Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 01
- Ran by Frankie (administrator) on 1139062-PC on 25-05-2014 11:11:00
- Running from C:\Users\Frankie\Downloads
- Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
- Internet Explorer Version 11
- Boot Mode: Normal
- The only official download link for FRST:
- Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
- Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
- Download link from any site other than Bleeping Computer is unpermitted or outdated.
- See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (Whitelisted) =================
- (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
- (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
- (NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
- (NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
- (Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
- (ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
- (Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
- (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
- (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
- (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
- (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
- (Starfield Technologies) C:\Program Files (x86)\Workspace\offSyncService.exe
- (Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
- (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
- (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
- (Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
- (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\PRISMSVC.exe
- (Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
- (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\PRISMSVR.exe
- (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
- (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
- (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
- (Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
- (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
- () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
- (Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
- (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
- (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
- () C:\WINDOWS\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe
- (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
- (Tether) C:\Program Files (x86)\Tether\TBService.exe
- (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
- (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
- (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
- (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
- (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
- (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
- (Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
- (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
- (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
- (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
- (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
- (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
- (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
- (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
- (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
- (Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
- (Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector\QBWebConnector.exe
- (Dell Inc.) C:\Program Files (x86)\Dell Wireless\PRISMCFG.exe
- (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
- (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
- (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
- (Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe
- () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
- (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
- (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
- (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
- (brother) C:\Program Files (x86)\Brownie\BrStsW64.exe
- (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
- () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
- (brother) C:\Program Files (x86)\Brownie\brpjp04a.exe
- (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
- (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
- (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
- (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
- (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
- (Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
- (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
- () C:\Program Files (x86)\Rockstar Games\GTA San Andreas\samp.exe
- (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- (Intuit Inc.) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 12.0\QBW32.EXE
- (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
- (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
- (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
- (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
- (Microsoft Corporation) C:\WINDOWS\splwow64.exe
- (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
- () C:\Program Files\AutoHotkey\AutoHotkey.exe
- (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
- (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
- (Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe
- (Intuit, Inc.) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 12.0\QBDBMgr.exe
- (Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
- (Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
- (PC-Doctor, Inc.) C:\Program Files\My Dell\imstrayicon.exe
- (PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe
- (The Privoxy team - www.privoxy.org) C:\Program Files (x86)\MSR\Privoxy\privoxy.exe
- (Microsoft Corporation) C:\WINDOWS\System32\SnippingTool.exe
- (Microsoft Corporation) C:\WINDOWS\System32\wisptis.exe
- ==================== Registry (Whitelisted) ==================
- HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2247976 2010-07-15] (Synaptics Incorporated)
- HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6539880 2010-11-09] (Realtek Semiconductor)
- HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2181224 2010-11-03] (Realtek Semiconductor)
- HKLM\...\Run: [NVHotkey] => C:\Windows\system32\nvHotkey.dll [283240 2010-08-25] (NVIDIA Corporation)
- HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
- HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3206816 2010-08-04] (Dell Inc.)
- HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
- HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2011-09-16] (LogMeIn, Inc.)
- HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-19] (Creative Technology Ltd)
- HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
- HKLM-x32\...\Run: [RemoteControl9] => c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
- HKLM-x32\...\Run: [PDVD9LanguageShortcut] => c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
- HKLM-x32\...\Run: [BDRegion] => c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2010-09-28] (cyberlink)
- HKLM-x32\...\Run: [] => [X]
- HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-09-04] (Sonic Solutions)
- HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [518640 2010-09-03] ()
- HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
- HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
- HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
- HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
- HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
- HKLM-x32\...\Run: [AVG_TRAY] => C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
- HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [1874264 2011-08-19] (Intuit Inc. All rights reserved.)
- HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
- HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [3695928 2009-08-19] (brother)
- HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
- HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
- HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [933640 2012-01-19] (ABBYY.)
- HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
- HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
- HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
- HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
- HKLM-x32\...\Run: [Cobian Backup 11 interface] => C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808 2013-03-07] (Luis Cobian, CobianSoft)
- Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
- Winlogon\Notify\PRISMGNA.DLL-x32: PRISMGNA.DLL [X]
- Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
- HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
- HKU\S-1-5-21-2055394165-2191592282-3138062650-1001\...\Run: [Facebook Update] => "C:\Users\Frankie\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
- HKU\S-1-5-21-2055394165-2191592282-3138062650-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-23] (Valve Corporation)
- HKU\S-1-5-21-2055394165-2191592282-3138062650-1001\...\MountPoints2: {facfee63-28a6-11e0-9ac5-806e6f6e6963} - E:\Autorun.exe
- Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk
- ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
- Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
- ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
- Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Web Connector.lnk
- ShortcutTarget: QuickBooks Web Connector.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector\QBWebConnector.exe (Intuit)
- Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
- ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 12.0\QBW32.EXE (Intuit Inc.)
- Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless USB 2.0 WLAN Card Utility.lnk
- ShortcutTarget: Wireless USB 2.0 WLAN Card Utility.lnk -> C:\Program Files (x86)\Dell Wireless\PRISMCFG.exe (Dell Inc.)
- Startup: C:\Users\Frankie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
- ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
- GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
- ==================== Internet (Whitelisted) ====================
- ProxyEnable: Internet Explorer proxy is enabled.
- ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
- HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net
- HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
- SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKCU - {2F2B9E42-9829-4617-914D-8C86E9E6DF1D} URL =
- SearchScopes: HKCU - {47A9AB82-C118-4F3D-9A13-9EF276CB5FDA} URL =
- SearchScopes: HKCU - {7A00FADA-D89A-4B61-BB68-1A6BD8A34F25} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3299568&CUI=UN37569520712089329&UM=2
- BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
- BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
- BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
- BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
- BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
- BHO-x32: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
- BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
- BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
- BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
- BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
- BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
- BHO-x32: WinZip Courier BHO - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\Program Files (x86)\WinZip Courier\wzwmcie.dll (WinZip Computing, S.L.)
- BHO-x32: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
- BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
- BHO-x32: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
- BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
- Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
- Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File
- Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - No File
- Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
- Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File
- Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
- Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll No File
- Handler-x32: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 12.0\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
- Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
- Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
- Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
- Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
- Hosts: 127.0.0.1 activate.adobe.com
- Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
- Tcpip\..\Interfaces\{81FB0693-D9A1-4833-9182-B18DC2228D9F}: [NameServer]8.8.8.8,8.8.4.4
- FireFox:
- ========
- FF ProfilePath: C:\Users\Frankie\AppData\Roaming\Mozilla\Firefox\Profiles\fzk89261.default-1400387062475
- FF NetworkProxy: "type", 1);user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118
- FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
- FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
- FF Plugin: @microsoft.com/GENUINE - disabled No File
- FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
- FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
- FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
- FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
- FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
- FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
- FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
- FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
- FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
- FF Plugin-x32: @Motive.com/NpMotive,version=1.0 - C:\Program Files (x86)\ATT\8.3.1.18\ma\bin\npMotive.dll No File
- FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
- FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
- FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
- FF Plugin-x32: @winzip.com/Winzip Courier - C:\Program Files (x86)\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
- FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
- FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Frankie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
- FF Plugin HKCU: @starfield.com/off - C:\Users\Frankie\AppData\Roaming\Mozilla\Plugins\npoff.dll ( Starfield Technologies, LLC.)
- FF Plugin HKCU: @starfield.com/off64 - C:\Users\Frankie\AppData\Roaming\Mozilla\Plugins\npoff64.dll ( Starfield Technologies, LLC.)
- FF Plugin HKCU: @starfield.com/wbe - C:\Users\Frankie\AppData\Roaming\Mozilla\Plugins\npwbe.dll (Starfield Technology, LLC)
- FF Plugin HKCU: @starfield.com/wbe64 - C:\Users\Frankie\AppData\Roaming\Mozilla\Plugins\npwbe64.dll (Starfield Technology, LLC)
- FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Frankie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
- FF Plugin ProgramFiles/Appdata: C:\Users\Frankie\AppData\Roaming\mozilla\plugins\npoff.dll ( Starfield Technologies, LLC.)
- FF Plugin ProgramFiles/Appdata: C:\Users\Frankie\AppData\Roaming\mozilla\plugins\npoff64.dll ( Starfield Technologies, LLC.)
- FF Plugin ProgramFiles/Appdata: C:\Users\Frankie\AppData\Roaming\mozilla\plugins\npwbe.dll (Starfield Technology, LLC)
- FF Plugin ProgramFiles/Appdata: C:\Users\Frankie\AppData\Roaming\mozilla\plugins\npwbe64.dll (Starfield Technology, LLC)
- FF SearchPlugin: C:\Users\Frankie\AppData\Roaming\Mozilla\Firefox\Profiles\fzk89261.default-1400387062475\searchplugins\youtube-video-search.xml
- FF Extension: WBE Paste - C:\Users\Frankie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\wbepaste@starfield [2012-12-26]
- FF Extension: Workspace Email Zoom - C:\Users\Frankie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\zoomext@starfield [2012-12-26]
- FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox
- FF Extension: Bing Bar - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011-01-25]
- FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
- FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ []
- FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
- FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ []
- FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4\
- FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4\ []
- FF HKLM-x32\...\Firefox\Extensions: [{74c841e3-b59f-479e-8d7a-e26a942a87c8}] - C:\Program Files (x86)\WinZip Courier\FFExt
- FF Extension: WinZip Courier - C:\Program Files (x86)\WinZip Courier\FFExt [2012-01-11]
- FF HKLM-x32\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\
- FF Extension: AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ []
- FF HKLM-x32\...\Thunderbird\Extensions: [avgthb@avg.com] - C:\Program Files (x86)\AVG\AVG2012\Thunderbird\
- FF Extension: AVG E-mail Scanner - C:\Program Files (x86)\AVG\AVG2012\Thunderbird\ []
- Chrome:
- =======
- CHR HomePage:
- CHR DefaultSearchKeyword: yahoo.com
- CHR DefaultSearchProvider: Yahoo!
- CHR DefaultSearchURL: http://search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
- CHR DefaultNewTabURL:
- CHR Extension: (Google Wallet) - C:\Users\Frankie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-29]
- CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
- ==================== Services (Whitelisted) =================
- R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [818952 2011-12-22] (ABBYY)
- R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
- R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
- S2 CLKMSVC10_9EC60124; c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [254448 2010-09-28] (CyberLink)
- R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft)
- R2 File Backup; C:\Program Files (x86)\Workspace\offSyncService.exe [1187040 2013-07-22] (Starfield Technologies)
- R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project)
- R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project)
- R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-04-18] (LogMeIn, Inc.)
- R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-04-18] (LogMeIn, Inc.)
- R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2011-09-16] (LogMeIn, Inc.)
- S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
- R2 RealtekCU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.)
- R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
- R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
- R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
- R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
- R2 SystemUpdatekb70007; C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe [18944 2014-05-08] ()
- R2 Tether; C:\Program Files (x86)\Tether\TBService.exe [125376 2012-03-28] (Tether)
- S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc [X]
- R2 PRISMSVC; C:\Windows\system32\PRISMSVC.EXE [X]
- ==================== Drivers (Whitelisted) ====================
- R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG Technologies CZ, s.r.o. )
- R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
- R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
- R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.)
- R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
- R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
- R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2013-04-11] (AVG Technologies CZ, s.r.o.)
- R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
- R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-05-29] (LogMeIn, Inc.)
- S4 LMIRfsClientNP; No ImagePath
- S3 RemoteControl-USBLAN; C:\Windows\System32\DRIVERS\rcblan.sys [46616 2007-01-24] (Belcarra Technologies)
- R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1525904 2012-11-07] (Realtek Semiconductor Corporation )
- R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
- R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
- S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
- S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
- S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
- S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
- S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
- S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
- ==================== NetSvcs (Whitelisted) ===================
- ==================== One Month Created Files and Folders ========
- 2014-05-25 11:11 - 2014-05-25 11:11 - 00031365 _____ () C:\Users\Frankie\Downloads\FRST.txt
- 2014-05-25 11:10 - 2014-05-25 11:11 - 00000000 ____D () C:\FRST
- 2014-05-25 11:10 - 2014-05-25 11:10 - 02066944 _____ (Farbar) C:\Users\Frankie\Downloads\FRST64.exe
- 2014-05-24 10:42 - 2014-05-24 11:13 - 00010257 _____ () C:\Users\Frankie\Documents\Timberview Trail Inventory.xlsx
- 2014-05-24 10:42 - 2014-05-24 10:42 - 00000165 ____H () C:\Users\Frankie\Documents\~$Timberview Trail Inventory.xlsx
- 2014-05-23 13:45 - 2014-05-23 13:45 - 00013915 ____N () C:\Users\Frankie\Documents\Attach.txt
- 2014-05-23 13:44 - 2014-05-23 13:44 - 00036854 ____N () C:\Users\Frankie\Documents\DDS.txt
- 2014-05-23 13:43 - 2014-05-23 13:43 - 00036854 ____N () C:\Users\Frankie\Desktop\dds.txt
- 2014-05-23 13:43 - 2014-05-23 13:43 - 00013915 ____N () C:\Users\Frankie\Desktop\attach.txt
- 2014-05-23 13:38 - 2014-05-23 13:38 - 00688992 ____R (Swearware) C:\Users\Frankie\Desktop\dds.com
- 2014-05-23 13:33 - 2014-05-23 13:33 - 00000000 ____D () C:\Program Files (x86)\Cobian Backup 11
- 2014-05-23 13:30 - 2014-05-23 13:32 - 19709440 ____N (Luis Cobian, CobianSoft) C:\Users\Frankie\Downloads\cbSetup.exe
- 2014-05-20 16:29 - 2014-05-20 16:29 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
- 2014-05-20 16:28 - 2014-05-21 10:51 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
- 2014-05-20 16:28 - 2014-05-20 16:55 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
- 2014-05-20 16:28 - 2014-05-20 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
- 2014-05-20 16:28 - 2014-05-20 16:28 - 00001397 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
- 2014-05-20 16:28 - 2014-05-20 16:28 - 00001385 ____N () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
- 2014-05-20 16:28 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
- 2014-05-20 15:51 - 2014-05-20 15:55 - 46392680 ____N (Safer-Networking Ltd. ) C:\Users\Frankie\Downloads\spybot-2.3.exe
- 2014-05-18 23:40 - 2014-05-18 23:48 - 140752896 ____N () C:\Users\Frankie\Downloads\vehicles.img
- 2014-05-18 00:24 - 2014-05-18 00:24 - 00000000 ____D () C:\Users\Frankie\Desktop\Old Firefox Data
- 2014-05-17 21:11 - 2014-05-18 17:23 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
- 2014-05-17 21:10 - 2014-05-17 21:10 - 00001108 ____N () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
- 2014-05-17 21:10 - 2014-05-17 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
- 2014-05-17 21:10 - 2014-05-17 21:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
- 2014-05-17 21:10 - 2014-05-17 21:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
- 2014-05-17 21:10 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
- 2014-05-17 21:10 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
- 2014-05-17 21:10 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
- 2014-05-17 21:09 - 2014-05-17 21:10 - 17305616 ____N (Malwarebytes Corporation ) C:\Users\Frankie\Downloads\mbam-setup-2.0.1.1004.exe
- 2014-05-17 20:43 - 2010-08-30 08:34 - 00536576 ____N (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
- 2014-05-17 20:42 - 2014-05-17 20:51 - 00000000 ____D () C:\AdwCleaner
- 2014-05-17 20:40 - 2014-05-17 20:41 - 00929416 ____N (CNET Download.com) C:\Users\Frankie\Downloads\cbsidlm-cbsi188-AdwCleaner-SEO-75851221.exe
- 2014-05-17 20:30 - 2014-05-25 10:57 - 00000948 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
- 2014-05-17 20:30 - 2014-05-25 10:57 - 00000944 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
- 2014-05-17 20:30 - 2014-05-17 20:30 - 00003946 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
- 2014-05-17 20:30 - 2014-05-17 20:30 - 00003692 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
- 2014-05-17 20:09 - 2014-05-17 20:09 - 00000000 ____D () C:\Program Files (x86)\MSR
- 2014-05-17 20:08 - 2014-05-17 20:15 - 00000396 __RSH () C:\ProgramData\ntuser.pol
- 2014-05-17 20:08 - 2014-05-17 20:08 - 02271768 ____N () C:\Users\Frankie\Downloads\The.Wolf.of.Wall.Street.2013.720p.BluRay.X264-AMIABLE_[PublicHD].exe
- 2014-05-17 20:08 - 2014-05-17 20:08 - 00003250 _____ () C:\Windows\System32\Tasks\GPUpdate
- 2014-05-17 20:08 - 2014-05-17 20:08 - 00000000 ____D () C:\Users\Frankie\AppData\Roaming\wi_upd
- 2014-05-17 20:08 - 2014-05-17 20:08 - 00000000 ____D () C:\Users\Frankie\AppData\Roaming\GetPrivate
- 2014-05-16 00:45 - 2014-05-16 00:46 - 00000000 ____D () C:\Users\Frankie\Documents\ELS
- 2014-05-15 03:12 - 2014-05-06 00:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
- 2014-05-15 03:12 - 2014-05-05 23:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
- 2014-05-15 03:12 - 2014-05-05 22:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
- 2014-05-15 03:11 - 2014-05-06 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
- 2014-05-15 03:11 - 2014-05-05 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
- 2014-05-15 03:11 - 2014-05-05 23:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
- 2014-05-14 21:57 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
- 2014-05-14 21:57 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
- 2014-05-14 21:56 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
- 2014-05-14 21:56 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
- 2014-05-14 21:56 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
- 2014-05-14 21:56 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
- 2014-05-14 21:56 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
- 2014-05-14 21:56 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
- 2014-05-14 21:56 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
- 2014-05-14 21:56 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
- 2014-05-14 21:56 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
- 2014-05-14 21:56 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
- 2014-05-14 21:56 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
- 2014-05-14 21:56 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
- 2014-05-14 21:56 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
- 2014-05-14 21:56 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
- 2014-05-14 21:56 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
- 2014-05-14 21:56 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
- 2014-05-14 21:56 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
- 2014-05-14 21:56 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
- 2014-05-14 21:56 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
- 2014-05-14 21:56 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
- 2014-05-14 21:56 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
- 2014-05-14 21:56 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
- 2014-05-14 21:56 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
- 2014-05-14 21:56 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
- 2014-05-14 21:56 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
- 2014-05-14 21:56 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
- 2014-05-14 21:56 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
- 2014-05-14 21:56 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
- 2014-05-14 21:56 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
- 2014-05-14 21:56 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
- 2014-05-14 21:56 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
- 2014-05-14 21:56 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
- 2014-05-14 21:56 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
- 2014-05-14 21:56 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
- 2014-05-14 21:56 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
- 2014-05-14 21:56 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
- 2014-05-14 21:56 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
- 2014-05-14 21:56 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
- 2014-05-14 21:56 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
- 2014-05-14 21:56 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
- 2014-05-14 21:56 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
- 2014-05-11 22:36 - 2014-05-11 22:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
- 2014-05-04 23:43 - 2014-05-15 11:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
- 2014-04-28 19:04 - 2014-04-28 19:04 - 00000000 __SHD () C:\Users\Frankie\AppData\Local\EmieUserList
- 2014-04-28 19:04 - 2014-04-28 19:04 - 00000000 __SHD () C:\Users\Frankie\AppData\Local\EmieSiteList
- 2014-04-28 00:47 - 2014-04-28 00:49 - 26077891 ____N () C:\Users\Frankie\Downloads\caged09full.wmv
- ==================== One Month Modified Files and Folders =======
- 2014-05-25 11:11 - 2014-05-25 11:11 - 00031365 _____ () C:\Users\Frankie\Downloads\FRST.txt
- 2014-05-25 11:11 - 2014-05-25 11:10 - 00000000 ____D () C:\FRST
- 2014-05-25 11:10 - 2014-05-25 11:10 - 02066944 _____ (Farbar) C:\Users\Frankie\Downloads\FRST64.exe
- 2014-05-25 11:09 - 2013-10-29 12:30 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- 2014-05-25 11:08 - 2009-07-14 01:10 - 02030261 _____ () C:\Windows\WindowsUpdate.log
- 2014-05-25 11:06 - 2013-05-11 18:22 - 00000000 ____D () C:\Users\Frankie\Documents\ORBA
- 2014-05-25 11:01 - 2012-01-10 03:03 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
- 2014-05-25 11:00 - 2013-10-29 12:30 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- 2014-05-25 10:57 - 2014-05-17 20:30 - 00000948 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
- 2014-05-25 10:57 - 2014-05-17 20:30 - 00000944 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
- 2014-05-25 10:57 - 2013-07-26 16:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
- 2014-05-25 10:57 - 2012-02-18 14:30 - 00000000 ____D () C:\ProgramData\LogMeIn
- 2014-05-25 10:57 - 2012-02-13 16:50 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2055394165-2191592282-3138062650-1001UA.job
- 2014-05-25 10:57 - 2012-02-13 16:50 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2055394165-2191592282-3138062650-1001Core.job
- 2014-05-24 11:13 - 2014-05-24 10:42 - 00010257 _____ () C:\Users\Frankie\Documents\Timberview Trail Inventory.xlsx
- 2014-05-24 10:42 - 2014-05-24 10:42 - 00000165 ____H () C:\Users\Frankie\Documents\~$Timberview Trail Inventory.xlsx
- 2014-05-24 10:28 - 2009-07-14 00:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- 2014-05-24 10:28 - 2009-07-14 00:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- 2014-05-24 10:17 - 2013-05-21 22:05 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
- 2014-05-23 21:59 - 2009-07-14 00:51 - 00071315 _____ () C:\Windows\setupact.log
- 2014-05-23 15:29 - 2012-09-13 23:26 - 00000000 ____D () C:\Users\Frankie\AppData\Roaming\TS3Client
- 2014-05-23 15:22 - 2013-05-04 14:57 - 00000000 ____D () C:\Users\Frankie\Documents\Patriot
- 2014-05-23 13:45 - 2014-05-23 13:45 - 00013915 ____N () C:\Users\Frankie\Documents\Attach.txt
- 2014-05-23 13:44 - 2014-05-23 13:44 - 00036854 ____N () C:\Users\Frankie\Documents\DDS.txt
- 2014-05-23 13:43 - 2014-05-23 13:43 - 00036854 ____N () C:\Users\Frankie\Desktop\dds.txt
- 2014-05-23 13:43 - 2014-05-23 13:43 - 00013915 ____N () C:\Users\Frankie\Desktop\attach.txt
- 2014-05-23 13:39 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
- 2014-05-23 13:38 - 2014-05-23 13:38 - 00688992 ____R (Swearware) C:\Users\Frankie\Desktop\dds.com
- 2014-05-23 13:37 - 2011-01-25 11:41 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
- 2014-05-23 13:33 - 2014-05-23 13:33 - 00000000 ____D () C:\Program Files (x86)\Cobian Backup 11
- 2014-05-23 13:32 - 2014-05-23 13:30 - 19709440 ____N (Luis Cobian, CobianSoft) C:\Users\Frankie\Downloads\cbSetup.exe
- 2014-05-22 23:12 - 2012-01-11 15:30 - 00000132 _____ () C:\Users\Frankie\AppData\Roaming\Adobe PNG Format CS5 Prefs
- 2014-05-22 22:59 - 2012-01-10 01:32 - 00000000 ____D () C:\Users\Frankie\AppData\Local\VirtualStore
- 2014-05-22 12:29 - 2013-10-29 12:42 - 00002185 ____N () C:\Users\Public\Desktop\Google Chrome.lnk
- 2014-05-21 10:51 - 2014-05-20 16:28 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
- 2014-05-20 16:55 - 2014-05-20 16:28 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
- 2014-05-20 16:29 - 2014-05-20 16:29 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
- 2014-05-20 16:29 - 2014-05-20 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
- 2014-05-20 16:28 - 2014-05-20 16:28 - 00001397 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
- 2014-05-20 16:28 - 2014-05-20 16:28 - 00001385 ____N () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
- 2014-05-20 15:55 - 2014-05-20 15:51 - 46392680 ____N (Safer-Networking Ltd. ) C:\Users\Frankie\Downloads\spybot-2.3.exe
- 2014-05-18 23:48 - 2014-05-18 23:40 - 140752896 ____N () C:\Users\Frankie\Downloads\vehicles.img
- 2014-05-18 18:47 - 2013-10-29 20:46 - 00000000 ____D () C:\Program Files (x86)\Steam
- 2014-05-18 17:23 - 2014-05-17 21:11 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
- 2014-05-18 00:24 - 2014-05-18 00:24 - 00000000 ____D () C:\Users\Frankie\Desktop\Old Firefox Data
- 2014-05-17 23:59 - 2012-02-07 22:41 - 00000327 _____ () C:\Windows\Brownie.ini
- 2014-05-17 23:59 - 2012-01-10 01:32 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
- 2014-05-17 23:30 - 2014-01-21 14:16 - 00001006 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
- 2014-05-17 23:30 - 2011-01-25 13:20 - 00000000 ____D () C:\ProgramData\NVIDIA
- 2014-05-17 23:03 - 2011-01-25 13:17 - 00364874 _____ () C:\Windows\PFRO.log
- 2014-05-17 23:03 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
- 2014-05-17 23:03 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system
- 2014-05-17 21:53 - 2013-04-03 13:39 - 00000000 ____D () C:\Users\Frankie\Downloads\tkit
- 2014-05-17 21:10 - 2014-05-17 21:10 - 00001108 ____N () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
- 2014-05-17 21:10 - 2014-05-17 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
- 2014-05-17 21:10 - 2014-05-17 21:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
- 2014-05-17 21:10 - 2014-05-17 21:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
- 2014-05-17 21:10 - 2014-05-17 21:09 - 17305616 ____N (Malwarebytes Corporation ) C:\Users\Frankie\Downloads\mbam-setup-2.0.1.1004.exe
- 2014-05-17 21:03 - 2011-01-25 11:37 - 00002531 ____N () C:\freefallprotection.log
- 2014-05-17 21:03 - 2011-01-25 11:35 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
- 2014-05-17 20:51 - 2014-05-17 20:42 - 00000000 ____D () C:\AdwCleaner
- 2014-05-17 20:49 - 2012-10-15 15:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
- 2014-05-17 20:49 - 2012-01-10 03:03 - 00000000 ____D () C:\ProgramData\AVG2012
- 2014-05-17 20:43 - 2012-08-22 16:09 - 00000000 ____D () C:\Users\Frankie\AppData\Roaming\uTorrent
- 2014-05-17 20:41 - 2014-05-17 20:40 - 00929416 ____N (CNET Download.com) C:\Users\Frankie\Downloads\cbsidlm-cbsi188-AdwCleaner-SEO-75851221.exe
- 2014-05-17 20:30 - 2014-05-17 20:30 - 00003946 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
- 2014-05-17 20:30 - 2014-05-17 20:30 - 00003692 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
- 2014-05-17 20:15 - 2014-05-17 20:08 - 00000396 __RSH () C:\ProgramData\ntuser.pol
- 2014-05-17 20:09 - 2014-05-17 20:09 - 00000000 ____D () C:\Program Files (x86)\MSR
- 2014-05-17 20:08 - 2014-05-17 20:08 - 02271768 ____N () C:\Users\Frankie\Downloads\The.Wolf.of.Wall.Street.2013.720p.BluRay.X264-AMIABLE_[PublicHD].exe
- 2014-05-17 20:08 - 2014-05-17 20:08 - 00003250 _____ () C:\Windows\System32\Tasks\GPUpdate
- 2014-05-17 20:08 - 2014-05-17 20:08 - 00000000 ____D () C:\Users\Frankie\AppData\Roaming\wi_upd
- 2014-05-17 20:08 - 2014-05-17 20:08 - 00000000 ____D () C:\Users\Frankie\AppData\Roaming\GetPrivate
- 2014-05-17 20:08 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
- 2014-05-17 20:08 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
- 2014-05-17 12:56 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
- 2014-05-16 00:46 - 2014-05-16 00:45 - 00000000 ____D () C:\Users\Frankie\Documents\ELS
- 2014-05-15 11:39 - 2014-05-04 23:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
- 2014-05-15 11:27 - 2012-01-10 01:32 - 00000000 ___RD () C:\Users\Frankie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
- 2014-05-15 11:27 - 2012-01-10 01:32 - 00000000 ___RD () C:\Users\Frankie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
- 2014-05-15 04:14 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
- 2014-05-15 03:35 - 2009-07-14 00:45 - 05265512 _____ () C:\Windows\system32\FNTCACHE.DAT
- 2014-05-15 03:32 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
- 2014-05-15 03:15 - 2012-01-10 01:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
- 2014-05-14 22:01 - 2014-01-12 14:07 - 00002441 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
- 2014-05-14 11:17 - 2014-02-17 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CarveWright
- 2014-05-14 11:17 - 2013-12-26 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filter Forge 4
- 2014-05-14 11:17 - 2012-03-19 22:34 - 00000000 ____D () C:\Users\Frankie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
- 2014-05-14 11:17 - 2012-01-25 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memorex exPressit Label Design Studio
- 2014-05-14 00:45 - 2013-07-26 16:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
- 2014-05-14 00:45 - 2012-07-03 15:54 - 00692400 ____N (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
- 2014-05-14 00:45 - 2012-02-17 13:15 - 00070832 ____N (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
- 2014-05-12 17:54 - 2012-01-10 01:20 - 00219048 _____ () C:\Users\Frankie\AppData\Local\GDIPFONTCACHEV1.DAT
- 2014-05-12 04:13 - 2014-01-11 13:07 - 00003128 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Retry
- 2014-05-11 22:36 - 2014-05-11 22:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
- 2014-05-08 17:12 - 2013-10-29 12:30 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
- 2014-05-08 17:12 - 2013-10-29 12:30 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
- 2014-05-06 00:40 - 2014-05-15 03:12 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
- 2014-05-06 00:17 - 2014-05-15 03:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
- 2014-05-05 23:25 - 2014-05-15 03:11 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
- 2014-05-05 23:07 - 2014-05-15 03:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
- 2014-05-05 23:00 - 2014-05-15 03:12 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
- 2014-05-05 22:10 - 2014-05-15 03:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
- 2014-04-28 19:04 - 2014-04-28 19:04 - 00000000 __SHD () C:\Users\Frankie\AppData\Local\EmieUserList
- 2014-04-28 19:04 - 2014-04-28 19:04 - 00000000 __SHD () C:\Users\Frankie\AppData\Local\EmieSiteList
- 2014-04-28 00:49 - 2014-04-28 00:47 - 26077891 ____N () C:\Users\Frankie\Downloads\caged09full.wmv
- 2014-04-25 00:12 - 2014-01-29 17:46 - 00000000 ____D () C:\Users\Frankie\AppData\Local\ArmA 2 OA
- ==================== Bamital & volsnap Check =================
- C:\Windows\System32\winlogon.exe => MD5 is legit
- C:\Windows\System32\wininit.exe => MD5 is legit
- C:\Windows\SysWOW64\wininit.exe => MD5 is legit
- C:\Windows\explorer.exe => MD5 is legit
- C:\Windows\SysWOW64\explorer.exe => MD5 is legit
- C:\Windows\System32\svchost.exe => MD5 is legit
- C:\Windows\SysWOW64\svchost.exe => MD5 is legit
- C:\Windows\System32\services.exe => MD5 is legit
- C:\Windows\System32\User32.dll => MD5 is legit
- C:\Windows\SysWOW64\User32.dll => MD5 is legit
- C:\Windows\System32\userinit.exe => MD5 is legit
- C:\Windows\SysWOW64\userinit.exe => MD5 is legit
- C:\Windows\System32\rpcss.dll => MD5 is legit
- C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
- LastRegBack: 2014-05-09 18:42
- ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement