Let's put the update roll back on hold for now. If I understood you correctly, you speculated the Windows patch was causing the crash instead of an infection. Based on what I have seen on my computer today I think my computer still has a severe malware problem, and am not sure pursuing the rollback makes sense.
I experimented with running the computer normally without being connected to the internet and didn't have any issues, which also seems consistent with smart malware behavior.
My latest scan is below.
FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by SYSTEM on MININT-RQJV868 on 18-08-2014 22:15:52
Running from g:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [CAHS1Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CAHS1.dll,CMICtrlWnd
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [SPIRunE] => Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => "d:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-10] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2552320 2011-03-30] (Gigabyte Technology CO., LTD.)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Admin -disaster only\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\GDC\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-03-20] (Macrovision Corporation)
HKU\GDC\...\Run: [SpybotSD TeaTimer] => d:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
HKU\GDC\...\Run: [ISUSPM] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-03-20] (Macrovision Corporation)
HKU\GDC\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-06] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-06] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [128928 2010-12-14] (Futuremark Corporation)
S2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.)
S2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [303360 2011-12-14] ()
S2 SBSDWSCService; D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
S5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-28] (Atheros Communications, Inc.)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-29] (Avira Operations GmbH & Co. KG)
S3 cleanhlp; C:\EEK\Run\cleanhlp64.sys [57024 2014-07-30] (Emsisoft GmbH)
S3 CorsairCAHS1; C:\Windows\System32\drivers\CAHS164.sys [1308160 2011-06-16] (C-Media Electronics Inc)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-30] (DT Soft Ltd)
S0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-05-30] (GFI Software)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [36456 2014-08-17] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MEMSWEEP2; \??\C:\Windows\system32\4B91.tmp [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-18 08:41 - 2014-08-18 08:41 - 00001133 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-17 01:07 - 2014-06-30 14:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\System32\icardres.dll
2014-08-17 01:07 - 2014-06-30 14:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-17 01:07 - 2014-06-05 22:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-17 01:07 - 2014-06-05 22:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\System32\TsWpfWrp.exe
2014-08-17 01:07 - 2014-03-09 13:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\System32\icardagt.exe
2014-08-17 01:07 - 2014-03-09 13:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\System32\infocardapi.dll
2014-08-17 01:07 - 2014-03-09 13:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-17 01:07 - 2014-03-09 13:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-16 09:13 - 2014-08-16 09:14 - 00028237 _____ () C:\zoek-results.log
2014-08-16 09:12 - 2014-08-16 09:13 - 00000000 ____D () C:\zoek_backup
2014-08-15 13:11 - 2014-07-31 15:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-08-15 13:11 - 2014-07-31 15:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 13:11 - 2014-07-25 06:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-08-15 13:11 - 2014-07-25 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-08-15 13:11 - 2014-07-25 06:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-08-15 13:11 - 2014-07-25 05:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 13:11 - 2014-07-25 05:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-08-15 13:11 - 2014-07-25 05:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-08-15 13:11 - 2014-07-25 05:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-08-15 13:11 - 2014-07-25 05:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-08-15 13:11 - 2014-07-25 05:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-08-15 13:11 - 2014-07-25 05:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-08-15 13:11 - 2014-07-25 05:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-08-15 13:11 - 2014-07-25 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 13:11 - 2014-07-25 05:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-08-15 13:11 - 2014-07-25 05:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-08-15 13:11 - 2014-07-25 05:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-08-15 13:11 - 2014-07-25 04:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-08-15 13:11 - 2014-07-25 04:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-15 13:11 - 2014-07-25 04:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-08-15 13:11 - 2014-07-25 04:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 13:11 - 2014-07-25 04:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 13:11 - 2014-07-25 04:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 13:11 - 2014-07-25 04:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 13:11 - 2014-07-25 04:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-08-15 13:11 - 2014-07-25 04:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-15 13:11 - 2014-07-25 04:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 13:11 - 2014-07-25 04:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-08-15 13:11 - 2014-07-25 04:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 13:11 - 2014-07-25 04:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-08-15 13:11 - 2014-07-25 04:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 13:11 - 2014-07-25 04:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-15 13:11 - 2014-07-25 04:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-08-15 13:11 - 2014-07-25 04:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 13:11 - 2014-07-25 04:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 13:11 - 2014-07-25 04:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 13:11 - 2014-07-25 03:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 13:11 - 2014-07-25 03:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-08-15 13:11 - 2014-07-25 03:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 13:11 - 2014-07-25 03:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-08-15 13:11 - 2014-07-25 03:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-08-15 13:11 - 2014-07-25 03:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-08-15 13:11 - 2014-07-25 03:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 13:11 - 2014-07-25 03:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 13:11 - 2014-07-25 03:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 13:11 - 2014-07-25 03:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-08-15 13:11 - 2014-07-25 03:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 13:11 - 2014-07-25 03:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 13:11 - 2014-07-25 03:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-15 13:11 - 2014-07-25 03:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 13:11 - 2014-07-25 02:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-08-15 13:11 - 2014-07-25 02:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-08-15 13:11 - 2014-07-25 02:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-08-15 13:11 - 2014-07-25 02:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 13:11 - 2014-07-25 02:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 13:11 - 2014-07-25 02:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 13:11 - 2014-07-15 19:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-08-15 13:11 - 2014-07-15 18:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-15 13:11 - 2014-06-24 18:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2014-08-15 13:11 - 2014-06-24 17:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-15 13:11 - 2014-06-15 18:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2014-08-15 13:11 - 2014-06-03 02:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2014-08-15 13:11 - 2014-06-03 02:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2014-08-15 13:11 - 2014-06-03 02:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\System32\msihnd.dll
2014-08-15 13:11 - 2014-06-03 02:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
2014-08-15 13:11 - 2014-06-03 01:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 13:11 - 2014-06-03 01:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-15 13:11 - 2014-06-03 01:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-15 13:10 - 2014-07-13 18:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2014-08-15 13:10 - 2014-07-13 17:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-15 10:03 - 2014-08-15 10:03 - 00027492 _____ () C:\ComboFix.txt
2014-08-15 07:53 - 2014-08-15 10:03 - 00000000 ____D () C:\Qoobox
2014-08-15 07:53 - 2014-08-15 10:02 - 00000000 ____D () C:\Windows\erdnt
2014-08-15 07:53 - 2011-06-25 22:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-15 07:53 - 2010-11-07 09:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-15 07:53 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-15 07:53 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-15 07:53 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-15 07:53 - 2000-08-30 16:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-15 07:53 - 2000-08-30 16:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-15 07:53 - 2000-08-30 16:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-15 07:51 - 2014-08-18 22:15 - 00000000 ____D () C:\FRST
2014-08-15 07:42 - 2014-08-15 07:42 - 00000000 ____D () C:\_OTL
2014-08-14 12:11 - 2014-08-14 12:11 - 514927041 _____ () C:\Windows\MEMORY.DMP
2014-08-14 12:11 - 2014-08-14 12:11 - 00572088 _____ () C:\Windows\Minidump\081414-17940-01.dmp
2014-08-13 10:20 - 2014-08-13 10:56 - 00000000 ____D () C:\Users\GDC\AppData\Local\adawarebp
2014-08-12 16:57 - 2014-08-12 16:57 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-12 16:57 - 2014-08-12 16:57 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-12 16:57 - 2014-08-12 16:57 - 00000000 ____D () C:\Users\GDC\AppData\Local\Skype
2014-08-11 20:42 - 2014-08-11 21:36 - 00044312 _____ () C:\Users\GDC\Desktop\rotational programs.odt
2014-08-06 20:26 - 2014-08-13 12:41 - 00049524 _____ () C:\Users\GDC\Desktop\Elements Walkthrough.odt
2014-08-06 17:58 - 2014-08-18 18:09 - 00048523 _____ () C:\Users\GDC\Desktop\elements walkthrough.ods
2014-08-06 17:58 - 2014-08-06 17:58 - 00000000 ____D () C:\Users\GDC\AppData\Roaming\LibreOffice
2014-08-06 17:57 - 2014-08-06 17:57 - 00001500 _____ () C:\Users\Public\Desktop\LibreOffice 4.3.lnk
2014-08-06 17:57 - 2014-08-06 17:57 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-08-06 06:25 - 2014-08-18 08:41 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-03 18:52 - 2014-08-03 18:52 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-01 13:12 - 2014-08-02 11:54 - 00000000 ____D () C:\Users\GDC\AppData\Roaming\Vertical_Drop_Heroes_HD
2014-08-01 12:00 - 2014-08-16 08:55 - 00000000 ____D () C:\Users\GDC\AppData\Local\CrashDumps
2014-08-01 10:32 - 2014-05-14 08:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2014-08-01 10:32 - 2014-05-14 08:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2014-08-01 10:32 - 2014-05-14 08:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 10:32 - 2014-05-14 08:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2014-08-01 10:32 - 2014-05-14 08:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2014-08-01 10:32 - 2014-05-14 08:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2014-08-01 10:32 - 2014-05-14 08:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-01 10:32 - 2014-05-14 08:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2014-08-01 10:32 - 2014-05-14 08:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2014-08-01 10:32 - 2014-05-14 08:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 10:32 - 2014-05-14 05:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2014-08-01 10:32 - 2014-05-14 05:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 10:32 - 2014-05-14 05:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2014-08-01 10:32 - 2014-05-14 05:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-31 20:58 - 2014-08-18 18:09 - 01050010 _____ () C:\Windows\WindowsUpdate.log
2014-07-31 20:55 - 2014-08-16 22:47 - 00004288 _____ () C:\Windows\PFRO.log
2014-07-31 20:53 - 2014-08-18 15:39 - 00004088 _____ () C:\Windows\setupact.log
2014-07-31 20:53 - 2014-07-31 20:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-31 20:48 - 2014-07-31 20:49 - 00000000 ____D () C:\Users\GDC\AppData\Roaming\vlc
2014-07-31 20:45 - 2014-07-31 20:45 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-31 20:44 - 2014-07-31 20:44 - 00006107 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-31 20:44 - 2014-07-10 23:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-31 20:44 - 2014-07-10 22:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-31 20:44 - 2014-07-10 22:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-31 20:44 - 2014-07-10 22:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-31 20:24 - 2014-07-31 19:19 - 00000768 _____ () C:\Windows\System32\Drivers\etc\hosts.20140801-002457.backup
2014-07-31 20:04 - 2014-07-31 20:04 - 00000000 ____D () C:\Users\Admin -disaster only\AppData\Local\CrashDumps
2014-07-31 19:44 - 2014-07-31 19:49 - 00000000 ____D () C:\Users\Admin -disaster only\Desktop\mbar
2014-07-31 19:44 - 2014-07-31 19:49 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-31 16:04 - 2014-07-31 16:04 - 00000000 ____D () C:\Windows\ERUNT
2014-07-31 15:49 - 2014-08-16 09:01 - 00000000 ____D () C:\AdwCleaner
2014-07-31 13:50 - 2014-08-13 09:41 - 00000546 _____ () C:\Users\Admin -disaster only\Desktop\Emsisoft Emergency Kit.lnk
2014-07-31 13:50 - 2014-08-13 09:41 - 00000000 ____D () C:\EEK
2014-07-31 13:43 - 2014-07-31 13:47 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-31 13:32 - 2014-08-17 08:49 - 00036456 _____ () C:\Windows\System32\Drivers\TrueSight.sys
2014-07-31 13:32 - 2014-07-31 13:32 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-30 21:04 - 2014-08-14 12:15 - 00002958 _____ () C:\Users\Admin -disaster only\Desktop\Rkill.txt
2014-07-30 21:02 - 2014-08-17 11:50 - 00000000 ____D () C:\Users\GDC\Desktop\anti-rootkit
2014-07-30 20:59 - 2014-07-31 19:54 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-07-30 20:59 - 2014-07-30 20:59 - 00003229 _____ () C:\Users\Admin -disaster only\Desktop\Sophos Virus Removal Tool.lnk
2014-07-30 20:59 - 2014-07-30 20:59 - 00000000 ____D () C:\ProgramData\Sophos
2014-07-30 16:02 - 2014-07-30 16:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-30 15:59 - 2014-07-30 15:59 - 00000000 __SHD () C:\Users\Admin -disaster only\AppData\Local\EmieUserList
2014-07-30 15:59 - 2014-07-30 15:59 - 00000000 __SHD () C:\Users\Admin -disaster only\AppData\Local\EmieSiteList
2014-07-29 17:10 - 2013-08-09 22:16 - 00450636 _____ () C:\Windows\System32\Drivers\etc\hosts.20140729-211016.backup
2014-07-26 19:07 - 2014-07-26 19:07 - 00875472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110.dll
2014-07-26 19:07 - 2014-07-26 19:07 - 00535008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110.dll
2014-07-26 19:07 - 2014-07-26 19:07 - 00252400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib110.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-18 22:15 - 2014-08-15 07:51 - 00000000 ____D () C:\FRST
2014-08-18 18:09 - 2014-08-06 17:58 - 00048523 _____ () C:\Users\GDC\Desktop\elements walkthrough.ods
2014-08-18 18:09 - 2014-07-31 20:58 - 01050010 _____ () C:\Windows\WindowsUpdate.log
2014-08-18 17:55 - 2014-02-13 16:39 - 00003964 _____ () C:\Users\GDC\Desktop\netflix.txt
2014-08-18 17:15 - 2013-10-29 14:40 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-18 15:41 - 2009-07-13 20:45 - 00021888 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-18 15:41 - 2009-07-13 20:45 - 00021888 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-18 15:39 - 2014-07-31 20:53 - 00004088 _____ () C:\Windows\setupact.log
2014-08-18 15:38 - 2009-07-13 21:13 - 00783400 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-08-18 15:35 - 2013-10-29 14:40 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-18 15:34 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-18 13:38 - 2013-12-28 00:00 - 00000000 ____D () C:\Windows\rescache
2014-08-18 08:41 - 2014-08-18 08:41 - 00001133 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-18 08:41 - 2014-08-06 06:25 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 08:41 - 2013-01-01 13:49 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-17 11:50 - 2014-07-30 21:02 - 00000000 ____D () C:\Users\GDC\Desktop\anti-rootkit
2014-08-17 10:30 - 2012-01-05 15:52 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-17 08:49 - 2014-07-31 13:32 - 00036456 _____ () C:\Windows\System32\Drivers\TrueSight.sys
2014-08-17 08:37 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-17 01:10 - 2013-07-26 23:50 - 00000000 ____D () C:\Windows\System32\MRT
2014-08-17 01:09 - 2011-12-29 13:49 - 99218768 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-08-16 22:47 - 2014-07-31 20:55 - 00004288 _____ () C:\Windows\PFRO.log
2014-08-16 22:06 - 2012-08-20 11:30 - 00000000 ____D () C:\Users\GDC\AppData\Roaming\Skype
2014-08-16 20:00 - 2013-05-29 20:35 - 00000432 _____ () C:\Windows\Tasks\Wise Turbo Checker.job
2014-08-16 09:14 - 2014-08-16 09:13 - 00028237 _____ () C:\zoek-results.log
2014-08-16 09:13 - 2014-08-16 09:12 - 00000000 ____D () C:\zoek_backup
2014-08-16 09:01 - 2014-07-31 15:49 - 00000000 ____D () C:\AdwCleaner
2014-08-16 09:00 - 2013-11-29 23:29 - 00000000 ____D () C:\users\Admin -disaster only
2014-08-16 08:55 - 2014-08-01 12:00 - 00000000 ____D () C:\Users\GDC\AppData\Local\CrashDumps
2014-08-16 08:40 - 2012-01-05 16:46 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-08-15 13:05 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF
2014-08-15 10:03 - 2014-08-15 10:03 - 00027492 _____ () C:\ComboFix.txt
2014-08-15 10:03 - 2014-08-15 07:53 - 00000000 ____D () C:\Qoobox
2014-08-15 10:03 - 2009-07-13 19:20 - 00000000 __RHD () C:\users\Default
2014-08-15 10:02 - 2014-08-15 07:53 - 00000000 ____D () C:\Windows\erdnt
2014-08-15 10:02 - 2009-07-13 18:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-15 07:55 - 2009-07-13 18:34 - 75497472 _____ () C:\Windows\System32\config\SOFTWARE.bak
2014-08-15 07:55 - 2009-07-13 18:34 - 17039360 _____ () C:\Windows\System32\config\SYSTEM.bak
2014-08-15 07:55 - 2009-07-13 18:34 - 05505024 _____ () C:\Windows\System32\config\DEFAULT.bak
2014-08-15 07:55 - 2009-07-13 18:34 - 00262144 _____ () C:\Windows\System32\config\SECURITY.bak
2014-08-15 07:55 - 2009-07-13 18:34 - 00262144 _____ () C:\Windows\System32\config\SAM.bak
2014-08-15 07:42 - 2014-08-15 07:42 - 00000000 ____D () C:\_OTL
2014-08-14 15:57 - 2013-11-29 23:33 - 00000000 ____D () C:\Users\Admin -disaster only\AppData\Roaming\Wise Care 365
2014-08-14 12:15 - 2014-07-30 21:04 - 00002958 _____ () C:\Users\Admin -disaster only\Desktop\Rkill.txt
2014-08-14 12:11 - 2014-08-14 12:11 - 514927041 _____ () C:\Windows\MEMORY.DMP
2014-08-14 12:11 - 2014-08-14 12:11 - 00572088 _____ () C:\Windows\Minidump\081414-17940-01.dmp
2014-08-14 12:11 - 2012-12-31 14:05 - 00000000 ____D () C:\Windows\Minidump
2014-08-14 12:03 - 2013-11-08 05:35 - 00072264 _____ () C:\Users\GDC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-14 12:03 - 2009-07-13 20:45 - 00331592 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-08-13 21:54 - 2012-02-23 15:08 - 00000000 ____D () C:\Users\GDC\AppData\Roaming\SoftGrid Client
2014-08-13 12:41 - 2014-08-06 20:26 - 00049524 _____ () C:\Users\GDC\Desktop\Elements Walkthrough.odt
2014-08-13 12:16 - 2013-10-29 14:41 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-13 10:56 - 2014-08-13 10:20 - 00000000 ____D () C:\Users\GDC\AppData\Local\adawarebp
2014-08-13 09:41 - 2014-07-31 13:50 - 00000546 _____ () C:\Users\Admin -disaster only\Desktop\Emsisoft Emergency Kit.lnk
2014-08-13 09:41 - 2014-07-31 13:50 - 00000000 ____D () C:\EEK
2014-08-12 16:57 - 2014-08-12 16:57 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-12 16:57 - 2014-08-12 16:57 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-12 16:57 - 2014-08-12 16:57 - 00000000 ____D () C:\Users\GDC\AppData\Local\Skype
2014-08-12 16:57 - 2012-08-20 11:30 - 00000000 ____D () C:\ProgramData\Skype
2014-08-11 21:36 - 2014-08-11 20:42 - 00044312 _____ () C:\Users\GDC\Desktop\rotational programs.odt
2014-08-06 17:58 - 2014-08-06 17:58 - 00000000 ____D () C:\Users\GDC\AppData\Roaming\LibreOffice
2014-08-06 17:57 - 2014-08-06 17:57 - 00001500 _____ () C:\Users\Public\Desktop\LibreOffice 4.3.lnk
2014-08-06 17:57 - 2014-08-06 17:57 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-08-06 06:25 - 2013-01-01 13:49 - 00000000 ____D () C:\ProgramData\Avira
2014-08-05 05:20 - 2010-11-20 19:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2014-08-04 11:43 - 2013-10-04 21:59 - 00000000 ____D () C:\Users\GDC\AppData\Roaming\KeePass
2014-08-03 19:30 - 2014-02-08 13:22 - 00000000 ____D () C:\Program Files\WinRAR
2014-08-03 18:52 - 2014-08-03 18:52 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-03 18:40 - 2011-12-27 14:57 - 00000000 ____D () C:\users\GDC
2014-08-03 15:37 - 2014-07-03 21:48 - 00000425 _____ () C:\Users\GDC\Desktop\July to Do.txt
2014-08-02 11:54 - 2014-08-01 13:12 - 00000000 ____D () C:\Users\GDC\AppData\Roaming\Vertical_Drop_Heroes_HD
2014-07-31 20:53 - 2014-07-31 20:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-31 20:52 - 2013-10-25 12:05 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-31 20:52 - 2013-10-25 12:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-31 20:49 - 2014-07-31 20:48 - 00000000 ____D () C:\Users\GDC\AppData\Roaming\vlc
2014-07-31 20:47 - 2013-07-22 20:43 - 00000773 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-07-31 20:45 - 2014-07-31 20:45 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-31 20:44 - 2014-07-31 20:44 - 00006107 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-31 20:44 - 2013-06-28 08:56 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-31 20:42 - 2013-05-29 20:35 - 00003130 _____ () C:\Windows\System32\Tasks\Wise Turbo Checker
2014-07-31 20:39 - 2013-10-03 22:43 - 00002054 _____ () C:\Users\Public\Desktop\Wise Care 365.lnk
2014-07-31 20:04 - 2014-07-31 20:04 - 00000000 ____D () C:\Users\Admin -disaster only\AppData\Local\CrashDumps
2014-07-31 19:54 - 2014-07-30 20:59 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-07-31 19:49 - 2014-07-31 19:44 - 00000000 ____D () C:\Users\Admin -disaster only\Desktop\mbar
2014-07-31 19:49 - 2014-07-31 19:44 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-31 19:19 - 2014-07-31 20:24 - 00000768 _____ () C:\Windows\System32\Drivers\etc\hosts.20140801-002457.backup
2014-07-31 16:04 - 2014-07-31 16:04 - 00000000 ____D () C:\Windows\ERUNT
2014-07-31 15:56 - 2011-12-09 14:33 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-07-31 15:56 - 2011-12-09 14:33 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-07-31 15:41 - 2014-08-15 13:11 - 00348856 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-07-31 15:16 - 2014-08-15 13:11 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 13:47 - 2014-07-31 13:43 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-31 13:46 - 2013-11-09 21:17 - 00000000 ____D () C:\Users\GDC\Desktop\Agaresttrainer_+4
2014-07-31 13:32 - 2014-07-31 13:32 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-30 20:59 - 2014-07-30 20:59 - 00003229 _____ () C:\Users\Admin -disaster only\Desktop\Sophos Virus Removal Tool.lnk
2014-07-30 20:59 - 2014-07-30 20:59 - 00000000 ____D () C:\ProgramData\Sophos
2014-07-30 16:02 - 2014-07-30 16:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-30 15:59 - 2014-07-30 15:59 - 00000000 __SHD () C:\Users\Admin -disaster only\AppData\Local\EmieUserList
2014-07-30 15:59 - 2014-07-30 15:59 - 00000000 __SHD () C:\Users\Admin -disaster only\AppData\Local\EmieSiteList
2014-07-29 21:00 - 2013-11-15 23:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-27 06:29 - 2012-02-01 19:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 06:29 - 2012-02-01 19:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-26 19:07 - 2014-07-26 19:07 - 00875472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110.dll
2014-07-26 19:07 - 2014-07-26 19:07 - 00535008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110.dll
2014-07-26 19:07 - 2014-07-26 19:07 - 00252400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib110.dll
2014-07-25 06:52 - 2014-08-15 13:11 - 23645696 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-07-25 06:02 - 2014-08-15 13:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-07-25 06:01 - 2014-08-15 13:11 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-07-25 05:51 - 2014-08-15 13:11 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 05:30 - 2014-08-15 13:11 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-07-25 05:28 - 2014-08-15 13:11 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-07-25 05:28 - 2014-08-15 13:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-07-25 05:25 - 2014-08-15 13:11 - 02774528 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-07-25 05:25 - 2014-08-15 13:11 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-07-25 05:11 - 2014-08-15 13:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-07-25 05:10 - 2014-08-15 13:11 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-07-25 05:04 - 2014-08-15 13:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 05:03 - 2014-08-15 13:11 - 00598016 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-07-25 05:00 - 2014-08-15 13:11 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-07-25 05:00 - 2014-08-15 13:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-07-25 04:59 - 2014-08-15 13:11 - 00758272 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-07-25 04:47 - 2014-08-15 13:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-25 04:40 - 2014-08-15 13:11 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-07-25 04:34 - 2014-08-15 13:11 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 04:34 - 2014-08-15 13:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 04:33 - 2014-08-15 13:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 04:30 - 2014-08-15 13:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 04:28 - 2014-08-15 13:11 - 05824512 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-07-25 04:28 - 2014-08-15 13:11 - 00072704 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-07-25 04:21 - 2014-08-15 13:11 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 04:19 - 2014-08-15 13:11 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-07-25 04:18 - 2014-08-15 13:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 04:17 - 2014-08-15 13:11 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-07-25 04:17 - 2014-08-15 13:11 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 04:12 - 2014-08-15 13:11 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 04:10 - 2014-08-15 13:11 - 00292864 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-07-25 04:10 - 2014-08-15 13:11 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 04:08 - 2014-08-15 13:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 04:06 - 2014-08-15 13:11 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 03:52 - 2014-08-15 13:11 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 03:47 - 2014-08-15 13:11 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-07-25 03:43 - 2014-08-15 13:11 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 03:42 - 2014-08-15 13:11 - 00692736 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-07-25 03:39 - 2014-08-15 13:11 - 02087936 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-07-25 03:39 - 2014-08-15 13:11 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-07-25 03:36 - 2014-08-15 13:11 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 03:34 - 2014-08-15 13:11 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 03:29 - 2014-08-15 13:11 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 03:23 - 2014-08-15 13:11 - 13547008 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-07-25 03:13 - 2014-08-15 13:11 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 03:07 - 2014-08-15 13:11 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 03:07 - 2014-08-15 13:11 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 03:03 - 2014-08-15 13:11 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 02:52 - 2014-08-15 13:11 - 02266624 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-07-25 02:26 - 2014-08-15 13:11 - 01431040 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-07-25 02:17 - 2014-08-15 13:11 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-07-25 02:09 - 2014-08-15 13:11 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 02:05 - 2014-08-15 13:11 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 02:00 - 2014-08-15 13:11 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 04:53 - 2013-05-07 07:35 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
Some content of TEMP:
====================
C:\Users\GDC\AppData\Local\Temp\avgnt.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points =========================
Restore point made on: 2014-08-18 13:39:03
==================== Memory info ===========================
Percentage of memory in use: 7%
Total physical RAM: 16301.12 MB
Available physical RAM: 15134.76 MB
Total Pagefile: 16299.32 MB
Available Pagefile: 15133.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:55.8 GB) (Free:8.24 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF
Drive g: (Repair disc Windows 7 64-bit) (Removable) (Total:0.49 GB) (Free:0.3 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: () (Fixed) (Total:931.51 GB) (Free:18.65 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CE920B61)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: CE920B6D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=55.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 500 MB) (Disk ID: 004DE985)
Partition 1: (Active) - (Size=499 MB) - (Type=07 NTFS)
LastRegBack: 2014-08-18 13:31
==================== End Of Log ============================
Edited by ihatesvchost.exe, 18 August 2014 - 08:31 PM.