 16:31 - 00003050 _____ () C:\Windows\System32\Tasks\{F62E8F14-31C3-4FA0-BBC8-D6D11563E8F5}
2014-09-14 15:50 - 2009-07-14 03:45 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-09-14 14:03 - 2014-02-02 16:29 - 00000000 ____D () C:\Users\Brandon\Documents\My Games
2014-09-14 12:20 - 2014-02-24 17:13 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\OBS
2014-09-12 15:56 - 2014-03-15 21:45 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-09-12 13:41 - 2014-09-12 13:38 - 00000000 ____D () C:\Users\Brandon\AppData\Local\NVIDIA
2014-09-12 13:41 - 2013-11-12 20:30 - 00000000 ____D () C:\Users\Brandon\AppData\Local\NVIDIA Corporation
2014-09-12 13:41 - 2013-07-27 20:46 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-09-12 13:40 - 2014-09-12 13:40 - 00000931 _____ () C:\Users\Brandon\Desktop\Open Broadcaster Software.lnk
2014-09-12 13:40 - 2014-09-12 13:40 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-09-12 13:40 - 2014-09-12 13:40 - 00000000 ____D () C:\Program Files\OBS
2014-09-12 13:40 - 2014-09-12 13:40 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-09-12 13:38 - 2013-07-27 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-12 13:38 - 2013-07-27 20:46 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-12 13:38 - 2013-07-27 20:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-12 13:27 - 2014-09-12 13:27 - 00000969 _____ () C:\Users\Family\Desktop\ShiftWindow.lnk
2014-09-12 13:14 - 2014-09-12 13:11 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\GameCompanion
2014-09-11 21:39 - 2014-09-11 21:39 - 177569324 _____ () C:\Users\Brandon\Desktop\Ep5.wav
2014-09-11 19:41 - 2014-09-11 19:41 - 253209644 _____ () C:\Users\Brandon\Desktop\Ep4.wav
2014-09-10 17:06 - 2014-09-10 16:33 - 1395468432 _____ () C:\Users\Brandon\Desktop\3 vid.mp4
2014-09-10 16:10 - 2014-09-10 15:37 - 1631549923 _____ () C:\Users\Brandon\Desktop\Borderlands ep 2.mp4
2014-09-09 15:20 - 2014-09-08 16:39 - 00000000 ____D () C:\Users\Brandon\Desktop\American Dad Music Video
2014-09-09 14:52 - 2013-07-27 20:52 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-09 14:51 - 2013-07-28 02:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-09 14:41 - 2013-07-28 02:11 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-09 14:40 - 2014-04-22 18:43 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-08 17:43 - 2014-09-08 17:43 - 00001076 _____ () C:\Users\Brandon\Desktop\Video Descriptions.txt
2014-09-07 14:54 - 2013-07-30 18:11 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Windows Live
2014-09-07 14:53 - 2013-10-19 22:37 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Ubisoft
2014-09-07 14:53 - 2013-07-30 21:30 - 00000000 ____D () C:\ProgramData\Ubisoft
2014-09-07 11:27 - 2009-07-14 01:08 - 00032618 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-05 16:37 - 2014-02-17 12:59 - 00000000 ____D () C:\Users\Brandon\AppData\Local\join.me
2014-09-05 15:29 - 2014-05-30 19:58 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\.minecraft
2014-09-05 14:57 - 2014-09-05 14:57 - 00675988 _____ () C:\Users\Brandon\Desktop\Minecraft.exe
2014-09-05 14:57 - 2014-09-05 14:57 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\java
2014-09-04 22:10 - 2014-09-09 14:40 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 22:05 - 2014-09-09 14:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-31 19:20 - 2014-07-27 19:05 - 00000000 ____D () C:\Users\Brandon\Desktop\Windows Activation
2014-08-31 18:46 - 2014-08-08 21:03 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-31 18:45 - 2013-10-30 19:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-31 18:44 - 2014-08-31 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-08-31 18:44 - 2014-08-08 21:02 - 00000000 ____D () C:\Program Files\Java
2014-08-29 17:40 - 2014-08-29 17:40 - 00000000 ____D () C:\Users\Brandon\Documents\LOLReplay
2014-08-29 15:44 - 2013-07-27 23:23 - 00000000 ____D () C:\Users\Brandon\Documents\telltale games
2014-08-27 16:28 - 2013-08-01 17:32 - 00001258 __RSH () C:\Users\Brandon\ntuser.pol
2014-08-27 16:28 - 2013-07-27 19:49 - 00000000 ____D () C:\Users\Brandon
2014-08-26 20:19 - 2014-08-26 20:19 - 00003160 _____ () C:\Windows\System32\Tasks\{3E67EDF1-372E-41D8-8F9D-ED2AA1DD263E}
2014-08-26 20:13 - 2014-03-27 17:09 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-26 20:10 - 2014-08-26 20:10 - 00322919 _____ () C:\ProgramData\1409097707.bdinstall.bin
2014-08-26 20:03 - 2014-08-26 19:53 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\QuickScan
2014-08-26 19:56 - 2014-08-26 19:56 - 00041637 _____ () C:\ProgramData\1409097383.4804.bin
2014-08-26 19:56 - 2014-08-26 19:56 - 00002058 _____ () C:\ProgramData\1409097383.5252.bin
2014-08-26 19:54 - 2014-08-26 19:54 - 00045573 _____ () C:\ProgramData\1409097221.bdinstall.bin
2014-08-25 06:53 - 2013-07-27 20:40 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 12:58 - 2014-08-23 12:58 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-08-23 12:03 - 2014-08-23 12:03 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\MMFApplications
2014-08-23 11:58 - 2013-09-18 14:59 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-23 11:58 - 2013-09-18 14:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-23 11:58 - 2013-09-18 14:59 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-22 22:07 - 2014-08-27 15:39 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 21:45 - 2014-08-27 15:39 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 20:59 - 2014-08-27 15:39 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
 
Some content of TEMP:
====================
C:\Users\Brandon\AppData\Local\Temp\ovi-uninstall.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
Addition.txt:
==========
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Brandon at 2014-09-19 14:37:39
Running from C:\Users\Brandon\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12.2.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Extension Manager CS6 (HKLM-x32\...\{83463106-DD1C-4FE5-A61C-DF6715472AD4}) (Version: 6.0.8 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Revelations (HKLM-x32\...\Steam App 201870) (Version:  - Ubisoft Montreal)
ASUS RT-AC66U Wireless Router Utilities (HKLM-x32\...\{266E41AB-D928-4AF2-A8E4-B24E31F5758C}) (Version: 4.2.7.4 - ASUS)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.6.5 - ASUS)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Browser Configuration Utility (HKLM-x32\...\{BA88EE67-8974-459D-A1DB-C8281D9AC6F6}) (Version: 1.0.12.1 - DeviceVM, Inc.) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Rising 2: Off the Record (HKLM-x32\...\Steam App 45770) (Version:  - Capcom Vancouver)
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
Java SE Development Kit 8 Update 20 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.26 - Oracle Corporation)
join.me (HKCU\...\JoinMe) (Version: 1.16.0.134 - LogMeIn, Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Lightshot-5.1.4.9 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.4.9 - Skillbrains)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET and Web Frameworks 2012.2 (HKLM-x32\...\{71a40c60-27c2-443a-b7c7-6e4f3aad1d5a}) (Version: 2.1.20219.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 - Visual Studio Express 2012 for Web - ENU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Visual Studio 2012 Finalizer (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Visual Studio 2012 Uninstall Finalizer (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages 2 - Visual Studio Express 2012 for Web - ENU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20715.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{301DAC0A-285C-4BB1-A68E-7393673E9E69}) (Version: 11.1.2807.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{67ED4F6B-BE85-410B-A60E-793CEB7D7DAD}) (Version: 11.1.2807.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20905.0) (HKLM-x32\...\{23A3E3F8-91B4-4C5A-9E69-6747CF6D426B}) (Version: 11.1.20905.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20905.0) (HKLM-x32\...\{D2964C0D-477B-4914-B791-1D80E61E85E6}) (Version: 11.1.20905.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.6 (HKLM\...\{16C7D2AD-20CA-491E-80BC-8607A9AACED9}) (Version: 4.0.40719.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
NVIDIA 3D Vision Controller Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.160.1244 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.15.4 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.00.0000 - Realtek)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1146 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
Tribes Ascend (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 1.0.1268.1 - Hi-Rez Studios)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
USB PnP Sound Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version:   -  )
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Wireless N-lite USB Adapter Utility (HKLM-x32\...\{71AB49D0-9B47-4624-904C-D44B9B996656}) (Version: 1.5.4.0 - ZyXEL)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-98706136-930436416-2056340936-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Brandon\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-98706136-930436416-2056340936-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Brandon\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
 
==================== Restore Points  =========================
 
17-09-2014 18:58:53 Installed HiJackThis
17-09-2014 19:12:11 Checkpoint by HitmanPro
17-09-2014 19:12:36 Checkpoint by HitmanPro
17-09-2014 19:26:17 Checkpoint by HitmanPro
17-09-2014 22:42:38 Removed Tom Clancy's Splinter Cell® Blacklist™
17-09-2014 22:47:08 avast! antivirus system restore point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2014-09-17 15:13 - 00000019 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0396CFBD-F06C-4FE9-A420-0C2270C09D68} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000Core => C:\Users\Brandon\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {0F6CB8AE-23FB-44E8-96D0-FEFF2C75776D} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {141879D0-CEF4-4AFF-AE82-38E3B420C7D8} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
Task: {1AD210E2-72EF-434D-8551-D3B579BC2443} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {5B193DE6-28F2-4A60-8FDC-B11C97E1E6B3} - System32\Tasks\update-S-1-5-21-98706136-930436416-2056340936-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {5E6E1C25-7954-40FB-86DF-8E250A0B98FE} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {5F5BEEBD-43FB-454D-9577-DC21C4E3EB2A} - System32\Tasks\{F62E8F14-31C3-4FA0-BBC8-D6D11563E8F5} => C:\Program Files (x86)\Steam\SteamApps\common\Dead Rising 2 Off the Record\deadrising2otr.exe [2014-09-14] (CAPCOM CO., LTD.)
Task: {6BA34258-1705-4DAC-9AF0-9857229BE236} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {7D7A8250-F11A-455C-9960-AF159F7E92FB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000UA => C:\Users\Brandon\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {8344EB1B-D65A-46A1-B489-98841E760D76} - System32\Tasks\AdobeAAMUpdater-1.0-Nguyen-Brandon => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {8F148ED0-DD14-4391-AFF2-8D1A554C669C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-27] (Google Inc.)
Task: {986073E6-3BF7-41B1-A662-7D9614C9B114} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-23] (Adobe Systems Incorporated)
Task: {A5F551FC-8001-420D-9D4B-6D614C841387} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-17] (AVAST Software)
Task: {B359A930-4054-4A37-8ADD-2EF4BF65AB8E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {B7E243E1-AA55-45CF-80AC-63D4F88E56F2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000UA => C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-16] (Google Inc.)
Task: {C5E4E2C0-E6F1-4C00-B888-A212D9E7BA66} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {D8AB9240-DF27-4514-AE98-B0EA586DEEED} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000Core => C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-16] (Google Inc.)
Task: {DC1A17C0-39C0-4C40-A196-C3A1DDF7E383} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {E9F693A2-708B-44E4-B4D9-C8DC8BA8AC12} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {F118F7D5-8AC1-44E7-ABEB-C0FF034A8235} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-27] (Google Inc.)
Task: {F1A2FECD-EE7A-4A17-99B4-152C0DBBC5D9} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000Core.job => C:\Users\Brandon\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000UA.job => C:\Users\Brandon\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000Core.job => C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000UA.job => C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-98706136-930436416-2056340936-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-10-19 17:59 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2013-10-19 18:01 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2014-08-09 00:22 - 2014-08-09 00:22 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-09-17 18:49 - 2014-09-17 18:49 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-18 19:36 - 2014-09-18 19:36 - 02864128 _____ () C:\Program Files\AVAST Software\Avast\defs\14091804\algo.dll
2014-09-19 14:35 - 2014-09-19 14:35 - 02864128 _____ () C:\Program Files\AVAST Software\Avast\defs\14091901\algo.dll
2014-09-17 18:49 - 2014-09-17 18:49 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-11 15:29 - 2014-02-11 15:29 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-09-12 17:56 - 2014-09-03 23:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-12 17:56 - 2014-09-03 23:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-12 17:56 - 2014-09-03 23:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-12 17:56 - 2014-09-03 23:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-12 17:56 - 2014-09-03 23:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Brandon\Desktop\Minecraft.exe:BDU
AlternateDataStreams: C:\Users\Family\Downloads\payment .eml:OECustomProperty
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: asHmComSvc => 2
MSCONFIG\Services: AsSysCtrlService => 2
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: cmdvirth => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: GeekBuddyRSP => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gzserv => 2
MSCONFIG\Services: Hamachi2Svc => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: RalinkRegistryWriter => 2
MSCONFIG\Services: RalinkRegistryWriter64 => 2
MSCONFIG\Services: RzKLService => 2
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Cm108Sound => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
MSCONFIG\startupreg: Google Update => "C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: LightShot => C:\Users\Brandon\AppData\Local\Skillbrains\lightshot\Lightshot.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: RazerGameBooster => C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe -autorun
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/18/2014 07:51:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmprph.exe, version: 12.0.7600.16385, time stamp: 0x4a5bd018
Faulting module name: jscript.dll, version: 5.8.7601.17080, time stamp: 0x53ee277b
Exception code: 0xc000041d
Fault offset: 0x0000000000013fb4
Faulting process id: 0x1b4
Faulting application start time: 0xwmprph.exe0
Faulting application path: wmprph.exe1
Faulting module path: wmprph.exe2
Report Id: wmprph.exe3
 
Error: (09/18/2014 07:50:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmprph.exe, version: 12.0.7600.16385, time stamp: 0x4a5bd018
Faulting module name: jscript.dll, version: 5.8.7601.17080, time stamp: 0x53ee277b
Exception code: 0xc0000005
Fault offset: 0x0000000000013fb4
Faulting process id: 0x1b4
Faulting application start time: 0xwmprph.exe0
Faulting application path: wmprph.exe1
Faulting module path: wmprph.exe2
Report Id: wmprph.exe3
 
Error: (09/18/2014 07:18:31 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (09/18/2014 06:31:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmprph.exe, version: 12.0.7600.16385, time stamp: 0x4a5bd018
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000004e4e4
Faulting process id: 0x1b4
Faulting application start time: 0xwmprph.exe0
Faulting application path: wmprph.exe1
Faulting module path: wmprph.exe2
Report Id: wmprph.exe3
 
Error: (09/18/2014 06:30:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmprph.exe, version: 12.0.7600.16385, time stamp: 0x4a5bd018
Faulting module name: jscript.dll, version: 5.8.7601.17080, time stamp: 0x53ee277b
Exception code: 0xc000041d
Fault offset: 0x0000000000013fb4
Faulting process id: 0x21cc
Faulting application start time: 0xwmprph.exe0
Faulting application path: wmprph.exe1
Faulting module path: wmprph.exe2
Report Id: wmprph.exe3
 
Error: (09/18/2014 06:29:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmprph.exe, version: 12.0.7600.16385, time stamp: 0x4a5bd018
Faulting module name: jscript.dll, version: 5.8.7601.17080, time stamp: 0x53ee277b
Exception code: 0xc0000005
Fault offset: 0x0000000000013fb4
Faulting process id: 0x21cc
Faulting application start time: 0xwmprph.exe0
Faulting application path: wmprph.exe1
Faulting module path: wmprph.exe2
Report Id: wmprph.exe3
 
