Zygapop Posted May 2, 2014 Author ID:826119 Share Posted May 2, 2014 There you go.Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-05-2014 02Ran by Isaiah's (administrator) on ISAIAHS-PC on 01-05-2014 19:36:59Running from C:\Users\Isaiah's\Desktop\Stuffs\New folderWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: NormalThe only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe(AMD) C:\Windows\System32\atiesrxx.exe(AMD) C:\Windows\System32\atieclxx.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe() C:\Windows\SysWOW64\PnkBstrA.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe(Akamai Technologies, Inc.) C:\Users\Isaiah's\AppData\Local\Akamai\netsession_win.exe() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe(Akamai Technologies, Inc.) C:\Users\Isaiah's\AppData\Local\Akamai\netsession_win.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe==================== Registry (Whitelisted) ==================HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)HKLM-x32\...\Run: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [811792 2014-01-20] (BlueStack Systems, Inc.)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)HKU\S-1-5-21-4072817583-1142088816-480465609-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)HKU\S-1-5-21-4072817583-1142088816-480465609-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [344552 2013-10-08] (CyberGhost S.R.L.)HKU\S-1-5-21-4072817583-1142088816-480465609-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Isaiah's\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)HKU\S-1-5-21-4072817583-1142088816-480465609-1000\...\Run: [WhatPulse] => C:\Program Files (x86)\WhatPulse2\whatpulse.exe [3126272 2013-12-11] ()HKU\S-1-5-21-4072817583-1142088816-480465609-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [37632 2014-01-30] (Overwolf LTD)HKU\S-1-5-21-4072817583-1142088816-480465609-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20924064 2014-02-10] (Skype Technologies S.A.)HKU\S-1-5-21-4072817583-1142088816-480465609-1000\...\Run: [Google Update] => C:\Users\Isaiah's\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-25] (Google Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnkShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe (No File)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnkShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()Startup: C:\Users\Isaiah's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnkShortcutTarget: Curse.lnk -> C:\Users\Isaiah's\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)==================== Internet (Whitelisted) ====================HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x64EC3D141FEDCE01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeSearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1FireFox:========FF ProfilePath: C:\Users\Isaiah's\AppData\Roaming\Mozilla\Firefox\Profiles\ngv22fj8.defaultFF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Isaiah's\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Isaiah's\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Isaiah's\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Isaiah's\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Isaiah's\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()FF Plugin ProgramFiles/Appdata: C:\Users\Isaiah's\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)FF Plugin ProgramFiles/Appdata: C:\Users\Isaiah's\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)FF Extension: Adblock Plus - C:\Users\Isaiah's\AppData\Roaming\Mozilla\Firefox\Profiles\ngv22fj8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-09]==================== Services (Whitelisted) =================R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-12-27] ()S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-01-20] (BlueStack Systems, Inc.)R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [26600 2013-10-08] (CyberGhost S.R.L)S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-11-21] (Futuremark)S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [98560 2014-01-30] (Overwolf LTD)R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-29] ()S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)S2 OutfoxTvService; C:\Program Files\OutfoxTV\OutfoxTvService.exe [X]==================== Drivers (Whitelisted) ====================U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-30] (AVG Technologies)R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-01-14] (AnchorFree Inc.)S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-04-28] (Malwarebytes Corporation)R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-01-14] (Anchorfree Inc.)R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2014-05-01 19:38 - 2014-05-01 19:45 - 00002574 _____ () C:\Users\Isaiah's\Desktop\New Text Document (3).txt2014-05-01 19:35 - 2014-05-01 19:35 - 00003496 ____N () C:\bootsqm.dat2014-05-01 12:37 - 2014-05-01 12:37 - 00921512 _____ (Oracle Corporation) C:\Users\Isaiah's\Downloads\jxpiinstall(2).exe2014-05-01 00:52 - 2014-05-01 00:53 - 00921512 _____ (Oracle Corporation) C:\Users\Isaiah's\Downloads\jxpiinstall(1).exe2014-05-01 00:50 - 2014-05-01 00:50 - 13829304 _____ (Microsoft Corporation) C:\Users\Isaiah's\Downloads\mseinstall.exe2014-05-01 00:50 - 2014-05-01 00:50 - 00002052 _____ () C:\Windows\epplauncher.mif2014-05-01 00:39 - 2014-05-01 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-04-30 20:09 - 2014-04-30 20:09 - 00002159 _____ () C:\Users\Isaiah's\Desktop\Tweaking.com - Windows Repair (All in One).lnk2014-04-30 20:08 - 2014-04-30 20:08 - 05577080 _____ () C:\Users\Isaiah's\Downloads\tweaking.com_windows_repair_aio_setup.exe2014-04-30 20:08 - 2014-04-30 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com2014-04-30 20:08 - 2014-04-30 20:08 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com2014-04-30 20:00 - 2014-04-30 20:00 - 00921512 _____ (Oracle Corporation) C:\Users\Isaiah's\Downloads\jxpiinstall.exe2014-04-30 19:58 - 2014-04-30 20:04 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE2014-04-30 19:57 - 2014-04-30 19:57 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ISAIAHS-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat2014-04-30 19:56 - 2014-04-30 19:56 - 00000000 ____D () C:\RegBackup2014-04-30 18:18 - 2014-04-30 18:18 - 00070549 _____ () C:\JavaRa.log2014-04-30 18:17 - 2014-04-30 18:19 - 00000000 ____D () C:\Users\Isaiah's\Desktop\JavaRa-1.16-28-5-132014-04-30 18:06 - 2014-04-30 18:06 - 00165483 _____ () C:\Users\Isaiah's\Desktop\JavaRa-1.16-28-5-13.zip2014-04-30 17:28 - 2014-04-30 17:28 - 00347816 _____ (Microsoft Corporation) C:\Users\Isaiah's\Downloads\MicrosoftFixit.wu.RNP.1232233455484701.1.1.Run.exe2014-04-29 23:14 - 2014-04-29 23:18 - 274777419 _____ () C:\Users\Isaiah's\Downloads\The Dreamers Full Movie in HD Streaming.mp42014-04-29 16:34 - 2014-04-29 16:50 - 1147897391 _____ () C:\Users\Isaiah's\Downloads\Super Mario Galaxy 2 __ SPEED RUN in 3_14_43 by Yoshifan #AGDQ 2014.mp42014-04-29 08:48 - 2014-04-30 09:43 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2014-04-29 08:48 - 2014-04-29 08:48 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe2014-04-29 08:48 - 2014-04-29 08:48 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Ubisoft2014-04-29 08:24 - 2014-04-29 08:24 - 00000202 _____ () C:\Users\Isaiah's\Desktop\Tom Clancy's Ghost Recon Phantoms - NA.url2014-04-28 14:58 - 2014-04-28 14:58 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-04-28 14:57 - 2014-04-29 08:09 - 00000000 ____D () C:\Users\Isaiah's\Desktop\Stuffs2014-04-28 14:57 - 2014-04-28 09:06 - 00000000 ____D () C:\Users\Isaiah's\Desktop\mbar2014-04-28 12:17 - 2014-04-28 12:17 - 00000924 _____ () C:\Users\fbwuser7108\Desktop\NTREGOPT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000924 _____ () C:\Users\fbwuser6A57\Desktop\NTREGOPT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000924 _____ () C:\Users\fbwuser0045\Desktop\NTREGOPT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000905 _____ () C:\Users\fbwuser7108\Desktop\ERUNT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000905 _____ () C:\Users\fbwuser6A57\Desktop\ERUNT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000905 _____ () C:\Users\fbwuser0045\Desktop\ERUNT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT2014-04-28 12:17 - 2014-04-28 12:17 - 00000000 ____D () C:\Program Files (x86)\ERUNT2014-04-28 12:15 - 2014-04-28 12:16 - 00002440 _____ () C:\Users\Isaiah's\Desktop\Rkill.txt2014-04-28 09:13 - 2014-04-28 09:13 - 00000000 ____D () C:\Windows\ERUNT2014-04-28 09:11 - 2014-04-28 09:11 - 02347384 _____ (ESET) C:\Users\Isaiah's\Downloads\esetsmartinstaller_enu.exe2014-04-28 09:11 - 2014-04-28 09:11 - 00000000 ____D () C:\Program Files (x86)\ESET2014-04-28 09:07 - 2014-04-28 09:07 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2014-04-25 18:56 - 2014-04-25 18:56 - 00005931 _____ () C:\Users\Isaiah's\Downloads\LOL_OPGG_Observer_1358991227.bat2014-04-23 23:19 - 2014-04-30 19:54 - 00001620 _____ () C:\Windows\PFRO.log2014-04-23 18:47 - 2014-04-28 09:33 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.32014-04-23 18:47 - 2014-04-23 18:47 - 00001085 _____ () C:\Users\Isaiah's\Desktop\Cheat Engine.lnk2014-04-23 18:47 - 2014-04-23 18:47 - 00000000 ____D () C:\Users\Isaiah's\Documents\My Cheat Tables2014-04-23 18:47 - 2014-04-23 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.32014-04-23 16:03 - 2014-05-01 19:36 - 00000000 ____D () C:\FRST2014-04-23 16:03 - 2014-04-23 16:07 - 00043647 _____ () C:\Users\Isaiah's\Downloads\FRST.txt2014-04-23 16:03 - 2014-04-23 16:07 - 00029946 _____ () C:\Users\Isaiah's\Downloads\Addition.txt2014-04-23 16:02 - 2014-04-23 16:02 - 02061312 _____ (Farbar) C:\Users\Isaiah's\Downloads\FRST64.exe2014-04-23 15:51 - 2014-04-23 15:51 - 00013309 _____ () C:\Users\Isaiah's\Desktop\Recovery - Shortcut.lnk2014-04-23 15:51 - 2014-04-23 15:51 - 00013125 _____ () C:\Users\Isaiah's\Desktop\Change User Account Control settings - Shortcut.lnk2014-04-22 16:33 - 2014-04-23 15:54 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Curse Client2014-04-22 16:33 - 2014-04-22 16:33 - 00001003 _____ () C:\Users\Isaiah's\Desktop\Curse.lnk2014-04-22 16:33 - 2014-04-22 16:33 - 00000989 _____ () C:\Users\Isaiah's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk2014-04-22 16:33 - 2014-04-22 16:33 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Curse Advertising2014-04-22 16:32 - 2014-04-22 16:32 - 37437096 _____ (Curse) C:\Users\Isaiah's\Downloads\CurseClientSetup.exe2014-04-22 16:32 - 2014-04-22 16:32 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Curse2014-04-20 00:17 - 2014-04-20 00:17 - 00260698 _____ () C:\Users\Isaiah's\Documents\cc_20140420_001750.reg2014-04-20 00:11 - 2014-05-01 19:34 - 00002489 _____ () C:\Windows\setupact.log2014-04-20 00:11 - 2014-04-20 00:11 - 00000000 _____ () C:\Windows\setuperr.log2014-04-19 00:18 - 2014-04-19 00:20 - 00911720 _____ (Chaos Software Group, Inc.) C:\Users\Isaiah's\Downloads\atomic(1).exe2014-04-19 00:18 - 2014-04-19 00:19 - 00911720 _____ (Chaos Software Group, Inc.) C:\Users\Isaiah's\Downloads\atomic.exe2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys2014-04-16 09:41 - 2014-04-30 12:52 - 00000000 ____D () C:\Users\Isaiah's\RecklessPk2014-04-14 05:58 - 2014-04-14 05:58 - 37400880 _____ (Curse) C:\Users\Isaiah's\Downloads\CurseClientSetup_Gn39.exe2014-04-12 23:24 - 2014-04-12 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee2014-04-12 23:10 - 2014-04-12 23:10 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Avnex2014-04-12 23:09 - 2008-12-26 12:56 - 00021504 _____ (Avnex) C:\Windows\system32\Drivers\vcsvad.sys2014-04-12 22:54 - 2014-04-12 23:00 - 00000024 _____ () C:\Users\Isaiah's\Desktop\Kelias number.txt2014-04-12 18:36 - 2014-04-21 21:14 - 00000919 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.txt2014-04-12 18:36 - 2014-04-21 21:14 - 00000000 ____D () C:\Program Files (x86)\NCH Software2014-04-12 18:36 - 2014-04-21 21:14 - 00000000 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt2014-04-12 18:36 - 2014-04-12 23:42 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software2014-04-12 18:36 - 2014-04-12 23:18 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.1.txt2014-04-12 18:36 - 2014-04-12 18:46 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.4.txt2014-04-12 18:36 - 2014-04-12 18:46 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.3.txt2014-04-12 18:36 - 2014-04-12 18:45 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.5.txt2014-04-12 18:36 - 2014-04-12 18:44 - 00000919 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.6.txt2014-04-12 18:36 - 2014-04-12 18:40 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.2.txt2014-04-12 18:36 - 2014-04-12 18:36 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.7.txt2014-04-12 18:36 - 2014-04-12 18:36 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\NCH Software2014-04-12 18:36 - 2014-04-12 18:36 - 00000000 ____D () C:\ProgramData\NCH Software2014-04-12 18:31 - 2014-04-12 23:27 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Screaming Bee2014-04-12 12:15 - 2014-04-16 21:37 - 00000000 ____D () C:\Users\Isaiah's\Desktop\Desktop Client2014-04-12 12:15 - 2014-04-12 12:15 - 00000000 ____D () C:\Users\Isaiah's\.ss22014-04-10 20:18 - 2014-04-10 20:20 - 27997568 _____ (Wireshark development team) C:\Users\Isaiah's\Downloads\Wireshark-win64-1.10.6.exe2014-04-09 10:02 - 2014-04-09 10:02 - 00000000 _____ () C:\Users\Isaiah's\Desktop\BATTLE SCARS LEGENDARY SONG.txt2014-04-08 18:12 - 2014-03-30 20:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-04-08 18:12 - 2014-03-30 18:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-04-08 18:11 - 2014-03-30 20:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-04-08 18:11 - 2014-03-30 19:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-04-08 18:11 - 2014-03-04 04:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2014-04-08 18:11 - 2014-03-04 04:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2014-04-08 18:11 - 2014-03-04 04:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2014-04-08 18:11 - 2014-03-04 04:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2014-04-08 18:11 - 2014-03-04 04:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2014-04-08 18:11 - 2014-03-04 04:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2014-04-08 18:11 - 2014-03-04 04:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2014-04-08 18:11 - 2014-03-04 04:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2014-04-08 18:11 - 2014-03-04 04:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2014-04-08 18:11 - 2014-03-04 03:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2014-04-08 18:11 - 2014-03-04 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2014-04-08 18:11 - 2014-02-03 21:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys2014-04-08 18:11 - 2014-02-03 21:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys2014-04-08 18:11 - 2014-02-03 21:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys2014-04-08 18:11 - 2014-02-03 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll2014-04-08 18:11 - 2014-02-03 21:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll2014-04-08 18:11 - 2014-01-23 21:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys2014-04-05 02:00 - 2000-06-23 14:06 - 00192000 _____ (Ligos Corporation) C:\Windows\SysWOW64\iac2d20d.rra2014-04-05 02:00 - 2000-06-23 14:05 - 00136704 _____ (Ligos Corporation) C:\Windows\SysWOW64\iacenc.dll2014-04-05 02:00 - 2000-06-23 10:36 - 00745984 _____ (Ligos Corporation) C:\Windows\SysWOW64\ir50d21d.rra2014-04-05 02:00 - 2000-06-22 18:11 - 00145408 _____ (Ligos Corporation) C:\Windows\SysWOW64\Ivfsd25b.rra2014-04-05 02:00 - 2000-06-22 13:09 - 00056320 _____ () C:\Windows\SysWOW64\iyvu9_32.dll2014-04-03 13:47 - 2014-04-03 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit2014-04-03 13:33 - 2014-04-03 13:33 - 00715038 _____ () C:\Windows\unins000.exe2014-04-03 13:33 - 2014-04-03 13:33 - 00001995 _____ () C:\Windows\unins000.dat2014-04-03 13:33 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll2014-04-03 13:33 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll2014-04-03 13:30 - 2014-04-03 13:30 - 03874080 _____ (ExKode Co. Ltd. ) C:\Users\Isaiah's\Downloads\DxtorySetup2.0.126.exe2014-04-03 13:30 - 2014-04-03 13:30 - 00000000 ____D () C:\Program Files (x86)\ExKode2014-04-03 13:30 - 2014-04-03 13:20 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Dxtory Software2014-04-03 13:20 - 2014-04-03 13:20 - 00001182 _____ () C:\Users\Isaiah's\Desktop\Dxtory.lnk2014-04-03 13:20 - 2014-04-03 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.02014-04-03 13:20 - 2014-04-03 13:20 - 00000000 ____D () C:\Program Files (x86)\Dxtory Software2014-04-03 13:20 - 2013-02-15 22:44 - 08300544 _____ (Dxtory Software) C:\Windows\SysWOW64\DxtoryCodec.dll2014-04-03 13:20 - 2013-02-15 22:44 - 08043008 _____ (Dxtory Software) C:\Windows\system32\DxtoryCodec.dll2014-04-03 13:17 - 2014-04-03 13:17 - 04135551 _____ (Dxtory Software ) C:\Users\Isaiah's\Downloads\DxtorySetup2.0.122.exe2014-04-03 13:14 - 2014-04-03 13:14 - 00000184 _____ () C:\Users\Isaiah's\Downloads\Dxtory.dxtorylic2014-04-01 23:37 - 2014-04-01 23:37 - 00002166 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk2014-04-01 23:35 - 2014-04-01 23:35 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk2014-04-01 23:35 - 2014-04-01 23:35 - 00002503 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk2014-04-01 23:35 - 2014-04-01 23:35 - 00002491 _____ () C:\Users\Public\Desktop\Safari.lnk2014-04-01 23:35 - 2014-04-01 23:35 - 00000000 ____D () C:\Windows\System32\Tasks\Apple2014-04-01 23:35 - 2014-04-01 23:35 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Apple Computer2014-04-01 23:35 - 2014-04-01 23:35 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Apple Computer2014-04-01 23:35 - 2014-04-01 23:35 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Apple2014-04-01 23:35 - 2014-04-01 23:35 - 00000000 ____D () C:\ProgramData\Apple Computer2014-04-01 23:35 - 2014-04-01 23:35 - 00000000 ____D () C:\ProgramData\Apple2014-04-01 23:35 - 2014-04-01 23:35 - 00000000 ____D () C:\Program Files (x86)\Safari2014-04-01 23:35 - 2014-04-01 23:35 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update2014-04-01 18:35 - 2014-04-24 09:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG==================== One Month Modified Files and Folders =======2014-05-01 22:33 - 2013-11-29 18:49 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-05-01 20:21 - 2013-12-27 23:08 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{344D4A9F-070C-4BD2-BA29-2C31D7D58449}2014-05-01 19:45 - 2014-05-01 19:38 - 00002574 _____ () C:\Users\Isaiah's\Desktop\New Text Document (3).txt2014-05-01 19:45 - 2013-11-28 23:30 - 01835535 _____ () C:\Windows\WindowsUpdate.log2014-05-01 19:42 - 2013-12-25 22:20 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4072817583-1142088816-480465609-1000UA.job2014-05-01 19:39 - 2013-11-29 12:15 - 00000000 ____D () C:\ProgramData\MFAData2014-05-01 19:39 - 2009-07-13 23:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-05-01 19:39 - 2009-07-13 23:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-05-01 19:38 - 2009-07-14 00:13 - 00006182 _____ () C:\Windows\system32\PerfStringBackup.INI2014-05-01 19:36 - 2014-04-23 16:03 - 00000000 ____D () C:\FRST2014-05-01 19:35 - 2014-05-01 19:35 - 00003496 ____N () C:\bootsqm.dat2014-05-01 19:34 - 2014-04-20 00:11 - 00002489 _____ () C:\Windows\setupact.log2014-05-01 19:34 - 2014-02-04 22:22 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Overwolf2014-05-01 19:34 - 2014-02-04 13:48 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\WhatPulse2014-05-01 19:34 - 2013-11-29 12:32 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Skype2014-05-01 19:34 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-05-01 12:39 - 2013-11-29 16:09 - 00000013 _____ () C:\Users\Isaiah's\rlvote.txt2014-05-01 12:39 - 2013-11-29 16:09 - 00000000 _____ () C:\Users\Isaiah's\songList.txt2014-05-01 12:37 - 2014-05-01 12:37 - 00921512 _____ (Oracle Corporation) C:\Users\Isaiah's\Downloads\jxpiinstall(2).exe2014-05-01 00:53 - 2014-05-01 00:52 - 00921512 _____ (Oracle Corporation) C:\Users\Isaiah's\Downloads\jxpiinstall(1).exe2014-05-01 00:50 - 2014-05-01 00:50 - 13829304 _____ (Microsoft Corporation) C:\Users\Isaiah's\Downloads\mseinstall.exe2014-05-01 00:50 - 2014-05-01 00:50 - 00002052 _____ () C:\Windows\epplauncher.mif2014-05-01 00:39 - 2014-05-01 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-05-01 00:39 - 2014-02-09 00:26 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2014-05-01 00:39 - 2014-02-09 00:26 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2014-05-01 00:39 - 2014-02-09 00:26 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2014-05-01 00:39 - 2014-02-09 00:26 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2014-04-30 23:42 - 2013-12-25 22:20 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4072817583-1142088816-480465609-1000Core.job2014-04-30 20:09 - 2014-04-30 20:09 - 00002159 _____ () C:\Users\Isaiah's\Desktop\Tweaking.com - Windows Repair (All in One).lnk2014-04-30 20:08 - 2014-04-30 20:08 - 05577080 _____ () C:\Users\Isaiah's\Downloads\tweaking.com_windows_repair_aio_setup.exe2014-04-30 20:08 - 2014-04-30 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com2014-04-30 20:08 - 2014-04-30 20:08 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com2014-04-30 20:04 - 2014-04-30 19:58 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE2014-04-30 20:01 - 2009-07-13 21:34 - 00000439 _____ () C:\Windows\win.ini2014-04-30 20:00 - 2014-04-30 20:00 - 00921512 _____ (Oracle Corporation) C:\Users\Isaiah's\Downloads\jxpiinstall.exe2014-04-30 19:57 - 2014-04-30 19:57 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ISAIAHS-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat2014-04-30 19:56 - 2014-04-30 19:56 - 00000000 ____D () C:\RegBackup2014-04-30 19:54 - 2014-04-23 23:19 - 00001620 _____ () C:\Windows\PFRO.log2014-04-30 19:54 - 2013-11-29 12:13 - 00058984 _____ () C:\Users\Isaiah's\AppData\Local\GDIPFONTCACHEV1.DAT2014-04-30 19:54 - 2009-07-13 23:45 - 00272432 _____ () C:\Windows\system32\FNTCACHE.DAT2014-04-30 18:19 - 2014-04-30 18:17 - 00000000 ____D () C:\Users\Isaiah's\Desktop\JavaRa-1.16-28-5-132014-04-30 18:18 - 2014-04-30 18:18 - 00070549 _____ () C:\JavaRa.log2014-04-30 18:06 - 2014-04-30 18:06 - 00165483 _____ () C:\Users\Isaiah's\Desktop\JavaRa-1.16-28-5-13.zip2014-04-30 17:28 - 2014-04-30 17:28 - 00347816 _____ (Microsoft Corporation) C:\Users\Isaiah's\Downloads\MicrosoftFixit.wu.RNP.1232233455484701.1.1.Run.exe2014-04-30 12:52 - 2014-04-16 09:41 - 00000000 ____D () C:\Users\Isaiah's\RecklessPk2014-04-30 09:43 - 2014-04-29 08:48 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2014-04-30 09:43 - 2014-01-16 23:32 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr2014-04-30 09:33 - 2014-01-16 01:17 - 00291488 _____ () C:\Windows\SysWOW64\PnkBstrB.ex02014-04-30 08:11 - 2013-12-27 21:44 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\ArmA 2 OA2014-04-29 23:18 - 2014-04-29 23:14 - 274777419 _____ () C:\Users\Isaiah's\Downloads\The Dreamers Full Movie in HD Streaming.mp42014-04-29 19:43 - 2014-03-19 08:37 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Mozilla2014-04-29 16:50 - 2014-04-29 16:34 - 1147897391 _____ () C:\Users\Isaiah's\Downloads\Super Mario Galaxy 2 __ SPEED RUN in 3_14_43 by Yoshifan #AGDQ 2014.mp42014-04-29 08:49 - 2014-01-16 23:32 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\PunkBuster2014-04-29 08:48 - 2014-04-29 08:48 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe2014-04-29 08:48 - 2014-04-29 08:48 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Ubisoft2014-04-29 08:24 - 2014-04-29 08:24 - 00000202 _____ () C:\Users\Isaiah's\Desktop\Tom Clancy's Ghost Recon Phantoms - NA.url2014-04-29 08:09 - 2014-04-28 14:57 - 00000000 ____D () C:\Users\Isaiah's\Desktop\Stuffs2014-04-29 08:09 - 2013-11-30 10:17 - 00000706 _____ () C:\Users\Public\Desktop\Fraps.lnk2014-04-29 08:09 - 2013-11-29 16:12 - 00000840 _____ () C:\Users\Public\Desktop\Speccy.lnk2014-04-29 00:34 - 2013-11-29 18:49 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-04-29 00:34 - 2013-11-29 18:49 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-04-29 00:34 - 2013-11-29 18:49 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-04-28 16:23 - 2014-02-04 22:22 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\TS3Client2014-04-28 14:58 - 2014-04-28 14:58 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-04-28 12:17 - 2014-04-28 12:17 - 00000924 _____ () C:\Users\fbwuser7108\Desktop\NTREGOPT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000924 _____ () C:\Users\fbwuser6A57\Desktop\NTREGOPT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000924 _____ () C:\Users\fbwuser0045\Desktop\NTREGOPT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000905 _____ () C:\Users\fbwuser7108\Desktop\ERUNT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000905 _____ () C:\Users\fbwuser6A57\Desktop\ERUNT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000905 _____ () C:\Users\fbwuser0045\Desktop\ERUNT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT2014-04-28 12:17 - 2014-04-28 12:17 - 00000000 ____D () C:\Program Files (x86)\ERUNT2014-04-28 12:17 - 2014-02-26 11:03 - 00000000 ____D () C:\Windows\erdnt2014-04-28 12:16 - 2014-04-28 12:15 - 00002440 _____ () C:\Users\Isaiah's\Desktop\Rkill.txt2014-04-28 09:33 - 2014-04-23 18:47 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.32014-04-28 09:21 - 2014-03-01 12:48 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\CrashDumps2014-04-28 09:19 - 2014-02-25 18:33 - 00000000 ____D () C:\AdwCleaner2014-04-28 09:13 - 2014-04-28 09:13 - 00000000 ____D () C:\Windows\ERUNT2014-04-28 09:11 - 2014-04-28 09:11 - 02347384 _____ (ESET) C:\Users\Isaiah's\Downloads\esetsmartinstaller_enu.exe2014-04-28 09:11 - 2014-04-28 09:11 - 00000000 ____D () C:\Program Files (x86)\ESET2014-04-28 09:07 - 2014-04-28 09:07 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2014-04-28 09:06 - 2014-04-28 14:57 - 00000000 ____D () C:\Users\Isaiah's\Desktop\mbar2014-04-28 09:06 - 2009-07-14 00:08 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2014-04-27 15:22 - 2013-11-30 10:09 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\.minecraft2014-04-25 18:56 - 2014-04-25 18:56 - 00005931 _____ () C:\Users\Isaiah's\Downloads\LOL_OPGG_Observer_1358991227.bat2014-04-24 09:30 - 2014-04-01 18:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG2014-04-24 09:30 - 2013-11-29 12:17 - 00000965 _____ () C:\Users\Public\Desktop\AVG 2014.lnk2014-04-24 07:15 - 2014-01-17 18:13 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Akamai2014-04-23 18:47 - 2014-04-23 18:47 - 00001085 _____ () C:\Users\Isaiah's\Desktop\Cheat Engine.lnk2014-04-23 18:47 - 2014-04-23 18:47 - 00000000 ____D () C:\Users\Isaiah's\Documents\My Cheat Tables2014-04-23 18:47 - 2014-04-23 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.32014-04-23 16:07 - 2014-04-23 16:03 - 00043647 _____ () C:\Users\Isaiah's\Downloads\FRST.txt2014-04-23 16:07 - 2014-04-23 16:03 - 00029946 _____ () C:\Users\Isaiah's\Downloads\Addition.txt2014-04-23 16:02 - 2014-04-23 16:02 - 02061312 _____ (Farbar) C:\Users\Isaiah's\Downloads\FRST64.exe2014-04-23 15:54 - 2014-04-22 16:33 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Curse Client2014-04-23 15:51 - 2014-04-23 15:51 - 00013309 _____ () C:\Users\Isaiah's\Desktop\Recovery - Shortcut.lnk2014-04-23 15:51 - 2014-04-23 15:51 - 00013125 _____ () C:\Users\Isaiah's\Desktop\Change User Account Control settings - Shortcut.lnk2014-04-23 15:51 - 2013-11-28 23:30 - 00000000 ____D () C:\Recovery2014-04-22 16:33 - 2014-04-22 16:33 - 00001003 _____ () C:\Users\Isaiah's\Desktop\Curse.lnk2014-04-22 16:33 - 2014-04-22 16:33 - 00000989 _____ () C:\Users\Isaiah's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk2014-04-22 16:33 - 2014-04-22 16:33 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Curse Advertising2014-04-22 16:33 - 2013-11-28 23:30 - 00000000 ___RD () C:\Users\Isaiah's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-22 16:32 - 2014-04-22 16:32 - 37437096 _____ (Curse) C:\Users\Isaiah's\Downloads\CurseClientSetup.exe2014-04-22 16:32 - 2014-04-22 16:32 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Curse2014-04-21 21:14 - 2014-04-12 18:36 - 00000919 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.txt2014-04-21 21:14 - 2014-04-12 18:36 - 00000000 ____D () C:\Program Files (x86)\NCH Software2014-04-21 21:14 - 2014-04-12 18:36 - 00000000 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt2014-04-20 00:18 - 2013-11-29 12:20 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Google2014-04-20 00:18 - 2013-11-29 12:20 - 00000000 ____D () C:\Program Files (x86)\Google2014-04-20 00:17 - 2014-04-20 00:17 - 00260698 _____ () C:\Users\Isaiah's\Documents\cc_20140420_001750.reg2014-04-20 00:13 - 2013-12-03 16:15 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\CRE2014-04-20 00:11 - 2014-04-20 00:11 - 00000000 _____ () C:\Windows\setuperr.log2014-04-20 00:07 - 2014-02-09 00:31 - 00000000 ____D () C:\Users\Isaiah's\Desktop\New folder2014-04-19 00:20 - 2014-04-19 00:18 - 00911720 _____ (Chaos Software Group, Inc.) C:\Users\Isaiah's\Downloads\atomic(1).exe2014-04-19 00:19 - 2014-04-19 00:18 - 00911720 _____ (Chaos Software Group, Inc.) C:\Users\Isaiah's\Downloads\atomic.exe2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys2014-04-17 21:05 - 2013-11-29 12:42 - 00000982 _____ () C:\Users\Public\Desktop\Gyazo.lnk2014-04-17 21:05 - 2013-11-29 12:42 - 00000982 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk2014-04-17 21:05 - 2013-11-29 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo2014-04-17 21:05 - 2013-11-29 12:42 - 00000000 ____D () C:\Program Files (x86)\Gyazo2014-04-17 21:04 - 2013-11-29 12:42 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Gyazo2014-04-16 21:37 - 2014-04-12 12:15 - 00000000 ____D () C:\Users\Isaiah's\Desktop\Desktop Client2014-04-16 09:41 - 2013-11-28 23:30 - 00000000 ____D () C:\Users\Isaiah's2014-04-14 13:24 - 2013-11-29 22:54 - 00000000 ____D () C:\Program Files (x86)\StarCraft II2014-04-14 05:58 - 2014-04-14 05:58 - 37400880 _____ (Curse) C:\Users\Isaiah's\Downloads\CurseClientSetup_Gn39.exe2014-04-12 23:42 - 2014-04-12 18:36 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software2014-04-12 23:28 - 2014-04-12 23:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee2014-04-12 23:27 - 2014-04-12 18:31 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Screaming Bee2014-04-12 23:18 - 2014-04-12 18:36 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.1.txt2014-04-12 23:10 - 2014-04-12 23:10 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Avnex2014-04-12 23:00 - 2014-04-12 22:54 - 00000024 _____ () C:\Users\Isaiah's\Desktop\Kelias number.txt2014-04-12 18:46 - 2014-04-12 18:36 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.4.txt2014-04-12 18:46 - 2014-04-12 18:36 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.3.txt2014-04-12 18:45 - 2014-04-12 18:36 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.5.txt2014-04-12 18:44 - 2014-04-12 18:36 - 00000919 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.6.txt2014-04-12 18:40 - 2014-04-12 18:36 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.2.txt2014-04-12 18:36 - 2014-04-12 18:36 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.7.txt2014-04-12 18:36 - 2014-04-12 18:36 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\NCH Software2014-04-12 18:36 - 2014-04-12 18:36 - 00000000 ____D () C:\ProgramData\NCH Software2014-04-12 18:34 - 2013-12-25 22:03 - 00001901 _____ () C:\Users\Isaiah's\Desktop\Clownfish.lnk2014-04-12 14:07 - 2014-01-19 01:10 - 00000000 ____D () C:\Users\Isaiah's\Documents\BIS Core Engine2014-04-12 12:15 - 2014-04-12 12:15 - 00000000 ____D () C:\Users\Isaiah's\.ss22014-04-12 10:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache2014-04-10 20:20 - 2014-04-10 20:18 - 27997568 _____ (Wireshark development team) C:\Users\Isaiah's\Downloads\Wireshark-win64-1.10.6.exe2014-04-09 10:02 - 2014-04-09 10:02 - 00000000 _____ () C:\Users\Isaiah's\Desktop\BATTLE SCARS LEGENDARY SONG.txt2014-04-08 23:35 - 2013-11-29 11:36 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-04-08 23:35 - 2013-11-29 11:36 - 00000000 ____D () C:\Windows\system32\MRT2014-04-05 02:02 - 2013-12-08 23:22 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games2014-04-05 01:57 - 2013-11-29 11:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-04-03 13:47 - 2014-04-03 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit2014-04-03 13:33 - 2014-04-03 13:33 - 00715038 _____ () C:\Windows\unins000.exe2014-04-03 13:33 - 2014-04-03 13:33 - 00001995 _____ () C:\Windows\unins000.dat2014-04-03 13:30 - 2014-04-03 13:30 - 03874080 _____ (ExKode Co. Ltd. ) C:\Users\Isaiah's\Downloads\DxtorySetup2.0.126.exe2014-04-03 13:30 - 2014-04-03 13:30 - 00000000 ____D () C:\Program Files (x86)\ExKode2014-04-03 13:20 - 2014-04-03 13:30 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Dxtory Software2014-04-03 13:20 - 2014-04-03 13:20 - 00001182 _____ () C:\Users\Isaiah's\Desktop\Dxtory.lnk2014-04-03 13:20 - 2014-04-03 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.02014-04-03 13:20 - 2014-04-03 13:20 - 00000000 ____D () C:\Program Files (x86)\Dxtory Software2014-04-03 13:17 - 2014-04-03 13:17 - 04135551 _____ (Dxtory Software ) C:\Users\Isaiah's\Downloads\DxtorySetup2.0.122.exe2014-04-03 13:14 - 2014-04-03 13:14 - 00000184 _____ () C:\Users\Isaiah's\Downloads\Dxtory.dxtorylic2014-04-03 13:04 - 2014-03-27 00:27 - 00000000 ____D () C:\Program Files (x86)\OBS2014-04-03 13:01 - 2013-12-04 22:08 - 00001623 _____ () C:\Users\Public\Desktop\Combat Arms.lnk2014-04-02 23:37 - 2013-12-25 22:20 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4072817583-1142088816-480465609-1000UA2014-04-02 23:37 - 2013-12-25 22:20 - 00003500 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4072817583-1142088816-480465609-1000Core2014-04-01 23:38 - 2014-03-12 14:43 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Adobe2014-04-01 23:37 - 2014-04-01 23:37 - 00002166 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk2014-04-01 23:35 - 2014-04-01 23:35 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk2014-04-01 23:35 - 2014-04-01 23:35 - 00002503 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk2014-04-01 23:35 - 2014-04-01 23:35 - 00002491 _____ () C:\Users\Public\Desktop\Safari.lnk2014-04-01 23:35 - 2014-04-01 23:35 - 00000000 ____D () C:\Windows\System32\Tasks\Apple2014-04-01 23:35 - 2014-04-01 23:35 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Apple Computer2014-04-01 23:35 - 2014-04-01 23:35 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Apple Computer2014-04-01 23:35 - 2014-04-01 23:35 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Apple2014-04-01 23:35 - 2014-04-01 23:35 - 00000000 ____D () C:\ProgramData\Apple Computer2014-04-01 23:35 - 2014-04-01 23:35 - 00000000 ____D () C:\ProgramData\Apple2014-04-01 23:35 - 2014-04-01 23:35 - 00000000 ____D () C:\Program Files (x86)\Safari2014-04-01 23:35 - 2014-04-01 23:35 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update2014-04-01 23:03 - 2014-01-24 16:35 - 00001608 _____ () C:\Users\Isaiah's\Desktop\Slender - The Eight Pages.lnk==================== Bamital & volsnap Check =================C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legitLastRegBack: 2014-04-29 18:03==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 2, 2014 Root Admin ID:826166 Share Posted May 2, 2014 Okay, this is going to manually start to rip out AVG antivirus. In so doing it may possibly hang the computer. If it does let it run for a few minutes and then if needed force it to shut down but give it a few minutes first in case the file removal is just being stubborn. Once the computer has rebooted then try to run the AVG removal tool to finish cleaning up any left over items for AVG Please download the attached fixlist.txt file and save it to the Desktop.NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.Run FRST or FRST64 and press the Fix button just once and wait.If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.Note: If the tool warned you about an outdated version please download and run the updated version. fixlist.txt Link to post Share on other sites More sharing options...
Zygapop Posted May 2, 2014 Author ID:826327 Share Posted May 2, 2014 It took a while for FRST to actually go through and it froze up quite a few times but it eventually finished. Here is the fixlog:Fixlog.txt Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 3, 2014 Root Admin ID:826393 Share Posted May 3, 2014 Great, okay please run the AVG removal tool now. It should be able to run without an issue now. Then once that's done please run Combofix again and post back a new log. Link to post Share on other sites More sharing options...
Zygapop Posted May 3, 2014 Author ID:826413 Share Posted May 3, 2014 I figured you meant FRST instead of Combofix since you didn't give the dl link.Here's the log:Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-05-2014 02Ran by Isaiah's (administrator) on ISAIAHS-PC on 02-05-2014 20:48:22Running from C:\Users\Isaiah's\Desktop\Stuffs\New folderWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: NormalThe only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(AMD) C:\Windows\System32\atiesrxx.exe(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe() C:\Windows\SysWOW64\PnkBstrA.exe(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe(AMD) C:\Windows\System32\atieclxx.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe(Akamai Technologies, Inc.) C:\Users\Isaiah's\AppData\Local\Akamai\netsession_win.exe() C:\Program Files (x86)\WhatPulse2\whatpulse.exe(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe(Akamai Technologies, Inc.) C:\Users\Isaiah's\AppData\Local\Akamai\netsession_win.exe() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe(Curse, Inc) C:\Users\Isaiah's\AppData\Roaming\Curse Client\Bin\Curse.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Microsoft Corporation) C:\Windows\System32\prevhost.exe==================== Registry (Whitelisted) ==================HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [811792 2014-01-20] (BlueStack Systems, Inc.)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)HKU\S-1-5-21-4072817583-1142088816-480465609-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)HKU\S-1-5-21-4072817583-1142088816-480465609-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [344552 2013-10-08] (CyberGhost S.R.L.)HKU\S-1-5-21-4072817583-1142088816-480465609-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Isaiah's\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)HKU\S-1-5-21-4072817583-1142088816-480465609-1000\...\Run: [WhatPulse] => C:\Program Files (x86)\WhatPulse2\whatpulse.exe [3126272 2013-12-11] ()HKU\S-1-5-21-4072817583-1142088816-480465609-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [37632 2014-01-30] (Overwolf LTD)HKU\S-1-5-21-4072817583-1142088816-480465609-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20924064 2014-02-10] (Skype Technologies S.A.)HKU\S-1-5-21-4072817583-1142088816-480465609-1000\...\Run: [Google Update] => C:\Users\Isaiah's\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-25] (Google Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnkShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()Startup: C:\Users\Isaiah's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnkShortcutTarget: Curse.lnk -> C:\Users\Isaiah's\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)==================== Internet (Whitelisted) ====================HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x64EC3D141FEDCE01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeSearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1FireFox:========FF ProfilePath: C:\Users\Isaiah's\AppData\Roaming\Mozilla\Firefox\Profiles\ngv22fj8.defaultFF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Isaiah's\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Isaiah's\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Isaiah's\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Isaiah's\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Isaiah's\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()FF Plugin ProgramFiles/Appdata: C:\Users\Isaiah's\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)FF Plugin ProgramFiles/Appdata: C:\Users\Isaiah's\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)FF Extension: Adblock Plus - C:\Users\Isaiah's\AppData\Roaming\Mozilla\Firefox\Profiles\ngv22fj8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-09]==================== Services (Whitelisted) =================S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-12-27] ()S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-01-20] (BlueStack Systems, Inc.)R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [26600 2013-10-08] (CyberGhost S.R.L)S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-11-21] (Futuremark)S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [98560 2014-01-30] (Overwolf LTD)R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-29] ()S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)S2 OutfoxTvService; C:\Program Files\OutfoxTV\OutfoxTvService.exe [X]==================== Drivers (Whitelisted) ====================U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-01-14] (AnchorFree Inc.)S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-04-28] (Malwarebytes Corporation)R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-01-14] (Anchorfree Inc.)R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2014-05-02 20:46 - 2014-05-02 20:47 - 00466038 _____ () C:\Users\Isaiah's\Desktop\avgremover.log2014-05-02 20:46 - 2014-05-02 20:46 - 00000057 _____ () C:\Users\Isaiah's\Downloads\avgremover.log2014-05-02 20:45 - 2014-05-02 20:45 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Isaiah's\Desktop\avg_remover_stf_x64_2014_4116.exe2014-05-02 18:50 - 2014-05-02 18:50 - 00061440 _____ (Gary's Hood) C:\Users\Isaiah's\Downloads\rsclient.exe2014-05-02 17:02 - 2014-03-06 05:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-02 17:02 - 2014-03-06 04:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-02 17:02 - 2014-03-06 04:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-05-02 17:02 - 2014-03-06 04:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-05-02 17:02 - 2014-03-06 03:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-05-02 17:02 - 2014-03-06 03:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-05-02 17:02 - 2014-03-06 03:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-05-02 17:02 - 2014-03-06 03:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-05-02 17:02 - 2014-03-06 03:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-05-02 17:02 - 2014-03-06 03:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-05-02 17:02 - 2014-03-06 03:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-05-02 17:02 - 2014-03-06 03:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-05-02 17:02 - 2014-03-06 03:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-05-02 17:02 - 2014-03-06 03:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-05-02 17:02 - 2014-03-06 03:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-05-02 17:02 - 2014-03-06 03:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-05-02 17:02 - 2014-03-06 03:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-05-02 17:02 - 2014-03-06 03:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-05-02 17:02 - 2014-03-06 03:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-05-02 17:02 - 2014-03-06 03:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-05-02 17:02 - 2014-03-06 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-05-02 17:02 - 2014-03-06 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-05-02 17:02 - 2014-03-06 02:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-05-02 17:02 - 2014-03-06 02:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-05-02 17:02 - 2014-03-06 02:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-05-02 17:02 - 2014-03-06 02:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-05-02 17:02 - 2014-03-06 02:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-05-02 17:02 - 2014-03-06 02:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-05-02 17:02 - 2014-03-06 02:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-05-02 17:02 - 2014-03-06 02:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-05-02 17:02 - 2014-03-06 02:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-05-02 17:02 - 2014-03-06 02:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-05-02 17:02 - 2014-03-06 02:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-05-02 17:02 - 2014-03-06 02:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-05-02 17:02 - 2014-03-06 02:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-05-02 17:02 - 2014-03-06 02:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-05-02 17:02 - 2014-03-06 02:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-05-02 17:02 - 2014-03-06 02:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-05-02 17:02 - 2014-03-06 01:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-05-02 17:02 - 2014-03-06 01:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-05-02 17:02 - 2014-03-06 01:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-05-02 17:02 - 2014-03-06 01:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-05-02 17:02 - 2014-03-06 01:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-05-02 17:02 - 2014-03-06 00:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-05-02 17:02 - 2014-03-06 00:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-05-02 17:02 - 2014-03-06 00:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-05-02 17:02 - 2014-03-06 00:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-05-02 17:02 - 2014-03-06 00:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-05-01 19:38 - 2014-05-01 19:45 - 00002574 _____ () C:\Users\Isaiah's\Desktop\New Text Document (3).txt2014-05-01 12:37 - 2014-05-01 12:37 - 00921512 _____ (Oracle Corporation) C:\Users\Isaiah's\Downloads\jxpiinstall(2).exe2014-05-01 00:52 - 2014-05-01 00:53 - 00921512 _____ (Oracle Corporation) C:\Users\Isaiah's\Downloads\jxpiinstall(1).exe2014-05-01 00:50 - 2014-05-01 00:50 - 13829304 _____ (Microsoft Corporation) C:\Users\Isaiah's\Downloads\mseinstall.exe2014-05-01 00:50 - 2014-05-01 00:50 - 00002052 _____ () C:\Windows\epplauncher.mif2014-05-01 00:39 - 2014-05-01 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-04-30 20:09 - 2014-04-30 20:09 - 00002159 _____ () C:\Users\Isaiah's\Desktop\Tweaking.com - Windows Repair (All in One).lnk2014-04-30 20:08 - 2014-04-30 20:08 - 05577080 _____ () C:\Users\Isaiah's\Downloads\tweaking.com_windows_repair_aio_setup.exe2014-04-30 20:08 - 2014-04-30 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com2014-04-30 20:08 - 2014-04-30 20:08 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com2014-04-30 20:00 - 2014-04-30 20:00 - 00921512 _____ (Oracle Corporation) C:\Users\Isaiah's\Downloads\jxpiinstall.exe2014-04-30 19:58 - 2014-04-30 20:04 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE2014-04-30 19:57 - 2014-04-30 19:57 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ISAIAHS-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat2014-04-30 19:56 - 2014-04-30 19:56 - 00000000 ____D () C:\RegBackup2014-04-30 18:18 - 2014-04-30 18:18 - 00070549 _____ () C:\JavaRa.log2014-04-30 18:17 - 2014-04-30 18:19 - 00000000 ____D () C:\Users\Isaiah's\Desktop\JavaRa-1.16-28-5-132014-04-30 18:06 - 2014-04-30 18:06 - 00165483 _____ () C:\Users\Isaiah's\Desktop\JavaRa-1.16-28-5-13.zip2014-04-30 17:28 - 2014-04-30 17:28 - 00347816 _____ (Microsoft Corporation) C:\Users\Isaiah's\Downloads\MicrosoftFixit.wu.RNP.1232233455484701.1.1.Run.exe2014-04-29 23:14 - 2014-04-29 23:18 - 274777419 _____ () C:\Users\Isaiah's\Downloads\The Dreamers Full Movie in HD Streaming.mp42014-04-29 16:34 - 2014-04-29 16:50 - 1147897391 _____ () C:\Users\Isaiah's\Downloads\Super Mario Galaxy 2 __ SPEED RUN in 3_14_43 by Yoshifan #AGDQ 2014.mp42014-04-29 08:48 - 2014-04-30 09:43 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2014-04-29 08:48 - 2014-04-29 08:48 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe2014-04-29 08:48 - 2014-04-29 08:48 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Ubisoft2014-04-29 08:24 - 2014-04-29 08:24 - 00000202 _____ () C:\Users\Isaiah's\Desktop\Tom Clancy's Ghost Recon Phantoms - NA.url2014-04-28 14:58 - 2014-04-28 14:58 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-04-28 14:57 - 2014-04-29 08:09 - 00000000 ____D () C:\Users\Isaiah's\Desktop\Stuffs2014-04-28 14:57 - 2014-04-28 09:06 - 00000000 ____D () C:\Users\Isaiah's\Desktop\mbar2014-04-28 12:17 - 2014-04-28 12:17 - 00000924 _____ () C:\Users\fbwuser7108\Desktop\NTREGOPT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000924 _____ () C:\Users\fbwuser6A57\Desktop\NTREGOPT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000924 _____ () C:\Users\fbwuser0045\Desktop\NTREGOPT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000905 _____ () C:\Users\fbwuser7108\Desktop\ERUNT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000905 _____ () C:\Users\fbwuser6A57\Desktop\ERUNT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000905 _____ () C:\Users\fbwuser0045\Desktop\ERUNT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT2014-04-28 12:17 - 2014-04-28 12:17 - 00000000 ____D () C:\Program Files (x86)\ERUNT2014-04-28 12:15 - 2014-04-28 12:16 - 00002440 _____ () C:\Users\Isaiah's\Desktop\Rkill.txt2014-04-28 09:13 - 2014-04-28 09:13 - 00000000 ____D () C:\Windows\ERUNT2014-04-28 09:11 - 2014-04-28 09:11 - 02347384 _____ (ESET) C:\Users\Isaiah's\Downloads\esetsmartinstaller_enu.exe2014-04-28 09:11 - 2014-04-28 09:11 - 00000000 ____D () C:\Program Files (x86)\ESET2014-04-28 09:07 - 2014-04-28 09:07 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2014-04-25 18:56 - 2014-04-25 18:56 - 00005931 _____ () C:\Users\Isaiah's\Downloads\LOL_OPGG_Observer_1358991227.bat2014-04-23 23:19 - 2014-05-02 20:47 - 00002396 _____ () C:\Windows\PFRO.log2014-04-23 18:47 - 2014-04-28 09:33 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.32014-04-23 18:47 - 2014-04-23 18:47 - 00001085 _____ () C:\Users\Isaiah's\Desktop\Cheat Engine.lnk2014-04-23 18:47 - 2014-04-23 18:47 - 00000000 ____D () C:\Users\Isaiah's\Documents\My Cheat Tables2014-04-23 18:47 - 2014-04-23 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.32014-04-23 16:03 - 2014-05-02 20:48 - 00000000 ____D () C:\FRST2014-04-23 16:03 - 2014-04-23 16:07 - 00043647 _____ () C:\Users\Isaiah's\Downloads\FRST.txt2014-04-23 16:03 - 2014-04-23 16:07 - 00029946 _____ () C:\Users\Isaiah's\Downloads\Addition.txt2014-04-23 16:02 - 2014-04-23 16:02 - 02061312 _____ (Farbar) C:\Users\Isaiah's\Downloads\FRST64.exe2014-04-23 15:51 - 2014-04-23 15:51 - 00013309 _____ () C:\Users\Isaiah's\Desktop\Recovery - Shortcut.lnk2014-04-23 15:51 - 2014-04-23 15:51 - 00013125 _____ () C:\Users\Isaiah's\Desktop\Change User Account Control settings - Shortcut.lnk2014-04-22 16:33 - 2014-04-23 15:54 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Curse Client2014-04-22 16:33 - 2014-04-22 16:33 - 00001003 _____ () C:\Users\Isaiah's\Desktop\Curse.lnk2014-04-22 16:33 - 2014-04-22 16:33 - 00000989 _____ () C:\Users\Isaiah's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk2014-04-22 16:33 - 2014-04-22 16:33 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Curse Advertising2014-04-22 16:32 - 2014-04-22 16:32 - 37437096 _____ (Curse) C:\Users\Isaiah's\Downloads\CurseClientSetup.exe2014-04-22 16:32 - 2014-04-22 16:32 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Curse2014-04-20 00:17 - 2014-04-20 00:17 - 00260698 _____ () C:\Users\Isaiah's\Documents\cc_20140420_001750.reg2014-04-20 00:11 - 2014-05-02 20:47 - 00002657 _____ () C:\Windows\setupact.log2014-04-20 00:11 - 2014-04-20 00:11 - 00000000 _____ () C:\Windows\setuperr.log2014-04-19 00:18 - 2014-04-19 00:20 - 00911720 _____ (Chaos Software Group, Inc.) C:\Users\Isaiah's\Downloads\atomic(1).exe2014-04-19 00:18 - 2014-04-19 00:19 - 00911720 _____ (Chaos Software Group, Inc.) C:\Users\Isaiah's\Downloads\atomic.exe2014-04-16 09:41 - 2014-04-30 12:52 - 00000000 ____D () C:\Users\Isaiah's\RecklessPk2014-04-14 05:58 - 2014-04-14 05:58 - 37400880 _____ (Curse) C:\Users\Isaiah's\Downloads\CurseClientSetup_Gn39.exe2014-04-12 23:24 - 2014-04-12 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee2014-04-12 23:10 - 2014-04-12 23:10 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Avnex2014-04-12 23:09 - 2008-12-26 12:56 - 00021504 _____ (Avnex) C:\Windows\system32\Drivers\vcsvad.sys2014-04-12 22:54 - 2014-04-12 23:00 - 00000024 _____ () C:\Users\Isaiah's\Desktop\Kelias number.txt2014-04-12 18:36 - 2014-04-21 21:14 - 00000919 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.txt2014-04-12 18:36 - 2014-04-21 21:14 - 00000000 ____D () C:\Program Files (x86)\NCH Software2014-04-12 18:36 - 2014-04-21 21:14 - 00000000 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt2014-04-12 18:36 - 2014-04-12 23:42 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software2014-04-12 18:36 - 2014-04-12 23:18 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.1.txt2014-04-12 18:36 - 2014-04-12 18:46 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.4.txt2014-04-12 18:36 - 2014-04-12 18:46 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.3.txt2014-04-12 18:36 - 2014-04-12 18:45 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.5.txt2014-04-12 18:36 - 2014-04-12 18:44 - 00000919 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.6.txt2014-04-12 18:36 - 2014-04-12 18:40 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.2.txt2014-04-12 18:36 - 2014-04-12 18:36 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.7.txt2014-04-12 18:36 - 2014-04-12 18:36 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\NCH Software2014-04-12 18:36 - 2014-04-12 18:36 - 00000000 ____D () C:\ProgramData\NCH Software2014-04-12 18:31 - 2014-04-12 23:27 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Screaming Bee2014-04-12 12:15 - 2014-04-16 21:37 - 00000000 ____D () C:\Users\Isaiah's\Desktop\Desktop Client2014-04-12 12:15 - 2014-04-12 12:15 - 00000000 ____D () C:\Users\Isaiah's\.ss22014-04-10 20:18 - 2014-04-10 20:20 - 27997568 _____ (Wireshark development team) C:\Users\Isaiah's\Downloads\Wireshark-win64-1.10.6.exe2014-04-09 10:02 - 2014-04-09 10:02 - 00000000 _____ () C:\Users\Isaiah's\Desktop\BATTLE SCARS LEGENDARY SONG.txt2014-04-08 18:11 - 2014-03-04 04:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2014-04-08 18:11 - 2014-03-04 04:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2014-04-08 18:11 - 2014-03-04 04:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2014-04-08 18:11 - 2014-03-04 04:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2014-04-08 18:11 - 2014-03-04 04:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2014-04-08 18:11 - 2014-03-04 04:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2014-04-08 18:11 - 2014-03-04 04:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2014-04-08 18:11 - 2014-03-04 04:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2014-04-08 18:11 - 2014-03-04 04:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2014-04-08 18:11 - 2014-03-04 03:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2014-04-08 18:11 - 2014-03-04 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2014-04-08 18:11 - 2014-02-03 21:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys2014-04-08 18:11 - 2014-02-03 21:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys2014-04-08 18:11 - 2014-02-03 21:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys2014-04-08 18:11 - 2014-02-03 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll2014-04-08 18:11 - 2014-02-03 21:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll2014-04-08 18:11 - 2014-01-23 21:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys2014-04-05 02:00 - 2000-06-23 14:06 - 00192000 _____ (Ligos Corporation) C:\Windows\SysWOW64\iac2d20d.rra2014-04-05 02:00 - 2000-06-23 14:05 - 00136704 _____ (Ligos Corporation) C:\Windows\SysWOW64\iacenc.dll2014-04-05 02:00 - 2000-06-23 10:36 - 00745984 _____ (Ligos Corporation) C:\Windows\SysWOW64\ir50d21d.rra2014-04-05 02:00 - 2000-06-22 18:11 - 00145408 _____ (Ligos Corporation) C:\Windows\SysWOW64\Ivfsd25b.rra2014-04-05 02:00 - 2000-06-22 13:09 - 00056320 _____ () C:\Windows\SysWOW64\iyvu9_32.dll2014-04-03 13:47 - 2014-04-03 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit2014-04-03 13:33 - 2014-04-03 13:33 - 00715038 _____ () C:\Windows\unins000.exe2014-04-03 13:33 - 2014-04-03 13:33 - 00001995 _____ () C:\Windows\unins000.dat2014-04-03 13:33 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll2014-04-03 13:33 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll2014-04-03 13:30 - 2014-04-03 13:30 - 03874080 _____ (ExKode Co. Ltd. ) C:\Users\Isaiah's\Downloads\DxtorySetup2.0.126.exe2014-04-03 13:30 - 2014-04-03 13:30 - 00000000 ____D () C:\Program Files (x86)\ExKode2014-04-03 13:30 - 2014-04-03 13:20 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Dxtory Software2014-04-03 13:20 - 2014-04-03 13:20 - 00001182 _____ () C:\Users\Isaiah's\Desktop\Dxtory.lnk2014-04-03 13:20 - 2014-04-03 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.02014-04-03 13:20 - 2014-04-03 13:20 - 00000000 ____D () C:\Program Files (x86)\Dxtory Software2014-04-03 13:20 - 2013-02-15 22:44 - 08300544 _____ (Dxtory Software) C:\Windows\SysWOW64\DxtoryCodec.dll2014-04-03 13:20 - 2013-02-15 22:44 - 08043008 _____ (Dxtory Software) C:\Windows\system32\DxtoryCodec.dll2014-04-03 13:17 - 2014-04-03 13:17 - 04135551 _____ (Dxtory Software ) C:\Users\Isaiah's\Downloads\DxtorySetup2.0.122.exe2014-04-03 13:14 - 2014-04-03 13:14 - 00000184 _____ () C:\Users\Isaiah's\Downloads\Dxtory.dxtorylic==================== One Month Modified Files and Folders =======2014-05-02 20:48 - 2014-04-23 16:03 - 00000000 ____D () C:\FRST2014-05-02 20:48 - 2013-11-29 12:32 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Skype2014-05-02 20:47 - 2014-05-02 20:46 - 00466038 _____ () C:\Users\Isaiah's\Desktop\avgremover.log2014-05-02 20:47 - 2014-04-23 23:19 - 00002396 _____ () C:\Windows\PFRO.log2014-05-02 20:47 - 2014-04-20 00:11 - 00002657 _____ () C:\Windows\setupact.log2014-05-02 20:47 - 2014-02-04 22:22 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Overwolf2014-05-02 20:47 - 2013-11-28 23:30 - 01897731 _____ () C:\Windows\WindowsUpdate.log2014-05-02 20:47 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-05-02 20:47 - 2009-07-13 23:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-05-02 20:47 - 2009-07-13 23:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-05-02 20:47 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions2014-05-02 20:46 - 2014-05-02 20:46 - 00000057 _____ () C:\Users\Isaiah's\Downloads\avgremover.log2014-05-02 20:46 - 2014-02-04 13:48 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\WhatPulse2014-05-02 20:45 - 2014-05-02 20:45 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Isaiah's\Desktop\avg_remover_stf_x64_2014_4116.exe2014-05-02 20:42 - 2013-12-25 22:20 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4072817583-1142088816-480465609-1000UA.job2014-05-02 20:33 - 2013-11-29 18:49 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-05-02 18:57 - 2013-11-29 16:09 - 00000000 _____ () C:\Users\Isaiah's\songList.txt2014-05-02 18:50 - 2014-05-02 18:50 - 00061440 _____ (Gary's Hood) C:\Users\Isaiah's\Downloads\rsclient.exe2014-05-02 18:46 - 2013-11-29 16:09 - 00000013 _____ () C:\Users\Isaiah's\rlvote.txt2014-05-02 17:01 - 2013-12-27 23:08 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{344D4A9F-070C-4BD2-BA29-2C31D7D58449}2014-05-02 00:21 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup2014-05-02 00:13 - 2009-07-14 00:13 - 00006182 _____ () C:\Windows\system32\PerfStringBackup.INI2014-05-01 19:45 - 2014-05-01 19:38 - 00002574 _____ () C:\Users\Isaiah's\Desktop\New Text Document (3).txt2014-05-01 12:37 - 2014-05-01 12:37 - 00921512 _____ (Oracle Corporation) C:\Users\Isaiah's\Downloads\jxpiinstall(2).exe2014-05-01 00:53 - 2014-05-01 00:52 - 00921512 _____ (Oracle Corporation) C:\Users\Isaiah's\Downloads\jxpiinstall(1).exe2014-05-01 00:50 - 2014-05-01 00:50 - 13829304 _____ (Microsoft Corporation) C:\Users\Isaiah's\Downloads\mseinstall.exe2014-05-01 00:50 - 2014-05-01 00:50 - 00002052 _____ () C:\Windows\epplauncher.mif2014-05-01 00:39 - 2014-05-01 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-05-01 00:39 - 2014-02-09 00:26 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2014-05-01 00:39 - 2014-02-09 00:26 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2014-05-01 00:39 - 2014-02-09 00:26 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2014-05-01 00:39 - 2014-02-09 00:26 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2014-04-30 23:42 - 2013-12-25 22:20 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4072817583-1142088816-480465609-1000Core.job2014-04-30 20:09 - 2014-04-30 20:09 - 00002159 _____ () C:\Users\Isaiah's\Desktop\Tweaking.com - Windows Repair (All in One).lnk2014-04-30 20:08 - 2014-04-30 20:08 - 05577080 _____ () C:\Users\Isaiah's\Downloads\tweaking.com_windows_repair_aio_setup.exe2014-04-30 20:08 - 2014-04-30 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com2014-04-30 20:08 - 2014-04-30 20:08 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com2014-04-30 20:04 - 2014-04-30 19:58 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE2014-04-30 20:01 - 2009-07-13 21:34 - 00000439 _____ () C:\Windows\win.ini2014-04-30 20:00 - 2014-04-30 20:00 - 00921512 _____ (Oracle Corporation) C:\Users\Isaiah's\Downloads\jxpiinstall.exe2014-04-30 19:57 - 2014-04-30 19:57 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ISAIAHS-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat2014-04-30 19:56 - 2014-04-30 19:56 - 00000000 ____D () C:\RegBackup2014-04-30 19:54 - 2013-11-29 12:13 - 00058984 _____ () C:\Users\Isaiah's\AppData\Local\GDIPFONTCACHEV1.DAT2014-04-30 19:54 - 2009-07-13 23:45 - 00272432 _____ () C:\Windows\system32\FNTCACHE.DAT2014-04-30 18:19 - 2014-04-30 18:17 - 00000000 ____D () C:\Users\Isaiah's\Desktop\JavaRa-1.16-28-5-132014-04-30 18:18 - 2014-04-30 18:18 - 00070549 _____ () C:\JavaRa.log2014-04-30 18:06 - 2014-04-30 18:06 - 00165483 _____ () C:\Users\Isaiah's\Desktop\JavaRa-1.16-28-5-13.zip2014-04-30 17:28 - 2014-04-30 17:28 - 00347816 _____ (Microsoft Corporation) C:\Users\Isaiah's\Downloads\MicrosoftFixit.wu.RNP.1232233455484701.1.1.Run.exe2014-04-30 12:52 - 2014-04-16 09:41 - 00000000 ____D () C:\Users\Isaiah's\RecklessPk2014-04-30 09:43 - 2014-04-29 08:48 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2014-04-30 09:43 - 2014-01-16 23:32 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr2014-04-30 09:33 - 2014-01-16 01:17 - 00291488 _____ () C:\Windows\SysWOW64\PnkBstrB.ex02014-04-30 08:11 - 2013-12-27 21:44 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\ArmA 2 OA2014-04-29 23:18 - 2014-04-29 23:14 - 274777419 _____ () C:\Users\Isaiah's\Downloads\The Dreamers Full Movie in HD Streaming.mp42014-04-29 19:43 - 2014-03-19 08:37 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Mozilla2014-04-29 16:50 - 2014-04-29 16:34 - 1147897391 _____ () C:\Users\Isaiah's\Downloads\Super Mario Galaxy 2 __ SPEED RUN in 3_14_43 by Yoshifan #AGDQ 2014.mp42014-04-29 08:49 - 2014-01-16 23:32 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\PunkBuster2014-04-29 08:48 - 2014-04-29 08:48 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe2014-04-29 08:48 - 2014-04-29 08:48 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Ubisoft2014-04-29 08:24 - 2014-04-29 08:24 - 00000202 _____ () C:\Users\Isaiah's\Desktop\Tom Clancy's Ghost Recon Phantoms - NA.url2014-04-29 08:09 - 2014-04-28 14:57 - 00000000 ____D () C:\Users\Isaiah's\Desktop\Stuffs2014-04-29 08:09 - 2013-11-30 10:17 - 00000706 _____ () C:\Users\Public\Desktop\Fraps.lnk2014-04-29 08:09 - 2013-11-29 16:12 - 00000840 _____ () C:\Users\Public\Desktop\Speccy.lnk2014-04-29 00:34 - 2013-11-29 18:49 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-04-29 00:34 - 2013-11-29 18:49 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-04-29 00:34 - 2013-11-29 18:49 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-04-28 16:23 - 2014-02-04 22:22 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\TS3Client2014-04-28 14:58 - 2014-04-28 14:58 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-04-28 12:17 - 2014-04-28 12:17 - 00000924 _____ () C:\Users\fbwuser7108\Desktop\NTREGOPT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000924 _____ () C:\Users\fbwuser6A57\Desktop\NTREGOPT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000924 _____ () C:\Users\fbwuser0045\Desktop\NTREGOPT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000905 _____ () C:\Users\fbwuser7108\Desktop\ERUNT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000905 _____ () C:\Users\fbwuser6A57\Desktop\ERUNT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000905 _____ () C:\Users\fbwuser0045\Desktop\ERUNT.lnk2014-04-28 12:17 - 2014-04-28 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT2014-04-28 12:17 - 2014-04-28 12:17 - 00000000 ____D () C:\Program Files (x86)\ERUNT2014-04-28 12:17 - 2014-02-26 11:03 - 00000000 ____D () C:\Windows\erdnt2014-04-28 12:16 - 2014-04-28 12:15 - 00002440 _____ () C:\Users\Isaiah's\Desktop\Rkill.txt2014-04-28 09:33 - 2014-04-23 18:47 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.32014-04-28 09:21 - 2014-03-01 12:48 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\CrashDumps2014-04-28 09:19 - 2014-02-25 18:33 - 00000000 ____D () C:\AdwCleaner2014-04-28 09:13 - 2014-04-28 09:13 - 00000000 ____D () C:\Windows\ERUNT2014-04-28 09:11 - 2014-04-28 09:11 - 02347384 _____ (ESET) C:\Users\Isaiah's\Downloads\esetsmartinstaller_enu.exe2014-04-28 09:11 - 2014-04-28 09:11 - 00000000 ____D () C:\Program Files (x86)\ESET2014-04-28 09:07 - 2014-04-28 09:07 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2014-04-28 09:06 - 2014-04-28 14:57 - 00000000 ____D () C:\Users\Isaiah's\Desktop\mbar2014-04-28 09:06 - 2009-07-14 00:08 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2014-04-27 15:22 - 2013-11-30 10:09 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\.minecraft2014-04-25 18:56 - 2014-04-25 18:56 - 00005931 _____ () C:\Users\Isaiah's\Downloads\LOL_OPGG_Observer_1358991227.bat2014-04-24 07:15 - 2014-01-17 18:13 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Akamai2014-04-23 18:47 - 2014-04-23 18:47 - 00001085 _____ () C:\Users\Isaiah's\Desktop\Cheat Engine.lnk2014-04-23 18:47 - 2014-04-23 18:47 - 00000000 ____D () C:\Users\Isaiah's\Documents\My Cheat Tables2014-04-23 18:47 - 2014-04-23 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.32014-04-23 16:07 - 2014-04-23 16:03 - 00043647 _____ () C:\Users\Isaiah's\Downloads\FRST.txt2014-04-23 16:07 - 2014-04-23 16:03 - 00029946 _____ () C:\Users\Isaiah's\Downloads\Addition.txt2014-04-23 16:02 - 2014-04-23 16:02 - 02061312 _____ (Farbar) C:\Users\Isaiah's\Downloads\FRST64.exe2014-04-23 15:54 - 2014-04-22 16:33 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Curse Client2014-04-23 15:51 - 2014-04-23 15:51 - 00013309 _____ () C:\Users\Isaiah's\Desktop\Recovery - Shortcut.lnk2014-04-23 15:51 - 2014-04-23 15:51 - 00013125 _____ () C:\Users\Isaiah's\Desktop\Change User Account Control settings - Shortcut.lnk2014-04-23 15:51 - 2013-11-28 23:30 - 00000000 ____D () C:\Recovery2014-04-22 16:33 - 2014-04-22 16:33 - 00001003 _____ () C:\Users\Isaiah's\Desktop\Curse.lnk2014-04-22 16:33 - 2014-04-22 16:33 - 00000989 _____ () C:\Users\Isaiah's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk2014-04-22 16:33 - 2014-04-22 16:33 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Curse Advertising2014-04-22 16:33 - 2013-11-28 23:30 - 00000000 ___RD () C:\Users\Isaiah's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-22 16:32 - 2014-04-22 16:32 - 37437096 _____ (Curse) C:\Users\Isaiah's\Downloads\CurseClientSetup.exe2014-04-22 16:32 - 2014-04-22 16:32 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Curse2014-04-21 21:14 - 2014-04-12 18:36 - 00000919 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.txt2014-04-21 21:14 - 2014-04-12 18:36 - 00000000 ____D () C:\Program Files (x86)\NCH Software2014-04-21 21:14 - 2014-04-12 18:36 - 00000000 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt2014-04-20 00:18 - 2013-11-29 12:20 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Google2014-04-20 00:18 - 2013-11-29 12:20 - 00000000 ____D () C:\Program Files (x86)\Google2014-04-20 00:17 - 2014-04-20 00:17 - 00260698 _____ () C:\Users\Isaiah's\Documents\cc_20140420_001750.reg2014-04-20 00:13 - 2013-12-03 16:15 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\CRE2014-04-20 00:11 - 2014-04-20 00:11 - 00000000 _____ () C:\Windows\setuperr.log2014-04-20 00:07 - 2014-02-09 00:31 - 00000000 ____D () C:\Users\Isaiah's\Desktop\New folder2014-04-19 00:20 - 2014-04-19 00:18 - 00911720 _____ (Chaos Software Group, Inc.) C:\Users\Isaiah's\Downloads\atomic(1).exe2014-04-19 00:19 - 2014-04-19 00:18 - 00911720 _____ (Chaos Software Group, Inc.) C:\Users\Isaiah's\Downloads\atomic.exe2014-04-17 21:05 - 2013-11-29 12:42 - 00000982 _____ () C:\Users\Public\Desktop\Gyazo.lnk2014-04-17 21:05 - 2013-11-29 12:42 - 00000982 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk2014-04-17 21:05 - 2013-11-29 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo2014-04-17 21:05 - 2013-11-29 12:42 - 00000000 ____D () C:\Program Files (x86)\Gyazo2014-04-17 21:04 - 2013-11-29 12:42 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Gyazo2014-04-16 21:37 - 2014-04-12 12:15 - 00000000 ____D () C:\Users\Isaiah's\Desktop\Desktop Client2014-04-16 09:41 - 2013-11-28 23:30 - 00000000 ____D () C:\Users\Isaiah's2014-04-14 13:24 - 2013-11-29 22:54 - 00000000 ____D () C:\Program Files (x86)\StarCraft II2014-04-14 05:58 - 2014-04-14 05:58 - 37400880 _____ (Curse) C:\Users\Isaiah's\Downloads\CurseClientSetup_Gn39.exe2014-04-12 23:42 - 2014-04-12 18:36 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software2014-04-12 23:28 - 2014-04-12 23:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee2014-04-12 23:27 - 2014-04-12 18:31 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Screaming Bee2014-04-12 23:18 - 2014-04-12 18:36 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.1.txt2014-04-12 23:10 - 2014-04-12 23:10 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Avnex2014-04-12 23:00 - 2014-04-12 22:54 - 00000024 _____ () C:\Users\Isaiah's\Desktop\Kelias number.txt2014-04-12 18:46 - 2014-04-12 18:36 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.4.txt2014-04-12 18:46 - 2014-04-12 18:36 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.3.txt2014-04-12 18:45 - 2014-04-12 18:36 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.5.txt2014-04-12 18:44 - 2014-04-12 18:36 - 00000919 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.6.txt2014-04-12 18:40 - 2014-04-12 18:36 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.2.txt2014-04-12 18:36 - 2014-04-12 18:36 - 00001181 _____ () C:\Users\Isaiah's\AppData\Roaming\trace_FilterInstaller.7.txt2014-04-12 18:36 - 2014-04-12 18:36 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\NCH Software2014-04-12 18:36 - 2014-04-12 18:36 - 00000000 ____D () C:\ProgramData\NCH Software2014-04-12 18:34 - 2013-12-25 22:03 - 00001901 _____ () C:\Users\Isaiah's\Desktop\Clownfish.lnk2014-04-12 14:07 - 2014-01-19 01:10 - 00000000 ____D () C:\Users\Isaiah's\Documents\BIS Core Engine2014-04-12 12:15 - 2014-04-12 12:15 - 00000000 ____D () C:\Users\Isaiah's\.ss22014-04-12 10:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache2014-04-10 20:20 - 2014-04-10 20:18 - 27997568 _____ (Wireshark development team) C:\Users\Isaiah's\Downloads\Wireshark-win64-1.10.6.exe2014-04-09 10:02 - 2014-04-09 10:02 - 00000000 _____ () C:\Users\Isaiah's\Desktop\BATTLE SCARS LEGENDARY SONG.txt2014-04-08 23:35 - 2013-11-29 11:36 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-04-08 23:35 - 2013-11-29 11:36 - 00000000 ____D () C:\Windows\system32\MRT2014-04-05 02:02 - 2013-12-08 23:22 - 00000000 ____D () C:\Users\Isaiah's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games2014-04-05 01:57 - 2013-11-29 11:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-04-03 13:47 - 2014-04-03 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit2014-04-03 13:33 - 2014-04-03 13:33 - 00715038 _____ () C:\Windows\unins000.exe2014-04-03 13:33 - 2014-04-03 13:33 - 00001995 _____ () C:\Windows\unins000.dat2014-04-03 13:30 - 2014-04-03 13:30 - 03874080 _____ (ExKode Co. Ltd. ) C:\Users\Isaiah's\Downloads\DxtorySetup2.0.126.exe2014-04-03 13:30 - 2014-04-03 13:30 - 00000000 ____D () C:\Program Files (x86)\ExKode2014-04-03 13:20 - 2014-04-03 13:30 - 00000000 ____D () C:\Users\Isaiah's\AppData\Local\Dxtory Software2014-04-03 13:20 - 2014-04-03 13:20 - 00001182 _____ () C:\Users\Isaiah's\Desktop\Dxtory.lnk2014-04-03 13:20 - 2014-04-03 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.02014-04-03 13:20 - 2014-04-03 13:20 - 00000000 ____D () C:\Program Files (x86)\Dxtory Software2014-04-03 13:17 - 2014-04-03 13:17 - 04135551 _____ (Dxtory Software ) C:\Users\Isaiah's\Downloads\DxtorySetup2.0.122.exe2014-04-03 13:14 - 2014-04-03 13:14 - 00000184 _____ () C:\Users\Isaiah's\Downloads\Dxtory.dxtorylic2014-04-03 13:04 - 2014-03-27 00:27 - 00000000 ____D () C:\Program Files (x86)\OBS2014-04-03 13:01 - 2013-12-04 22:08 - 00001623 _____ () C:\Users\Public\Desktop\Combat Arms.lnk2014-04-02 23:37 - 2013-12-25 22:20 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4072817583-1142088816-480465609-1000UA2014-04-02 23:37 - 2013-12-25 22:20 - 00003500 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4072817583-1142088816-480465609-1000Core==================== Bamital & volsnap Check =================C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legitLastRegBack: 2014-04-29 18:03==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 3, 2014 Root Admin ID:826424 Share Posted May 3, 2014 No I meant combofix but thought I'd already asked you to use before but I see I did not. (sorry about that) I'm going to be on the road for a bit but will check back on you later tonight if I can. Please go ahead and post the log when ready. Please visit this webpage and read the ComboFix User's Guide:Once you've read the article and are ready to use the program you can download it directly from the link below. Important! - Please make sure you save combofix to your desktop and do not run it from your browser Direct download link for: ComboFix.exe Please make sure you disable your security applications before running ComboFix. Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load. Please attach that log file to your next reply. If needed the file can be located here: C:\combofix.txt NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer. Link to post Share on other sites More sharing options...
Zygapop Posted May 3, 2014 Author ID:826442 Share Posted May 3, 2014 It's quite fine. Here's the combofix logs.ComboFix 14-04-30.01 - Isaiah's 05/02/2014 21:15:54.2.4 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8130.6674 [GMT -5:00]Running from: c:\users\Isaiah's\Desktop\ComboFix.exeSP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((( Files Created from 2014-04-03 to 2014-05-03 )))))))))))))))))))))))))))))))..2014-05-03 02:17 . 2014-05-03 02:17 -------- d-----w- c:\users\Public\AppData\Local\temp2014-05-01 01:08 . 2014-05-01 01:08 -------- d-----w- c:\program files (x86)\Tweaking.com2014-05-01 01:02 . 2014-05-02 22:02 -------- d-----w- c:\windows\system32\catroot22014-05-01 00:58 . 2014-05-01 01:04 181064 ----a-w- c:\windows\PSEXESVC.EXE2014-05-01 00:56 . 2014-05-01 00:56 -------- d-----w- C:\RegBackup2014-04-29 13:48 . 2014-04-30 14:43 291760 ----a-w- c:\windows\SysWow64\PnkBstrB.exe2014-04-29 13:48 . 2014-04-29 13:48 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe2014-04-29 13:48 . 2014-04-29 13:48 -------- d-----w- c:\users\Isaiah's\AppData\Local\Ubisoft2014-04-28 19:58 . 2014-04-28 19:58 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys2014-04-28 17:17 . 2014-04-28 17:17 -------- d-----w- c:\program files (x86)\ERUNT2014-04-28 14:13 . 2014-04-28 14:13 -------- d-----w- c:\windows\ERUNT2014-04-28 14:11 . 2014-04-28 14:11 -------- d-----w- c:\program files (x86)\ESET2014-04-28 14:07 . 2014-04-28 14:07 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2014-04-23 23:47 . 2014-04-28 14:33 -------- d-----w- c:\program files (x86)\Cheat Engine 6.32014-04-23 21:03 . 2014-05-03 01:48 -------- d-----w- C:\FRST2014-04-22 21:33 . 2014-04-22 21:33 -------- d-----w- c:\users\Isaiah's\AppData\Roaming\Curse Advertising2014-04-22 21:33 . 2014-04-23 20:54 -------- d-----w- c:\users\Isaiah's\AppData\Roaming\Curse Client2014-04-22 21:32 . 2014-04-22 21:32 -------- d-----w- c:\users\Isaiah's\AppData\Roaming\Curse2014-04-16 14:41 . 2014-04-30 17:52 -------- d-----w- c:\users\Isaiah's\RecklessPk2014-04-13 04:27 . 2014-04-13 04:27 -------- d-----w- c:\program files (x86)\Common Files\Screaming Bee2014-04-13 04:10 . 2014-04-13 04:10 -------- d-----w- c:\users\Isaiah's\AppData\Roaming\Avnex2014-04-13 04:09 . 2008-12-26 17:56 21504 ----a-w- c:\windows\system32\drivers\vcsvad.sys2014-04-12 23:36 . 2014-04-12 23:36 -------- d-----w- c:\users\Isaiah's\AppData\Roaming\NCH Software2014-04-12 23:36 . 2014-04-12 23:36 -------- d-----w- c:\programdata\NCH Software2014-04-12 23:36 . 2014-04-22 02:14 -------- d-----w- c:\program files (x86)\NCH Software2014-04-12 23:31 . 2014-04-13 04:27 -------- d-----w- c:\users\Isaiah's\AppData\Roaming\Screaming Bee2014-04-12 17:15 . 2014-04-12 17:15 -------- d-----w- c:\users\Isaiah's\.ss22014-04-05 07:00 . 2000-06-23 19:06 192000 ----a-w- c:\windows\SysWow64\iac2d20d.rra2014-04-05 07:00 . 2000-06-23 19:05 136704 ----a-w- c:\windows\SysWow64\iacenc.dll2014-04-05 07:00 . 2000-06-23 15:36 745984 ----a-w- c:\windows\SysWow64\ir50d21d.rra2014-04-05 07:00 . 2000-06-22 23:11 145408 ----a-w- c:\windows\SysWow64\Ivfsd25b.rra2014-04-05 07:00 . 2000-06-22 18:09 56320 ----a-w- c:\windows\SysWow64\iyvu9_32.dll2014-04-03 18:33 . 2014-04-03 18:33 715038 ----a-w- c:\windows\unins000.exe2014-04-03 18:33 . 2011-12-08 00:37 148992 ----a-w- c:\windows\system32\lagarith.dll2014-04-03 18:33 . 2011-12-08 00:32 216064 ----a-w- c:\windows\SysWow64\lagarith.dll2014-04-03 18:30 . 2014-04-03 18:20 -------- d-----w- c:\users\Isaiah's\AppData\Local\Dxtory Software2014-04-03 18:30 . 2014-04-03 18:30 -------- d-----w- c:\program files (x86)\ExKode2014-04-03 18:20 . 2014-04-03 18:20 -------- d-----w- c:\program files (x86)\Dxtory Software2014-04-03 18:20 . 2013-02-16 03:44 8300544 ----a-w- c:\windows\SysWow64\DxtoryCodec.dll2014-04-03 18:20 . 2013-02-16 03:44 8043008 ----a-w- c:\windows\system32\DxtoryCodec.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2014-05-01 05:39 . 2014-02-09 05:26 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2014-04-30 14:43 . 2014-01-17 04:32 291760 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr2014-04-30 14:33 . 2014-01-16 06:17 291488 ----a-w- c:\windows\SysWow64\PnkBstrB.ex02014-04-29 05:34 . 2013-11-29 23:49 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2014-04-29 05:34 . 2013-11-29 23:49 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2014-04-09 04:35 . 2013-11-29 16:36 90655440 ----a-w- c:\windows\system32\MRT.exe2014-03-04 09:17 . 2014-04-08 23:11 44032 ----a-w- c:\windows\apppatch\acwow64.dll2014-02-07 01:23 . 2014-03-12 17:46 3156480 ----a-w- c:\windows\system32\win32k.sys2014-02-04 02:32 . 2014-03-12 17:45 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll2014-02-04 02:32 . 2014-03-12 17:45 624128 ----a-w- c:\windows\system32\qedit.dll2014-02-04 02:04 . 2014-03-12 17:45 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll2014-02-04 02:04 . 2014-03-12 17:45 509440 ----a-w- c:\windows\SysWow64\qedit.dll2013-02-26 06:34 . 2013-02-26 06:34 68792 ----a-w- c:\program files\fraps64.dat2013-02-26 06:34 . 2013-02-26 06:34 2547384 ----a-w- c:\program files\fraps.exe2013-02-26 06:34 . 2013-02-26 06:34 234168 ----a-w- c:\program files\fraps32.dll2013-02-26 06:34 . 2013-02-26 06:34 186552 ----a-w- c:\program files\fraps64.dll2013-02-26 06:30 . 2013-02-26 06:30 140288 ----a-w- c:\program files\frapslcd.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]"Gyazo"="c:\program files (x86)\Gyazo\GyStation.exe" [2013-10-31 2990304]"CyberGhost"="c:\program files\CyberGhost 5\CyberGhost.EXE" [2013-10-08 344552]"Akamai NetSession Interface"="c:\users\Isaiah's\AppData\Local\Akamai\netsession_win.exe" [2014-04-18 4672920]"WhatPulse"="c:\program files (x86)\WhatPulse2\whatpulse.exe" [2013-12-12 3126272]"Overwolf"="c:\program files (x86)\Overwolf\Overwolf.exe" [2014-01-31 37632]"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-11 20924064].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-09-12 766208]"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-01-21 811792]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904].c:\users\Isaiah's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk - c:\users\Isaiah's\AppData\Roaming\Curse Client\Bin\Curse.exe /startup [2014-4-21 8517896].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2013-11-29 846848].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 0 (0x0)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableLUA"= 0 (0x0)"EnableUIADesktopToggle"= 0 (0x0)"PromptOnSecureDesktop"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 OutfoxTvService;OutfoxTvService;c:\program files\OutfoxTV\OutfoxTvService.exe;c:\program files\OutfoxTV\OutfoxTvService.exe [x]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]R3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]R3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]S1 netfilter64;netfilter64;c:\windows\system32\drivers\netfilter64.sys;c:\windows\SYSNATIVE\drivers\netfilter64.sys [x]S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]S2 CGVPNCliService;CyberGhost VPN 5 Client Service;c:\program files\CyberGhost 5\Service.exe;c:\program files\CyberGhost 5\Service.exe [x]S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]S3 e1dexpress;Intel® PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys;c:\windows\SYSNATIVE\DRIVERS\vcsvad.sys [x]..Contents of the 'Scheduled Tasks' folder.2014-05-03 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-29 05:34].2014-05-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4072817583-1142088816-480465609-1000Core.job- c:\users\Isaiah's\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-26 03:20].2014-05-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4072817583-1142088816-480465609-1000UA.job- c:\users\Isaiah's\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-26 03:20]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-08-19 7202520].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = <local>Trusted Zone: aeriagames.comTCP: DhcpNameServer = 192.168.1.1FF - ProfilePath - c:\users\Isaiah's\AppData\Roaming\Mozilla\Firefox\Profiles\ngv22fj8.default\.- - - - ORPHANS REMOVED - - - -.AddRemove-Fraps - c:\program files\uninstall.exe...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-4072817583-1142088816-480465609-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]@Allowed: (Read) (RestrictedCode).[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\.Completion time: 2014-05-02 21:18:28ComboFix-quarantined-files.txt 2014-05-03 02:18.Pre-Run: 10,176,708,608 bytes freePost-Run: 10,121,609,216 bytes free.- - End Of File - - 85141314CA845CFA937997E81174DE9EA36C5E4F47E84449FF07ED3517B43A31 Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 3, 2014 Root Admin ID:826463 Share Posted May 3, 2014 Okay that looks pretty good too. Now that AVG is gone and it looks like it was probably interfering with previous scans let me have you run through all of them again just to make sure we've got things cleaned up. I'm going to be out of town all day tomorrow at a car show but will try to check back with you on Sunday if I can. Please go ahead and run through the following steps and post back the logs when ready. STEP 04Please download Junkware Removal Tool to your desktop.Shutdown your antivirus to avoid any conflicts.Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.The tool will open and start scanning your system.Please be patient as this can take a while to complete.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next reply messageWhen completed make sure to re-enable your antivirusSTEP 05Lets clean out any adware now: (this will require a reboot so save all your work)Please download AdwCleaner by Xplode and save to your Desktop.Double click on AdwCleaner.exe to run the tool.Vista/Windows 7/8 users right-click and select Run As AdministratorClick on the Scan button.AdwCleaner will begin...be patient as the scan may take some time to complete.When it's done you'll see: Pending: Please uncheck elements you don't want removed.Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.Look over the log especially under Files/Folders for any program you want to save.If there's a program you may want to save, just uncheck it from AdwCleaner.If you're not sure, post the log for review. (all items found are adware/spyware/foistware)If you're ready to clean it all up.....click the Clean button.After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.Copy and paste the contents of that logfile in your next reply.A copy of that logfile will also be saved in the C:\AdwCleaner folder.Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\QuarantineTo restore an item that has been deleted:Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.STEP 06Please open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... linkOpen up Malwarebytes > Settings > Detection and Protection > Under Non Malware Protection set both PUP and PUM to Treat detections as malware.Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.STEP 07Please go here to run the online antivirus scannner from ESET.Turn off the real time scanner of any existing antivirus program while performing the online scanTick the box next to YES, I accept the Terms of Use.Click StartWhen asked, allow the activex control to installClick StartMake sure that the option Remove found threats is untickedClick on Advanced Settings and ensure these options are ticked:Scan for potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth TechnologyClick ScanWait for the scan to finishIf any threats were found, click the 'List of found threats' , then click Export to text file....Save it to your desktop, then please copy and paste that log as a reply to this topic.STEP 08Please download the Farbar Recovery Scan Tool and save it to your desktop.Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bitDouble-click to run it. When the tool opens click Yes to disclaimer.Press the Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well. Link to post Share on other sites More sharing options...
Zygapop Posted May 3, 2014 Author ID:826485 Share Posted May 3, 2014 Here are the logs you wanted. Also earlier when we first started MBAR wouldn't run. Did you want to try that again or did it not matter? was just curious. And also i attached FRST as it was a tiny bit big.And it's perfectly fine. Safe travels to the car show and have fun! I quite enjoy old car shows and just cars in general.# AdwCleaner v3.205 - Report created 03/05/2014 at 03:09:32# Updated 28/04/2014 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Isaiah's - ISAIAHS-PC# Running from : C:\Users\Isaiah's\Desktop\AdwCleaner(1).exe# Option : Clean***** [ Services ] ********** [ Files / Folders ] ********** [ Shortcuts ] ********** [ Registry ] ********** [ Browsers ] *****-\\ Internet Explorer v11.0.9600.17041-\\ Mozilla Firefox v28.0 (en-US)[ File : C:\Users\Isaiah's\AppData\Roaming\Mozilla\Firefox\Profiles\ngv22fj8.default\prefs.js ]*************************AdwCleaner[R0].txt - [10500 octets] - [25/02/2014 18:34:20]AdwCleaner[R1].txt - [2185 octets] - [28/04/2014 09:18:17]AdwCleaner[R2].txt - [2245 octets] - [28/04/2014 09:18:42]AdwCleaner[R3].txt - [1087 octets] - [03/05/2014 03:09:00]AdwCleaner[s0].txt - [9980 octets] - [25/02/2014 18:36:04]AdwCleaner[s1].txt - [2340 octets] - [28/04/2014 09:19:30]AdwCleaner[s2].txt - [1009 octets] - [03/05/2014 03:09:32]########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1069 octets] ##########------------------------------------ESET (I didn't remove anything)C:\Users\Isaiah's\AppData\Local\CRE\haagkflomlmpdjaojgbeljnkkohbbegb.crx a variant of Win32/Toolbar.Conduit.AA potentially unwanted applicationC:\Windows\Installer\c5797b.msi Win32/AdWare.Adpeak.B application--------------------------------------------------------------------------~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.4 (04.06.2014:1)OS: Windows 7 Home Premium x64Ran by Isaiah's on Sat 05/03/2014 at 3:05:00.65~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry Values~~~ Registry Keys~~~ Files~~~ Folders~~~ FireFoxEmptied folder: C:\Users\Isaiah's\AppData\Roaming\mozilla\firefox\profiles\ngv22fj8.default\minidumps [3 files]~~~ Event Viewer Logs were cleared~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Sat 05/03/2014 at 3:07:07.80End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~----------------------------------------------------Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.orgDatabase version: v2014.05.03.02Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.17041Isaiah's :: ISAIAHS-PC [administrator]5/3/2014 3:12:40 AMmbam-log-2014-05-03 (03-12-40).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2PScan options disabled:Objects scanned: 324288Time elapsed: 1 minute(s), 18 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end) FRST.txt Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 4, 2014 Root Admin ID:826979 Share Posted May 4, 2014 I'd like to have your remove the 1.75 version of MBAM and install the latest 2 version. There is a new beta build as well I'd like you to use for the installer please. Please try the following MBAM Clean Removal Process 2xPlease try installing the new beta which has corrected some previously reported issues: - Malwarebytes Anti-Malware 2.0.2 Public BetaIf that does not correct the issue then please read the following and post back the requested logs. - Diagnostic LogsNOTE: There is an FAQ section with valuable information located here: - Common Questions, Issues, and their Solutions After you get it installed, updated then please run a scan with it. Also enable the Anti-Rootkit scan as part of the scan. Please open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... linkOpen up Malwarebytes > Settings > Detection and Protection > Under Non Malware Protection set both PUP and PUM to Treat detections as malware.Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply. Link to post Share on other sites More sharing options...
Zygapop Posted May 4, 2014 Author ID:827014 Share Posted May 4, 2014 Here are the logs. I did another scan with rootkits since i forgot to enable them this time and it found nothing. I apologize for that.Also, i currently have no anti virus. And i do not want to reinstall AVG after that. Any suggestions?Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 5/4/2014Scan Time: 4:52:34 PMLogfile:Administrator: YesVersion: 2.00.2.1009Malware Database: v2014.05.04.09Rootkit Database: v2014.03.27.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: DisabledOS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: Isaiah'sScan Type: Threat ScanResult: CompletedObjects Scanned: 344980Time Elapsed: 2 min, 16 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 0(No malicious items detected)Modules: 0(No malicious items detected)Registry Keys: 4PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EE0C9EF1-B2AD-407B-9707-0124CC9BF85E}, Quarantined, [abbee865b3c8a98dee1f1d0561a14ab6],PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\CLASSES\TypeLib\{5530C971-3D8F-471B-AC49-4CC23FA955E2}, Quarantined, [e1884904d4a7ca6ccd4074aec93941bf],PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EE0C9EF1-B2AD-407B-9707-0124CC9BF85E}, Quarantined, [e1884904d4a7ca6ccd4074aec93941bf],PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TypeLib\{5530C971-3D8F-471B-AC49-4CC23FA955E2}, Quarantined, [6aff6de00d6e320417f641e18c764db3],Registry Values: 0(No malicious items detected)Registry Data: 0(No malicious items detected)Folders: 0(No malicious items detected)Files: 0(No malicious items detected)Physical Sectors: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 5, 2014 Root Admin ID:827109 Share Posted May 5, 2014 Please take a look at avast antivirus which has a free for home use version. http://filehippo.com/download_avast_antivirus/ Install that, update it, and then do a scan with it and let me know if it finds anything or not. Link to post Share on other sites More sharing options...
Zygapop Posted May 5, 2014 Author ID:827120 Share Posted May 5, 2014 Installed it, Updated it, and scanned. Absolutely nothing was found at all.Also a side note my computer is loading up about 6 seconds faster and alot of things are smoother. I think avg was locking my computer down really hard. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 5, 2014 Root Admin ID:827126 Share Posted May 5, 2014 How is the computer running now?Are there still any signs of an infection? Please download Security Check by screen317 from HERE or HERE.Save it to your Desktop. Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box. If you get Unsupported operating system. Aborting now, just reboot and try again. A Notepad document should open automatically called checkup.txt. Please Post the contents of that document. Do Not Attach It!!! Link to post Share on other sites More sharing options...
Zygapop Posted May 5, 2014 Author ID:827237 Share Posted May 5, 2014 The computer is running alot faster, alot smoother and better in general.There's really not much at all. My clock is still not synchronizing properly but i feel now that it's something to do with my computer itself.The windows updates went through perfectly fine, and the computer shuts down without hesitation.I still have UAC turned off. i fear if i turn it back on i will get a ton of "consent.exe" which was locking up my computer from the beginning. Should i try it? or is it fine to leave off?Also, restore points are now saving. None were saving beforehand which i think i forgot to mention.Here's the security check.Results of screen317's Security Check version 0.99.82 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 55 Adobe Flash Player 13.0.0.206 Adobe Reader XI Mozilla Firefox (28.0) Google Chrome 34.0.1847.131 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 13% Defragment your hard drive soon! (Do NOT defrag if SSD!)````````````````````End of Log`````````````````````` Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 6, 2014 Root Admin ID:827462 Share Posted May 6, 2014 Normally I would recommend that you leave the UAC enabled as it helps to ensure that you're aware of changes that are being made that can affect the entire system. For time synchronization you might be interested in this utilityAtomic Clock Sync At this time there are no more signs of an infection on your system.However if you are still seeing any signs of an infection please let me know.Let's go ahead and remove the tools and logs we've used during this process.Most of the tools used are potentially dangerous to use unsupervised or if ran at the wrong time.They are often updated daily so if you went to use them again in the future they would be outdated anyways.The following procedures will implement some cleanup procedures to remove these tools. Download Delfix from here and save it to your desktop. (you may already have this)Ensure Remove disinfection tools is checked.Click the Run button.RebootAny other programs or logs that are still remaining, you can manually delete. (right click.....Delete)IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST folder, FRST-OlderVersion folder, MBAR folder, etc....AdwCleaner > just run the program and click uninstall.Note:If you used FRST and can't delete the quarantine folder:Download the fixlist.txt to the same folder as FRST.exe.Run FRST.exe and click Fix only once and waitThat will delete the quarantine folder created by FRST.The rest you can manually delete. If there are any other left over Folders, Files, Logs then you can delete them on your own. Please visit the following link to see how to delete old System Restore Points. Please delete all of them and create a new one at this time.How to Delete System Protection Restore Points in Windows 7 and Windows 8Remove all but the most recent Restore Point on Windows XPAs Java seems to get exploited on a regular basis I advise not using Java if possible but to at least disable java in your web browsersHow do I disable Java in my web browser? - Disable JavaA lot of reading here but if you take the time to read a bit of it you'll see why/how infections and general damage are so easily inflicted on the computer. There is also advice on how to prevent it and keep the system working well. Don't forget about good, solid backups of your data to an external drive that is not connected except when backing up your data. If you leave a backup drive connected and you do get infected it can easily damage, encrypt, delete, or corrupt your backups as well and then you'd lose all data.Nothing is 100% bulletproof but with a little bit of education you can certainly swing things in your favor.How Malware Spreads - How did I get infectedBest Practices for Safe Computing - Prevention of Malware InfectionAvoiding those unwanted free applicationsA close look at how Oracle installs deceptive software with Java updatesIAC / Ask.com toolbarsMalwarebytes Unpacked BlogIf you're not currently using Malwarebytes Premium then you may want to consider purchasing the product which can also help greatly reduce the risk of a future infection. Link to post Share on other sites More sharing options...
Zygapop Posted May 7, 2014 Author ID:827768 Share Posted May 7, 2014 Thank you so much. My computer is running so much more faster after all this and the problems are finally solved.IF i could i would definitely buy malwarebytes premium. at the moment i can't and i will definitely read all the topics.If there's anything else you want to tell me about than alrighty but if not i guess this is the end of the road.Thank you again! Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 8, 2014 Root Admin ID:827929 Share Posted May 8, 2014 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts