API tools faq
paste
Advertisement
Guest User

First one

a guest
Jun 9th, 2014
52
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 37.15 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-06-2014 03
  2. Ran by owner (administrator) on EASYHOME on 09-06-2014 17:16:22
  3. Running from C:\Users\owner\Desktop
  4. Platform: Windows 8 (X64) OS Language: English(US)
  5. Internet Explorer Version 10
  6. Boot Mode: Normal
  7.  
  8. The only official download link for FRST:
  9. Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
  10. Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
  11. Download link from any site other than Bleeping Computer is unpermitted or outdated.
  12. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  13.  
  14. ==================== Processes (Whitelisted) =================
  15.  
  16. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
  17. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
  18. () C:\Windows\System32\idle-Threads.exe
  19. (AMD) C:\Windows\System32\atiesrxx.exe
  20. (AMD) C:\Windows\System32\atieclxx.exe
  21. (IvoSoft) C:\ClassicShell\ClassicShellService.exe
  22. (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
  23. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
  24. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
  25. () C:\Windows\System32\semaphore-Threads.exe
  26. () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
  27. (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
  28. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  29. (IvoSoft) C:\ClassicShell\ClassicStartMenu.exe
  30. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
  31. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
  32. (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
  33. (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
  34. (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
  35. (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
  36. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
  37. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
  38. () C:\Users\owner\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe
  39. () C:\Users\owner\AppData\Local\MRS\svcsystem.exe
  40. (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
  41. (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
  42. (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
  43. (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
  44. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
  45. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
  46. (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
  47. (CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
  48. (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
  49. (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
  50. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
  51. (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
  52. (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
  53. (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
  54. (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
  55. (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\core-static\MOM.exe
  56. (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\core-static\CCC.exe
  57. (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
  58. () C:\Users\owner\AppData\Local\MRS\winsystem.exe
  59. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  60. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  61. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  62. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  63. (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
  64. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  65. (The Privoxy team - www.privoxy.org) C:\Program Files (x86)\MRS\pvx\privoxy.exe
  66. (Farbar) C:\Users\owner\Desktop\Virus fixer.exe
  67.  
  68.  
  69. ==================== Registry (Whitelisted) ==================
  70.  
  71. HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-11-21] (Realtek Semiconductor)
  72. HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-04-17] (Advanced Micro Devices, Inc.)
  73. HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-05-14] (IVT Corporation)
  74. HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
  75. HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
  76. HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-12-25] (Hewlett-Packard Development Company, L.P.)
  77. HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
  78. HKU\S-1-5-21-2255616114-2979358920-1297510320-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2993376 2014-05-08] (Nota Inc.)
  79. HKU\S-1-5-21-2255616114-2979358920-1297510320-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1713416 2013-08-05] (CyberLink Corp.)
  80. HKU\S-1-5-21-2255616114-2979358920-1297510320-1002\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\owner\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=356f40509df447d29d14a151cd177a53-84ad5da3cbbefba1c97e797a60de79166fdaf70c /CMPID=0214c
  81. GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
  82.  
  83. ==================== Internet (Whitelisted) ====================
  84.  
  85. ProxyEnable: Internet Explorer proxy is enabled.
  86. ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
  87. HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
  88. HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
  89. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON13/4
  90. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
  91. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON13/4
  92. SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
  93. SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
  94. SearchScopes: HKLM - {696BEDDC-EDD9-40C1-9534-90D237CEA7EC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
  95. SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
  96. SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
  97. SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
  98. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
  99. SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
  100. BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
  101. BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll No File
  102. BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
  103. BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
  104. Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies)
  105. Tcpip\Parameters: [DhcpNameServer] 199.166.6.2 209.239.11.98
  106.  
  107. FireFox:
  108. ========
  109. FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\wa9ndnaz.default
  110. FF NetworkProxy: "http", "127.0.0.1"
  111. FF NetworkProxy: "http_port", 8118
  112. FF NetworkProxy: "ssl", "127.0.0.1"
  113. FF NetworkProxy: "ssl_port", 8118
  114. FF NetworkProxy: "type", 1
  115. FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
  116. FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
  117. FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
  118. FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
  119. FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  120. FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
  121. FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
  122. FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
  123. FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
  124.  
  125. Chrome:
  126. =======
  127. CHR HomePage:
  128. CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-31]
  129. CHR Extension: (Google Wallet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-29]
  130.  
  131. ==================== Services (Whitelisted) =================
  132.  
  133. S2 .Net Crypt; C:\Windows\System32\mutex-Threads.exe [9539184 2013-11-30] ()
  134. R2 .Net Main; C:\Windows\System32\idle-Threads.exe [9361520 2013-11-30] ()
  135. S2 .Net Security; C:\Windows\System32\latch-Threads.exe [9544304 2013-11-30] ()
  136. R2 .Net Semaphore; C:\Windows\System32\semaphore-Threads.exe [480880 2013-11-30] ()
  137. R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [103424 2013-04-17] ()
  138. R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-17] (Advanced Micro Devices, Inc.)
  139. R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
  140. R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
  141. R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1630456 2013-06-07] (IVT Corporation)
  142. R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-05-14] (IVT Corporation)
  143. R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
  144. R2 ClassicShellService; C:\ClassicShell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft)
  145. R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-12-25] (Hewlett-Packard Development Company, L.P.)
  146. R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
  147. R2 SystemUpdatekb70007; C:\Users\owner\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe [29184 2014-05-29] ()
  148. S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
  149.  
  150. ==================== Drivers (Whitelisted) ====================
  151.  
  152. R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-08] (Advanced Micro Devices, INC.)
  153. R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-23] (Advanced Micro Devices)
  154. S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
  155. R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
  156. R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
  157. R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
  158. R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
  159. R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
  160. R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
  161. R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
  162. R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-03-31] (AVG Technologies CZ, s.r.o.)
  163. U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
  164. R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
  165. U4 BthAvrcpTg;
  166. U4 BthHFEnum;
  167. U4 bthhfhid;
  168. R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation)
  169. R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
  170. R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
  171. R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
  172. R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2013-11-21] (Realtek Semiconductor Corp.)
  173. R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
  174. R0 scssifilter; C:\Windows\System32\Drivers\scssifilter64.sys [18928 2013-11-30] (Microsoft Corporation)
  175. S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-06-04] (Synaptics Incorporated)
  176. S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33008 2013-06-04] (Synaptics Incorporated)
  177. R0 usbmp3; C:\Windows\System32\Drivers\usbmp364.sys [18928 2013-11-30] ()
  178. R0 usbvox; C:\Windows\System32\Drivers\usbvox64.sys [20464 2013-11-30] ()
  179. R0 usbwav; C:\Windows\System32\Drivers\usbwav64.sys [15856 2013-11-30] ()
  180. R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
  181. U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
  182. S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
  183.  
  184. ==================== NetSvcs (Whitelisted) ===================
  185.  
  186.  
  187. ==================== One Month Created Files and Folders ========
  188.  
  189. 2014-06-09 17:16 - 2014-06-09 17:16 - 00016314 _____ () C:\Users\owner\Desktop\FRST.txt
  190. 2014-06-09 17:16 - 2014-06-09 17:16 - 00000000 ____D () C:\FRST
  191. 2014-06-09 17:10 - 2014-06-09 17:10 - 02080768 _____ (Farbar) C:\Users\owner\Desktop\Virus fixer.exe
  192. 2014-06-06 07:06 - 2014-06-06 07:06 - 00000000 ____D () C:\Users\owner\AppData\Local\VirtualStore
  193. 2014-06-03 22:19 - 2014-06-03 22:19 - 00000000 ____D () C:\Users\owner\AppData\Roaming\AVG2014
  194. 2014-06-03 19:49 - 2014-06-03 19:52 - 00000000 ____D () C:\AdwCleaner
  195. 2014-06-03 18:22 - 2014-06-03 18:22 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
  196. 2014-06-03 15:17 - 2014-06-03 15:17 - 00000905 _____ () C:\Users\owner\Desktop\JRT.txt
  197. 2014-06-03 07:15 - 2014-06-03 07:15 - 00000000 ____D () C:\Windows\ERUNT
  198. 2014-06-03 07:08 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
  199. 2014-06-02 20:35 - 2014-06-03 17:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
  200. 2014-06-02 20:35 - 2014-06-03 17:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
  201. 2014-06-02 20:35 - 2014-06-02 20:37 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Mozilla
  202. 2014-06-02 20:35 - 2014-06-02 20:37 - 00000000 ____D () C:\Users\owner\AppData\Local\Mozilla
  203. 2014-06-02 20:35 - 2014-06-02 20:35 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
  204. 2014-06-02 20:35 - 2014-06-02 20:35 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
  205. 2014-06-02 20:35 - 2014-06-02 20:35 - 00000000 ____D () C:\ProgramData\Mozilla
  206. 2014-06-02 16:24 - 2014-06-02 16:25 - 00000000 ____D () C:\NPE
  207. 2014-06-02 16:21 - 2014-06-02 16:30 - 00000000 ____D () C:\Users\owner\AppData\Local\NPE
  208. 2014-06-02 16:12 - 2014-06-03 17:39 - 00000000 ____D () C:\Users\owner\AppData\Local\MRS
  209. 2014-06-02 16:12 - 2014-06-03 17:38 - 00000000 ____D () C:\Users\owner\AppData\Roaming\MRS
  210. 2014-06-02 16:12 - 2014-06-02 16:13 - 00000000 ____D () C:\Program Files (x86)\MRS
  211. 2014-06-02 16:12 - 2014-06-02 16:12 - 00000258 __RSH () C:\ProgramData\ntuser.pol
  212. 2014-06-01 12:46 - 2014-06-01 12:46 - 11698864 _____ (Nota Inc. ) C:\Users\owner\Downloads\GyazoSetup.exe
  213. 2014-06-01 12:46 - 2014-06-01 12:46 - 00003746 _____ () C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
  214. 2014-05-25 21:16 - 2014-06-03 19:13 - 00003420 _____ () C:\Windows\System32\Tasks\GPUpdateCheck
  215. 2014-05-25 21:16 - 2014-06-03 17:38 - 00000000 ____D () C:\Users\owner\AppData\Roaming\wi_upd
  216. 2014-05-15 16:30 - 2014-05-15 16:30 - 00000432 _____ () C:\Users\owner\Documents\Drake's application..txt
  217. 2014-05-15 00:34 - 2014-04-12 05:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
  218. 2014-05-15 00:34 - 2014-04-12 05:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
  219. 2014-05-15 00:34 - 2014-04-12 03:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
  220. 2014-05-15 00:34 - 2014-03-28 15:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
  221. 2014-05-15 00:34 - 2014-03-28 04:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
  222. 2014-05-15 00:34 - 2014-03-28 02:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
  223. 2014-05-15 00:34 - 2014-03-23 18:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
  224. 2014-05-15 00:34 - 2014-03-10 23:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
  225. 2014-05-15 00:33 - 2014-05-06 01:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
  226. 2014-05-15 00:33 - 2014-05-06 01:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
  227. 2014-05-15 00:33 - 2014-05-05 23:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
  228. 2014-05-15 00:33 - 2014-04-12 05:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
  229. 2014-05-15 00:33 - 2014-04-12 05:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
  230. 2014-05-15 00:33 - 2014-04-12 05:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
  231. 2014-05-15 00:33 - 2014-04-12 05:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
  232. 2014-05-15 00:33 - 2014-04-12 05:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
  233. 2014-05-15 00:33 - 2014-04-12 05:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
  234. 2014-05-15 00:33 - 2014-04-12 05:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
  235. 2014-05-15 00:33 - 2014-04-12 05:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
  236. 2014-05-15 00:33 - 2014-04-12 05:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
  237. 2014-05-15 00:33 - 2014-04-12 03:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
  238. 2014-05-15 00:33 - 2014-04-12 03:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
  239. 2014-05-15 00:33 - 2014-04-12 03:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
  240. 2014-05-15 00:33 - 2014-04-12 03:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
  241. 2014-05-15 00:33 - 2014-04-12 03:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
  242. 2014-05-15 00:33 - 2014-04-12 03:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
  243. 2014-05-15 00:33 - 2014-04-12 02:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
  244. 2014-05-15 00:33 - 2014-03-28 04:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
  245. 2014-05-15 00:33 - 2014-03-10 23:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
  246. 2014-05-15 00:33 - 2014-03-10 20:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
  247. 2014-05-15 00:33 - 2014-03-10 20:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
  248. 2014-05-15 00:33 - 2014-03-10 20:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
  249. 2014-05-15 00:33 - 2014-03-10 20:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
  250. 2014-05-15 00:33 - 2014-03-10 20:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
  251. 2014-05-15 00:33 - 2014-03-10 20:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
  252. 2014-05-15 00:33 - 2014-03-10 20:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
  253. 2014-05-15 00:33 - 2014-03-10 20:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
  254. 2014-05-15 00:33 - 2014-03-10 20:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
  255. 2014-05-15 00:33 - 2014-03-10 20:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
  256. 2014-05-15 00:33 - 2014-03-10 20:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
  257. 2014-05-15 00:33 - 2014-03-09 23:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
  258. 2014-05-15 00:33 - 2014-03-09 21:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
  259. 2014-05-15 00:33 - 2014-03-03 19:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
  260. 2014-05-15 00:32 - 2014-05-05 23:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
  261. 2014-05-15 00:32 - 2014-05-05 23:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
  262. 2014-05-15 00:32 - 2014-05-05 23:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
  263. 2014-05-15 00:32 - 2014-03-01 05:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
  264. 2014-05-15 00:32 - 2014-03-01 05:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
  265. 2014-05-15 00:32 - 2014-03-01 04:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
  266. 2014-05-15 00:32 - 2014-03-01 02:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
  267. 2014-05-15 00:32 - 2014-02-26 19:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
  268. 2014-05-15 00:32 - 2014-02-26 19:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
  269. 2014-05-15 00:32 - 2014-02-26 19:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
  270. 2014-05-15 00:32 - 2014-02-26 19:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
  271. 2014-05-15 00:32 - 2014-02-15 00:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
  272. 2014-05-13 16:04 - 2014-05-13 16:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
  273. 2014-05-11 15:50 - 2014-05-11 15:50 - 00015221 _____ () C:\Users\owner\AppData\Local\recently-used.xbel
  274. 2014-05-11 15:10 - 2014-05-11 15:11 - 04366325 _____ () C:\Users\owner\Downloads\GIMP_Arcane_Circles_Brushes_by_Project_GimpBC.zip
  275. 2014-05-10 00:23 - 2014-05-10 00:23 - 00003156 _____ () C:\Windows\System32\Tasks\YCMServiceAgent
  276. 2014-05-10 00:23 - 2014-01-27 23:58 - 00041704 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd.sys
  277.  
  278. ==================== One Month Modified Files and Folders =======
  279.  
  280. 2014-06-09 17:18 - 2013-10-22 17:29 - 00000000 ____D () C:\Users\owner\AppData\Local\Temp
  281. 2014-06-09 17:16 - 2014-06-09 17:16 - 00016314 _____ () C:\Users\owner\Desktop\FRST.txt
  282. 2014-06-09 17:16 - 2014-06-09 17:16 - 00000000 ____D () C:\FRST
  283. 2014-06-09 17:10 - 2014-06-09 17:10 - 02080768 _____ (Farbar) C:\Users\owner\Desktop\Virus fixer.exe
  284. 2014-06-09 17:02 - 2014-03-29 01:37 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  285. 2014-06-09 17:00 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\sru
  286. 2014-06-09 16:12 - 2013-10-22 17:28 - 01683372 _____ () C:\Windows\WindowsUpdate.log
  287. 2014-06-09 15:54 - 2013-11-13 16:28 - 00000000 ____D () C:\Users\owner\AppData\Local\CrashDumps
  288. 2014-06-09 14:51 - 2014-03-14 22:59 - 00000000 ____D () C:\ProgramData\MFAData
  289. 2014-06-09 14:51 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
  290. 2014-06-09 14:45 - 2013-11-17 11:52 - 00003620 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI
  291. 2014-06-09 14:45 - 2013-11-17 11:52 - 00000043 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI
  292. 2014-06-09 14:45 - 2013-10-22 17:34 - 00059387 __RSH () C:\Windows\system32\masteraclini.enu
  293. 2014-06-09 14:45 - 2013-10-22 17:34 - 00000120 ___RH () C:\Windows\system32\masteraclbini.enu
  294. 2014-06-09 14:45 - 2013-09-13 18:20 - 00001017 _____ () C:\Windows\SysWOW64\bscs.ini
  295. 2014-06-09 07:17 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\NDF
  296. 2014-06-09 01:02 - 2014-03-29 01:37 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  297. 2014-06-08 02:34 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\AUInstallAgent
  298. 2014-06-08 01:49 - 2014-03-17 00:23 - 00000000 ____D () C:\Users\owner\AppData\Local\Battle.net
  299. 2014-06-07 16:10 - 2013-12-26 11:31 - 00003164 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForowner
  300. 2014-06-07 16:10 - 2013-12-26 11:31 - 00000350 _____ () C:\Windows\Tasks\HPCeeScheduleForowner.job
  301. 2014-06-07 16:10 - 2013-10-22 17:29 - 00000000 ____D () C:\Users\owner
  302. 2014-06-06 07:18 - 2013-10-22 17:32 - 00000000 ____D () C:\Users\owner\Documents\Youcam
  303. 2014-06-06 07:06 - 2014-06-06 07:06 - 00000000 ____D () C:\Users\owner\AppData\Local\VirtualStore
  304. 2014-06-06 07:05 - 2012-07-26 03:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
  305. 2014-06-06 07:04 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
  306. 2014-06-04 14:51 - 2013-10-22 17:37 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2255616114-2979358920-1297510320-1002
  307. 2014-06-03 22:19 - 2014-06-03 22:19 - 00000000 ____D () C:\Users\owner\AppData\Roaming\AVG2014
  308. 2014-06-03 19:54 - 2012-08-03 18:23 - 00493286 _____ () C:\Windows\PFRO.log
  309. 2014-06-03 19:52 - 2014-06-03 19:49 - 00000000 ____D () C:\AdwCleaner
  310. 2014-06-03 19:51 - 2013-09-25 13:40 - 00001331 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Start Now Technology.lnk
  311. 2014-06-03 19:13 - 2014-05-25 21:16 - 00003420 _____ () C:\Windows\System32\Tasks\GPUpdateCheck
  312. 2014-06-03 18:22 - 2014-06-03 18:22 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
  313. 2014-06-03 17:39 - 2014-06-02 20:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
  314. 2014-06-03 17:39 - 2014-06-02 20:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
  315. 2014-06-03 17:39 - 2014-06-02 16:12 - 00000000 ____D () C:\Users\owner\AppData\Local\MRS
  316. 2014-06-03 17:39 - 2013-11-17 12:13 - 00000000 ____D () C:\Users\owner\AppData\Local\bluesoleil
  317. 2014-06-03 17:39 - 2013-11-07 01:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
  318. 2014-06-03 17:39 - 2013-11-07 01:20 - 00000000 ____D () C:\Program Files (x86)\Gyazo
  319. 2014-06-03 17:39 - 2013-09-25 14:34 - 00000000 ____D () C:\ProgramData\Norton
  320. 2014-06-03 17:39 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
  321. 2014-06-03 17:39 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
  322. 2014-06-03 17:39 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Windows Defender
  323. 2014-06-03 17:39 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
  324. 2014-06-03 17:38 - 2014-06-02 16:12 - 00000000 ____D () C:\Users\owner\AppData\Roaming\MRS
  325. 2014-06-03 17:38 - 2014-05-25 21:16 - 00000000 ____D () C:\Users\owner\AppData\Roaming\wi_upd
  326. 2014-06-03 17:38 - 2014-03-17 00:23 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Battle.net
  327. 2014-06-03 17:38 - 2013-10-22 17:31 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
  328. 2014-06-03 17:38 - 2013-10-22 17:31 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
  329. 2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ___RD () C:\Windows\ToastData
  330. 2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
  331. 2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
  332. 2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
  333. 2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
  334. 2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\Macromed
  335. 2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\registration
  336. 2014-06-03 17:38 - 2012-07-26 01:38 - 00000000 ____D () C:\Windows\system32\Sysprep
  337. 2014-06-03 16:13 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\AppCompat
  338. 2014-06-03 15:17 - 2014-06-03 15:17 - 00000905 _____ () C:\Users\owner\Desktop\JRT.txt
  339. 2014-06-03 07:15 - 2014-06-03 07:15 - 00000000 ____D () C:\Windows\ERUNT
  340. 2014-06-02 20:37 - 2014-06-02 20:35 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Mozilla
  341. 2014-06-02 20:37 - 2014-06-02 20:35 - 00000000 ____D () C:\Users\owner\AppData\Local\Mozilla
  342. 2014-06-02 20:35 - 2014-06-02 20:35 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
  343. 2014-06-02 20:35 - 2014-06-02 20:35 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
  344. 2014-06-02 20:35 - 2014-06-02 20:35 - 00000000 ____D () C:\ProgramData\Mozilla
  345. 2014-06-02 16:30 - 2014-06-02 16:21 - 00000000 ____D () C:\Users\owner\AppData\Local\NPE
  346. 2014-06-02 16:25 - 2014-06-02 16:24 - 00000000 ____D () C:\NPE
  347. 2014-06-02 16:13 - 2014-06-02 16:12 - 00000000 ____D () C:\Program Files (x86)\MRS
  348. 2014-06-02 16:12 - 2014-06-02 16:12 - 00000258 __RSH () C:\ProgramData\ntuser.pol
  349. 2014-06-02 16:12 - 2014-03-16 18:12 - 00000000 ____D () C:\ProgramData\AVG2014
  350. 2014-06-01 12:46 - 2014-06-01 12:46 - 11698864 _____ (Nota Inc. ) C:\Users\owner\Downloads\GyazoSetup.exe
  351. 2014-06-01 12:46 - 2014-06-01 12:46 - 00003746 _____ () C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
  352. 2014-06-01 12:46 - 2013-11-07 01:20 - 00000993 _____ () C:\Users\Public\Desktop\Gyazo.lnk
  353. 2014-06-01 12:46 - 2013-11-07 01:20 - 00000993 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk
  354. 2014-06-01 00:01 - 2013-11-23 21:17 - 00000000 ____D () C:\Users\owner\Documents\CyberLink
  355. 2014-05-31 23:05 - 2012-07-26 03:59 - 00000000 ____D () C:\Windows\CbsTemp
  356. 2014-05-31 23:03 - 2013-10-24 06:45 - 00000000 ____D () C:\Windows\system32\MRT
  357. 2014-05-31 23:00 - 2013-10-24 06:45 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
  358. 2014-05-31 01:13 - 2014-03-13 12:37 - 00000000 ____D () C:\Program Files (x86)\Skype
  359. 2014-05-29 17:33 - 2014-03-17 00:23 - 00000000 ____D () C:\Program Files (x86)\Battle.net
  360. 2014-05-29 07:29 - 2013-11-07 15:44 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
  361. 2014-05-29 07:29 - 2013-11-07 15:44 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
  362. 2014-05-28 19:24 - 2014-03-17 00:29 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
  363. 2014-05-23 02:26 - 2013-09-25 14:05 - 00000000 ____D () C:\Program Files (x86)\CyberLink
  364. 2014-05-23 02:24 - 2012-08-03 20:02 - 00000000 ____D () C:\SWSetup
  365. 2014-05-22 20:16 - 2014-03-29 01:38 - 00002190 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
  366. 2014-05-15 16:30 - 2014-05-15 16:30 - 00000432 _____ () C:\Users\owner\Documents\Drake's application..txt
  367. 2014-05-13 16:04 - 2014-05-13 16:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
  368. 2014-05-13 16:04 - 2012-07-26 03:21 - 00431647 _____ () C:\Windows\setupact.log
  369. 2014-05-11 16:04 - 2014-03-04 21:10 - 00000000 ____D () C:\Users\owner\.gimp-2.8
  370. 2014-05-11 15:50 - 2014-05-11 15:50 - 00015221 _____ () C:\Users\owner\AppData\Local\recently-used.xbel
  371. 2014-05-11 15:50 - 2014-03-04 21:17 - 00000000 ____D () C:\Users\owner\AppData\Local\gtk-2.0
  372. 2014-05-11 15:11 - 2014-05-11 15:10 - 04366325 _____ () C:\Users\owner\Downloads\GIMP_Arcane_Circles_Brushes_by_Project_GimpBC.zip
  373. 2014-05-10 03:50 - 2013-09-25 14:17 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
  374. 2014-05-10 00:28 - 2013-09-25 13:48 - 00005396 _____ () C:\Windows\system32\RaCoInst.log
  375. 2014-05-10 00:23 - 2014-05-10 00:23 - 00003156 _____ () C:\Windows\System32\Tasks\YCMServiceAgent
  376. 2014-05-10 00:23 - 2013-07-20 01:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
  377. 2014-05-10 00:07 - 2013-10-22 17:32 - 00000000 ____D () C:\Users\owner\AppData\Local\CyberLink
  378. 2014-05-10 00:07 - 2013-09-25 14:16 - 00000000 ____D () C:\Users\Public\CyberLink
  379. 2014-05-10 00:05 - 2013-09-25 14:08 - 00000000 ____D () C:\ProgramData\CyberLink
  380.  
  381. Some content of TEMP:
  382. ====================
  383. C:\Users\owner\AppData\Local\Temp\COMAP.EXE
  384. C:\Users\owner\AppData\Local\Temp\Extract.exe
  385. C:\Users\owner\AppData\Local\Temp\fh4g5sng.lbl.exe
  386. C:\Users\owner\AppData\Local\Temp\GPUpd.exe
  387. C:\Users\owner\AppData\Local\Temp\Quarantine.exe
  388. C:\Users\owner\AppData\Local\Temp\SP63065.exe
  389. C:\Users\owner\AppData\Local\Temp\SP63285.exe
  390. C:\Users\owner\AppData\Local\Temp\SP63341.exe
  391. C:\Users\owner\AppData\Local\Temp\SP63599.exe
  392. C:\Users\owner\AppData\Local\Temp\SP63752.exe
  393. C:\Users\owner\AppData\Local\Temp\SP63786.exe
  394. C:\Users\owner\AppData\Local\Temp\SP63805.exe
  395. C:\Users\owner\AppData\Local\Temp\SP64082.exe
  396. C:\Users\owner\AppData\Local\Temp\SP64109.exe
  397. C:\Users\owner\AppData\Local\Temp\sp64126.exe
  398. C:\Users\owner\AppData\Local\Temp\SP64156.exe
  399. C:\Users\owner\AppData\Local\Temp\SP64218.exe
  400. C:\Users\owner\AppData\Local\Temp\SP64223.exe
  401. C:\Users\owner\AppData\Local\Temp\SP64224.exe
  402. C:\Users\owner\AppData\Local\Temp\SP64225.exe
  403. C:\Users\owner\AppData\Local\Temp\SP64226.exe
  404. C:\Users\owner\AppData\Local\Temp\SP64480.exe
  405. C:\Users\owner\AppData\Local\Temp\SP64726.exe
  406. C:\Users\owner\AppData\Local\Temp\SP64740.exe
  407. C:\Users\owner\AppData\Local\Temp\SP64741.exe
  408. C:\Users\owner\AppData\Local\Temp\SP64854.exe
  409. C:\Users\owner\AppData\Local\Temp\SP65782.exe
  410. C:\Users\owner\AppData\Local\Temp\SP65787.exe
  411. C:\Users\owner\AppData\Local\Temp\SP65790.exe
  412. C:\Users\owner\AppData\Local\Temp\SP65792.exe
  413. C:\Users\owner\AppData\Local\Temp\SP65795.exe
  414. C:\Users\owner\AppData\Local\Temp\SP65796.exe
  415. C:\Users\owner\AppData\Local\Temp\SP65802.exe
  416. C:\Users\owner\AppData\Local\Temp\SP66089.exe
  417. C:\Users\owner\AppData\Local\Temp\UninstallHPSA.exe
  418. C:\Users\owner\AppData\Local\Temp\vzcizewp.tdi.exe
  419. C:\Users\owner\AppData\Local\Temp\w4c1hlwe.hre.exe
  420.  
  421.  
  422. ==================== Bamital & volsnap Check =================
  423.  
  424. C:\Windows\System32\winlogon.exe => File is digitally signed
  425. C:\Windows\System32\wininit.exe => File is digitally signed
  426. C:\Windows\explorer.exe => File is digitally signed
  427. C:\Windows\SysWOW64\explorer.exe => File is digitally signed
  428. C:\Windows\System32\svchost.exe => File is digitally signed
  429. C:\Windows\SysWOW64\svchost.exe => File is digitally signed
  430. C:\Windows\System32\services.exe => File is digitally signed
  431. C:\Windows\System32\User32.dll => File is digitally signed
  432. C:\Windows\SysWOW64\User32.dll => File is digitally signed
  433. C:\Windows\System32\userinit.exe => File is digitally signed
  434. C:\Windows\SysWOW64\userinit.exe => File is digitally signed
  435. C:\Windows\System32\rpcss.dll => File is digitally signed
  436. C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
  437.  
  438.  
  439. LastRegBack: 2014-06-04 14:52
  440.  
  441. ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!