Error: (09/18/2014 05:25:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AfterFX.exe, version: 12.2.1.5, time stamp: 0x52e85d5e
Faulting module name: xfcodec64.dll, version: 1.0.0.42127, time stamp: 0x4bad0395
Exception code: 0xc0000005
Fault offset: 0x0000000000002ea0
Faulting process id: 0x1754
Faulting application start time: 0xAfterFX.exe0
Faulting application path: AfterFX.exe1
Faulting module path: AfterFX.exe2
Report Id: AfterFX.exe3
 
Error: (09/18/2014 05:09:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmprph.exe, version: 12.0.7600.16385, time stamp: 0x4a5bd018
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000004e4e4
Faulting process id: 0x21cc
Faulting application start time: 0xwmprph.exe0
Faulting application path: wmprph.exe1
Faulting module path: wmprph.exe2
Report Id: wmprph.exe3
 
Error: (09/18/2014 04:46:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program AfterFX.exe version 12.2.1.5 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1fa0
 
Start Time: 01cfd3814c24312b
 
Termination Time: 22
 
Application Path: C:\Program Files\Adobe\Adobe After Effects CC\Support Files\AfterFX.exe
 
Report Id: d134126d-3f74-11e4-b3bc-f46d049291af
 
Error: (09/18/2014 03:33:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 
System errors:
=============
Error: (09/17/2014 07:42:53 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (09/17/2014 07:42:46 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (09/17/2014 07:37:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:35:38 PM on ‎9/‎17/‎2014 was unexpected.
 
Error: (09/17/2014 07:35:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
 
Error: (09/17/2014 07:34:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
 
Error: (09/17/2014 07:30:01 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}
 
Error: (09/17/2014 06:41:16 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DeleteFlag with the following error: 
%%5
 
Error: (09/17/2014 06:41:14 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (09/17/2014 06:27:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:25:28 PM on ‎9/‎17/‎2014 was unexpected.
 
 
Microsoft Office Sessions:
=========================
Error: (09/18/2014 07:51:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmprph.exe12.0.7600.163854a5bd018jscript.dll5.8.7601.1708053ee277bc000041d0000000000013fb41b401cfd39046259c5aC:\Program Files\Windows Media Player\wmprph.exeC:\Windows\System32\jscript.dlla59c2f1a-3f8e-11e4-b3bc-f46d049291af
 
Error: (09/18/2014 07:50:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmprph.exe12.0.7600.163854a5bd018jscript.dll5.8.7601.1708053ee277bc00000050000000000013fb41b401cfd39046259c5aC:\Program Files\Windows Media Player\wmprph.exeC:\Windows\System32\jscript.dll9af1298d-3f8e-11e4-b3bc-f46d049291af
 
Error: (09/18/2014 07:18:31 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
Error: (09/18/2014 06:31:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmprph.exe12.0.7600.163854a5bd018ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e41b401cfd39046259c5aC:\Program Files\Windows Media Player\wmprph.exeC:\Windows\SYSTEM32\ntdll.dll850675a7-3f83-11e4-b3bc-f46d049291af
 
Error: (09/18/2014 06:30:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmprph.exe12.0.7600.163854a5bd018jscript.dll5.8.7601.1708053ee277bc000041d0000000000013fb421cc01cfd384dc8a30aeC:\Program Files\Windows Media Player\wmprph.exeC:\Windows\System32\jscript.dll58e25ff1-3f83-11e4-b3bc-f46d049291af
 
Error: (09/18/2014 06:29:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmprph.exe12.0.7600.163854a5bd018jscript.dll5.8.7601.1708053ee277bc00000050000000000013fb421cc01cfd384dc8a30aeC:\Program Files\Windows Media Player\wmprph.exeC:\Windows\System32\jscript.dll4d6b06b6-3f83-11e4-b3bc-f46d049291af
 
Error: (09/18/2014 05:25:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AfterFX.exe12.2.1.552e85d5exfcodec64.dll1.0.0.421274bad0395c00000050000000000002ea0175401cfd38198bf2582C:\Program Files\Adobe\Adobe After Effects CC\Support Files\AfterFX.exeC:\Windows\system32\xfcodec64.dll425eb861-3f7a-11e4-b3bc-f46d049291af
 
Error: (09/18/2014 05:09:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmprph.exe12.0.7600.163854a5bd018ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e421cc01cfd384dc8a30aeC:\Program Files\Windows Media Player\wmprph.exeC:\Windows\SYSTEM32\ntdll.dll1d265509-3f78-11e4-b3bc-f46d049291af
 
Error: (09/18/2014 04:46:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: AfterFX.exe12.2.1.51fa001cfd3814c24312b22C:\Program Files\Adobe\Adobe After Effects CC\Support Files\AfterFX.exed134126d-3f74-11e4-b3bc-f46d049291af
 
Error: (09/18/2014 03:33:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Brandon\Desktop\esetsmartinstaller_enu.exe
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-01-25 14:14:34.380
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-24 21:08:01.584
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-23 15:30:02.029
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-23 14:43:25.316
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-22 15:30:37.984
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-22 14:23:34.201
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-22 14:06:38.840
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-21 18:12:34.031
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-21 13:36:35.719
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-21 13:27:08.843
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 37%
Total physical RAM: 8159.13 MB
Available physical RAM: 5136.96 MB
Total Pagefile: 16316.44 MB
Available Pagefile: 13261.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:560.42 GB) NTFS
Drive d: (STORE N GO) (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 408DF344)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=1.9 GB) - (Type=06)
 
==================== End Of Log ============================
 

 

 


  • 0

#4
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

No worries, I am not always available at weekends too :)

 

I'd start with uninstalling SUPERAntiSpyware. There isn't malware per-se at the first look, just some remnants of hijackers.

 

Post on Monday and we will go from there :)


  • 0

#5
bnguyen100

bnguyen100

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

I mean I can still continue the process today, probably not late at night today. COuld we still continue it? Just for a bit right now?


  • 0

#6
bnguyen100

bnguyen100

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

I am also uninstalling the SUPER Antispyware right now


  • 0

#7
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Well, I have an hour or so, however will be leaving shortly.
 
After uninstalling SAS:



JRTbythisisu.png Fix with Junkware Removal Tool

Please download JRT by Thisisu and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.

Please include the contents of that file in your reply.
Do not forget to re-enable your previously switched off protection software!
Please also manually reboot your machine after this procedure.



adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[S*].txt) will open.

Please include the contents of that file in your reply.


  • 0

#8
bnguyen100

bnguyen100

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

JRT.txt:

======

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.7 (09.18.2014:2)
OS: Windows 7 Ultimate x64
Ran by Brandon on Fri 09/19/2014 at 14:55:18.23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 09/19/2014 at 14:59:59.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
AdwCleane.txt:
===========
# AdwCleaner v3.310 - Report created 19/09/2014 at 15:01:44
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Brandon - AXIOM
# Running from : C:\Users\Brandon\Desktop\adwcleaner_3.310.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\SecTaskMan
Folder Deleted : C:\Program Files (x86)\Skillbrains
Folder Deleted : C:\Users\Brandon\AppData\Local\Skillbrains
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : update-sys
Task Deleted : update-S-1-5-21-98706136-930436416-2056340936-1000
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : HKCU\Software\SkillBrains
Key Deleted : HKCU\Software\Tencent
Key Deleted : HKLM\SOFTWARE\Email Notifier
Key Deleted : HKLM\SOFTWARE\SkillBrains
Key Deleted : HKLM\SOFTWARE\Tencent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16575
 
 
-\\ Mozilla Firefox v
 
[ File : C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\1q2vnfo0.default\prefs.js ]
 
 
[ File : C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\ch87bu5a.default\prefs.js ]
 
 
-\\ Google Chrome v37.0.2062.120
 
[ File : C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
[ File : C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
 
*************************
 
AdwCleaner[R10].txt - [2431 octets] - [16/09/2014 17:39:33]
AdwCleaner[R11].txt - [2494 octets] - [19/09/2014 15:00:13]
AdwCleaner[R9].txt - [266 octets] - [27/08/2014 15:39:24]
AdwCleaner[S5].txt - [2335 octets] - [19/09/2014 15:01:44]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [2395 octets] ##########
 

 


  • 0

#9
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Looking good :)



FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content in your next reply.


  • 0

#10
bnguyen100

bnguyen100

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

FRST.txt:

==========

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Brandon (administrator) on AXIOM on 19-09-2014 15:16:31
Running from C:\Users\Brandon\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe After Effects CC\Support Files\AfterFX.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe After Effects CC\Support Files\32\dynamiclinkmanager.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe After Effects CC\Support Files\32\Adobe QT32 Server.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-17] (AVAST Software)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-07-28] (Microsoft Corporation)
HKU\S-1-5-21-98706136-930436416-2056340936-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-98706136-930436416-2056340936-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-98706136-930436416-2056340936-1004\User: Group Policy restriction detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.searc...x={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\1q2vnfo0.default
FF NewTab: hxxp://www.google.com/firefox
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Brandon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Brandon\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Brandon\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Brandon\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Brandon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Users\Brandon\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Brandon\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Brandon\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: iMacros for Firefox - C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\1q2vnfo0.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-05-08]
FF Extension: ReloadEvery - C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\1q2vnfo0.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2013-09-18]
FF Extension: Greasemonkey - C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\1q2vnfo0.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-10-10]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-17]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR Profile: C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-06-08]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-08]
CHR Extension: (Enhance Views) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippgbgjbkciiodailobdhilppmfglgma [2014-09-07]
CHR Extension: (Ghostery) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-06-08]
CHR Extension: (Google Wallet) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-17]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
S4 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-17] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1721800 2014-08-08] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18974152 2014-08-08] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-09] ()
S4 RalinkRegistryWriter; C:\Program Files (x86)\ZyXEL\N220\Common\RaRegistry.exe [185632 2009-07-14] (Ralink Technology, Corp.)
S4 RalinkRegistryWriter64; C:\Program Files (x86)\ZyXEL\N220\Common\RaRegistry64.exe [211232 2009-07-14] (Ralink Technology, Corp.)
S4 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-17] ()
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-10] (ManyCam LLC)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [21448 2014-08-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 PCASp60; C:\Windows\SysWOW64\Drivers\PCASp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-10-13] (Razer Inc)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-20] (Anchorfree Inc.)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-19 15:15 - 2014-09-19 15:20 - 83802050 _____ () C:\Users\Brandon\Desktop\~PICE1A.tmp
2014-09-19 15:10 - 2014-09-19 15:12 - 24993293 _____ () C:\Users\Brandon\Desktop\Outro for SC2.mp4
2014-09-19 14:59 - 2014-09-19 14:59 - 00000631 _____ () C:\Users\Brandon\Desktop\JRT.txt
2014-09-19 14:36 - 2014-09-19 15:18 - 00017266 _____ () C:\Users\Brandon\Desktop\FRST.txt
2014-09-19 14:36 - 2014-09-19 15:16 - 00000000 ____D () C:\FRST
2014-09-19 14:36 - 2014-09-19 14:36 - 02105856 _____ (Farbar) C:\Users\Brandon\Desktop\FRST64.exe
2014-09-18 20:58 - 2014-09-18 20:58 - 00001596 _____ () C:\Users\Brandon\Desktop\HW QWUiz.txt
2014-09-18 18:12 - 2014-09-18 18:17 - 06508723 _____ () C:\Users\Brandon\Desktop\Test 2.mp4
2014-09-18 15:37 - 2014-09-18 15:39 - 00000000 ____D () C:\Users\Brandon\Desktop\BACKUP ON STORE N GO
2014-09-18 15:19 - 2014-09-18 15:19 - 00000000 ____D () C:\Users\Brandon\Desktop\ProcessExplorer
2014-09-18 15:18 - 2014-09-18 15:19 - 00448512 _____ (OldTimer Tools) C:\Users\Brandon\Desktop\TFC.exe
2014-09-17 20:04 - 2014-09-17 20:06 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-09-17 20:04 - 2014-09-17 20:04 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-09-17 18:51 - 2014-09-17 18:51 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\AVAST Software
2014-09-17 18:51 - 2014-09-17 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-17 18:50 - 2014-09-17 18:51 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-17 18:50 - 2014-09-17 18:51 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-17 18:50 - 2014-09-17 18:49 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-17 18:50 - 2014-09-17 18:49 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-17 18:50 - 2014-09-17 18:49 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-17 18:50 - 2014-09-17 18:49 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-17 18:50 - 2014-09-17 18:49 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-17 18:50 - 2014-09-17 18:49 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-17 18:50 - 2014-09-17 18:49 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-17 18:50 - 2014-09-17 18:49 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-17 18:49 - 2014-09-17 18:49 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-17 18:47 - 2014-09-17 18:47 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-17 18:41 - 2014-09-17 18:41 - 00096579 _____ () C:\ProgramData\1410993664.bdinstall.bin
2014-09-17 18:41 - 2014-09-17 18:41 - 00037823 _____ () C:\ProgramData\1410993663.bdinstall.bin
2014-09-17 18:28 - 2014-09-19 15:16 - 00000000 ____D () C:\Users\Brandon\Desktop\Youtube Outro Project
2014-09-17 16:14 - 2014-09-17 16:14 - 00084304 _____ () C:\Users\Brandon\Desktop\OTL.Txt
2014-09-17 16:04 - 2014-09-17 16:04 - 00602112 _____ (OldTimer Tools) C:\Users\Brandon\Desktop\OTL.exe
2014-09-17 15:40 - 2014-09-19 15:02 - 00113442 _____ () C:\Windows\PFRO.log
2014-09-17 15:31 - 2014-09-17 15:31 - 00000000 ____D () C:\SUPERDelete
2014-09-16 18:27 - 2014-09-19 15:03 - 00001008 _____ () C:\Windows\setupact.log
2014-09-16 18:27 - 2014-09-16 18:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-16 18:22 - 2014-09-16 18:23 - 05339416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-16 17:46 - 2014-09-16 17:46 - 00127480 _____ () C:\Users\Brandon\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-14 20:01 - 2014-09-14 20:30 - 1170741481 _____ () C:\Users\Brandon\Desktop\Borderlands 2 Episode 4.mp4
2014-09-14 16:31 - 2014-09-14 16:31 - 00003050 _____ () C:\Windows\System32\Tasks\{F62E8F14-31C3-4FA0-BBC8-D6D11563E8F5}
2014-09-12 13:47 - 2014-09-16 14:55 - 00000000 ____D () C:\Users\Brandon\Desktop\Twitch
2014-09-12 13:40 - 2014-09-12 13:40 - 00000931 _____ () C:\Users\Brandon\Desktop\Open Broadcaster Software.lnk
2014-09-12 13:40 - 2014-09-12 13:40 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-09-12 13:40 - 2014-09-12 13:40 - 00000000 ____D () C:\Program Files\OBS
2014-09-12 13:40 - 2014-09-12 13:40 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-09-12 13:38 - 2014-09-12 13:41 - 00000000 ____D () C:\Users\Brandon\AppData\Local\NVIDIA
2014-09-12 13:38 - 2014-08-08 20:28 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-09-12 13:38 - 2014-08-08 20:28 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-09-12 13:38 - 2014-08-08 20:28 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-09-12 13:38 - 2014-08-08 20:28 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-09-12 13:38 - 2014-03-31 12:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-12 13:38 - 2014-03-31 12:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-09-12 13:38 - 2014-03-31 12:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-12 13:27 - 2014-09-12 13:27 - 00000969 _____ () C:\Users\Family\Desktop\ShiftWindow.lnk
2014-09-12 13:11 - 2014-09-12 13:14 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\GameCompanion
2014-09-11 21:39 - 2014-09-11 21:39 - 177569324 _____ () C:\Users\Brandon\Desktop\Ep5.wav
2014-09-11 21:17 - 2014-09-18 18:17 - 00000000 ____D () C:\Users\Brandon\Desktop\Unfinished Episodes
2014-09-11 19:41 - 2014-09-11 19:41 - 253209644 _____ () C:\Users\Brandon\Desktop\Ep4.wav
2014-09-10 16:33 - 2014-09-10 17:06 - 1395468432 _____ () C:\Users\Brandon\Desktop\3 vid.mp4
2014-09-10 15:37 - 2014-09-10 16:10 - 1631549923 _____ () C:\Users\Brandon\Desktop\Borderlands ep 2.mp4
2014-09-10 14:39 - 2014-09-16 17:46 - 00000000 ____D () C:\Users\Brandon\Desktop\Coding
2014-09-10 14:38 - 2014-09-16 17:45 - 00000000 ____D () C:\Users\Brandon\Desktop\Youtube
2014-09-09 14:53 - 2014-08-15 11:48 - 17868288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-09 14:53 - 2014-08-15 11:36 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-09 14:53 - 2014-08-15 11:35 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-09 14:53 - 2014-08-15 11:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-09 14:53 - 2014-08-15 11:31 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-09 14:53 - 2014-08-15 11:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-09 14:53 - 2014-08-15 11:30 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-09 14:53 - 2014-08-15 11:30 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-09 14:53 - 2014-08-15 11:29 - 02156032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-09 14:53 - 2014-08-15 11:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-09 14:53 - 2014-08-15 11:29 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-09 14:53 - 2014-08-15 11:29 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-09 14:53 - 2014-08-15 11:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-09 14:53 - 2014-08-15 11:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-09 14:53 - 2014-08-15 11:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-09 14:53 - 2014-08-15 11:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-09 14:53 - 2014-08-15 11:29 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-09 14:53 - 2014-08-15 11:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-09 14:53 - 2014-08-15 11:28 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-09 14:53 - 2014-08-15 11:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-09 14:53 - 2014-08-15 11:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-09 14:53 - 2014-08-15 10:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-09 14:53 - 2014-08-15 10:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-09 14:53 - 2014-08-15 10:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-09 14:53 - 2014-08-15 10:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-09 14:53 - 2014-08-15 10:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-09 14:53 - 2014-08-15 10:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-09 14:53 - 2014-08-15 10:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-09 14:53 - 2014-08-15 10:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-09 14:53 - 2014-08-15 10:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-09 14:53 - 2014-08-15 10:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-09 14:53 - 2014-08-15 10:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-09 14:53 - 2014-08-15 10:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-09 14:53 - 2014-08-15 10:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-09 14:53 - 2014-08-15 10:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-09 14:53 - 2014-08-15 10:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-09 14:53 - 2014-08-15 10:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-09 14:53 - 2014-08-15 10:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-09 14:53 - 2014-08-15 10:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-09 14:53 - 2014-08-15 10:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-09 14:53 - 2014-08-15 10:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-09 14:53 - 2014-08-15 10:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-09 14:40 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-09 14:40 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-09 14:40 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-09 14:40 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-09 14:39 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-09 14:39 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-09 14:39 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-09 14:39 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-09 14:39 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-08 17:43 - 2014-09-08 17:43 - 00001076 _____ () C:\Users\Brandon\Desktop\Video Descriptions.txt
2014-09-08 16:39 - 2014-09-09 15:20 - 00000000 ____D () C:\Users\Brandon\Desktop\American Dad Music Video
2014-09-05 14:57 - 2014-09-05 14:57 - 00675988 _____ () C:\Users\Brandon\Desktop\Minecraft.exe
2014-09-05 14:57 - 2014-09-05 14:57 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\java
2014-08-31 18:44 - 2014-08-31 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-08-29 17:40 - 2014-08-29 17:40 - 00000000 ____D () C:\Users\Brandon\Documents\LOLReplay
2014-08-27 15:39 - 2014-09-19 15:01 - 00000000 ____D () C:\AdwCleaner
2014-08-27 15:39 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 15:39 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 15:39 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 20:19 - 2014-08-26 20:19 - 00003160 _____ () C:\Windows\System32\Tasks\{3E67EDF1-372E-41D8-8F9D-ED2AA1DD263E}
2014-08-26 20:10 - 2014-08-26 20:10 - 00322919 _____ () C:\ProgramData\1409097707.bdinstall.bin
2014-08-26 19:56 - 2014-08-26 19:56 - 00041637 _____ () C:\ProgramData\1409097383.4804.bin
2014-08-26 19:56 - 2014-08-26 19:56 - 00002058 _____ () C:\ProgramData\1409097383.5252.bin
2014-08-26 19:54 - 2014-08-26 19:54 - 00045573 _____ () C:\ProgramData\1409097221.bdinstall.bin
2014-08-26 19:53 - 2014-08-26 20:03 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\QuickScan
2014-08-24 13:54 - 2014-09-19 14:45 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Adobe
2014-08-23 15:30 - 2014-09-17 18:47 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-23 12:58 - 2014-08-23 12:58 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-08-23 12:03 - 2014-08-23 12:03 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\MMFApplications
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-19 15:20 - 2014-09-19 15:15 - 83802050 _____ () C:\Users\Brandon\Desktop\~PICE1A.tmp
2014-09-19 15:18 - 2014-09-19 14:36 - 00017266 _____ () C:\Users\Brandon\Desktop\FRST.txt
2014-09-19 15:16 - 2014-09-19 14:36 - 00000000 ____D () C:\FRST
2014-09-19 15:16 - 2014-09-17 18:28 - 00000000 ____D () C:\Users\Brandon\Desktop\Youtube Outro Project
2014-09-19 15:12 - 2014-09-19 15:10 - 24993293 _____ () C:\Users\Brandon\Desktop\Outro for SC2.mp4
2014-09-19 15:12 - 2013-09-11 17:36 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Skype
2014-09-19 15:08 - 2014-07-10 16:06 - 01790632 _____ () C:\Windows\WindowsUpdate.log
2014-09-19 15:08 - 2013-09-18 14:59 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-19 15:08 - 2009-07-14 00:45 - 00035072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-19 15:08 - 2009-07-14 00:45 - 00035072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-19 15:03 - 2014-09-16 18:27 - 00001008 _____ () C:\Windows\setupact.log
2014-09-19 15:03 - 2014-05-31 19:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-19 15:03 - 2013-07-27 21:05 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-19 15:03 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-19 15:02 - 2014-09-17 15:40 - 00113442 _____ () C:\Windows\PFRO.log
2014-09-19 15:01 - 2014-08-27 15:39 - 00000000 ____D () C:\AdwCleaner
2014-09-19 15:01 - 2014-03-14 20:37 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Battle.net
2014-09-19 14:59 - 2014-09-19 14:59 - 00000631 _____ () C:\Users\Brandon\Desktop\JRT.txt
2014-09-19 14:50 - 2013-07-27 21:05 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-19 14:45 - 2014-08-24 13:54 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Adobe
2014-09-19 14:36 - 2014-09-19 14:36 - 02105856 _____ (Farbar) C:\Users\Brandon\Desktop\FRST64.exe
2014-09-18 20:58 - 2014-09-18 20:58 - 00001596 _____ () C:\Users\Brandon\Desktop\HW QWUiz.txt
2014-09-18 20:29 - 2013-08-16 19:29 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000UA.job
2014-09-18 19:51 - 2014-01-30 16:49 - 00000000 ____D () C:\Users\Brandon\AppData\Local\CrashDumps
2014-09-18 19:49 - 2013-12-30 17:31 - 00000132 _____ () C:\Users\Brandon\AppData\Roaming\Adobe PNG Format CC Prefs
2014-09-18 19:29 - 2014-07-17 11:20 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Audacity
2014-09-18 18:17 - 2014-09-18 18:12 - 06508723 _____ () C:\Users\Brandon\Desktop\Test 2.mp4
2014-09-18 18:17 - 2014-09-11 21:17 - 00000000 ____D () C:\Users\Brandon\Desktop\Unfinished Episodes
2014-09-18 17:49 - 2013-07-27 20:31 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Adobe
2014-09-18 17:48 - 2014-02-19 17:51 - 00000000 ____D () C:\Users\Brandon\Documents\Adobe
2014-09-18 16:42 - 2014-06-17 16:07 - 00007598 _____ () C:\Users\Brandon\AppData\Local\resmon.resmoncfg
2014-09-18 16:27 - 2014-07-27 19:07 - 00000000 ____D () C:\Users\Brandon\Desktop\Graphics Folder
2014-09-18 15:47 - 2014-03-02 18:14 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\New Technology Studio
2014-09-18 15:39 - 2014-09-18 15:37 - 00000000 ____D () C:\Users\Brandon\Desktop\BACKUP ON STORE N GO
2014-09-18 15:29 - 2013-08-16 19:29 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000Core.job
2014-09-18 15:19 - 2014-09-18 15:19 - 00000000 ____D () C:\Users\Brandon\Desktop\ProcessExplorer
2014-09-18 15:19 - 2014-09-18 15:18 - 00448512 _____ (OldTimer Tools) C:\Users\Brandon\Desktop\TFC.exe
2014-09-17 20:28 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-17 20:06 - 2014-09-17 20:04 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-09-17 20:04 - 2014-09-17 20:04 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-09-17 18:51 - 2014-09-17 18:51 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\AVAST Software
2014-09-17 18:51 - 2014-09-17 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-17 18:51 - 2014-09-17 18:50 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-17 18:51 - 2014-09-17 18:50 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-17 18:49 - 2014-09-17 18:50 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-17 18:49 - 2014-09-17 18:50 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-17 18:49 - 2014-09-17 18:50 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-17 18:49 - 2014-09-17 18:50 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-17 18:49 - 2014-09-17 18:50 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-17 18:49 - 2014-09-17 18:50 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-17 18:49 - 2014-09-17 18:50 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-17 18:49 - 2014-09-17 18:50 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-17 18:49 - 2014-09-17 18:49 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-17 18:47 - 2014-09-17 18:47 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-17 18:47 - 2014-08-23 15:30 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-17 18:44 - 2013-07-27 22:18 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-09-17 18:44 - 2013-07-27 20:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-17 18:42 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-17 18:41 - 2014-09-17 18:41 - 00096579 _____ () C:\ProgramData\1410993664.bdinstall.bin
2014-09-17 18:41 - 2014-09-17 18:41 - 00037823 _____ () C:\ProgramData\1410993663.bdinstall.bin
2014-09-17 16:14 - 2014-09-17 16:14 - 00084304 _____ () C:\Users\Brandon\Desktop\OTL.Txt
2014-09-17 16:04 - 2014-09-17 16:04 - 00602112 _____ (OldTimer Tools) C:\Users\Brandon\Desktop\OTL.exe
2014-09-17 15:31 - 2014-09-17 15:31 - 00000000 ____D () C:\SUPERDelete
2014-09-17 15:31 - 2013-07-28 20:40 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-09-17 15:12 - 2014-03-09 16:42 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-16 18:33 - 2014-02-26 19:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-16 18:33 - 2014-02-26 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-16 18:33 - 2013-07-27 21:28 - 00000000 ____D () C:\ProgramData\Skype
2014-09-16 18:27 - 2014-09-16 18:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-16 18:23 - 2014-09-16 18:22 - 05339416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-16 17:46 - 2014-09-16 17:46 - 00127480 _____ () C:\Users\Brandon\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-16 17:46 - 2014-09-10 14:39 - 00000000 ____D () C:\Users\Brandon\Desktop\Coding
2014-09-16 17:45 - 2014-09-10 14:38 - 00000000 ____D () C:\Users\Brandon\Desktop\Youtube
2014-09-16 17:36 - 2013-08-03 01:19 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-16 14:55 - 2014-09-12 13:47 - 00000000 ____D () C:\Users\Brandon\Desktop\Twitch
2014-09-15 19:37 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-09-15 19:04 - 2013-10-14 15:00 - 00000440 _____ () C:\Users\Brandon\AppData\Local\UserProducts.xml
2014-09-15 19:04 - 2013-10-14 15:00 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
2014-09-14 20:30 - 2014-09-14 20:01 - 1170741481 _____ () C:\Users\Brandon\Desktop\Borderlands 2 Episode 4.mp4
2014-09-14 16:31 - 2014-09-14 16:31 - 00003050 _____ () C:\Windows\System32\Tasks\{F62E8F14-31C3-4FA0-BBC8-D6D11563E8F5}
2014-09-14 15:50 - 2009-07-14 03:45 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-09-14 14:03 - 2014-02-02 16:29 - 00000000 ____D () C:\Users\Brandon\Documents\My Games
2014-09-14 12:20 - 2014-02-24 17:13 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\OBS
2014-09-12 15:56 - 2014-03-15 21:45 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-09-12 13:41 - 2014-09-12 13:38 - 00000000 ____D () C:\Users\Brandon\AppData\Local\NVIDIA
2014-09-12 13:41 - 2013-11-12 20:30 - 00000000 ____D () C:\Users\Brandon\AppData\Local\NVIDIA Corporation
2014-09-12 13:41 - 2013-07-27 20:46 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-09-12 13:40 - 2014-09-12 13:40 - 00000931 _____ () C:\Users\Brandon\Desktop\Open Broadcaster Software.lnk
2014-09-12 13:40 - 2014-09-12 13:40 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-09-12 13:40 - 2014-09-12 13:40 - 00000000 ____D () C:\Program Files\OBS
2014-09-12 13:40 - 2014-09-12 13:40 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-09-12 13:38 - 2013-07-27 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-12 13:38 - 2013-07-27 20:46 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-12 13:38 - 2013-07-27 20:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-12 13:27 - 2014-09-12 13:27 - 00000969 _____ () C:\Users\Family\Desktop\ShiftWindow.lnk
2014-09-12 13:14 - 2014-09-12 13:11 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\GameCompanion
2014-09-11 21:39 - 2014-09-11 21:39 - 177569324 _____ () C:\Users\Brandon\Desktop\Ep5.wav
2014-09-11 19:41 - 2014-09-11 19:41 - 253209644 _____ () C:\Users\Brandon\Desktop\Ep4.wav
2014-09-10 17:06 - 2014-09-10 16:33 - 1395468432 _____ () C:\Users\Brandon\Desktop\3 vid.mp4
2014-09-10 16:10 - 2014-09-10 15:37 - 1631549923 _____ () C:\Users\Brandon\Desktop\Borderlands ep 2.mp4
2014-09-09 15:20 - 2014-09-08 16:39 - 00000000 ____D () C:\Users\Brandon\Desktop\American Dad Music Video
2014-09-09 14:52 - 2013-07-27 20:52 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-09 14:51 - 2013-07-28 02:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-09 14:41 - 2013-07-28 02:11 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-09 14:40 - 2014-04-22 18:43 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-08 17:43 - 2014-09-08 17:43 - 00001076 _____ () C:\Users\Brandon\Desktop\Video Descriptions.txt
2014-09-07 14:54 - 2013-07-30 18:11 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Windows Live
2014-09-07 14:53 - 2013-10-19 22:37 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Ubisoft
2014-09-07 14:53 - 2013-07-30 21:30 - 00000000 ____D () C:\ProgramData\Ubisoft
2014-09-07 11:27 - 2009-07-14 01:08 - 00032618 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-05 16:37 - 2014-02-17 12:59 - 00000000 ____D () C:\Users\Brandon\AppData\Local\join.me
2014-09-05 15:29 - 2014-05-30 19:58 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\.minecraft
2014-09-05 14:57 - 2014-09-05 14:57 - 00675988 _____ () C:\Users\Brandon\Desktop\Minecraft.exe
2014-09-05 14:57 - 2014-09-05 14:57 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\java
2014-09-04 22:10 - 2014-09-09 14:40 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 22:05 - 2014-09-09 14:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-31 19:20 - 2014-07-27 19:05 - 00000000 ____D () C:\Users\Brandon\Desktop\Windows Activation
2014-08-31 18:46 - 2014-08-08 21:03 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-31 18:45 - 2013-10-30 19:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-31 18:44 - 2014-08-31 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-08-31 18:44 - 2014-08-08 21:02 - 00000000 ____D () C:\Program Files\Java
2014-08-29 17:40 - 2014-08-29 17:40 - 00000000 ____D () C:\Users\Brandon\Documents\LOLReplay
2014-08-29 15:44 - 2013-07-27 23:23 - 00000000 ____D () C:\Users\Brandon\Documents\telltale games
2014-08-27 16:28 - 2013-08-01 17:32 - 00001258 __RSH () C:\Users\Brandon\ntuser.pol
2014-08-27 16:28 - 2013-07-27 19:49 - 00000000 ____D () C:\Users\Brandon
2014-08-26 20:19 - 2014-08-26 20:19 - 00003160 _____ () C:\Windows\System32\Tasks\{3E67EDF1-372E-41D8-8F9D-ED2AA1DD263E}
2014-08-26 20:13 - 2014-03-27 17:09 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-26 20:10 - 2014-08-26 20:10 - 00322919 _____ () C:\ProgramData\1409097707.bdinstall.bin
2014-08-26 20:03 - 2014-08-26 19:53 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\QuickScan
2014-08-26 19:56 - 2014-08-26 19:56 - 00041637 _____ () C:\ProgramData\1409097383.4804.bin
2014-08-26 19:56 - 2014-08-26 19:56 - 00002058 _____ () C:\ProgramData\1409097383.5252.bin
2014-08-26 19:54 - 2014-08-26 19:54 - 00045573 _____ () C:\ProgramData\1409097221.bdinstall.bin
2014-08-25 06:53 - 2013-07-27 20:40 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 12:58 - 2014-08-23 12:58 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-08-23 12:03 - 2014-08-23 12:03 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\MMFApplications
2014-08-23 11:58 - 2013-09-18 14:59 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-23 11:58 - 2013-09-18 14:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-23 11:58 - 2013-09-18 14:59 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-22 22:07 - 2014-08-27 15:39 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 21:45 - 2014-08-27 15:39 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 20:59 - 2014-08-27 15:39 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
 
Some content of TEMP:
====================
C:\Users\Brandon\AppData\Local\Temp\ovi-uninstall.exe
C:\Users\Brandon\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
Addition.txt:
==========
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Brandon at 2014-09-19 15:20:24
Running from C:\Users\Brandon\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12.2.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Extension Manager CS6 (HKLM-x32\...\{83463106-DD1C-4FE5-A61C-DF6715472AD4}) (Version: 6.0.8 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Revelations (HKLM-x32\...\Steam App 201870) (Version:  - Ubisoft Montreal)
ASUS RT-AC66U Wireless Router Utilities (HKLM-x32\...\{266E41AB-D928-4AF2-A8E4-B24E31F5758C}) (Version: 4.2.7.4 - ASUS)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.6.5 - ASUS)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Browser Configuration Utility (HKLM-x32\...\{BA88EE67-8974-459D-A1DB-C8281D9AC6F6}) (Version: 1.0.12.1 - DeviceVM, Inc.) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Rising 2: Off the Record (HKLM-x32\...\Steam App 45770) (Version:  - Capcom Vancouver)
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
Java SE Development Kit 8 Update 20 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.26 - Oracle Corporation)
join.me (HKCU\...\JoinMe) (Version: 1.16.0.134 - LogMeIn, Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET and Web Frameworks 2012.2 (HKLM-x32\...\{71a40c60-27c2-443a-b7c7-6e4f3aad1d5a}) (Version: 2.1.20219.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 - Visual Studio Express 2012 for Web - ENU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Visual Studio 2012 Finalizer (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Visual Studio 2012 Uninstall Finalizer (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages 2 - Visual Studio Express 2012 for Web - ENU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20715.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{301DAC0A-285C-4BB1-A68E-7393673E9E69}) (Version: 11.1.2807.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{67ED4F6B-BE85-410B-A60E-793CEB7D7DAD}) (Version: 11.1.2807.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20905.0) (HKLM-x32\...\{23A3E3F8-91B4-4C5A-9E69-6747CF6D426B}) (Version: 11.1.20905.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20905.0) (HKLM-x32\...\{D2964C0D-477B-4914-B791-1D80E61E85E6}) (Version: 11.1.20905.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.6 (HKLM\...\{16C7D2AD-20CA-491E-80BC-8607A9AACED9}) (Version: 4.0.40719.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
NVIDIA 3D Vision Controller Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.160.1244 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.15.4 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.00.0000 - Realtek)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
Tribes Ascend (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 1.0.1268.1 - Hi-Rez Studios)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
USB PnP Sound Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version:   -  )
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Wireless N-lite USB Adapter Utility (HKLM-x32\...\{71AB49D0-9B47-4624-904C-D44B9B996656}) (Version: 1.5.4.0 - ZyXEL)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-98706136-930436416-2056340936-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Brandon\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-98706136-930436416-2056340936-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Brandon\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
 
==================== Restore Points  =========================
 
17-09-2014 18:58:53 Installed HiJackThis
17-09-2014 19:12:11 Checkpoint by HitmanPro
17-09-2014 19:12:36 Checkpoint by HitmanPro
17-09-2014 19:26:17 Checkpoint by HitmanPro
17-09-2014 22:42:38 Removed Tom Clancy's Splinter Cell® Blacklist™
17-09-2014 22:47:08 avast! antivirus system restore point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2014-09-17 15:13 - 00000019 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0396CFBD-F06C-4FE9-A420-0C2270C09D68} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000Core => C:\Users\Brandon\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {0F6CB8AE-23FB-44E8-96D0-FEFF2C75776D} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {141879D0-CEF4-4AFF-AE82-38E3B420C7D8} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
Task: {1AD210E2-72EF-434D-8551-D3B579BC2443} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {5E6E1C25-7954-40FB-86DF-8E250A0B98FE} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {5F5BEEBD-43FB-454D-9577-DC21C4E3EB2A} - System32\Tasks\{F62E8F14-31C3-4FA0-BBC8-D6D11563E8F5} => C:\Program Files (x86)\Steam\SteamApps\common\Dead Rising 2 Off the Record\deadrising2otr.exe [2014-09-14] (CAPCOM CO., LTD.)
Task: {7D7A8250-F11A-455C-9960-AF159F7E92FB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000UA => C:\Users\Brandon\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {8344EB1B-D65A-46A1-B489-98841E760D76} - System32\Tasks\AdobeAAMUpdater-1.0-Nguyen-Brandon => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {8F148ED0-DD14-4391-AFF2-8D1A554C669C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-27] (Google Inc.)
Task: {986073E6-3BF7-41B1-A662-7D9614C9B114} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-23] (Adobe Systems Incorporated)
Task: {A5F551FC-8001-420D-9D4B-6D614C841387} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-17] (AVAST Software)
Task: {B359A930-4054-4A37-8ADD-2EF4BF65AB8E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {B7E243E1-AA55-45CF-80AC-63D4F88E56F2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000UA => C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-16] (Google Inc.)
Task: {C5E4E2C0-E6F1-4C00-B888-A212D9E7BA66} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {D8AB9240-DF27-4514-AE98-B0EA586DEEED} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000Core => C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-16] (Google Inc.)
Task: {DC1A17C0-39C0-4C40-A196-C3A1DDF7E383} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {E9F693A2-708B-44E4-B4D9-C8DC8BA8AC12} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {F118F7D5-8AC1-44E7-ABEB-C0FF034A8235} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-27] (Google Inc.)
Task: {F1A2FECD-EE7A-4A17-99B4-152C0DBBC5D9} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000Core.job => C:\Users\Brandon\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000UA.job => C:\Users\Brandon\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000Core.job => C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-98706136-930436416-2056340936-1000UA.job => C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-10-19 17:59 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2013-10-19 18:01 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2014-08-09 00:22 - 2014-08-09 00:22 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2010-01-02 10:42 - 2010-01-02 10:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-05-23 03:05 - 2014-01-28 23:39 - 01004968 _____ () C:\Program Files\Adobe\Adobe After Effects CC\Support Files\aeres1.dll
2013-05-23 02:05 - 2013-05-23 02:05 - 03499008 _____ () C:\Program Files\Adobe\Adobe After Effects CC\Support Files\DNxHDCodec.dll
2014-01-28 23:39 - 2014-01-28 23:39 - 00027048 _____ () C:\Program Files\Adobe\Adobe After Effects CC\Support Files\(Media Core plug-ins)\Common\ImporterIllustratorAE.prm
2014-01-28 23:39 - 2014-01-28 23:39 - 00232360 _____ () C:\Program Files\Adobe\Adobe After Effects CC\Support Files\(Media Core plug-ins)\Common\ImporterPhotoshopAE.prm
2013-05-22 20:24 - 2013-05-22 20:24 - 14849896 _____ () C:\Program Files\Adobe\Adobe After Effects CC\Support Files\Plug-ins\Effects\mochaAE\mochashapeconverter4ae.aex
2013-05-23 02:08 - 2014-01-28 22:13 - 02041856 _____ () C:\Program Files\Adobe\Adobe After Effects CC\Support Files\Plug-ins\Format\OpenEXR.aex
2013-05-22 20:26 - 2014-01-28 16:33 - 01103360 _____ () C:\Program Files\Adobe\Adobe After Effects CC\Support Files\Plug-ins\MAXON CINEWARE AE\Cineware_AE_SceneLayer.aex
2014-01-28 23:39 - 2014-01-28 23:39 - 00072616 _____ () C:\Program Files\Adobe\Adobe After Effects CC\Support Files\Required\XMPFiles\MXF_Handler.xpi
2014-01-28 23:39 - 2014-01-28 23:39 - 00989096 _____ () C:\Program Files\Adobe\Adobe After Effects CC\Support Files\Required\XMPFiles\RED_Handler.xpi
2014-01-28 22:11 - 2014-01-28 22:11 - 00302592 _____ () C:\Program Files\Adobe\Adobe After Effects CC\Support Files\MOG_Framework_2.2.11.dll
2014-09-17 18:49 - 2014-09-17 18:49 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-19 14:35 - 2014-09-19 14:35 - 02864128 _____ () C:\Program Files\AVAST Software\Avast\defs\14091901\algo.dll
2014-09-17 18:49 - 2014-09-17 18:49 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-11 15:29 - 2014-02-11 15:29 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-09-12 17:56 - 2014-09-03 23:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-12 17:56 - 2014-09-03 23:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-12 17:56 - 2014-09-03 23:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-12 17:56 - 2014-09-03 23:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-12 17:56 - 2014-09-03 23:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Brandon\Desktop\Minecraft.exe:BDU
AlternateDataStreams: C:\Users\Family\Downloads\payment .eml:OECustomProperty
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: asHmComSvc => 2
MSCONFIG\Services: AsSysCtrlService => 2
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: cmdvirth => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: GeekBuddyRSP => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gzserv => 2
MSCONFIG\Services: Hamachi2Svc => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: RalinkRegistryWriter => 2
MSCONFIG\Services: RalinkRegistryWriter64 => 2
MSCONFIG\Services: RzKLService => 2
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Cm108Sound => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
MSCONFIG\startupreg: Google Update => "C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: LightShot => C:\Users\Brandon\AppData\Local\Skillbrains\lightshot\Lightshot.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: RazerGameBooster => C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe -autorun
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-01-25 14:14:34.380
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-24 21:08:01.584
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-23 15:30:02.029
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-23 14:43:25.316
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-22 15:30:37.984
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-22 14:23:34.201
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-22 14:06:38.840
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-21 18:12:34.031
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-21 13:36:35.719
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-21 13:27:08.843
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 28%
Total physical RAM: 8159.13 MB
Available physical RAM: 5835.98 MB
Total Pagefile: 16316.44 MB
Available Pagefile: 13248.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:567.84 GB) NTFS
Drive d: (STORE N GO) (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 408DF344)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=1.9 GB) - (Type=06)
 
==================== End Of Log ============================

 


  • 0

Advertisements


#11
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

MGADiag.png Scan with MGADiag

Need to check one more thing.

  • Please download MGADiag by Microsoft and save it to your desktop.
  • Double-click on MGADiag.png icon to start the tool.
  • Press Continue when prompted.
  • When it has finished, press Copy.
  • Press the WindowsKey.png + R on your keyboard at the same time. Type Notepad and click OK.
  • Paste (Ctrl+V) this into notepad and save to your desktop.

Include that report in your reply.


  • 0

#12
bnguyen100

bnguyen100

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
 
Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-V9488-FGM44-2C9T3
Windows Product Key Hash: rmk1OjF0iZq7gQoRmEcpnJHr0oc=
Windows Product ID: 00426-OEM-8992662-00010
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {638B8504-560A-4C29-B24A-8148E1C95533}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.140303-2144
TTS Error: 
Validation Diagnostic: 
Resolution Status: N/A
 
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
 
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
 
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
 
OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
 
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE; Win32)
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
 
File Scan Data-->
 
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{638B8504-560A-4C29-B24A-8148E1C95533}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-2C9T3</PKey><PID>00426-OEM-8992662-00010</PID><PIDType>2</PIDType><SID>S-1-5-21-98706136-930436416-2056340936</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>3602</Version><SMBIOSVersion major="2" minor="6"/><Date>20120424000000.000000+000</Date></BIOS><HWID>528D0D00018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-WKS</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  
 
Spsys.log Content: 0x80070002
 
Licensing Data-->
Software licensing service version: 6.1.7601.17514
 
Name: Windows® 7, Ultimate edition
Description: Windows Operating System - Windows® 7, OEM_SLP channel
Activation ID: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00426-00178-926-600010-02-1033-7601.0000-2432014
Installation ID: 020110573851018816934534053225706065879725882341693925
Processor Certificate URL: http://go.microsoft....k/?LinkID=88338
Product Key Certificate URL: http://go.microsoft....k/?LinkID=88340
Partial Product Key: 2C9T3
License Status: Licensed
Remaining Windows rearm count: 4
Trusted time: 9/19/2014 3:30:49 PM
 
Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: N/A
HealthStatus: 0x0000000000000000
Event Time Stamp: N/A
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
 
 
HWID Data-->
HWID Hash Current: MgAAAAAAAwABAAEAAAADAAAAAgABAAEAln3Kg/pLaNYaXWhIGr8WQ8xFi8rS6/UmLnM=
 
OEM Activation 1.0 Data-->
N/A
 
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information: 
  ACPI Table Name OEMID Value OEMTableID Value
  APIC ALASKA A M I
  FACP ALASKA A M I
  HPET ALASKA A M I
  MCFG ALASKA A M I
  SSDT SataRe SataTabl
  SSDT SataRe SataTabl
  SSDT SataRe SataTabl
  BGRT ALASKA A M I
  SLIC HPQOEM SLIC-WKS
 
 

  • 0

#13
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Is this a PC or a laptop?


  • 0

#14
bnguyen100

bnguyen100

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

Is this a PC or a laptop?

Its a PC


  • 0

#15
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Brand or custom build?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP