Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-09-2014
- Ran by SYSTEM on MININT-KIGFPCM on 07-09-2014 01:35:04
- Running from E:\
- Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
- Internet Explorer Version 11
- Boot Mode: Recovery
- The current controlset is ControlSet001
- [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b]
- The only official download link for FRST:
- Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
- Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
- Download link from any site other than Bleeping Computer is unpermitted or outdated.
- See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Registry (Whitelisted) ==================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-05-05] (Realtek Semiconductor)
- HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
- HKLM-x32\...\Run: [] => [X]
- HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
- HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-07] (Apple Inc.)
- HKU\Default\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
- HKU\Default User\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
- ==================== Services (Whitelisted) =================
- (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
- S3 Giraffic; C:\Program Files (x86)\Giraffic\GirafficWatchdog.exe [2245232 2013-05-13] (Giraffic)
- S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-09-05] ()
- S3 ufad-ws60; C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe [191024 2010-08-19] (VMware, Inc.)
- ==================== Drivers (Whitelisted) ====================
- (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
- S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-03] ()
- S1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-05] ()
- S3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-05-05] (DT Soft Ltd)
- S1 HWiNFO32; C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [30080 2011-09-21] (REALiX(tm))
- S3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE2500w764.sys [1254464 2014-03-09] (Broadcom Corporation)
- S3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2014-05-18] (Razer Inc)
- S3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [31400 2014-05-18] (Razer Inc)
- S2 VMparport; C:\Windows\system32\drivers\VMparport.sys [30832 2011-03-25] (VMware, Inc.)
- S3 vna_ap; C:\Windows\System32\DRIVERS\vnaap.sys [161256 2010-09-26] (Check Point Software Technologies)
- S3 catchme; \??\C:\idan\catchme.sys [X]
- S3 mdareDriver_47; \??\C:\Users\Idan\AppData\Local\Temp\FCPreScan\mdare64_47.sys [X]
- S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
- S3 VGPU; System32\drivers\rdvgkmd.sys [X]
- ==================== NetSvcs (Whitelisted) ===================
- (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
- ==================== One Month Created Files and Folders ========
- (If an entry is included in the fixlist, the file\folder will be moved.)
- 2014-09-07 01:34 - 2014-09-07 01:35 - 00000000 ____D () C:\FRST
- 2014-09-06 14:19 - 2014-09-06 14:19 - 02104832 _____ (Farbar) C:\Users\Idan\Downloads\FRST64.exe
- 2014-09-06 04:13 - 2014-09-06 04:13 - 00401920 _____ (Farbar) C:\Users\Idan\Downloads\MiniToolBox.exe
- 2014-09-06 04:13 - 2014-09-06 04:13 - 00040014 _____ () C:\Users\Idan\Downloads\Result.txt
- 2014-09-05 14:08 - 2014-09-05 14:08 - 00000000 ____D () C:\Users\Idan\AppData\Local\ESN
- 2014-09-05 11:37 - 2014-09-05 11:37 - 00013797 _____ () C:\Users\Idan\Desktop\dds.txt
- 2014-09-05 11:37 - 2014-09-05 11:37 - 00010042 _____ () C:\Users\Idan\Desktop\attach.txt
- 2014-09-05 11:34 - 2014-09-05 11:34 - 00688992 ____R (Swearware) C:\Users\Idan\Downloads\dds.com
- 2014-09-05 09:41 - 2014-09-05 09:41 - 00448512 _____ (OldTimer Tools) C:\Users\Idan\Downloads\TFC.exe
- 2014-09-04 13:17 - 2014-09-04 13:17 - 00027829 _____ () C:\Users\Idan\Desktop\JRT.txt
- 2014-09-04 13:13 - 2014-09-04 13:13 - 00000000 ____D () C:\Windows\ERUNT
- 2014-09-04 02:14 - 2014-09-04 02:14 - 00009829 _____ () C:\Users\Idan\Desktop\AdwCleaner[S0].txt
- 2014-09-03 15:32 - 2010-08-29 21:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
- 2014-08-29 10:10 - 2014-08-29 10:10 - 00000796 _____ () C:\Users\Public\Desktop\Speccy.lnk
- 2014-08-29 10:10 - 2014-08-29 10:10 - 00000000 ____D () C:\Program Files\Speccy
- 2014-08-28 00:45 - 2014-08-28 00:45 - 00007554 _____ () C:\a.log
- 2014-08-28 00:30 - 2014-08-22 18:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
- 2014-08-28 00:30 - 2014-08-22 17:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
- 2014-08-28 00:30 - 2014-08-22 16:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
- 2014-08-14 15:54 - 2014-07-31 15:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
- 2014-08-14 15:54 - 2014-07-31 15:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
- 2014-08-14 15:54 - 2014-07-25 06:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
- 2014-08-14 15:54 - 2014-07-25 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
- 2014-08-14 15:54 - 2014-07-25 06:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
- 2014-08-14 15:54 - 2014-07-25 05:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
- 2014-08-14 15:54 - 2014-07-25 05:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
- 2014-08-14 15:54 - 2014-07-25 05:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
- 2014-08-14 15:54 - 2014-07-25 05:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
- 2014-08-14 15:54 - 2014-07-25 05:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
- 2014-08-14 15:54 - 2014-07-25 05:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
- 2014-08-14 15:54 - 2014-07-25 05:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
- 2014-08-14 15:54 - 2014-07-25 05:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
- 2014-08-14 15:54 - 2014-07-25 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
- 2014-08-14 15:54 - 2014-07-25 05:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
- 2014-08-14 15:54 - 2014-07-25 05:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
- 2014-08-14 15:54 - 2014-07-25 05:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
- 2014-08-14 15:54 - 2014-07-25 04:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
- 2014-08-14 15:54 - 2014-07-25 04:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
- 2014-08-14 15:54 - 2014-07-25 04:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
- 2014-08-14 15:54 - 2014-07-25 04:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
- 2014-08-14 15:54 - 2014-07-25 04:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
- 2014-08-14 15:54 - 2014-07-25 04:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
- 2014-08-14 15:54 - 2014-07-25 04:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
- 2014-08-14 15:54 - 2014-07-25 04:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
- 2014-08-14 15:54 - 2014-07-25 04:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
- 2014-08-14 15:54 - 2014-07-25 04:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
- 2014-08-14 15:54 - 2014-07-25 04:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
- 2014-08-14 15:54 - 2014-07-25 04:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
- 2014-08-14 15:54 - 2014-07-25 04:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
- 2014-08-14 15:54 - 2014-07-25 04:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
- 2014-08-14 15:54 - 2014-07-25 04:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
- 2014-08-14 15:54 - 2014-07-25 04:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
- 2014-08-14 15:54 - 2014-07-25 04:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
- 2014-08-14 15:54 - 2014-07-25 04:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
- 2014-08-14 15:54 - 2014-07-25 04:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
- 2014-08-14 15:54 - 2014-07-25 03:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
- 2014-08-14 15:54 - 2014-07-25 03:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
- 2014-08-14 15:54 - 2014-07-25 03:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
- 2014-08-14 15:54 - 2014-07-25 03:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
- 2014-08-14 15:54 - 2014-07-25 03:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
- 2014-08-14 15:54 - 2014-07-25 03:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
- 2014-08-14 15:54 - 2014-07-25 03:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
- 2014-08-14 15:54 - 2014-07-25 03:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
- 2014-08-14 15:54 - 2014-07-25 03:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
- 2014-08-14 15:54 - 2014-07-25 03:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
- 2014-08-14 15:54 - 2014-07-25 03:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
- 2014-08-14 15:54 - 2014-07-25 03:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
- 2014-08-14 15:54 - 2014-07-25 03:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
- 2014-08-14 15:54 - 2014-07-25 03:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
- 2014-08-14 15:54 - 2014-07-25 02:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
- 2014-08-14 15:54 - 2014-07-25 02:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
- 2014-08-14 15:54 - 2014-07-25 02:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
- 2014-08-14 15:54 - 2014-07-25 02:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
- 2014-08-14 15:54 - 2014-07-25 02:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
- 2014-08-14 15:54 - 2014-07-25 02:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
- 2014-08-13 16:03 - 2014-06-30 14:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\System32\icardres.dll
- 2014-08-13 16:03 - 2014-06-30 14:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
- 2014-08-13 16:03 - 2014-06-05 22:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
- 2014-08-13 16:03 - 2014-06-05 22:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\System32\TsWpfWrp.exe
- 2014-08-13 16:03 - 2014-03-09 13:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\System32\icardagt.exe
- 2014-08-13 16:03 - 2014-03-09 13:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\System32\infocardapi.dll
- 2014-08-13 16:03 - 2014-03-09 13:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
- 2014-08-13 16:03 - 2014-03-09 13:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
- 2014-08-13 12:53 - 2014-07-15 19:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
- 2014-08-13 12:53 - 2014-07-15 18:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
- 2014-08-13 12:53 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDYAK.DLL
- 2014-08-13 12:53 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDTAT.DLL
- 2014-08-13 12:53 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDRU1.DLL
- 2014-08-13 12:53 - 2014-07-08 18:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDBASH.DLL
- 2014-08-13 12:53 - 2014-07-08 18:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\KBDRU.DLL
- 2014-08-13 12:53 - 2014-07-08 17:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
- 2014-08-13 12:53 - 2014-07-08 17:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
- 2014-08-13 12:53 - 2014-07-08 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
- 2014-08-13 12:53 - 2014-07-08 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
- 2014-08-13 12:53 - 2014-07-08 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
- 2014-08-13 12:53 - 2014-07-08 14:38 - 00419992 _____ () C:\Windows\System32\locale.nls
- 2014-08-13 12:53 - 2014-07-08 14:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
- 2014-08-13 12:53 - 2014-06-24 18:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
- 2014-08-13 12:53 - 2014-06-24 17:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
- 2014-08-13 12:53 - 2014-06-15 18:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
- 2014-08-13 12:53 - 2014-06-03 02:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
- 2014-08-13 12:53 - 2014-06-03 02:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
- 2014-08-13 12:53 - 2014-06-03 02:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\System32\msihnd.dll
- 2014-08-13 12:53 - 2014-06-03 02:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
- 2014-08-13 12:53 - 2014-06-03 01:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
- 2014-08-13 12:53 - 2014-06-03 01:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
- 2014-08-13 12:53 - 2014-06-03 01:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
- 2014-08-13 12:51 - 2014-08-06 18:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
- 2014-08-13 12:51 - 2014-08-06 18:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
- 2014-08-13 12:51 - 2014-07-13 18:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
- 2014-08-13 12:51 - 2014-07-13 17:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
- ==================== One Month Modified Files and Folders =======
- (If an entry is included in the fixlist, the file\folder will be moved.)
- 2014-09-07 01:35 - 2014-09-07 01:34 - 00000000 ____D () C:\FRST
- 2014-09-06 14:32 - 2014-06-15 14:50 - 00003130 _____ () C:\Windows\setupact.log
- 2014-09-06 14:30 - 2011-05-05 07:51 - 01570019 _____ () C:\Windows\WindowsUpdate.log
- 2014-09-06 14:30 - 2009-07-13 20:45 - 00021472 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- 2014-09-06 14:30 - 2009-07-13 20:45 - 00021472 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- 2014-09-06 14:27 - 2009-07-13 21:13 - 00790790 _____ () C:\Windows\System32\PerfStringBackup.INI
- 2014-09-06 14:20 - 2011-08-27 23:58 - 00000000 ____D () C:\Users\Idan\AppData\Roaming\TS3Client
- 2014-09-06 14:19 - 2014-09-06 14:19 - 02104832 _____ (Farbar) C:\Users\Idan\Downloads\FRST64.exe
- 2014-09-06 04:13 - 2014-09-06 04:13 - 00401920 _____ (Farbar) C:\Users\Idan\Downloads\MiniToolBox.exe
- 2014-09-06 04:13 - 2014-09-06 04:13 - 00040014 _____ () C:\Users\Idan\Downloads\Result.txt
- 2014-09-05 14:24 - 2014-06-21 14:39 - 00013780 _____ () C:\Windows\PFRO.log
- 2014-09-05 14:17 - 2011-05-05 10:03 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
- 2014-09-05 14:14 - 2011-05-05 10:12 - 00000000 ____D () C:\Users\Idan\AppData\Local\PunkBuster
- 2014-09-05 14:14 - 2011-05-05 10:03 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
- 2014-09-05 14:08 - 2014-09-05 14:08 - 00000000 ____D () C:\Users\Idan\AppData\Local\ESN
- 2014-09-05 13:08 - 2013-11-05 05:50 - 00000000 ____D () C:\ProgramData\Package Cache
- 2014-09-05 13:08 - 2011-05-05 10:03 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
- 2014-09-05 13:06 - 2014-09-05 13:06 - 00018435 _____ () C:\Windows\DirectX.log
- 2014-09-05 12:31 - 2014-04-15 17:08 - 00001246 _____ () C:\Users\Public\Desktop\FIFA 14.lnk
- 2014-09-05 12:31 - 2014-04-15 16:35 - 00000000 ____D () C:\Program Files (x86)\Origin Games
- 2014-09-05 11:37 - 2014-09-05 11:37 - 00013797 _____ () C:\Users\Idan\Desktop\dds.txt
- 2014-09-05 11:37 - 2014-09-05 11:37 - 00010042 _____ () C:\Users\Idan\Desktop\attach.txt
- 2014-09-05 11:34 - 2014-09-05 11:34 - 00688992 ____R (Swearware) C:\Users\Idan\Downloads\dds.com
- 2014-09-05 10:45 - 2013-07-22 11:55 - 00000000 ____D () C:\TEMPP
- 2014-09-05 09:41 - 2014-09-05 09:41 - 00448512 _____ (OldTimer Tools) C:\Users\Idan\Downloads\TFC.exe
- 2014-09-04 13:17 - 2014-09-04 13:17 - 00027829 _____ () C:\Users\Idan\Desktop\JRT.txt
- 2014-09-04 13:13 - 2014-09-04 13:13 - 00000000 ____D () C:\Windows\ERUNT
- 2014-09-04 02:14 - 2014-09-04 02:14 - 00009829 _____ () C:\Users\Idan\Desktop\AdwCleaner[S0].txt
- 2014-09-01 14:16 - 2011-05-05 10:02 - 00000000 ____D () C:\Users\Idan\AppData\Roaming\uTorrent
- 2014-08-30 02:30 - 2014-06-14 04:56 - 00002249 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
- 2014-08-29 10:10 - 2014-08-29 10:10 - 00000796 _____ () C:\Users\Public\Desktop\Speccy.lnk
- 2014-08-29 10:10 - 2014-08-29 10:10 - 00000000 ____D () C:\Program Files\Speccy
- 2014-08-28 16:24 - 2014-06-07 08:52 - 04891592 _____ () C:\Windows\System32\FNTCACHE.DAT
- 2014-08-28 00:45 - 2014-08-28 00:45 - 00007554 _____ () C:\a.log
- 2014-08-22 18:07 - 2014-08-28 00:30 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
- 2014-08-22 17:45 - 2014-08-28 00:30 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
- 2014-08-22 16:59 - 2014-08-28 00:30 - 03163648 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
- 2014-08-20 13:52 - 2011-05-06 13:05 - 00000600 _____ () C:\Users\Idan\PUTTY.RND
- 2014-08-20 07:42 - 2011-06-02 09:23 - 00000000 ____D () C:\Users\Idan\AppData\Roaming\Skype
- 2014-08-15 07:42 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
- 2014-08-13 16:32 - 2013-07-17 16:00 - 00000000 ____D () C:\Windows\System32\MRT
- 2014-08-13 16:12 - 2011-05-05 08:34 - 99218768 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
- 2014-08-13 16:11 - 2011-05-27 23:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
- 2014-08-13 16:02 - 2014-05-06 16:01 - 00000000 ___SD () C:\Windows\System32\CompatTel
- 2014-08-12 11:22 - 2011-06-04 08:28 - 00000000 ____D () C:\Program Files (x86)\Steam
- 2014-08-12 11:08 - 2012-10-08 19:55 - 00000963 _____ () C:\Users\Public\Desktop\Steam.lnk
- 2014-08-12 05:48 - 2011-08-31 10:45 - 00000000 ____D () C:\Users\Idan\Documents\קבצי Outlook
- 2014-08-12 05:33 - 2014-07-21 02:01 - 00000000 ____D () C:\Users\Idan\AppData\Roaming\TeamViewer
- 2014-08-09 13:10 - 2011-06-02 09:23 - 00000000 ____D () C:\ProgramData\Skype
- 2014-08-08 00:46 - 2014-08-08 00:46 - 00063099 _____ () C:\Users\Idan\Downloads\פוליגונים ושמות מרחבים 07 07 14.xlsx
- Some content of TEMP:
- ====================
- C:\Users\Idan\AppData\Local\Temp\sonarinst.exe
- ==================== Known DLLs (Whitelisted) ================
- ==================== Bamital & volsnap Check =================
- (There is no automatic fix for files that do not pass verification.)
- C:\Windows\System32\winlogon.exe => MD5 is legit
- C:\Windows\System32\wininit.exe => MD5 is legit
- C:\Windows\SysWOW64\wininit.exe => MD5 is legit
- C:\Windows\explorer.exe => MD5 is legit
- C:\Windows\SysWOW64\explorer.exe => MD5 is legit
- C:\Windows\System32\svchost.exe => MD5 is legit
- C:\Windows\SysWOW64\svchost.exe => MD5 is legit
- C:\Windows\System32\services.exe => MD5 is legit
- C:\Windows\System32\User32.dll => MD5 is legit
- C:\Windows\SysWOW64\User32.dll => MD5 is legit
- C:\Windows\System32\userinit.exe => MD5 is legit
- C:\Windows\SysWOW64\userinit.exe => MD5 is legit
- C:\Windows\System32\rpcss.dll => MD5 is legit
- C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
- ==================== Restore Points =========================
- Restore point made on: 2014-08-29 10:04:55
- Restore point made on: 2014-09-02 10:02:44
- Restore point made on: 2014-09-05 13:01:17
- Restore point made on: 2014-09-05 13:04:58
- Restore point made on: 2014-09-05 13:07:47
- Restore point made on: 2014-09-05 13:08:30
- ==================== Memory info ===========================
- Percentage of memory in use: 14%
- Total physical RAM: 4063.13 MB
- Available physical RAM: 3473.61 MB
- Total Pagefile: 4061.33 MB
- Available Pagefile: 3461.74 MB
- Total Virtual: 8192 MB
- Available Virtual: 8191.89 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:931.5 GB) (Free:157.78 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
- Drive e: () (Removable) (Total:29.82 GB) (Free:24.32 GB) NTFS
- Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 19C819C7)
- Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
- ========================================================
- Disk: 1 (Size: 29.8 GB) (Disk ID: DC2AFD97)
- Partition 1: (Active) - (Size=29.8 GB) - (Type=07 NTFS)
- LastRegBack: 2013-06-22 13:59
- ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement