BSOD > Win64/alureon.!genA > Did I beat it?

[cloud77]

I ran adwcleaner, that deleted some content from my files and registry. I might have jumped to this step in advance, but malwarebytes says I have a clean system. I have been getting BSOD errors, but non so far on this log in.

Here is my report from farbar:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2014

Ran by Greg (administrator) on GREG-PC on 24-06-2014 20:18:56

Running from C:\Users\Greg\Desktop

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe

(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 1999-12-31] (Realtek Semiconductor)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)

HKLM-x32\...\Run: [biosNotice] => C:\Program Files (x86)\BIOSTAR\BiosNotice\BiosNotice.exe [1003008 2010-10-13] ()

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)

HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_ActiveX.exe [847536 2014-05-13] (Adobe Systems Incorporated)

HKU\S-1-5-21-3212570639-3084305247-146173427-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-06-19] (Raptr, Inc)

HKU\S-1-5-21-3212570639-3084305247-146173427-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

HKU\S-1-5-21-3212570639-3084305247-146173427-1000\...\MountPoints2: {b17e71ff-a0fb-11e3-a7b3-806e6f6e6963} - D:\atisetup.exe

HKU\S-1-5-21-3212570639-3084305247-146173427-1000\...\MountPoints2: {dcb929a4-a162-11e3-ad17-003067bdf54b} - E:\setup.exe -a

HKU\S-1-5-21-3212570639-3084305247-146173427-1000\...\MountPoints2: {edf13978-eab5-11e3-99bd-003067bdf54b} - E:\VZW_Software_upgrade_assistant.exe

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}

SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKLM-x32 - DefaultScope value is missing.

SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}

SearchScopes: HKCU - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}

SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}

SearchScopes: HKCU - {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL =

BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:

========

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

==================== Services (Whitelisted) =================

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 BS_I2cIo; C:\Windows\system32\drivers\BS_I2c64.sys [15408 2010-05-17] (BIOSTAR Group)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)

R1 MpKsla964e8ab; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D13837B2-87A7-4F2F-9E79-67ABFBA1AF6C}\MpKsla964e8ab.sys [45352 2014-06-24] (Microsoft Corporation)

R1 MpKslb1fada7c; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D13837B2-87A7-4F2F-9E79-67ABFBA1AF6C}\MpKslb1fada7c.sys [45352 2014-06-24] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)

S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-06-24] ()

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-24 20:18 - 2014-06-24 20:19 - 00007539 _____ () C:\Users\Greg\Desktop\FRST.txt

2014-06-24 20:00 - 2014-06-24 20:00 - 00274216 _____ () C:\Windows\Minidump\062414-41387-01.dmp

2014-06-24 19:54 - 2014-06-24 20:18 - 00000000 ____D () C:\FRST

2014-06-24 19:54 - 2014-06-24 19:54 - 02082816 _____ (Farbar) C:\Users\Greg\Desktop\FRST64.exe

2014-06-24 19:42 - 2014-06-24 19:42 - 00854390 _____ () C:\Users\Greg\Desktop\SecurityCheck.exe

2014-06-24 19:34 - 2014-06-24 19:36 - 00000000 ____D () C:\AdwCleaner

2014-06-24 19:33 - 2014-06-24 19:34 - 01342659 _____ () C:\Users\Greg\Desktop\adwcleaner_3.213.exe

2014-06-24 19:33 - 2014-06-24 19:33 - 01342659 _____ () C:\Users\Greg\Downloads\adwcleaner_3.213.exe

2014-06-22 18:54 - 2014-06-22 18:54 - 00264496 _____ () C:\Windows\Minidump\062214-22557-01.dmp

2014-06-22 00:30 - 2014-06-22 00:30 - 00000000 _____ () C:\Windows\system32\config\SOFTWAREa76e44bb

2014-06-21 22:41 - 2014-06-22 00:26 - 00000000 ____D () C:\Windows\Microsoft Antimalware

2014-06-21 20:40 - 2014-06-24 20:02 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-06-21 19:41 - 2014-06-21 19:59 - 00000000 ____D () C:\Users\Greg\Desktop\decaf

2014-06-21 19:32 - 2014-06-21 19:32 - 00860176 _____ (Microsoft Corporation) C:\Users\Greg\Desktop\mssstool32.exe

2014-06-21 19:26 - 2014-06-21 19:26 - 00274216 _____ () C:\Windows\Minidump\062114-32635-01.dmp

2014-06-21 18:53 - 2014-06-21 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-06-21 18:52 - 2014-06-21 18:52 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-06-21 18:52 - 2014-06-21 18:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-06-21 18:38 - 2014-06-21 18:38 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-21 18:38 - 2014-06-21 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-06-21 18:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-06-21 18:38 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-06-21 18:38 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-06-21 18:37 - 2014-06-21 18:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-06-21 18:06 - 2014-06-21 18:06 - 00001945 _____ () C:\Windows\epplauncher.mif

2014-06-21 18:05 - 2014-06-21 18:05 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2014-06-21 18:04 - 2014-06-21 18:05 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2014-06-21 18:04 - 2014-06-21 18:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client

2014-06-21 17:50 - 2014-06-21 17:50 - 02935356 _____ () C:\Users\Greg\Documents\msinfo32.nfo

2014-06-21 17:50 - 2014-06-21 17:50 - 00104668 _____ () C:\Users\Greg\Documents\msinfo32.zip

2014-06-21 16:50 - 2014-06-21 16:50 - 00000000 ____D () C:\NPE

2014-06-20 16:23 - 2014-06-20 16:23 - 00274216 _____ () C:\Windows\Minidump\062014-21964-01.dmp

2014-06-19 22:41 - 2014-06-19 22:41 - 00274216 _____ () C:\Windows\Minidump\061914-27284-01.dmp

2014-06-19 21:54 - 2014-06-19 21:54 - 00274216 _____ () C:\Windows\Minidump\061914-28813-01.dmp

2014-06-17 21:37 - 2014-06-17 21:37 - 00000000 ____D () C:\ProgramData\ATI

2014-06-17 21:34 - 2014-06-17 21:34 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved

2014-06-17 21:34 - 2014-06-17 21:34 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\library_dir

2014-06-17 21:31 - 2014-06-24 20:03 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Raptr

2014-06-17 21:31 - 2014-06-21 15:48 - 00000000 ____D () C:\Program Files (x86)\Raptr

2014-06-17 21:30 - 2014-06-17 21:30 - 00061828 _____ () C:\Windows\SysWOW64\CCCInstall_201406172130355518.log

2014-06-17 21:30 - 2014-06-17 21:30 - 00000000 ____D () C:\Program Files (x86)\AMD AVT

2014-06-17 21:29 - 2014-06-17 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center

2014-06-17 21:26 - 2014-06-17 21:26 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies

2014-06-17 20:55 - 2014-06-17 21:23 - 269338400 _____ (AMD Inc.) C:\Users\Greg\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe

2014-06-16 20:57 - 2014-06-17 21:29 - 00000000 ____D () C:\Program Files\ATI Technologies

2014-06-16 19:50 - 2014-06-16 19:50 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe

2014-06-16 19:50 - 2014-06-16 19:50 - 00000000 ____D () C:\Users\Default\AppData\Local\SlimWare Utilities Inc

2014-06-16 19:50 - 2014-06-16 19:50 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe

2014-06-16 19:50 - 2014-06-16 19:50 - 00000000 ____D () C:\Users\Default User\AppData\Local\SlimWare Utilities Inc

2014-06-16 19:49 - 2014-06-16 19:49 - 00274216 _____ () C:\Windows\Minidump\061614-36847-01.dmp

2014-06-16 18:14 - 2014-06-16 18:14 - 00274216 _____ () C:\Windows\Minidump\061614-31122-01.dmp

2014-06-14 19:37 - 2014-06-14 19:37 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM

2014-06-14 19:37 - 2014-06-14 19:37 - 00000000 ____D () C:\Program Files\Realtek

2014-06-14 19:36 - 1999-12-31 20:00 - 02825432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll

2014-06-14 19:36 - 1999-12-31 20:00 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll

2014-06-14 19:36 - 1999-12-31 20:00 - 01958616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl

2014-06-14 19:36 - 1999-12-31 20:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll

2014-06-14 19:36 - 1999-12-31 20:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll

2014-06-14 19:36 - 1999-12-31 20:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll

2014-06-14 19:36 - 1999-12-31 20:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll

2014-06-14 19:36 - 1999-12-31 20:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys

2014-06-14 19:35 - 1999-12-31 20:00 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 02037336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 01033304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT

2014-06-14 19:35 - 1999-12-31 20:00 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 00065112 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld64.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 00060504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn64.dll

2014-06-14 19:35 - 1999-12-31 20:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll

2014-06-14 19:34 - 1999-12-31 20:00 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll

2014-06-14 19:34 - 1999-12-31 20:00 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll

2014-06-14 19:34 - 1999-12-31 20:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll

2014-06-14 19:34 - 1999-12-31 20:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll

2014-06-14 19:16 - 2010-12-29 04:45 - 00074272 _____ () C:\Windows\system32\RtNicProp64.dll

2014-06-14 19:04 - 2014-06-24 20:02 - 00002832 _____ () C:\Windows\System32\Tasks\SlimDrivers Startup

2014-06-14 19:04 - 2014-06-24 20:02 - 00000408 _____ () C:\Windows\Tasks\SlimDrivers Startup.job

2014-06-14 19:03 - 2014-06-24 20:01 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys

2014-06-14 19:03 - 2014-06-14 19:03 - 00000000 ____D () C:\Users\Greg\AppData\Local\SlimWare Utilities Inc

2014-06-14 19:02 - 2014-06-14 19:02 - 00002467 _____ () C:\Users\Public\Desktop\SlimDrivers.lnk

2014-06-14 19:02 - 2014-06-14 19:02 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers

2014-06-14 18:52 - 2014-06-14 18:52 - 00274216 _____ () C:\Windows\Minidump\061414-44709-01.dmp

2014-06-14 10:47 - 2014-06-14 10:47 - 00274216 _____ () C:\Windows\Minidump\061414-32822-01.dmp

2014-06-13 23:32 - 2014-06-13 23:32 - 00274216 _____ () C:\Windows\Minidump\061314-31855-01.dmp

2014-06-13 19:21 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-13 19:21 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-13 19:21 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-06-13 19:21 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-13 19:21 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-13 19:21 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-06-13 19:21 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-06-13 19:21 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-13 19:21 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-06-13 19:21 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-06-13 19:21 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-13 19:21 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-06-13 19:21 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-06-13 19:21 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-06-13 19:21 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-06-13 19:21 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-13 19:21 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-13 19:21 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-06-13 19:21 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-06-13 19:21 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-06-13 19:21 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-13 19:21 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-06-13 19:21 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-13 19:21 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-06-13 19:21 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-06-13 19:21 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-06-13 19:21 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-06-13 19:21 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-06-13 19:21 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-06-13 19:21 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-06-13 19:21 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-13 19:21 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-06-13 19:21 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-06-13 19:21 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-06-13 19:21 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-13 19:21 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-06-13 19:21 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-06-13 19:21 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-06-13 19:21 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-06-13 19:21 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-06-13 19:21 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-06-13 19:21 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-13 19:21 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-06-13 19:21 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-06-13 19:21 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-06-13 19:21 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-13 19:21 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-06-13 19:21 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-13 19:21 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-06-13 19:21 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-06-13 19:21 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-06-13 19:21 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-06-13 19:01 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2014-06-13 19:01 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

2014-06-13 19:01 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-06-13 19:01 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2014-06-13 19:01 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-06-13 19:01 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-06-13 19:01 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-06-13 19:01 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-06-13 19:01 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2014-06-13 19:01 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-06-13 19:01 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2014-06-13 19:01 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-06-13 19:01 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll

2014-06-13 19:01 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-06-13 18:54 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-13 18:54 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-10 19:15 - 2014-06-10 19:15 - 00274216 _____ () C:\Windows\Minidump\061014-31215-01.dmp

2014-06-08 21:22 - 2014-06-08 21:22 - 00274216 _____ () C:\Windows\Minidump\060814-23774-01.dmp

2014-06-07 13:26 - 2014-06-07 13:26 - 00274216 _____ () C:\Windows\Minidump\060714-24289-01.dmp

2014-06-06 17:46 - 2014-06-06 17:46 - 00274216 _____ () C:\Windows\Minidump\060614-29796-01.dmp

2014-06-06 16:40 - 2014-06-06 16:40 - 00274216 _____ () C:\Windows\Minidump\060614-29016-01.dmp

2014-06-05 22:55 - 2014-06-05 22:55 - 00274216 _____ () C:\Windows\Minidump\060514-39811-01.dmp

2014-06-05 14:34 - 2014-06-05 14:34 - 00274216 _____ () C:\Windows\Minidump\060514-25006-01.dmp

2014-06-04 21:02 - 2014-06-04 21:02 - 00274216 _____ () C:\Windows\Minidump\060414-45302-01.dmp

2014-06-02 20:36 - 2014-06-02 20:04 - 206624276 ____N () C:\Users\Greg\Desktop\20140602_200319.mp4

2014-06-02 20:35 - 2014-06-02 20:02 - 255598268 ____N () C:\Users\Greg\Desktop\20140602_200020.mp4

2014-06-02 20:31 - 2014-06-02 20:31 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

2014-05-31 17:41 - 2014-01-08 22:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2014-05-31 17:41 - 2014-01-03 18:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2014-05-31 17:23 - 2014-05-31 17:23 - 00274216 _____ () C:\Windows\Minidump\053114-30466-01.dmp

2014-05-31 15:05 - 2013-10-01 22:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys

2014-05-31 15:05 - 2013-10-01 22:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2014-05-31 15:05 - 2013-10-01 22:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2014-05-31 15:05 - 2013-10-01 21:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll

2014-05-31 15:05 - 2013-10-01 21:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll

2014-05-31 15:05 - 2013-10-01 21:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2014-05-31 15:05 - 2013-10-01 21:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll

2014-05-31 15:05 - 2013-10-01 20:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll

2014-05-31 15:05 - 2013-10-01 20:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll

2014-05-31 15:05 - 2013-10-01 20:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll

2014-05-31 15:05 - 2013-10-01 20:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

2014-05-31 15:05 - 2013-10-01 20:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe

2014-05-31 15:05 - 2013-10-01 19:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2014-05-31 15:05 - 2013-10-01 19:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe

2014-05-31 15:05 - 2013-10-01 19:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll

2014-05-31 15:05 - 2013-10-01 18:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe

2014-05-31 15:04 - 2012-08-23 10:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll

2014-05-31 15:04 - 2012-08-23 10:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys

2014-05-31 15:04 - 2012-08-23 10:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys

2014-05-31 15:04 - 2012-08-23 07:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll

2014-05-31 15:04 - 2012-08-23 06:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll

2014-05-31 14:56 - 2013-09-24 22:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll

2014-05-31 14:56 - 2013-09-24 21:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll

2014-05-31 14:56 - 2012-05-04 07:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll

2014-05-31 14:56 - 2012-05-04 05:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll

2014-05-28 18:36 - 2014-05-28 18:36 - 00274216 _____ () C:\Windows\Minidump\052814-54881-01.dmp

2014-05-27 18:25 - 2014-05-27 18:25 - 00274216 _____ () C:\Windows\Minidump\052714-27783-01.dmp

2014-05-26 19:07 - 2014-05-26 19:07 - 00274216 _____ () C:\Windows\Minidump\052614-33384-01.dmp

2014-05-26 14:02 - 2014-05-26 14:02 - 00274216 _____ () C:\Windows\Minidump\052614-66378-01.dmp

2014-05-25 22:45 - 2014-05-25 22:45 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe

2014-05-25 22:45 - 2014-05-25 22:45 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe

2014-05-25 22:45 - 2014-05-25 22:45 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe

2014-05-25 22:45 - 2014-05-25 22:45 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe

2014-05-25 22:44 - 2014-05-25 22:44 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe

2014-05-25 22:44 - 2014-05-25 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center

2014-05-25 22:43 - 2014-05-25 22:44 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center

2014-05-25 22:36 - 2014-05-25 22:36 - 00001190 _____ () C:\Users\Public\Desktop\Install Microsoft Mouse and Keyboard Center.lnk

2014-05-25 21:22 - 2014-05-25 21:22 - 00274216 _____ () C:\Windows\Minidump\052514-33540-01.dmp

2014-05-25 13:06 - 2014-05-25 13:06 - 00054600 _____ () C:\Windows\SysWOW64\CCCInstall_201405251306447699.log

2014-05-25 12:53 - 2014-05-25 12:53 - 00264496 _____ () C:\Windows\Minidump\052514-22854-01.dmp

2014-05-25 10:48 - 2014-05-25 10:48 - 00274216 _____ () C:\Windows\Minidump\052514-23493-01.dmp

==================== One Month Modified Files and Folders =======

2014-06-24 20:19 - 2014-06-24 20:18 - 00007539 _____ () C:\Users\Greg\Desktop\FRST.txt

2014-06-24 20:18 - 2014-06-24 19:54 - 00000000 ____D () C:\FRST

2014-06-24 20:15 - 2014-02-28 22:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-06-24 20:10 - 2009-07-14 00:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-06-24 20:10 - 2009-07-14 00:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-06-24 20:06 - 2014-02-28 21:47 - 01884862 _____ () C:\Windows\WindowsUpdate.log

2014-06-24 20:03 - 2014-06-17 21:31 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Raptr

2014-06-24 20:02 - 2014-06-21 20:40 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-06-24 20:02 - 2014-06-14 19:04 - 00002832 _____ () C:\Windows\System32\Tasks\SlimDrivers Startup

2014-06-24 20:02 - 2014-06-14 19:04 - 00000408 _____ () C:\Windows\Tasks\SlimDrivers Startup.job

2014-06-24 20:01 - 2014-06-14 19:03 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys

2014-06-24 20:00 - 2014-06-24 20:00 - 00274216 _____ () C:\Windows\Minidump\062414-41387-01.dmp

2014-06-24 20:00 - 2014-03-18 22:24 - 550808684 _____ () C:\Windows\MEMORY.DMP

2014-06-24 20:00 - 2014-03-18 22:24 - 00029988 _____ () C:\Windows\setupact.log

2014-06-24 20:00 - 2014-03-01 09:48 - 00000000 ____D () C:\Windows\Minidump

2014-06-24 20:00 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-06-24 19:54 - 2014-06-24 19:54 - 02082816 _____ (Farbar) C:\Users\Greg\Desktop\FRST64.exe

2014-06-24 19:42 - 2014-06-24 19:42 - 00854390 _____ () C:\Users\Greg\Desktop\SecurityCheck.exe

2014-06-24 19:37 - 2014-03-18 23:51 - 00097694 _____ () C:\Windows\PFRO.log

2014-06-24 19:36 - 2014-06-24 19:34 - 00000000 ____D () C:\AdwCleaner

2014-06-24 19:34 - 2014-06-24 19:33 - 01342659 _____ () C:\Users\Greg\Desktop\adwcleaner_3.213.exe

2014-06-24 19:33 - 2014-06-24 19:33 - 01342659 _____ () C:\Users\Greg\Downloads\adwcleaner_3.213.exe

2014-06-24 19:16 - 2014-03-01 01:28 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-06-24 18:00 - 2009-07-14 01:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-06-23 19:01 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache

2014-06-22 18:54 - 2014-06-22 18:54 - 00264496 _____ () C:\Windows\Minidump\062214-22557-01.dmp

2014-06-22 00:30 - 2014-06-22 00:30 - 00000000 _____ () C:\Windows\system32\config\SOFTWAREa76e44bb

2014-06-22 00:26 - 2014-06-21 22:41 - 00000000 ____D () C:\Windows\Microsoft Antimalware

2014-06-21 19:59 - 2014-06-21 19:41 - 00000000 ____D () C:\Users\Greg\Desktop\decaf

2014-06-21 19:40 - 2011-03-01 19:04 - 00000000 ____D () C:\Program Files (x86)\Windows Live

2014-06-21 19:32 - 2014-06-21 19:32 - 00860176 _____ (Microsoft Corporation) C:\Users\Greg\Desktop\mssstool32.exe

2014-06-21 19:26 - 2014-06-21 19:26 - 00274216 _____ () C:\Windows\Minidump\062114-32635-01.dmp

2014-06-21 18:53 - 2014-06-21 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-06-21 18:52 - 2014-06-21 18:52 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-06-21 18:52 - 2014-06-21 18:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-06-21 18:38 - 2014-06-21 18:38 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-21 18:38 - 2014-06-21 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-06-21 18:38 - 2014-06-21 18:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-06-21 18:37 - 2014-03-18 23:58 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-06-21 18:06 - 2014-06-21 18:06 - 00001945 _____ () C:\Windows\epplauncher.mif

2014-06-21 18:05 - 2014-06-21 18:05 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2014-06-21 18:05 - 2014-06-21 18:04 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2014-06-21 18:04 - 2014-06-21 18:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client

2014-06-21 17:59 - 2014-03-01 00:19 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared

2014-06-21 17:59 - 2014-02-28 23:31 - 00000000 ____D () C:\ProgramData\Norton

2014-06-21 17:50 - 2014-06-21 17:50 - 02935356 _____ () C:\Users\Greg\Documents\msinfo32.nfo

2014-06-21 17:50 - 2014-06-21 17:50 - 00104668 _____ () C:\Users\Greg\Documents\msinfo32.zip

2014-06-21 16:56 - 2014-03-18 23:08 - 00000000 ____D () C:\Users\Greg\AppData\Local\NPE

2014-06-21 16:50 - 2014-06-21 16:50 - 00000000 ____D () C:\NPE

2014-06-21 15:48 - 2014-06-17 21:31 - 00000000 ____D () C:\Program Files (x86)\Raptr

2014-06-20 16:35 - 2014-02-28 21:47 - 00000000 ____D () C:\Users\Greg

2014-06-20 16:23 - 2014-06-20 16:23 - 00274216 _____ () C:\Windows\Minidump\062014-21964-01.dmp

2014-06-19 22:41 - 2014-06-19 22:41 - 00274216 _____ () C:\Windows\Minidump\061914-27284-01.dmp

2014-06-19 21:54 - 2014-06-19 21:54 - 00274216 _____ () C:\Windows\Minidump\061914-28813-01.dmp

2014-06-17 21:37 - 2014-06-17 21:37 - 00000000 ____D () C:\ProgramData\ATI

2014-06-17 21:34 - 2014-06-17 21:34 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved

2014-06-17 21:34 - 2014-06-17 21:34 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\library_dir

2014-06-17 21:30 - 2014-06-17 21:30 - 00061828 _____ () C:\Windows\SysWOW64\CCCInstall_201406172130355518.log

2014-06-17 21:30 - 2014-06-17 21:30 - 00000000 ____D () C:\Program Files (x86)\AMD AVT

2014-06-17 21:30 - 2014-03-01 12:56 - 00000000 ____D () C:\ProgramData\AMD

2014-06-17 21:29 - 2014-06-17 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center

2014-06-17 21:29 - 2014-06-16 20:57 - 00000000 ____D () C:\Program Files\ATI Technologies

2014-06-17 21:26 - 2014-06-17 21:26 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies

2014-06-17 21:23 - 2014-06-17 20:55 - 269338400 _____ (AMD Inc.) C:\Users\Greg\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe

2014-06-16 20:58 - 2014-04-13 17:25 - 00000000 ____D () C:\Program Files\Google

2014-06-16 20:58 - 2014-04-13 17:24 - 00000000 ____D () C:\Program Files (x86)\Google

2014-06-16 20:09 - 2014-04-13 17:24 - 00000000 ____D () C:\Users\Greg\AppData\Local\Google

2014-06-16 19:54 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

2014-06-16 19:50 - 2014-06-16 19:50 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe

2014-06-16 19:50 - 2014-06-16 19:50 - 00000000 ____D () C:\Users\Default\AppData\Local\SlimWare Utilities Inc

2014-06-16 19:50 - 2014-06-16 19:50 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe

2014-06-16 19:50 - 2014-06-16 19:50 - 00000000 ____D () C:\Users\Default User\AppData\Local\SlimWare Utilities Inc

2014-06-16 19:49 - 2014-06-16 19:49 - 00274216 _____ () C:\Windows\Minidump\061614-36847-01.dmp

2014-06-16 18:14 - 2014-06-16 18:14 - 00274216 _____ () C:\Windows\Minidump\061614-31122-01.dmp

2014-06-14 19:37 - 2014-06-14 19:37 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM

2014-06-14 19:37 - 2014-06-14 19:37 - 00000000 ____D () C:\Program Files\Realtek

2014-06-14 19:37 - 2014-02-28 21:52 - 00000000 ___HD () C:\Program Files (x86)\Temp

2014-06-14 19:34 - 2014-02-28 21:50 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-06-14 19:30 - 2014-02-28 21:51 - 00000000 ____D () C:\Program Files (x86)\Realtek

2014-06-14 19:03 - 2014-06-14 19:03 - 00000000 ____D () C:\Users\Greg\AppData\Local\SlimWare Utilities Inc

2014-06-14 19:02 - 2014-06-14 19:02 - 00002467 _____ () C:\Users\Public\Desktop\SlimDrivers.lnk

2014-06-14 19:02 - 2014-06-14 19:02 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers

2014-06-14 18:52 - 2014-06-14 18:52 - 00274216 _____ () C:\Windows\Minidump\061414-44709-01.dmp

2014-06-14 17:39 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-06-14 10:57 - 2014-02-28 23:08 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-06-14 10:57 - 2014-02-28 23:08 - 00000000 ____D () C:\Windows\system32\MRT

2014-06-14 10:54 - 2014-05-08 14:42 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-06-14 10:47 - 2014-06-14 10:47 - 00274216 _____ () C:\Windows\Minidump\061414-32822-01.dmp

2014-06-13 23:32 - 2014-06-13 23:32 - 00274216 _____ () C:\Windows\Minidump\061314-31855-01.dmp

2014-06-10 19:15 - 2014-06-10 19:15 - 00274216 _____ () C:\Windows\Minidump\061014-31215-01.dmp

2014-06-08 21:22 - 2014-06-08 21:22 - 00274216 _____ () C:\Windows\Minidump\060814-23774-01.dmp

2014-06-08 05:13 - 2014-06-13 18:54 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-08 05:08 - 2014-06-13 18:54 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-07 13:26 - 2014-06-07 13:26 - 00274216 _____ () C:\Windows\Minidump\060714-24289-01.dmp

2014-06-06 17:46 - 2014-06-06 17:46 - 00274216 _____ () C:\Windows\Minidump\060614-29796-01.dmp

2014-06-06 16:40 - 2014-06-06 16:40 - 00274216 _____ () C:\Windows\Minidump\060614-29016-01.dmp

2014-06-05 22:55 - 2014-06-05 22:55 - 00274216 _____ () C:\Windows\Minidump\060514-39811-01.dmp

2014-06-05 14:34 - 2014-06-05 14:34 - 00274216 _____ () C:\Windows\Minidump\060514-25006-01.dmp

2014-06-04 21:02 - 2014-06-04 21:02 - 00274216 _____ () C:\Windows\Minidump\060414-45302-01.dmp

2014-06-02 20:31 - 2014-06-02 20:31 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

2014-06-02 20:04 - 2014-06-02 20:36 - 206624276 ____N () C:\Users\Greg\Desktop\20140602_200319.mp4

2014-06-02 20:02 - 2014-06-02 20:35 - 255598268 ____N () C:\Users\Greg\Desktop\20140602_200020.mp4

2014-05-31 17:23 - 2014-05-31 17:23 - 00274216 _____ () C:\Windows\Minidump\053114-30466-01.dmp

2014-05-31 15:12 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2014-05-31 15:10 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-05-30 06:21 - 2014-06-13 19:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-30 06:02 - 2014-06-13 19:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-30 06:02 - 2014-06-13 19:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-05-30 05:45 - 2014-06-13 19:21 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-05-30 05:39 - 2014-06-13 19:21 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-05-30 05:39 - 2014-06-13 19:21 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-05-30 05:38 - 2014-06-13 19:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-05-30 05:28 - 2014-06-13 19:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-05-30 05:27 - 2014-06-13 19:21 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-05-30 05:24 - 2014-06-13 19:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-05-30 05:21 - 2014-06-13 19:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-05-30 05:21 - 2014-06-13 19:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-05-30 05:20 - 2014-06-13 19:21 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-05-30 05:18 - 2014-06-13 19:21 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-05-30 05:11 - 2014-06-13 19:21 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-05-30 05:08 - 2014-06-13 19:21 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-05-30 05:06 - 2014-06-13 19:21 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-05-30 05:02 - 2014-06-13 19:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-05-30 04:55 - 2014-06-13 19:21 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-05-30 04:49 - 2014-06-13 19:21 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-05-30 04:46 - 2014-06-13 19:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-30 04:44 - 2014-06-13 19:21 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-05-30 04:44 - 2014-06-13 19:21 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-05-30 04:43 - 2014-06-13 19:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-05-30 04:42 - 2014-06-13 19:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-05-30 04:38 - 2014-06-13 19:21 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-05-30 04:35 - 2014-06-13 19:21 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-05-30 04:34 - 2014-06-13 19:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-05-30 04:33 - 2014-06-13 19:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-05-30 04:30 - 2014-06-13 19:21 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-05-30 04:29 - 2014-06-13 19:21 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-05-30 04:28 - 2014-06-13 19:21 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-05-30 04:27 - 2014-06-13 19:21 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-05-30 04:24 - 2014-06-13 19:21 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-05-30 04:23 - 2014-06-13 19:21 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-05-30 04:16 - 2014-06-13 19:21 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-05-30 04:10 - 2014-06-13 19:21 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-05-30 04:06 - 2014-06-13 19:21 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-05-30 04:04 - 2014-06-13 19:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-05-30 04:02 - 2014-06-13 19:21 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-05-30 03:56 - 2014-06-13 19:21 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-05-30 03:56 - 2014-06-13 19:21 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-05-30 03:54 - 2014-06-13 19:21 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-05-30 03:50 - 2014-06-13 19:21 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-05-30 03:49 - 2014-06-13 19:21 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-05-30 03:43 - 2014-06-13 19:21 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-05-30 03:40 - 2014-06-13 19:21 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-05-30 03:30 - 2014-06-13 19:21 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-05-30 03:21 - 2014-06-13 19:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-05-30 03:15 - 2014-06-13 19:21 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-05-30 03:13 - 2014-06-13 19:21 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-05-30 03:13 - 2014-06-13 19:21 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-05-28 18:36 - 2014-05-28 18:36 - 00274216 _____ () C:\Windows\Minidump\052814-54881-01.dmp

2014-05-27 18:33 - 2014-02-28 23:21 - 00058408 _____ () C:\Users\Greg\AppData\Local\GDIPFONTCACHEV1.DAT

2014-05-27 18:25 - 2014-05-27 18:25 - 00274216 _____ () C:\Windows\Minidump\052714-27783-01.dmp

2014-05-26 19:07 - 2014-05-26 19:07 - 00274216 _____ () C:\Windows\Minidump\052614-33384-01.dmp

2014-05-26 14:02 - 2014-05-26 14:02 - 00274216 _____ () C:\Windows\Minidump\052614-66378-01.dmp

2014-05-26 14:02 - 2009-07-14 00:45 - 00268856 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-05-25 22:45 - 2014-05-25 22:45 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe

2014-05-25 22:45 - 2014-05-25 22:45 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe

2014-05-25 22:45 - 2014-05-25 22:45 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe

2014-05-25 22:45 - 2014-05-25 22:45 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe

2014-05-25 22:44 - 2014-05-25 22:44 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe

2014-05-25 22:44 - 2014-05-25 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center

2014-05-25 22:44 - 2014-05-25 22:43 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center

2014-05-25 22:36 - 2014-05-25 22:36 - 00001190 _____ () C:\Users\Public\Desktop\Install Microsoft Mouse and Keyboard Center.lnk

2014-05-25 21:22 - 2014-05-25 21:22 - 00274216 _____ () C:\Windows\Minidump\052514-33540-01.dmp

2014-05-25 13:06 - 2014-05-25 13:06 - 00054600 _____ () C:\Windows\SysWOW64\CCCInstall_201405251306447699.log

2014-05-25 12:53 - 2014-05-25 12:53 - 00264496 _____ () C:\Windows\Minidump\052514-22854-01.dmp

2014-05-25 10:48 - 2014-05-25 10:48 - 00274216 _____ () C:\Windows\Minidump\052514-23493-01.dmp

Some content of TEMP:

====================

C:\Users\Greg\AppData\Local\Temp\avg45D6.tmp.exe

C:\Users\Greg\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe

C:\Users\Greg\AppData\Local\Temp\oi_{FE64BBD8-02D9-43F3-B9D7-EC4983CFFE39}.exe

C:\Users\Greg\AppData\Local\Temp\Quarantine.exe

C:\Users\Greg\AppData\Local\Temp\raptrpatch.exe

C:\Users\Greg\AppData\Local\Temp\raptr_stub.exe

C:\Users\Greg\AppData\Local\Temp\speedmax.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

TDL4: custom:26000022 <===== ATTENTION!

LastRegBack: 2014-06-23 18:54

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2014

Ran by Greg at 2014-06-24 20:19:20

Running from C:\Users\Greg\Desktop

Boot Mode: Normal

==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden

AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden

AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)

AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden

AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden

AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden

Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden

FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version: - Square Enix)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)

Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden

Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)

Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)

Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden

Raptr (HKLM-x32\...\Raptr) (Version: - )

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)

SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)

Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)

Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)

Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)

Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)

Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

==================== Restore Points =========================

21-06-2014 02:45:14 Windows Update

21-06-2014 19:54:33 Windows Update

21-06-2014 22:31:30 Removed SlimDrivers

21-06-2014 22:51:07 Windows Update

22-06-2014 00:52:24 Windows Update

22-06-2014 03:18:10 Windows Update

23-06-2014 21:58:00 Windows Update

24-06-2014 02:11:50 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0B46C686-95F6-4B06-91B0-59F8D599414F} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {23327073-386C-4EFA-91BF-018ECEEC6E40} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)

Task: {32AF9933-6AD2-4131-9401-737810428F1D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {3EB12912-6B53-48A4-BAD8-A8411479D1F3} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe

Task: {4DAEAE29-F989-4C89-8403-DC5354E9F5AF} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {5891B3EA-F5C3-4D29-8E12-0861C0771E1C} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {7F4FCC63-B1AE-4094-BABD-5928536B134A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)

Task: {867DD385-E2EF-47F2-B4CA-BC3FDACBA880} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe

Task: {CA69F633-F98C-4D43-B8FF-EB22D42130B8} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe

Task: {D2AEE6EE-FECA-4086-BDA8-02AE22F9C2B6} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

==================== Loaded Modules (whitelisted) =============

2010-11-22 18:56 - 2010-11-22 18:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd

2010-11-22 18:56 - 2010-11-22 18:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd

2010-11-22 18:56 - 2010-11-22 18:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd

2014-05-13 19:26 - 2014-05-13 19:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd

2014-05-13 19:26 - 2014-05-13 19:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd

2014-05-13 19:26 - 2014-05-13 19:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd

2014-05-13 19:26 - 2014-05-13 19:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd

2010-11-22 18:57 - 2010-11-22 18:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd

2010-11-22 18:56 - 2010-11-22 18:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll

2010-11-22 18:56 - 2010-11-22 18:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd

2010-11-22 18:56 - 2010-11-22 18:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd

2010-11-22 18:56 - 2010-11-22 18:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd

2010-11-22 18:57 - 2010-11-22 18:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd

2010-11-22 18:57 - 2010-11-22 18:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd

2010-11-22 18:56 - 2010-11-22 18:56 - 00124928 _____ () C:\Program Files (x86)\Raptr\_elementtree.pyd

2010-11-22 18:56 - 2010-11-22 18:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd

2012-02-06 16:28 - 2012-02-06 16:28 - 00031744 _____ () C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pyd

2012-02-06 16:28 - 2012-02-06 16:28 - 00010752 _____ () C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pyd

2012-02-06 16:28 - 2012-02-06 16:28 - 00011264 _____ () C:\Program Files (x86)\Raptr\Crypto.Util._counter.pyd

2011-05-10 15:01 - 2011-05-10 15:01 - 00030208 _____ () C:\Program Files (x86)\Raptr\simplejson._speedups.pyd

2010-11-22 18:56 - 2010-11-22 18:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd

2011-02-15 14:17 - 2011-02-15 14:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll

2010-11-22 18:56 - 2010-11-22 18:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll

2010-11-22 18:57 - 2010-11-22 18:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd

2010-11-22 18:57 - 2010-11-22 18:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd

2014-05-13 19:26 - 2014-05-13 19:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd

2010-11-22 18:56 - 2010-11-22 18:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd

2010-11-22 18:56 - 2010-11-22 18:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd

2010-11-22 18:57 - 2010-11-22 18:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd

2013-11-20 20:05 - 2013-11-20 20:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll

2010-11-22 18:57 - 2010-11-22 18:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd

2014-06-17 20:56 - 2014-06-17 20:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd

2011-02-15 14:17 - 2011-02-15 14:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll

2010-11-22 19:06 - 2010-11-22 19:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll

2013-05-09 19:52 - 2013-05-09 19:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll

2013-05-09 19:52 - 2013-05-09 19:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll

2013-05-09 19:52 - 2013-05-09 19:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll

2013-05-03 14:57 - 2013-05-03 14:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll

2013-05-03 14:56 - 2013-05-03 14:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll

2013-05-03 14:56 - 2013-05-03 14:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll

2013-05-03 14:57 - 2013-05-03 14:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll

2013-05-03 14:56 - 2013-05-03 14:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll

2013-05-03 14:57 - 2013-05-03 14:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll

2013-05-03 14:57 - 2013-05-03 14:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll

2013-05-03 14:57 - 2013-05-03 14:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll

2013-05-03 14:57 - 2013-05-03 14:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (06/23/2014 06:56:09 PM) (Source: SideBySide) (EventID: 35) (User: )

Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.

Component identity found in manifest does not match the identity of the component requested.

Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".

Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".

Please use sxstrace.exe for detailed diagnosis.

Error: (06/16/2014 08:21:46 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17126, time stamp: 0x53882e30

Faulting module name: atidxx32.dll, version: 8.17.10.525, time stamp: 0x4d783b85

Exception code: 0xc0000005

Fault offset: 0x00011913

Faulting process id: 0xcd0

Faulting application start time: 0xIEXPLORE.EXE0

Faulting application path: IEXPLORE.EXE1

Faulting module path: IEXPLORE.EXE2

Report Id: IEXPLORE.EXE3

Error: (06/16/2014 08:19:26 PM) (Source: ATIeRecord) (EventID: 16388) (User: )

Description: ATI EEU Client event error

Error: (06/16/2014 08:19:26 PM) (Source: ATIeRecord) (EventID: 16392) (User: )

Description: ATI EEU error accessing memory mapped file

Error: (06/16/2014 08:19:26 PM) (Source: ATIeRecord) (EventID: 16386) (User: )

Description: ATI EEU Client has failed to start

Error: (06/16/2014 08:19:26 PM) (Source: ATIeRecord) (EventID: 16388) (User: )

Description: ATI EEU Client event error

Error: (05/28/2014 10:58:38 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17041, time stamp: 0x531807e4

Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7

Exception code: 0xc0000374

Fault offset: 0x000ce753

Faulting process id: 0x13c0

Faulting application start time: 0xIEXPLORE.EXE0

Faulting application path: IEXPLORE.EXE1

Faulting module path: IEXPLORE.EXE2

Report Id: IEXPLORE.EXE3

Error: (05/28/2014 10:52:09 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program IEXPLORE.EXE version 11.0.9600.17041 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1038

Start Time: 01cf7ae8c2a889ed

Termination Time: 3

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (05/28/2014 10:50:33 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program IEXPLORE.EXE version 11.0.9600.17041 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 760

Start Time: 01cf7ae85f0881d3

Termination Time: 10

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (05/28/2014 10:25:47 PM) (Source: ATIeRecord) (EventID: 16388) (User: )

Description: ATI EEU Client event error

System errors:

=============

Error: (06/24/2014 08:00:32 PM) (Source: BugCheck) (EventID: 1001) (User: )

Description: 0x0000000a (0x000005dc01000088, 0x0000000000000002, 0x0000000000000001, 0xfffff80003066666)C:\Windows\MEMORY.DMP062414-41387-01

Error: (06/24/2014 08:00:31 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 7:58:23 PM on ‎6/‎24/‎2014 was unexpected.

Error: (06/24/2014 07:18:46 PM) (Source: BugCheck) (EventID: 1001) (User: )

Description: 0x0000001e (0xffffffffc0000005, 0xfffff800030a8666, 0x0000000000000000, 0xffffffffffffffff)C:\Windows\MEMORY.DMP

Error: (06/24/2014 07:18:46 PM) (Source: BugCheck) (EventID: 1005) (User: )

Description:

Error: (06/24/2014 07:18:42 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 7:17:02 PM on ‎6/‎24/‎2014 was unexpected.

Error: (06/24/2014 06:20:52 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: The following fatal alert was generated: 40. The internal error state is 252.

Error: (06/24/2014 06:20:52 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: The following fatal alert was generated: 40. The internal error state is 252.

Error: (06/24/2014 05:54:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.177.711.0).

Error: (06/24/2014 05:53:55 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.177.539.0

Update Source: %NT AUTHORITY59

Update Stage: 4.5.0216.00

Source Path: 4.5.0216.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (06/24/2014 05:43:47 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: The following fatal alert was generated: 40. The internal error state is 252.

Microsoft Office Sessions:

=========================

Error: (06/23/2014 06:56:09 PM) (Source: SideBySide) (EventID: 35) (User: )

Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (06/16/2014 08:21:46 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: IEXPLORE.EXE11.0.9600.1712653882e30atidxx32.dll8.17.10.5254d783b85c000000500011913cd001cf89bfac9cd53bC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\atidxx32.dll5d0fcbce-f5b5-11e3-9e40-003067bdf54b

Error: (06/16/2014 08:19:26 PM) (Source: ATIeRecord) (EventID: 16388) (User: )

Description:

Error: (06/16/2014 08:19:26 PM) (Source: ATIeRecord) (EventID: 16392) (User: )

Description:

Error: (06/16/2014 08:19:26 PM) (Source: ATIeRecord) (EventID: 16386) (User: )

Description:

Error: (06/16/2014 08:19:26 PM) (Source: ATIeRecord) (EventID: 16388) (User: )

Description:

Error: (05/28/2014 10:58:38 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: IEXPLORE.EXE11.0.9600.17041531807e4ntdll.dll6.1.7601.18247521ea8e7c0000374000ce75313c001cf7ae95f82ccb1C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll219e30db-e6dd-11e3-b4ef-003067bdf54b

Error: (05/28/2014 10:52:09 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: IEXPLORE.EXE11.0.9600.17041103801cf7ae8c2a889ed3C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (05/28/2014 10:50:33 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: IEXPLORE.EXE11.0.9600.1704176001cf7ae85f0881d310C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (05/28/2014 10:25:47 PM) (Source: ATIeRecord) (EventID: 16388) (User: )

Description:

==================== Memory info ===========================

Percentage of memory in use: 23%

Total physical RAM: 8174.66 MB

Available physical RAM: 6216.97 MB

Total Pagefile: 16347.49 MB

Available Pagefile: 14067.45 MB

Total Virtual: 8192 MB

Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:689.61 GB) NTFS

Drive d: (AMD_040611) (CDROM) (Total:0.65 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: B338AB12)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Windows update still continues to fail to install the security update, So I think I am still infected.

Any help would be greatly appreciated =]

[kevinf80]

Hello and

 

P2P/Piracy Warning:

 

 

 

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

 

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Open Malwarebytes 2.0, run a Threat Scan

 

• 
  

On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

 

Post log:

 

• 
  

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

 

Post those two logs...

 

Kevin

 

 

 

fixlist.txt

[cloud77]

Thanks for your reply.

Here is the first log while I wait for a scan to complete.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-06-2014

Ran by Greg at 2014-06-24 20:45:49 Run:1

Running from C:\Users\Greg\Desktop

Boot Mode: Normal

==============================================

Content of fixlist:

*****************

Start

HKU\S-1-5-21-3212570639-3084305247-146173427-1000\...\MountPoints2: {b17e71ff-a0fb-11e3-a7b3-806e6f6e6963} - D:\atisetup.exe

HKU\S-1-5-21-3212570639-3084305247-146173427-1000\...\MountPoints2: {dcb929a4-a162-11e3-ad17-003067bdf54b} - E:\setup.exe -a

HKU\S-1-5-21-3212570639-3084305247-146173427-1000\...\MountPoints2: {edf13978-eab5-11e3-99bd-003067bdf54b} - E:\VZW_Software_upgrade_assistant.exe

C:\Users\Greg\AppData\Local\Temp\avg45D6.tmp.exe

C:\Users\Greg\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe

C:\Users\Greg\AppData\Local\Temp\oi_{FE64BBD8-02D9-43F3-B9D7-EC4983CFFE39}.exe

C:\Users\Greg\AppData\Local\Temp\Quarantine.exe

C:\Users\Greg\AppData\Local\Temp\raptrpatch.exe

C:\Users\Greg\AppData\Local\Temp\raptr_stub.exe

C:\Users\Greg\AppData\Local\Temp\speedmax.exe

TDL4: custom:26000022 <===== ATTENTION!

End

*****************

'HKU\S-1-5-21-3212570639-3084305247-146173427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b17e71ff-a0fb-11e3-a7b3-806e6f6e6963}' => Key deleted successfully.

'HKCR\CLSID\{b17e71ff-a0fb-11e3-a7b3-806e6f6e6963}'=> Key not found.

'HKU\S-1-5-21-3212570639-3084305247-146173427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dcb929a4-a162-11e3-ad17-003067bdf54b}' => Key deleted successfully.

'HKCR\CLSID\{dcb929a4-a162-11e3-ad17-003067bdf54b}'=> Key not found.

'HKU\S-1-5-21-3212570639-3084305247-146173427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{edf13978-eab5-11e3-99bd-003067bdf54b}' => Key deleted successfully.

'HKCR\CLSID\{edf13978-eab5-11e3-99bd-003067bdf54b}'=> Key not found.

C:\Users\Greg\AppData\Local\Temp\avg45D6.tmp.exe => Moved successfully.

C:\Users\Greg\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe => Moved successfully.

C:\Users\Greg\AppData\Local\Temp\oi_{FE64BBD8-02D9-43F3-B9D7-EC4983CFFE39}.exe => Moved successfully.

C:\Users\Greg\AppData\Local\Temp\Quarantine.exe => Moved successfully.

C:\Users\Greg\AppData\Local\Temp\raptrpatch.exe => Moved successfully.

C:\Users\Greg\AppData\Local\Temp\raptr_stub.exe => Moved successfully.

C:\Users\Greg\AppData\Local\Temp\speedmax.exe => Moved successfully.

The operation completed successfully.

The operation completed successfully.

==== End of Fixlog ====

[kevinf80]

OK, post malwarebytes log when you`re ready, nearly 2 am local time for me, will catch up later.....

 

Kevin...

[cloud77]

It said I was clean, but I didn't have 'scan for rootkits selected'

I will do that, run another scan and report the results.

Thank you very much for your help. Have a good sleep. =]

[cloud77]

Malwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 6/24/2014

Scan Time: 9:02:24 PM

Logfile:

Administrator: Yes

Version: 2.00.2.1012

Malware Database: v2014.06.24.14

Rootkit Database: v2014.06.23.02

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Greg

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 276392

Time Elapsed: 12 min, 15 sec

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Deep Rootkit Scan: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processes: 0

(No malicious items detected)

Modules: 0

(No malicious items detected)

Registry Keys: 0

(No malicious items detected)

Registry Values: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Folders: 0

(No malicious items detected)

Files: 0

(No malicious items detected)

Physical Sectors: 3

Unknown.Rootkit.VBR, Master Boot Record on Drive #0, Replace-on-Reboot, [956a21c3230a6741323b3334e3afd80e],

Unknown.Rootkit.VBR, Physical Sector #15 on Drive #0, Replace-on-Reboot, ,

Forged physical sector, Physical Sector #1953524112 on Drive #0, Replace-on-Reboot, [bf619eac0cdf3f68d496ea9344137e8b],

(end)

[kevinf80]

The rootkit was already killed and moved with FRST, malwarebytes just move dead remnant.  The rootkit option of Malwarebytes is not active by default, that setting has to be activated when required..

 

We need to run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and Windows 7/8 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 

• 
  

Turn off the real time scanner of any existing antivirus program while performing the online scan
click on the Run ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the add/on to be installed
Click Start
Make sure that the option "Remove found threats"  is UNticked
Click on Advanced Settings, ensure the options
Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
wait for the virus definitions to be downloaded
Wait for the scan to finish

 

When the scan is complete

 

• 
  

If no threats were found
put a checkmark in "Uninstall application on close"
close program
report to me that nothing was found

 

If threats were found

 

• 
  

click on "list of threats found"
click on "export to text file" and save it as ESET SCAN and save to the desktop
Click on back
put a checkmark in "Uninstall application on close"
click on finish

 

close program

 

Copy and paste the report in next reply.

 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)

Double click SecurityCheck.exe (Vista or Windows 7/8 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

If Security Check will not run or you get an alert saying it is not supported, Re-boot your PC then try again...

 

Let me see those two logs, also give an update on any remaining issues or concerns...

 

Thank you,

 

Kevin

[cloud77]

I am in the process of downloading definitions for ESET.  I will update the results of both when scanning is finished.  Everything seems to be running smooth right now.  Windows security update didn't fail upon install either. 

 

Thank you very much for your help so far!

[kevinf80]

Post logs when ready....

 

Cheers,

 

Kevin

[cloud77]

No threats were found with ESET..

Results of screen317's Security Check version 0.99.85

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 11

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Microsoft Security Essentials

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Adobe Reader XI

````````Process Check: objlist.exe by Laurent````````

Microsoft Security Essentials MSMpEng.exe

Microsoft Security Essentials msseces.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 26% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log``````````````````````

[kevinf80]

What is the current status of your system, are there any remaining issues or concerns? Also is your hard drive SSD?

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!