Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-06-2014 03
- Ran by owner (administrator) on EASYHOME on 09-06-2014 17:16:22
- Running from C:\Users\owner\Desktop
- Platform: Windows 8 (X64) OS Language: English(US)
- Internet Explorer Version 10
- Boot Mode: Normal
- The only official download link for FRST:
- Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
- Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
- Download link from any site other than Bleeping Computer is unpermitted or outdated.
- See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (Whitelisted) =================
- (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
- (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
- () C:\Windows\System32\idle-Threads.exe
- (AMD) C:\Windows\System32\atiesrxx.exe
- (AMD) C:\Windows\System32\atieclxx.exe
- (IvoSoft) C:\ClassicShell\ClassicShellService.exe
- (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
- () C:\Windows\System32\semaphore-Threads.exe
- () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
- (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
- (IvoSoft) C:\ClassicShell\ClassicStartMenu.exe
- (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
- (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
- (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
- (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
- (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
- (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
- (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
- (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
- () C:\Users\owner\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe
- () C:\Users\owner\AppData\Local\MRS\svcsystem.exe
- (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
- (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
- (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
- (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
- (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
- (CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
- (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
- (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
- (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
- (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
- (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
- (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
- (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
- (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\core-static\MOM.exe
- (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\core-static\CCC.exe
- (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
- () C:\Users\owner\AppData\Local\MRS\winsystem.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (The Privoxy team - www.privoxy.org) C:\Program Files (x86)\MRS\pvx\privoxy.exe
- (Farbar) C:\Users\owner\Desktop\Virus fixer.exe
- ==================== Registry (Whitelisted) ==================
- HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-11-21] (Realtek Semiconductor)
- HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-04-17] (Advanced Micro Devices, Inc.)
- HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-05-14] (IVT Corporation)
- HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
- HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
- HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-12-25] (Hewlett-Packard Development Company, L.P.)
- HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
- HKU\S-1-5-21-2255616114-2979358920-1297510320-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2993376 2014-05-08] (Nota Inc.)
- HKU\S-1-5-21-2255616114-2979358920-1297510320-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1713416 2013-08-05] (CyberLink Corp.)
- HKU\S-1-5-21-2255616114-2979358920-1297510320-1002\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\owner\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=356f40509df447d29d14a151cd177a53-84ad5da3cbbefba1c97e797a60de79166fdaf70c /CMPID=0214c
- GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
- ==================== Internet (Whitelisted) ====================
- ProxyEnable: Internet Explorer proxy is enabled.
- ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
- HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
- HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON13/4
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON13/4
- SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
- SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
- SearchScopes: HKLM - {696BEDDC-EDD9-40C1-9534-90D237CEA7EC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
- SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
- SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
- SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
- SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
- SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
- BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
- BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll No File
- BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
- BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
- Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies)
- Tcpip\Parameters: [DhcpNameServer] 199.166.6.2 209.239.11.98
- FireFox:
- ========
- FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\wa9ndnaz.default
- FF NetworkProxy: "http", "127.0.0.1"
- FF NetworkProxy: "http_port", 8118
- FF NetworkProxy: "ssl", "127.0.0.1"
- FF NetworkProxy: "ssl_port", 8118
- FF NetworkProxy: "type", 1
- FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
- FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
- FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
- FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
- FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
- FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
- FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
- Chrome:
- =======
- CHR HomePage:
- CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-31]
- CHR Extension: (Google Wallet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-29]
- ==================== Services (Whitelisted) =================
- S2 .Net Crypt; C:\Windows\System32\mutex-Threads.exe [9539184 2013-11-30] ()
- R2 .Net Main; C:\Windows\System32\idle-Threads.exe [9361520 2013-11-30] ()
- S2 .Net Security; C:\Windows\System32\latch-Threads.exe [9544304 2013-11-30] ()
- R2 .Net Semaphore; C:\Windows\System32\semaphore-Threads.exe [480880 2013-11-30] ()
- R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [103424 2013-04-17] ()
- R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-17] (Advanced Micro Devices, Inc.)
- R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
- R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
- R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1630456 2013-06-07] (IVT Corporation)
- R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-05-14] (IVT Corporation)
- R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
- R2 ClassicShellService; C:\ClassicShell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft)
- R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-12-25] (Hewlett-Packard Development Company, L.P.)
- R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
- R2 SystemUpdatekb70007; C:\Users\owner\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe [29184 2014-05-29] ()
- S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
- ==================== Drivers (Whitelisted) ====================
- R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-08] (Advanced Micro Devices, INC.)
- R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-23] (Advanced Micro Devices)
- S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
- R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
- R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
- R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
- R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
- R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
- R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
- R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
- R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-03-31] (AVG Technologies CZ, s.r.o.)
- U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
- R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
- U4 BthAvrcpTg;
- U4 BthHFEnum;
- U4 bthhfhid;
- R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation)
- R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
- R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
- R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
- R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2013-11-21] (Realtek Semiconductor Corp.)
- R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
- R0 scssifilter; C:\Windows\System32\Drivers\scssifilter64.sys [18928 2013-11-30] (Microsoft Corporation)
- S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-06-04] (Synaptics Incorporated)
- S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33008 2013-06-04] (Synaptics Incorporated)
- R0 usbmp3; C:\Windows\System32\Drivers\usbmp364.sys [18928 2013-11-30] ()
- R0 usbvox; C:\Windows\System32\Drivers\usbvox64.sys [20464 2013-11-30] ()
- R0 usbwav; C:\Windows\System32\Drivers\usbwav64.sys [15856 2013-11-30] ()
- R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
- U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
- S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
- ==================== NetSvcs (Whitelisted) ===================
- ==================== One Month Created Files and Folders ========
- 2014-06-09 17:16 - 2014-06-09 17:16 - 00016314 _____ () C:\Users\owner\Desktop\FRST.txt
- 2014-06-09 17:16 - 2014-06-09 17:16 - 00000000 ____D () C:\FRST
- 2014-06-09 17:10 - 2014-06-09 17:10 - 02080768 _____ (Farbar) C:\Users\owner\Desktop\Virus fixer.exe
- 2014-06-06 07:06 - 2014-06-06 07:06 - 00000000 ____D () C:\Users\owner\AppData\Local\VirtualStore
- 2014-06-03 22:19 - 2014-06-03 22:19 - 00000000 ____D () C:\Users\owner\AppData\Roaming\AVG2014
- 2014-06-03 19:49 - 2014-06-03 19:52 - 00000000 ____D () C:\AdwCleaner
- 2014-06-03 18:22 - 2014-06-03 18:22 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
- 2014-06-03 15:17 - 2014-06-03 15:17 - 00000905 _____ () C:\Users\owner\Desktop\JRT.txt
- 2014-06-03 07:15 - 2014-06-03 07:15 - 00000000 ____D () C:\Windows\ERUNT
- 2014-06-03 07:08 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
- 2014-06-02 20:35 - 2014-06-03 17:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
- 2014-06-02 20:35 - 2014-06-03 17:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
- 2014-06-02 20:35 - 2014-06-02 20:37 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Mozilla
- 2014-06-02 20:35 - 2014-06-02 20:37 - 00000000 ____D () C:\Users\owner\AppData\Local\Mozilla
- 2014-06-02 20:35 - 2014-06-02 20:35 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
- 2014-06-02 20:35 - 2014-06-02 20:35 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
- 2014-06-02 20:35 - 2014-06-02 20:35 - 00000000 ____D () C:\ProgramData\Mozilla
- 2014-06-02 16:24 - 2014-06-02 16:25 - 00000000 ____D () C:\NPE
- 2014-06-02 16:21 - 2014-06-02 16:30 - 00000000 ____D () C:\Users\owner\AppData\Local\NPE
- 2014-06-02 16:12 - 2014-06-03 17:39 - 00000000 ____D () C:\Users\owner\AppData\Local\MRS
- 2014-06-02 16:12 - 2014-06-03 17:38 - 00000000 ____D () C:\Users\owner\AppData\Roaming\MRS
- 2014-06-02 16:12 - 2014-06-02 16:13 - 00000000 ____D () C:\Program Files (x86)\MRS
- 2014-06-02 16:12 - 2014-06-02 16:12 - 00000258 __RSH () C:\ProgramData\ntuser.pol
- 2014-06-01 12:46 - 2014-06-01 12:46 - 11698864 _____ (Nota Inc. ) C:\Users\owner\Downloads\GyazoSetup.exe
- 2014-06-01 12:46 - 2014-06-01 12:46 - 00003746 _____ () C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
- 2014-05-25 21:16 - 2014-06-03 19:13 - 00003420 _____ () C:\Windows\System32\Tasks\GPUpdateCheck
- 2014-05-25 21:16 - 2014-06-03 17:38 - 00000000 ____D () C:\Users\owner\AppData\Roaming\wi_upd
- 2014-05-15 16:30 - 2014-05-15 16:30 - 00000432 _____ () C:\Users\owner\Documents\Drake's application..txt
- 2014-05-15 00:34 - 2014-04-12 05:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
- 2014-05-15 00:34 - 2014-04-12 05:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
- 2014-05-15 00:34 - 2014-04-12 03:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
- 2014-05-15 00:34 - 2014-03-28 15:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
- 2014-05-15 00:34 - 2014-03-28 04:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
- 2014-05-15 00:34 - 2014-03-28 02:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
- 2014-05-15 00:34 - 2014-03-23 18:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
- 2014-05-15 00:34 - 2014-03-10 23:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
- 2014-05-15 00:33 - 2014-05-06 01:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
- 2014-05-15 00:33 - 2014-05-06 01:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
- 2014-05-15 00:33 - 2014-05-05 23:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
- 2014-05-15 00:33 - 2014-04-12 05:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
- 2014-05-15 00:33 - 2014-04-12 05:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
- 2014-05-15 00:33 - 2014-04-12 05:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
- 2014-05-15 00:33 - 2014-04-12 05:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
- 2014-05-15 00:33 - 2014-04-12 05:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
- 2014-05-15 00:33 - 2014-04-12 05:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
- 2014-05-15 00:33 - 2014-04-12 05:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
- 2014-05-15 00:33 - 2014-04-12 05:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
- 2014-05-15 00:33 - 2014-04-12 05:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
- 2014-05-15 00:33 - 2014-04-12 03:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
- 2014-05-15 00:33 - 2014-04-12 03:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
- 2014-05-15 00:33 - 2014-04-12 03:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
- 2014-05-15 00:33 - 2014-04-12 03:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
- 2014-05-15 00:33 - 2014-04-12 03:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
- 2014-05-15 00:33 - 2014-04-12 03:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
- 2014-05-15 00:33 - 2014-04-12 02:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
- 2014-05-15 00:33 - 2014-03-28 04:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
- 2014-05-15 00:33 - 2014-03-10 23:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
- 2014-05-15 00:33 - 2014-03-10 20:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
- 2014-05-15 00:33 - 2014-03-10 20:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
- 2014-05-15 00:33 - 2014-03-10 20:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
- 2014-05-15 00:33 - 2014-03-10 20:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
- 2014-05-15 00:33 - 2014-03-10 20:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
- 2014-05-15 00:33 - 2014-03-10 20:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
- 2014-05-15 00:33 - 2014-03-10 20:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
- 2014-05-15 00:33 - 2014-03-10 20:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
- 2014-05-15 00:33 - 2014-03-10 20:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
- 2014-05-15 00:33 - 2014-03-10 20:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
- 2014-05-15 00:33 - 2014-03-10 20:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
- 2014-05-15 00:33 - 2014-03-09 23:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
- 2014-05-15 00:33 - 2014-03-09 21:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
- 2014-05-15 00:33 - 2014-03-03 19:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
- 2014-05-15 00:32 - 2014-05-05 23:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
- 2014-05-15 00:32 - 2014-05-05 23:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
- 2014-05-15 00:32 - 2014-05-05 23:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
- 2014-05-15 00:32 - 2014-03-01 05:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
- 2014-05-15 00:32 - 2014-03-01 05:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
- 2014-05-15 00:32 - 2014-03-01 04:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
- 2014-05-15 00:32 - 2014-03-01 02:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
- 2014-05-15 00:32 - 2014-02-26 19:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
- 2014-05-15 00:32 - 2014-02-26 19:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
- 2014-05-15 00:32 - 2014-02-26 19:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
- 2014-05-15 00:32 - 2014-02-26 19:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
- 2014-05-15 00:32 - 2014-02-15 00:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
- 2014-05-13 16:04 - 2014-05-13 16:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
- 2014-05-11 15:50 - 2014-05-11 15:50 - 00015221 _____ () C:\Users\owner\AppData\Local\recently-used.xbel
- 2014-05-11 15:10 - 2014-05-11 15:11 - 04366325 _____ () C:\Users\owner\Downloads\GIMP_Arcane_Circles_Brushes_by_Project_GimpBC.zip
- 2014-05-10 00:23 - 2014-05-10 00:23 - 00003156 _____ () C:\Windows\System32\Tasks\YCMServiceAgent
- 2014-05-10 00:23 - 2014-01-27 23:58 - 00041704 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd.sys
- ==================== One Month Modified Files and Folders =======
- 2014-06-09 17:18 - 2013-10-22 17:29 - 00000000 ____D () C:\Users\owner\AppData\Local\Temp
- 2014-06-09 17:16 - 2014-06-09 17:16 - 00016314 _____ () C:\Users\owner\Desktop\FRST.txt
- 2014-06-09 17:16 - 2014-06-09 17:16 - 00000000 ____D () C:\FRST
- 2014-06-09 17:10 - 2014-06-09 17:10 - 02080768 _____ (Farbar) C:\Users\owner\Desktop\Virus fixer.exe
- 2014-06-09 17:02 - 2014-03-29 01:37 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- 2014-06-09 17:00 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\sru
- 2014-06-09 16:12 - 2013-10-22 17:28 - 01683372 _____ () C:\Windows\WindowsUpdate.log
- 2014-06-09 15:54 - 2013-11-13 16:28 - 00000000 ____D () C:\Users\owner\AppData\Local\CrashDumps
- 2014-06-09 14:51 - 2014-03-14 22:59 - 00000000 ____D () C:\ProgramData\MFAData
- 2014-06-09 14:51 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
- 2014-06-09 14:45 - 2013-11-17 11:52 - 00003620 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI
- 2014-06-09 14:45 - 2013-11-17 11:52 - 00000043 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI
- 2014-06-09 14:45 - 2013-10-22 17:34 - 00059387 __RSH () C:\Windows\system32\masteraclini.enu
- 2014-06-09 14:45 - 2013-10-22 17:34 - 00000120 ___RH () C:\Windows\system32\masteraclbini.enu
- 2014-06-09 14:45 - 2013-09-13 18:20 - 00001017 _____ () C:\Windows\SysWOW64\bscs.ini
- 2014-06-09 07:17 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\NDF
- 2014-06-09 01:02 - 2014-03-29 01:37 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- 2014-06-08 02:34 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\AUInstallAgent
- 2014-06-08 01:49 - 2014-03-17 00:23 - 00000000 ____D () C:\Users\owner\AppData\Local\Battle.net
- 2014-06-07 16:10 - 2013-12-26 11:31 - 00003164 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForowner
- 2014-06-07 16:10 - 2013-12-26 11:31 - 00000350 _____ () C:\Windows\Tasks\HPCeeScheduleForowner.job
- 2014-06-07 16:10 - 2013-10-22 17:29 - 00000000 ____D () C:\Users\owner
- 2014-06-06 07:18 - 2013-10-22 17:32 - 00000000 ____D () C:\Users\owner\Documents\Youcam
- 2014-06-06 07:06 - 2014-06-06 07:06 - 00000000 ____D () C:\Users\owner\AppData\Local\VirtualStore
- 2014-06-06 07:05 - 2012-07-26 03:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
- 2014-06-06 07:04 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
- 2014-06-04 14:51 - 2013-10-22 17:37 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2255616114-2979358920-1297510320-1002
- 2014-06-03 22:19 - 2014-06-03 22:19 - 00000000 ____D () C:\Users\owner\AppData\Roaming\AVG2014
- 2014-06-03 19:54 - 2012-08-03 18:23 - 00493286 _____ () C:\Windows\PFRO.log
- 2014-06-03 19:52 - 2014-06-03 19:49 - 00000000 ____D () C:\AdwCleaner
- 2014-06-03 19:51 - 2013-09-25 13:40 - 00001331 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Start Now Technology.lnk
- 2014-06-03 19:13 - 2014-05-25 21:16 - 00003420 _____ () C:\Windows\System32\Tasks\GPUpdateCheck
- 2014-06-03 18:22 - 2014-06-03 18:22 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
- 2014-06-03 17:39 - 2014-06-02 20:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
- 2014-06-03 17:39 - 2014-06-02 20:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
- 2014-06-03 17:39 - 2014-06-02 16:12 - 00000000 ____D () C:\Users\owner\AppData\Local\MRS
- 2014-06-03 17:39 - 2013-11-17 12:13 - 00000000 ____D () C:\Users\owner\AppData\Local\bluesoleil
- 2014-06-03 17:39 - 2013-11-07 01:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
- 2014-06-03 17:39 - 2013-11-07 01:20 - 00000000 ____D () C:\Program Files (x86)\Gyazo
- 2014-06-03 17:39 - 2013-09-25 14:34 - 00000000 ____D () C:\ProgramData\Norton
- 2014-06-03 17:39 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
- 2014-06-03 17:39 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
- 2014-06-03 17:39 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Windows Defender
- 2014-06-03 17:39 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
- 2014-06-03 17:38 - 2014-06-02 16:12 - 00000000 ____D () C:\Users\owner\AppData\Roaming\MRS
- 2014-06-03 17:38 - 2014-05-25 21:16 - 00000000 ____D () C:\Users\owner\AppData\Roaming\wi_upd
- 2014-06-03 17:38 - 2014-03-17 00:23 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Battle.net
- 2014-06-03 17:38 - 2013-10-22 17:31 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
- 2014-06-03 17:38 - 2013-10-22 17:31 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
- 2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ___RD () C:\Windows\ToastData
- 2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
- 2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
- 2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
- 2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
- 2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\Macromed
- 2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\registration
- 2014-06-03 17:38 - 2012-07-26 01:38 - 00000000 ____D () C:\Windows\system32\Sysprep
- 2014-06-03 16:13 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\AppCompat
- 2014-06-03 15:17 - 2014-06-03 15:17 - 00000905 _____ () C:\Users\owner\Desktop\JRT.txt
- 2014-06-03 07:15 - 2014-06-03 07:15 - 00000000 ____D () C:\Windows\ERUNT
- 2014-06-02 20:37 - 2014-06-02 20:35 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Mozilla
- 2014-06-02 20:37 - 2014-06-02 20:35 - 00000000 ____D () C:\Users\owner\AppData\Local\Mozilla
- 2014-06-02 20:35 - 2014-06-02 20:35 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
- 2014-06-02 20:35 - 2014-06-02 20:35 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
- 2014-06-02 20:35 - 2014-06-02 20:35 - 00000000 ____D () C:\ProgramData\Mozilla
- 2014-06-02 16:30 - 2014-06-02 16:21 - 00000000 ____D () C:\Users\owner\AppData\Local\NPE
- 2014-06-02 16:25 - 2014-06-02 16:24 - 00000000 ____D () C:\NPE
- 2014-06-02 16:13 - 2014-06-02 16:12 - 00000000 ____D () C:\Program Files (x86)\MRS
- 2014-06-02 16:12 - 2014-06-02 16:12 - 00000258 __RSH () C:\ProgramData\ntuser.pol
- 2014-06-02 16:12 - 2014-03-16 18:12 - 00000000 ____D () C:\ProgramData\AVG2014
- 2014-06-01 12:46 - 2014-06-01 12:46 - 11698864 _____ (Nota Inc. ) C:\Users\owner\Downloads\GyazoSetup.exe
- 2014-06-01 12:46 - 2014-06-01 12:46 - 00003746 _____ () C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
- 2014-06-01 12:46 - 2013-11-07 01:20 - 00000993 _____ () C:\Users\Public\Desktop\Gyazo.lnk
- 2014-06-01 12:46 - 2013-11-07 01:20 - 00000993 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk
- 2014-06-01 00:01 - 2013-11-23 21:17 - 00000000 ____D () C:\Users\owner\Documents\CyberLink
- 2014-05-31 23:05 - 2012-07-26 03:59 - 00000000 ____D () C:\Windows\CbsTemp
- 2014-05-31 23:03 - 2013-10-24 06:45 - 00000000 ____D () C:\Windows\system32\MRT
- 2014-05-31 23:00 - 2013-10-24 06:45 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
- 2014-05-31 01:13 - 2014-03-13 12:37 - 00000000 ____D () C:\Program Files (x86)\Skype
- 2014-05-29 17:33 - 2014-03-17 00:23 - 00000000 ____D () C:\Program Files (x86)\Battle.net
- 2014-05-29 07:29 - 2013-11-07 15:44 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
- 2014-05-29 07:29 - 2013-11-07 15:44 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
- 2014-05-28 19:24 - 2014-03-17 00:29 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
- 2014-05-23 02:26 - 2013-09-25 14:05 - 00000000 ____D () C:\Program Files (x86)\CyberLink
- 2014-05-23 02:24 - 2012-08-03 20:02 - 00000000 ____D () C:\SWSetup
- 2014-05-22 20:16 - 2014-03-29 01:38 - 00002190 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
- 2014-05-15 16:30 - 2014-05-15 16:30 - 00000432 _____ () C:\Users\owner\Documents\Drake's application..txt
- 2014-05-13 16:04 - 2014-05-13 16:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
- 2014-05-13 16:04 - 2012-07-26 03:21 - 00431647 _____ () C:\Windows\setupact.log
- 2014-05-11 16:04 - 2014-03-04 21:10 - 00000000 ____D () C:\Users\owner\.gimp-2.8
- 2014-05-11 15:50 - 2014-05-11 15:50 - 00015221 _____ () C:\Users\owner\AppData\Local\recently-used.xbel
- 2014-05-11 15:50 - 2014-03-04 21:17 - 00000000 ____D () C:\Users\owner\AppData\Local\gtk-2.0
- 2014-05-11 15:11 - 2014-05-11 15:10 - 04366325 _____ () C:\Users\owner\Downloads\GIMP_Arcane_Circles_Brushes_by_Project_GimpBC.zip
- 2014-05-10 03:50 - 2013-09-25 14:17 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
- 2014-05-10 00:28 - 2013-09-25 13:48 - 00005396 _____ () C:\Windows\system32\RaCoInst.log
- 2014-05-10 00:23 - 2014-05-10 00:23 - 00003156 _____ () C:\Windows\System32\Tasks\YCMServiceAgent
- 2014-05-10 00:23 - 2013-07-20 01:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
- 2014-05-10 00:07 - 2013-10-22 17:32 - 00000000 ____D () C:\Users\owner\AppData\Local\CyberLink
- 2014-05-10 00:07 - 2013-09-25 14:16 - 00000000 ____D () C:\Users\Public\CyberLink
- 2014-05-10 00:05 - 2013-09-25 14:08 - 00000000 ____D () C:\ProgramData\CyberLink
- Some content of TEMP:
- ====================
- C:\Users\owner\AppData\Local\Temp\COMAP.EXE
- C:\Users\owner\AppData\Local\Temp\Extract.exe
- C:\Users\owner\AppData\Local\Temp\fh4g5sng.lbl.exe
- C:\Users\owner\AppData\Local\Temp\GPUpd.exe
- C:\Users\owner\AppData\Local\Temp\Quarantine.exe
- C:\Users\owner\AppData\Local\Temp\SP63065.exe
- C:\Users\owner\AppData\Local\Temp\SP63285.exe
- C:\Users\owner\AppData\Local\Temp\SP63341.exe
- C:\Users\owner\AppData\Local\Temp\SP63599.exe
- C:\Users\owner\AppData\Local\Temp\SP63752.exe
- C:\Users\owner\AppData\Local\Temp\SP63786.exe
- C:\Users\owner\AppData\Local\Temp\SP63805.exe
- C:\Users\owner\AppData\Local\Temp\SP64082.exe
- C:\Users\owner\AppData\Local\Temp\SP64109.exe
- C:\Users\owner\AppData\Local\Temp\sp64126.exe
- C:\Users\owner\AppData\Local\Temp\SP64156.exe
- C:\Users\owner\AppData\Local\Temp\SP64218.exe
- C:\Users\owner\AppData\Local\Temp\SP64223.exe
- C:\Users\owner\AppData\Local\Temp\SP64224.exe
- C:\Users\owner\AppData\Local\Temp\SP64225.exe
- C:\Users\owner\AppData\Local\Temp\SP64226.exe
- C:\Users\owner\AppData\Local\Temp\SP64480.exe
- C:\Users\owner\AppData\Local\Temp\SP64726.exe
- C:\Users\owner\AppData\Local\Temp\SP64740.exe
- C:\Users\owner\AppData\Local\Temp\SP64741.exe
- C:\Users\owner\AppData\Local\Temp\SP64854.exe
- C:\Users\owner\AppData\Local\Temp\SP65782.exe
- C:\Users\owner\AppData\Local\Temp\SP65787.exe
- C:\Users\owner\AppData\Local\Temp\SP65790.exe
- C:\Users\owner\AppData\Local\Temp\SP65792.exe
- C:\Users\owner\AppData\Local\Temp\SP65795.exe
- C:\Users\owner\AppData\Local\Temp\SP65796.exe
- C:\Users\owner\AppData\Local\Temp\SP65802.exe
- C:\Users\owner\AppData\Local\Temp\SP66089.exe
- C:\Users\owner\AppData\Local\Temp\UninstallHPSA.exe
- C:\Users\owner\AppData\Local\Temp\vzcizewp.tdi.exe
- C:\Users\owner\AppData\Local\Temp\w4c1hlwe.hre.exe
- ==================== Bamital & volsnap Check =================
- C:\Windows\System32\winlogon.exe => File is digitally signed
- C:\Windows\System32\wininit.exe => File is digitally signed
- C:\Windows\explorer.exe => File is digitally signed
- C:\Windows\SysWOW64\explorer.exe => File is digitally signed
- C:\Windows\System32\svchost.exe => File is digitally signed
- C:\Windows\SysWOW64\svchost.exe => File is digitally signed
- C:\Windows\System32\services.exe => File is digitally signed
- C:\Windows\System32\User32.dll => File is digitally signed
- C:\Windows\SysWOW64\User32.dll => File is digitally signed
- C:\Windows\System32\userinit.exe => File is digitally signed
- C:\Windows\SysWOW64\userinit.exe => File is digitally signed
- C:\Windows\System32\rpcss.dll => File is digitally signed
- C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
- LastRegBack: 2014-06-04 14:52
- ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement