API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 15th, 2014
401
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 38.18 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
  2. Ran by pc (administrator) on PC-PC on 15-09-2014 15:24:33
  3. Running from C:\Users\pc\Downloads
  4. Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
  5. Internet Explorer Version 11
  6. Boot Mode: Normal
  7. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  8.  
  9. ==================== Processes (Whitelisted) =================
  10.  
  11. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  12.  
  13. (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe
  14. (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  15. (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe
  16. (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
  17. (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
  18. (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
  19. (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
  20. () C:\Program Files\CyberLink\Shared files\RichVideo.exe
  21. (Kaspersky Lab ZAO) C:\Users\pc\AppData\Local\temp\{F6374F4E-51A1-44A0-8BBC-C6FE55F4FEBF}.exe
  22. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  23. (IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
  24. (Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
  25. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
  26. (Intel Corporation) C:\Windows\System32\igfxtray.exe
  27. (Intel Corporation) C:\Windows\System32\hkcmd.exe
  28. (Intel Corporation) C:\Windows\System32\igfxpers.exe
  29. (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
  30. (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
  31. (Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
  32. (Bandoo Media Inc.) C:\Program Files\iLivid\iLivid.exe
  33. (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
  34. (Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
  35. (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
  36. (Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
  37. (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
  38. (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
  39. (Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
  40. (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
  41. (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
  42. (AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
  43.  
  44.  
  45. ==================== Registry (Whitelisted) ==================
  46.  
  47. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  48.  
  49. HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1721640 2010-05-27] (Synaptics Incorporated)
  50. HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-23] (IDT, Inc.)
  51. HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
  52. HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-02-07] (Cyberlink Corp.)
  53. HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [54832 2007-02-07] ()
  54. HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
  55. HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
  56. HKU\S-1-5-21-1790169903-100120260-3156938750-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
  57. HKU\S-1-5-21-1790169903-100120260-3156938750-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-12-12] (Google Inc.)
  58. HKU\S-1-5-21-1790169903-100120260-3156938750-1000\...\Run: [Google Update] => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-07-13] (Google Inc.)
  59. HKU\S-1-5-21-1790169903-100120260-3156938750-1000\...\Run: [iLivid] => C:\Program Files\iLivid\iLivid.exe [6827008 2013-09-09] (Bandoo Media Inc.)
  60. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
  61. ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
  62. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
  63. ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (No File)
  64. ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
  65.  
  66. ==================== Internet (Whitelisted) ====================
  67.  
  68. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  69.  
  70. HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
  71. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.hr/
  72. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x08BC1B25448ACB01
  73. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = hr
  74. HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
  75. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
  76. HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
  77. HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
  78. SearchScopes: HKLM - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
  79. SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
  80. SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=479&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3051051750834388&q={searchTerms}
  81. SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} URL = http://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms}
  82. SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
  83. SearchScopes: HKLM - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm073^YYA^hr&si=pconvIE&ptb=3BB710E1-81AF-47F7-B5FA-D2EA71331668&ind=2014010402&n=780b5c22&psa=&st=sb&searchfor={searchTerms}
  84. SearchScopes: HKCU - DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=2014-09-05&gen=cnet&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
  85. SearchScopes: HKCU - {120D3C2D-ADE5-4A5D-A3E0-4FF62942F5AC} URL = https://www.google.com/search?q={searchTerms}
  86. SearchScopes: HKCU - {22AAF60D-2DB0-45F0-8BE6-C075B9D8977C} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}
  87. SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=2014-09-05&gen=cnet&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
  88. SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
  89. SearchScopes: HKCU - {87E77B6D-0A39-451B-A4FD-7960FFE93EC5} URL = http://search.avg.com/route/?d=4ceb8348&v=6.10.6.4&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
  90. SearchScopes: HKCU - {95287E58-0B22-4D69-8F01-85DDF173AF55} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3300850&CUI=UN25012761671818911&UM=1
  91. SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=479&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3051051750834388&q={searchTerms}
  92. SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} URL = http://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms}
  93. SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
  94. SearchScopes: HKCU - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm073^YYA^hr&si=pconvIE&ptb=3BB710E1-81AF-47F7-B5FA-D2EA71331668&ind=2014010402&n=780b5c22&psa=&st=sb&searchfor={searchTerms}
  95. BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
  96. BHO: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
  97. BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
  98. BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
  99. BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
  100. BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
  101. BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  102. BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  103. Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
  104. Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
  105. DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
  106. DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
  107. DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
  108. DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
  109. DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
  110. Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
  111. Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
  112. Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  113. Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  114. Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - No File
  115. Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
  116. Tcpip\..\Interfaces\{5B2FC5DC-1D29-4283-9DDD-CDF2F05D81C2}: [NameServer] 212.91.97.3,212.91.97.4
  117. Tcpip\..\Interfaces\{6F5D1294-4C65-49CD-B200-A2FF4143567E}: [NameServer] 8.8.8.8,8.8.4.4
  118.  
  119. FireFox:
  120. ========
  121. FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
  122. FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  123. FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  124. FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
  125. FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
  126. FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
  127. FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
  128. FF Plugin: @VideoDownloadConverter_ScriptHelper.com/Plugin -> C:\Program Files\VideoDownloadConverter\npVDCPlugin.dll No File
  129. FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\pc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
  130. FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\pc\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
  131. FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\pc\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
  132. FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\pc\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
  133. FF Plugin ProgramFiles/Appdata: C:\Users\pc\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
  134. FF Plugin ProgramFiles/Appdata: C:\Users\pc\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
  135. FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
  136. FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-05]
  137.  
  138. Chrome:
  139. =======
  140. CHR HomePage: Default -> hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_9&idate=2014-09-05&gen=cnet&ent=hp&u=649485689E6C1CBF63FCE75409EC7CCE
  141. CHR StartupUrls: Default -> "hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_9&idate=2014-09-05&gen=cnet&ent=hp&u=649485689E6C1CBF63FCE75409EC7CCE", "hxxp://www.msn.com/?pc=AV01"
  142. CHR DefaultSearchKeyword: Default -> securesearch
  143. CHR DefaultSearchProvider: Default -> SecureSearch
  144. CHR DefaultSearchURL: Default -> http://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=2014-09-05&gen=cnet&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
  145. CHR DefaultSuggestURL: Default ->
  146. CHR CustomProfile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default
  147. CHR Extension: (Google Docs) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-12]
  148. CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-12]
  149. CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-07]
  150. CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-12]
  151. CHR Extension: (Google Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-12]
  152. CHR Extension: (avast! Online Security) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-05]
  153. CHR Extension: (Google Wallet) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-19]
  154. CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-12]
  155. CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-27]
  156. CHR HKLM\...\Chrome\Extension: [mekcdjanfbgjggafgdkmcodmkfldcaaf] - C:\ProgramData\wxDownload\mekcdjanfbgjggafgdkmcodmkfldcaaf.crx [2014-06-27]
  157. CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  158.  
  159. ========================== Services (Whitelisted) =================
  160.  
  161. (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
  162.  
  163. R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-27] (AVAST Software)
  164. S2 Dhcp; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
  165. R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
  166. R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
  167. S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [638976 2013-08-05] (McAfee, Inc.)
  168. S4 RemoteAccess; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
  169. R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [173616 2007-02-07] ()
  170. R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [229458 2010-03-23] (IDT, Inc.)
  171. S2 Application Updater; "C:\Program Files\Application Updater\ApplicationUpdater.exe" [X]
  172.  
  173. ==================== Drivers (Whitelisted) ====================
  174.  
  175. (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
  176.  
  177. R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-06-27] ()
  178. R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-06-27] (AVAST Software)
  179. R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-06-27] (AVAST Software)
  180. R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-06-27] ()
  181. R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-06-27] (AVAST Software)
  182. R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-04] (AVAST Software)
  183. R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-06-27] (AVAST Software)
  184. R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-06-27] ()
  185. R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
  186. R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-15] (Malwarebytes Corporation)
  187. R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
  188. S3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [288056 2013-07-09] (McAfee, Inc.)
  189. S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80656 2013-07-09] (McAfee, Inc.)
  190. S3 MFE_RR; C:\Windows\System32\Drivers\mfe_rr.sys [29776 2013-12-04] (McAfee, Inc.)
  191. R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B}; C:\Program Files\CyberLink\PowerDVD\000.fcl [13560 2006-11-02] (Cyberlink Corp.)
  192. S3 catchme; \??\C:\Users\pc\AppData\Local\Temp\catchme.sys [X]
  193. S3 CFcatchme; \??\C:\Users\pc\AppData\Local\Temp\CFcatchme.sys [X]
  194. S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
  195. S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
  196. S3 VGPU; System32\drivers\rdvgkmd.sys [X]
  197.  
  198. ==================== NetSvcs (Whitelisted) ===================
  199.  
  200.  
  201. (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
  202.  
  203.  
  204. ==================== One Month Created Files and Folders ========
  205.  
  206. (If an entry is included in the fixlist, the file\folder will be moved.)
  207.  
  208. 2014-09-15 15:24 - 2014-09-15 15:25 - 00019454 _____ () C:\Users\pc\Downloads\FRST.txt
  209. 2014-09-15 15:24 - 2014-09-15 15:24 - 00000000 ____D () C:\FRST
  210. 2014-09-15 15:22 - 2014-09-15 15:22 - 00001031 _____ () C:\Users\pc\Desktop\FRST - Shortcut.lnk
  211. 2014-09-15 15:21 - 2014-09-15 15:21 - 01097728 _____ (Farbar) C:\Users\pc\Downloads\FRST.exe
  212. 2014-09-15 14:03 - 2014-09-15 14:03 - 00000000 ____D () C:\TDSSKiller_Quarantine
  213. 2014-09-15 13:58 - 2014-09-15 13:58 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
  214. 2014-09-15 13:36 - 2014-09-15 13:36 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\pc\Downloads\tdsskiller.exe
  215. 2014-09-15 13:36 - 2014-09-15 13:36 - 00001089 _____ () C:\Users\pc\Desktop\tdsskiller - Shortcut.lnk
  216. 2014-09-14 23:31 - 2014-09-15 00:28 - 302694400 _____ () C:\Users\pc\Downloads\kav_rescue_10.iso
  217. 2014-09-14 22:29 - 2014-09-14 22:29 - 00000512 _____ () C:\Users\pc\Desktop\MBR.dat
  218. 2014-09-14 22:28 - 2014-09-14 22:29 - 00001460 _____ () C:\Users\pc\Desktop\aswMBR.txt
  219. 2014-09-14 16:58 - 2014-09-14 16:58 - 00000000 ____D () C:\Users\pc\AppData\Roaming\eCyber
  220. 2014-09-14 16:57 - 2014-09-14 17:23 - 00000000 ____D () C:\Users\pc\AppData\Roaming\iSafe
  221. 2014-09-12 10:58 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
  222. 2014-09-12 10:58 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
  223. 2014-09-12 10:58 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
  224. 2014-09-12 10:58 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
  225. 2014-09-12 10:57 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
  226. 2014-09-12 10:57 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
  227. 2014-09-12 10:57 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
  228. 2014-09-12 10:57 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
  229. 2014-09-12 10:57 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
  230. 2014-09-12 10:57 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
  231. 2014-09-12 10:57 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
  232. 2014-09-12 10:57 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
  233. 2014-09-12 10:57 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
  234. 2014-09-12 10:57 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
  235. 2014-09-12 10:57 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
  236. 2014-09-12 10:57 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
  237. 2014-09-12 10:57 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
  238. 2014-09-12 10:57 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
  239. 2014-09-12 10:57 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
  240. 2014-09-12 10:57 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
  241. 2014-09-12 10:57 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
  242. 2014-09-12 10:57 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
  243. 2014-09-12 10:57 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
  244. 2014-09-12 10:57 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
  245. 2014-09-12 10:57 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
  246. 2014-09-12 10:57 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
  247. 2014-09-12 10:57 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
  248. 2014-09-12 10:57 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
  249. 2014-09-12 10:57 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
  250. 2014-09-12 10:57 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
  251. 2014-09-12 10:56 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
  252. 2014-09-11 09:53 - 2014-09-11 09:55 - 00015372 _____ () C:\Users\pc\Desktop\MBRCheck_09.11.14_09.53.05.txt
  253. 2014-09-11 09:52 - 2014-09-11 09:52 - 00080384 _____ () C:\Users\pc\Downloads\MBRCheck.exe
  254. 2014-09-10 14:55 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
  255. 2014-09-10 14:55 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
  256. 2014-09-10 14:53 - 2014-09-05 03:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
  257. 2014-09-10 14:53 - 2014-09-05 03:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
  258. 2014-09-10 14:53 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
  259. 2014-09-10 14:53 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
  260. 2014-09-10 10:46 - 2014-09-10 10:46 - 00003544 ____N () C:\bootsqm.dat
  261. 2014-09-09 10:52 - 2014-09-09 10:52 - 00000017 _____ () C:\Users\pc\AppData\Local\resmon.resmoncfg
  262. 2014-09-07 10:27 - 2014-09-07 10:28 - 00151984 _____ () C:\Windows\Minidump\090714-18330-01.dmp
  263. 2014-09-05 23:18 - 2014-09-15 14:48 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
  264. 2014-09-05 23:13 - 2014-09-05 23:13 - 00001020 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
  265. 2014-09-05 23:13 - 2014-09-05 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
  266. 2014-09-05 23:11 - 2014-09-05 23:12 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
  267. 2014-09-05 23:11 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
  268. 2014-09-05 23:11 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
  269. 2014-09-05 23:11 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
  270. 2014-09-05 22:59 - 2014-09-05 23:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\pc\Downloads\mbam-setup-2.0.2.1012.exe
  271. 2014-09-05 19:51 - 2014-09-05 20:02 - 04831496 _____ () C:\Users\pc\Downloads\AntiMalware-Installer (1).exe
  272. 2014-09-05 19:45 - 2014-09-05 19:51 - 04831496 _____ () C:\Users\pc\Downloads\AntiMalware-Installer.exe
  273. 2014-09-05 19:04 - 2014-09-05 19:04 - 00000000 ____D () C:\Users\pc\AppData\Roaming\LavasoftStatistics
  274. 2014-09-05 19:00 - 2014-09-05 19:00 - 00000061 _____ () C:\prefs.js
  275. 2014-09-05 18:59 - 2014-09-05 18:59 - 00000000 ____D () C:\Users\pc\AppData\Roaming\SecureSearch
  276. 2014-09-05 18:27 - 2014-09-05 18:29 - 29592768 _____ (Microsoft Corporation) C:\Users\pc\Downloads\Windows-KB890830-V5.15.exe
  277. 2014-08-28 12:30 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
  278. 2014-08-28 12:30 - 2014-08-23 02:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
  279.  
  280. ==================== One Month Modified Files and Folders =======
  281.  
  282. (If an entry is included in the fixlist, the file\folder will be moved.)
  283.  
  284. 2014-09-15 15:25 - 2014-09-15 15:24 - 00019454 _____ () C:\Users\pc\Downloads\FRST.txt
  285. 2014-09-15 15:24 - 2014-09-15 15:24 - 00000000 ____D () C:\FRST
  286. 2014-09-15 15:22 - 2014-09-15 15:22 - 00001031 _____ () C:\Users\pc\Desktop\FRST - Shortcut.lnk
  287. 2014-09-15 15:21 - 2014-09-15 15:21 - 01097728 _____ (Farbar) C:\Users\pc\Downloads\FRST.exe
  288. 2014-09-15 15:06 - 2010-09-22 12:25 - 01867134 _____ () C:\Windows\WindowsUpdate.log
  289. 2014-09-15 14:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
  290. 2014-09-15 14:49 - 2014-07-11 20:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
  291. 2014-09-15 14:48 - 2014-09-05 23:18 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
  292. 2014-09-15 14:40 - 2010-12-12 14:45 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  293. 2014-09-15 14:36 - 2013-09-14 23:58 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1790169903-100120260-3156938750-1000UA.job
  294. 2014-09-15 14:08 - 2009-07-14 06:34 - 00020672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  295. 2014-09-15 14:08 - 2009-07-14 06:34 - 00020672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  296. 2014-09-15 14:03 - 2014-09-15 14:03 - 00000000 ____D () C:\TDSSKiller_Quarantine
  297. 2014-09-15 13:58 - 2014-09-15 13:58 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
  298. 2014-09-15 13:57 - 2010-12-12 14:45 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  299. 2014-09-15 13:57 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
  300. 2014-09-15 13:56 - 2009-07-14 06:39 - 00241531 _____ () C:\Windows\setupact.log
  301. 2014-09-15 13:36 - 2014-09-15 13:36 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\pc\Downloads\tdsskiller.exe
  302. 2014-09-15 13:36 - 2014-09-15 13:36 - 00001089 _____ () C:\Users\pc\Desktop\tdsskiller - Shortcut.lnk
  303. 2014-09-15 09:56 - 2014-06-07 09:29 - 00000000 ___RD () C:\Users\pc\Dropbox
  304. 2014-09-15 09:51 - 2014-06-07 09:09 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Dropbox
  305. 2014-09-15 00:28 - 2014-09-14 23:31 - 302694400 _____ () C:\Users\pc\Downloads\kav_rescue_10.iso
  306. 2014-09-14 23:11 - 2014-02-09 17:21 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Samsung
  307. 2014-09-14 23:11 - 2014-02-09 17:21 - 00000000 ____D () C:\Users\pc\AppData\Local\Samsung
  308. 2014-09-14 23:11 - 2014-02-09 17:17 - 00000000 ____D () C:\Program Files\Samsung
  309. 2014-09-14 23:08 - 2014-02-09 17:17 - 00000000 ____D () C:\ProgramData\Samsung
  310. 2014-09-14 23:07 - 2010-09-22 15:35 - 00000000 ____D () C:\Program Files\InstallShield Installation Information
  311. 2014-09-14 22:29 - 2014-09-14 22:29 - 00000512 _____ () C:\Users\pc\Desktop\MBR.dat
  312. 2014-09-14 22:29 - 2014-09-14 22:28 - 00001460 _____ () C:\Users\pc\Desktop\aswMBR.txt
  313. 2014-09-14 21:19 - 2013-12-04 22:50 - 00724504 _____ () C:\Windows\PFRO.log
  314. 2014-09-14 17:23 - 2014-09-14 16:57 - 00000000 ____D () C:\Users\pc\AppData\Roaming\iSafe
  315. 2014-09-14 16:58 - 2014-09-14 16:58 - 00000000 ____D () C:\Users\pc\AppData\Roaming\eCyber
  316. 2014-09-14 16:47 - 2011-12-10 23:19 - 00002089 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
  317. 2014-09-11 09:55 - 2014-09-11 09:53 - 00015372 _____ () C:\Users\pc\Desktop\MBRCheck_09.11.14_09.53.05.txt
  318. 2014-09-11 09:52 - 2014-09-11 09:52 - 00080384 _____ () C:\Users\pc\Downloads\MBRCheck.exe
  319. 2014-09-11 08:28 - 2013-07-12 17:00 - 00000000 ____D () C:\Windows\system32\MRT
  320. 2014-09-11 08:27 - 2010-09-22 14:55 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
  321. 2014-09-11 08:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\hr-HR
  322. 2014-09-11 08:20 - 2014-05-06 20:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
  323. 2014-09-10 15:10 - 2010-09-22 14:32 - 00770634 _____ () C:\Windows\system32\PerfStringBackup.INI
  324. 2014-09-10 10:46 - 2014-09-10 10:46 - 00003544 ____N () C:\bootsqm.dat
  325. 2014-09-10 08:50 - 2013-06-17 19:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
  326. 2014-09-10 08:50 - 2013-06-17 19:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
  327. 2014-09-09 10:52 - 2014-09-09 10:52 - 00000017 _____ () C:\Users\pc\AppData\Local\resmon.resmoncfg
  328. 2014-09-07 18:36 - 2013-09-14 23:58 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1790169903-100120260-3156938750-1000Core.job
  329. 2014-09-07 10:28 - 2014-09-07 10:27 - 00151984 _____ () C:\Windows\Minidump\090714-18330-01.dmp
  330. 2014-09-07 10:27 - 2011-08-24 15:14 - 286487837 _____ () C:\Windows\MEMORY.DMP
  331. 2014-09-07 10:27 - 2011-08-24 15:14 - 00000000 ____D () C:\Windows\Minidump
  332. 2014-09-06 20:08 - 2010-10-24 15:05 - 00000000 ____D () C:\Users\pc\Documents\životopis
  333. 2014-09-06 18:08 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Vss
  334. 2014-09-06 18:05 - 2014-01-03 21:47 - 00000000 ____D () C:\ProgramData\Conduit
  335. 2014-09-06 18:05 - 2011-05-17 19:17 - 00000000 ____D () C:\Program Files\YouTube Downloader Toolbar
  336. 2014-09-06 18:05 - 2011-05-17 19:17 - 00000000 ____D () C:\Program Files\Common Files\Spigot
  337. 2014-09-06 18:05 - 2011-05-07 16:49 - 00000000 ____D () C:\Program Files\BearShare Applications
  338. 2014-09-06 18:05 - 2011-03-27 17:10 - 00000000 ____D () C:\Program Files\iMesh Applications
  339. 2014-09-05 23:13 - 2014-09-05 23:13 - 00001020 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
  340. 2014-09-05 23:13 - 2014-09-05 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
  341. 2014-09-05 23:12 - 2014-09-05 23:11 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
  342. 2014-09-05 23:11 - 2013-12-03 22:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
  343. 2014-09-05 23:10 - 2014-09-05 22:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\pc\Downloads\mbam-setup-2.0.2.1012.exe
  344. 2014-09-05 20:02 - 2014-09-05 19:51 - 04831496 _____ () C:\Users\pc\Downloads\AntiMalware-Installer (1).exe
  345. 2014-09-05 19:51 - 2014-09-05 19:45 - 04831496 _____ () C:\Users\pc\Downloads\AntiMalware-Installer.exe
  346. 2014-09-05 19:04 - 2014-09-05 19:04 - 00000000 ____D () C:\Users\pc\AppData\Roaming\LavasoftStatistics
  347. 2014-09-05 19:00 - 2014-09-05 19:00 - 00000061 _____ () C:\prefs.js
  348. 2014-09-05 18:59 - 2014-09-05 18:59 - 00000000 ____D () C:\Users\pc\AppData\Roaming\SecureSearch
  349. 2014-09-05 18:29 - 2014-09-05 18:27 - 29592768 _____ (Microsoft Corporation) C:\Users\pc\Downloads\Windows-KB890830-V5.15.exe
  350. 2014-09-05 03:52 - 2014-09-10 14:53 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
  351. 2014-09-05 03:47 - 2014-09-10 14:53 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
  352. 2014-08-31 21:47 - 2011-12-01 20:38 - 00000000 ____D () C:\Users\pc\Documents\Rover
  353. 2014-08-28 19:09 - 2009-07-14 06:33 - 00409360 _____ () C:\Windows\system32\FNTCACHE.DAT
  354. 2014-08-23 03:46 - 2014-08-28 12:30 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
  355. 2014-08-23 02:42 - 2014-08-28 12:30 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
  356. 2014-08-19 19:39 - 2014-09-12 10:57 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
  357. 2014-08-19 00:26 - 2014-09-12 10:57 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
  358. 2014-08-19 00:08 - 2014-09-12 10:57 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
  359. 2014-08-18 23:57 - 2014-09-12 10:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
  360. 2014-08-18 23:57 - 2014-09-12 10:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
  361. 2014-08-18 23:46 - 2014-09-12 10:57 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
  362. 2014-08-18 23:45 - 2014-09-12 10:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
  363. 2014-08-18 23:44 - 2014-09-12 10:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
  364. 2014-08-18 23:44 - 2014-09-12 10:57 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
  365. 2014-08-18 23:42 - 2014-09-12 10:57 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
  366. 2014-08-18 23:39 - 2014-09-12 10:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
  367. 2014-08-18 23:39 - 2014-09-12 10:57 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
  368. 2014-08-18 23:37 - 2014-09-12 10:58 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
  369. 2014-08-18 23:36 - 2014-09-12 10:57 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
  370. 2014-08-18 23:36 - 2014-09-12 10:57 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
  371. 2014-08-18 23:35 - 2014-09-12 10:57 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
  372. 2014-08-18 23:30 - 2014-09-12 10:57 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
  373. 2014-08-18 23:27 - 2014-09-12 10:57 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
  374. 2014-08-18 23:22 - 2014-09-12 10:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
  375. 2014-08-18 23:19 - 2014-09-12 10:57 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
  376. 2014-08-18 23:17 - 2014-09-12 10:57 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
  377. 2014-08-18 23:17 - 2014-09-12 10:57 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
  378. 2014-08-18 23:15 - 2014-09-12 10:57 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
  379. 2014-08-18 23:09 - 2014-09-12 10:57 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
  380. 2014-08-18 23:08 - 2014-09-12 10:57 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
  381. 2014-08-18 23:08 - 2014-09-12 10:57 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
  382. 2014-08-18 23:07 - 2014-09-12 10:57 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
  383. 2014-08-18 22:46 - 2014-09-12 10:57 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
  384. 2014-08-18 22:38 - 2014-09-12 10:57 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
  385. 2014-08-18 22:36 - 2014-09-12 10:57 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
  386.  
  387. Some content of TEMP:
  388. ====================
  389. C:\Users\pc\AppData\Local\temp\b30a14d7-208c-4e93-a19a-81f6e55c5732.exe
  390. C:\Users\pc\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpy0acvi.dll
  391. C:\Users\pc\AppData\Local\temp\GUR205B.exe
  392. C:\Users\pc\AppData\Local\temp\GUR26E0.exe
  393. C:\Users\pc\AppData\Local\temp\{F6374F4E-51A1-44A0-8BBC-C6FE55F4FEBF}.exe
  394.  
  395.  
  396. ==================== Bamital & volsnap Check =================
  397.  
  398. (There is no automatic fix for files that do not pass verification.)
  399.  
  400. C:\Windows\explorer.exe => File is digitally signed
  401. C:\Windows\system32\winlogon.exe => File is digitally signed
  402. C:\Windows\system32\wininit.exe => File is digitally signed
  403. C:\Windows\system32\svchost.exe => File is digitally signed
  404. C:\Windows\system32\services.exe => File is digitally signed
  405. C:\Windows\system32\User32.dll => File is digitally signed
  406. C:\Windows\system32\userinit.exe => File is digitally signed
  407. C:\Windows\system32\rpcss.dll => File is digitally signed
  408. C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
  409.  
  410.  
  411. LastRegBack: 2014-08-08 08:16
  412.  
  413. ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!