API tools faq
paste
Advertisement
Guest User

FRST

a guest
May 27th, 2014
50
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 53.20 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 01
  2. Ran by Frankie (administrator) on 1139062-PC on 25-05-2014 11:11:00
  3. Running from C:\Users\Frankie\Downloads
  4. Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
  5. Internet Explorer Version 11
  6. Boot Mode: Normal
  7.  
  8. The only official download link for FRST:
  9. Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
  10. Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
  11. Download link from any site other than Bleeping Computer is unpermitted or outdated.
  12. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  13.  
  14. ==================== Processes (Whitelisted) =================
  15.  
  16. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
  17. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
  18. (NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
  19. (NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
  20. (Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
  21. (ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
  22. (Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
  23. (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
  24. (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  25. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
  26. (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
  27. (Starfield Technologies) C:\Program Files (x86)\Workspace\offSyncService.exe
  28. (Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
  29. (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
  30. (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
  31. (Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
  32. (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\PRISMSVC.exe
  33. (Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
  34. (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\PRISMSVR.exe
  35. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
  36. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
  37. (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
  38. (Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
  39. (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
  40. () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
  41. (Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
  42. (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
  43. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
  44. () C:\WINDOWS\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe
  45. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
  46. (Tether) C:\Program Files (x86)\Tether\TBService.exe
  47. (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
  48. (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
  49. (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
  50. (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
  51. (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
  52. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
  53. (Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
  54. (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
  55. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  56. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
  57. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  58. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
  59. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
  60. (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
  61. (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
  62. (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
  63. (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
  64. (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
  65. (Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
  66. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
  67. (Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector\QBWebConnector.exe
  68. (Dell Inc.) C:\Program Files (x86)\Dell Wireless\PRISMCFG.exe
  69. (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
  70. (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
  71. (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
  72. (Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe
  73. () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
  74. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
  75. (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
  76. (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
  77. (brother) C:\Program Files (x86)\Brownie\BrStsW64.exe
  78. (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
  79. () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
  80. (brother) C:\Program Files (x86)\Brownie\brpjp04a.exe
  81. (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
  82. (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
  83. (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
  84. (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
  85. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
  86. (Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
  87. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
  88. () C:\Program Files (x86)\Rockstar Games\GTA San Andreas\samp.exe
  89. (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  90. (Intuit Inc.) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 12.0\QBW32.EXE
  91. (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
  92. (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
  93. (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
  94. (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
  95. (Microsoft Corporation) C:\WINDOWS\splwow64.exe
  96. (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
  97. () C:\Program Files\AutoHotkey\AutoHotkey.exe
  98. (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
  99. (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
  100. (Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe
  101. (Intuit, Inc.) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 12.0\QBDBMgr.exe
  102. (Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
  103. (Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
  104. (PC-Doctor, Inc.) C:\Program Files\My Dell\imstrayicon.exe
  105. (PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe
  106. (The Privoxy team - www.privoxy.org) C:\Program Files (x86)\MSR\Privoxy\privoxy.exe
  107. (Microsoft Corporation) C:\WINDOWS\System32\SnippingTool.exe
  108. (Microsoft Corporation) C:\WINDOWS\System32\wisptis.exe
  109.  
  110.  
  111. ==================== Registry (Whitelisted) ==================
  112.  
  113. HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2247976 2010-07-15] (Synaptics Incorporated)
  114. HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6539880 2010-11-09] (Realtek Semiconductor)
  115. HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2181224 2010-11-03] (Realtek Semiconductor)
  116. HKLM\...\Run: [NVHotkey] => C:\Windows\system32\nvHotkey.dll [283240 2010-08-25] (NVIDIA Corporation)
  117. HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
  118. HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3206816 2010-08-04] (Dell Inc.)
  119. HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
  120. HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2011-09-16] (LogMeIn, Inc.)
  121. HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-19] (Creative Technology Ltd)
  122. HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
  123. HKLM-x32\...\Run: [RemoteControl9] => c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
  124. HKLM-x32\...\Run: [PDVD9LanguageShortcut] => c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
  125. HKLM-x32\...\Run: [BDRegion] => c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2010-09-28] (cyberlink)
  126. HKLM-x32\...\Run: [] => [X]
  127. HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-09-04] (Sonic Solutions)
  128. HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [518640 2010-09-03] ()
  129. HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
  130. HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
  131. HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
  132. HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
  133. HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
  134. HKLM-x32\...\Run: [AVG_TRAY] => C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
  135. HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [1874264 2011-08-19] (Intuit Inc. All rights reserved.)
  136. HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
  137. HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [3695928 2009-08-19] (brother)
  138. HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
  139. HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
  140. HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [933640 2012-01-19] (ABBYY.)
  141. HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
  142. HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
  143. HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
  144. HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
  145. HKLM-x32\...\Run: [Cobian Backup 11 interface] => C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808 2013-03-07] (Luis Cobian, CobianSoft)
  146. Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
  147. Winlogon\Notify\PRISMGNA.DLL-x32: PRISMGNA.DLL [X]
  148. Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
  149. HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
  150. HKU\S-1-5-21-2055394165-2191592282-3138062650-1001\...\Run: [Facebook Update] => "C:\Users\Frankie\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
  151. HKU\S-1-5-21-2055394165-2191592282-3138062650-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-23] (Valve Corporation)
  152. HKU\S-1-5-21-2055394165-2191592282-3138062650-1001\...\MountPoints2: {facfee63-28a6-11e0-9ac5-806e6f6e6963} - E:\Autorun.exe
  153. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk
  154. ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
  155. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
  156. ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
  157. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Web Connector.lnk
  158. ShortcutTarget: QuickBooks Web Connector.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector\QBWebConnector.exe (Intuit)
  159. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
  160. ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 12.0\QBW32.EXE (Intuit Inc.)
  161. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless USB 2.0 WLAN Card Utility.lnk
  162. ShortcutTarget: Wireless USB 2.0 WLAN Card Utility.lnk -> C:\Program Files (x86)\Dell Wireless\PRISMCFG.exe (Dell Inc.)
  163. Startup: C:\Users\Frankie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
  164. ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
  165. GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
  166.  
  167. ==================== Internet (Whitelisted) ====================
  168.  
  169. ProxyEnable: Internet Explorer proxy is enabled.
  170. ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
  171. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net
  172. HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
  173. SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  174. SearchScopes: HKCU - {2F2B9E42-9829-4617-914D-8C86E9E6DF1D} URL =
  175. SearchScopes: HKCU - {47A9AB82-C118-4F3D-9A13-9EF276CB5FDA} URL =
  176. SearchScopes: HKCU - {7A00FADA-D89A-4B61-BB68-1A6BD8A34F25} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3299568&CUI=UN37569520712089329&UM=2
  177. BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
  178. BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
  179. BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
  180. BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
  181. BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
  182. BHO-x32: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
  183. BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
  184. BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
  185. BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
  186. BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
  187. BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
  188. BHO-x32: WinZip Courier BHO - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\Program Files (x86)\WinZip Courier\wzwmcie.dll (WinZip Computing, S.L.)
  189. BHO-x32: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  190. BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
  191. BHO-x32: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
  192. BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  193. Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
  194. Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File
  195. Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - No File
  196. Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
  197. Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File
  198. Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
  199. Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll No File
  200. Handler-x32: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 12.0\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
  201. Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
  202. Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
  203. Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  204. Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  205. Hosts: 127.0.0.1 activate.adobe.com
  206. Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
  207. Tcpip\..\Interfaces\{81FB0693-D9A1-4833-9182-B18DC2228D9F}: [NameServer]8.8.8.8,8.8.4.4
  208.  
  209. FireFox:
  210. ========
  211. FF ProfilePath: C:\Users\Frankie\AppData\Roaming\Mozilla\Firefox\Profiles\fzk89261.default-1400387062475
  212. FF NetworkProxy: "type", 1);user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118
  213. FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
  214. FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
  215. FF Plugin: @microsoft.com/GENUINE - disabled No File
  216. FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
  217. FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  218. FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
  219. FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
  220. FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  221. FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  222. FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
  223. FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
  224. FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
  225. FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  226. FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
  227. FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  228. FF Plugin-x32: @Motive.com/NpMotive,version=1.0 - C:\Program Files (x86)\ATT\8.3.1.18\ma\bin\npMotive.dll No File
  229. FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
  230. FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
  231. FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
  232. FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
  233. FF Plugin-x32: @winzip.com/Winzip Courier - C:\Program Files (x86)\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
  234. FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  235. FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Frankie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
  236. FF Plugin HKCU: @starfield.com/off - C:\Users\Frankie\AppData\Roaming\Mozilla\Plugins\npoff.dll ( Starfield Technologies, LLC.)
  237. FF Plugin HKCU: @starfield.com/off64 - C:\Users\Frankie\AppData\Roaming\Mozilla\Plugins\npoff64.dll ( Starfield Technologies, LLC.)
  238. FF Plugin HKCU: @starfield.com/wbe - C:\Users\Frankie\AppData\Roaming\Mozilla\Plugins\npwbe.dll (Starfield Technology, LLC)
  239. FF Plugin HKCU: @starfield.com/wbe64 - C:\Users\Frankie\AppData\Roaming\Mozilla\Plugins\npwbe64.dll (Starfield Technology, LLC)
  240. FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Frankie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
  241. FF Plugin ProgramFiles/Appdata: C:\Users\Frankie\AppData\Roaming\mozilla\plugins\npoff.dll ( Starfield Technologies, LLC.)
  242. FF Plugin ProgramFiles/Appdata: C:\Users\Frankie\AppData\Roaming\mozilla\plugins\npoff64.dll ( Starfield Technologies, LLC.)
  243. FF Plugin ProgramFiles/Appdata: C:\Users\Frankie\AppData\Roaming\mozilla\plugins\npwbe.dll (Starfield Technology, LLC)
  244. FF Plugin ProgramFiles/Appdata: C:\Users\Frankie\AppData\Roaming\mozilla\plugins\npwbe64.dll (Starfield Technology, LLC)
  245. FF SearchPlugin: C:\Users\Frankie\AppData\Roaming\Mozilla\Firefox\Profiles\fzk89261.default-1400387062475\searchplugins\youtube-video-search.xml
  246. FF Extension: WBE Paste - C:\Users\Frankie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\wbepaste@starfield [2012-12-26]
  247. FF Extension: Workspace Email Zoom - C:\Users\Frankie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\zoomext@starfield [2012-12-26]
  248. FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox
  249. FF Extension: Bing Bar - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011-01-25]
  250. FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
  251. FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ []
  252. FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
  253. FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ []
  254. FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4\
  255. FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4\ []
  256. FF HKLM-x32\...\Firefox\Extensions: [{74c841e3-b59f-479e-8d7a-e26a942a87c8}] - C:\Program Files (x86)\WinZip Courier\FFExt
  257. FF Extension: WinZip Courier - C:\Program Files (x86)\WinZip Courier\FFExt [2012-01-11]
  258. FF HKLM-x32\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\
  259. FF Extension: AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ []
  260. FF HKLM-x32\...\Thunderbird\Extensions: [avgthb@avg.com] - C:\Program Files (x86)\AVG\AVG2012\Thunderbird\
  261. FF Extension: AVG E-mail Scanner - C:\Program Files (x86)\AVG\AVG2012\Thunderbird\ []
  262.  
  263. Chrome:
  264. =======
  265. CHR HomePage:
  266. CHR DefaultSearchKeyword: yahoo.com
  267. CHR DefaultSearchProvider: Yahoo!
  268. CHR DefaultSearchURL: http://search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
  269. CHR DefaultNewTabURL:
  270. CHR Extension: (Google Wallet) - C:\Users\Frankie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-29]
  271. CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  272.  
  273. ==================== Services (Whitelisted) =================
  274.  
  275. R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [818952 2011-12-22] (ABBYY)
  276. R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
  277. R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
  278. S2 CLKMSVC10_9EC60124; c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [254448 2010-09-28] (CyberLink)
  279. R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft)
  280. R2 File Backup; C:\Program Files (x86)\Workspace\offSyncService.exe [1187040 2013-07-22] (Starfield Technologies)
  281. R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project)
  282. R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project)
  283. R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-04-18] (LogMeIn, Inc.)
  284. R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-04-18] (LogMeIn, Inc.)
  285. R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2011-09-16] (LogMeIn, Inc.)
  286. S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
  287. R2 RealtekCU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.)
  288. R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
  289. R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
  290. R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
  291. R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
  292. R2 SystemUpdatekb70007; C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe [18944 2014-05-08] ()
  293. R2 Tether; C:\Program Files (x86)\Tether\TBService.exe [125376 2012-03-28] (Tether)
  294. S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc [X]
  295. R2 PRISMSVC; C:\Windows\system32\PRISMSVC.EXE [X]
  296.  
  297. ==================== Drivers (Whitelisted) ====================
  298.  
  299. R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG Technologies CZ, s.r.o. )
  300. R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
  301. R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
  302. R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.)
  303. R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
  304. R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
  305. R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2013-04-11] (AVG Technologies CZ, s.r.o.)
  306. R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
  307. R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-05-29] (LogMeIn, Inc.)
  308. S4 LMIRfsClientNP; No ImagePath
  309. S3 RemoteControl-USBLAN; C:\Windows\System32\DRIVERS\rcblan.sys [46616 2007-01-24] (Belcarra Technologies)
  310. R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1525904 2012-11-07] (Realtek Semiconductor Corporation )
  311. R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
  312. R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
  313. S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
  314. S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
  315. S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
  316. S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
  317. S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
  318. S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
  319.  
  320. ==================== NetSvcs (Whitelisted) ===================
  321.  
  322.  
  323. ==================== One Month Created Files and Folders ========
  324.  
  325. 2014-05-25 11:11 - 2014-05-25 11:11 - 00031365 _____ () C:\Users\Frankie\Downloads\FRST.txt
  326. 2014-05-25 11:10 - 2014-05-25 11:11 - 00000000 ____D () C:\FRST
  327. 2014-05-25 11:10 - 2014-05-25 11:10 - 02066944 _____ (Farbar) C:\Users\Frankie\Downloads\FRST64.exe
  328. 2014-05-24 10:42 - 2014-05-24 11:13 - 00010257 _____ () C:\Users\Frankie\Documents\Timberview Trail Inventory.xlsx
  329. 2014-05-24 10:42 - 2014-05-24 10:42 - 00000165 ____H () C:\Users\Frankie\Documents\~$Timberview Trail Inventory.xlsx
  330. 2014-05-23 13:45 - 2014-05-23 13:45 - 00013915 ____N () C:\Users\Frankie\Documents\Attach.txt
  331. 2014-05-23 13:44 - 2014-05-23 13:44 - 00036854 ____N () C:\Users\Frankie\Documents\DDS.txt
  332. 2014-05-23 13:43 - 2014-05-23 13:43 - 00036854 ____N () C:\Users\Frankie\Desktop\dds.txt
  333. 2014-05-23 13:43 - 2014-05-23 13:43 - 00013915 ____N () C:\Users\Frankie\Desktop\attach.txt
  334. 2014-05-23 13:38 - 2014-05-23 13:38 - 00688992 ____R (Swearware) C:\Users\Frankie\Desktop\dds.com
  335. 2014-05-23 13:33 - 2014-05-23 13:33 - 00000000 ____D () C:\Program Files (x86)\Cobian Backup 11
  336. 2014-05-23 13:30 - 2014-05-23 13:32 - 19709440 ____N (Luis Cobian, CobianSoft) C:\Users\Frankie\Downloads\cbSetup.exe
  337. 2014-05-20 16:29 - 2014-05-20 16:29 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
  338. 2014-05-20 16:28 - 2014-05-21 10:51 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
  339. 2014-05-20 16:28 - 2014-05-20 16:55 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
  340. 2014-05-20 16:28 - 2014-05-20 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
  341. 2014-05-20 16:28 - 2014-05-20 16:28 - 00001397 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
  342. 2014-05-20 16:28 - 2014-05-20 16:28 - 00001385 ____N () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
  343. 2014-05-20 16:28 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
  344. 2014-05-20 15:51 - 2014-05-20 15:55 - 46392680 ____N (Safer-Networking Ltd. ) C:\Users\Frankie\Downloads\spybot-2.3.exe
  345. 2014-05-18 23:40 - 2014-05-18 23:48 - 140752896 ____N () C:\Users\Frankie\Downloads\vehicles.img
  346. 2014-05-18 00:24 - 2014-05-18 00:24 - 00000000 ____D () C:\Users\Frankie\Desktop\Old Firefox Data
  347. 2014-05-17 21:11 - 2014-05-18 17:23 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
  348. 2014-05-17 21:10 - 2014-05-17 21:10 - 00001108 ____N () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
  349. 2014-05-17 21:10 - 2014-05-17 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
  350. 2014-05-17 21:10 - 2014-05-17 21:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
  351. 2014-05-17 21:10 - 2014-05-17 21:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
  352. 2014-05-17 21:10 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
  353. 2014-05-17 21:10 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
  354. 2014-05-17 21:10 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
  355. 2014-05-17 21:09 - 2014-05-17 21:10 - 17305616 ____N (Malwarebytes Corporation ) C:\Users\Frankie\Downloads\mbam-setup-2.0.1.1004.exe
  356. 2014-05-17 20:43 - 2010-08-30 08:34 - 00536576 ____N (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
  357. 2014-05-17 20:42 - 2014-05-17 20:51 - 00000000 ____D () C:\AdwCleaner
  358. 2014-05-17 20:40 - 2014-05-17 20:41 - 00929416 ____N (CNET Download.com) C:\Users\Frankie\Downloads\cbsidlm-cbsi188-AdwCleaner-SEO-75851221.exe
  359. 2014-05-17 20:30 - 2014-05-25 10:57 - 00000948 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
  360. 2014-05-17 20:30 - 2014-05-25 10:57 - 00000944 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
  361. 2014-05-17 20:30 - 2014-05-17 20:30 - 00003946 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
  362. 2014-05-17 20:30 - 2014-05-17 20:30 - 00003692 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
  363. 2014-05-17 20:09 - 2014-05-17 20:09 - 00000000 ____D () C:\Program Files (x86)\MSR
  364. 2014-05-17 20:08 - 2014-05-17 20:15 - 00000396 __RSH () C:\ProgramData\ntuser.pol
  365. 2014-05-17 20:08 - 2014-05-17 20:08 - 02271768 ____N () C:\Users\Frankie\Downloads\The.Wolf.of.Wall.Street.2013.720p.BluRay.X264-AMIABLE_[PublicHD].exe
  366. 2014-05-17 20:08 - 2014-05-17 20:08 - 00003250 _____ () C:\Windows\System32\Tasks\GPUpdate
  367. 2014-05-17 20:08 - 2014-05-17 20:08 - 00000000 ____D () C:\Users\Frankie\AppData\Roaming\wi_upd
  368. 2014-05-17 20:08 - 2014-05-17 20:08 - 00000000 ____D () C:\Users\Frankie\AppData\Roaming\GetPrivate
  369. 2014-05-16 00:45 - 2014-05-16 00:46 - 00000000 ____D () C:\Users\Frankie\Documents\ELS
  370. 2014-05-15 03:12 - 2014-05-06 00:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
  371. 2014-05-15 03:12 - 2014-05-05 23:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
  372. 2014-05-15 03:12 - 2014-05-05 22:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
  373. 2014-05-15 03:11 - 2014-05-06 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
  374. 2014-05-15 03:11 - 2014-05-05 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
  375. 2014-05-15 03:11 - 2014-05-05 23:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
  376. 2014-05-14 21:57 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
  377. 2014-05-14 21:57 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
  378. 2014-05-14 21:56 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
  379. 2014-05-14 21:56 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
  380. 2014-05-14 21:56 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
  381. 2014-05-14 21:56 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
  382. 2014-05-14 21:56 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
  383. 2014-05-14 21:56 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
  384. 2014-05-14 21:56 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
  385. 2014-05-14 21:56 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
  386. 2014-05-14 21:56 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
  387. 2014-05-14 21:56 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
  388. 2014-05-14 21:56 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
  389. 2014-05-14 21:56 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
  390. 2014-05-14 21:56 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
  391. 2014-05-14 21:56 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
  392. 2014-05-14 21:56 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
  393. 2014-05-14 21:56 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
  394. 2014-05-14 21:56 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
  395. 2014-05-14 21:56 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
  396. 2014-05-14 21:56 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
  397. 2014-05-14 21:56 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
  398. 2014-05-14 21:56 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
  399. 2014-05-14 21:56 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
  400. 2014-05-14 21:56 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
  401. 2014-05-14 21:56 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
  402. 2014-05-14 21:56 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
  403. 2014-05-14 21:56 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
  404. 2014-05-14 21:56 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
  405. 2014-05-14 21:56 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
  406. 2014-05-14 21:56 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
  407. 2014-05-14 21:56 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
  408. 2014-05-14 21:56 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
  409. 2014-05-14 21:56 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
  410. 2014-05-14 21:56 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
  411. 2014-05-14 21:56 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
  412. 2014-05-14 21:56 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
  413. 2014-05-14 21:56 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
  414. 2014-05-14 21:56 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
  415. 2014-05-14 21:56 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
  416. 2014-05-14 21:56 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
  417. 2014-05-14 21:56 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
  418. 2014-05-14 21:56 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
  419. 2014-05-11 22:36 - 2014-05-11 22:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
  420. 2014-05-04 23:43 - 2014-05-15 11:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
  421. 2014-04-28 19:04 - 2014-04-28 19:04 - 00000000 __SHD () C:\Users\Frankie\AppData\Local\EmieUserList
  422. 2014-04-28 19:04 - 2014-04-28 19:04 - 00000000 __SHD () C:\Users\Frankie\AppData\Local\EmieSiteList
  423. 2014-04-28 00:47 - 2014-04-28 00:49 - 26077891 ____N () C:\Users\Frankie\Downloads\caged09full.wmv
  424.  
  425. ==================== One Month Modified Files and Folders =======
  426.  
  427. 2014-05-25 11:11 - 2014-05-25 11:11 - 00031365 _____ () C:\Users\Frankie\Downloads\FRST.txt
  428. 2014-05-25 11:11 - 2014-05-25 11:10 - 00000000 ____D () C:\FRST
  429. 2014-05-25 11:10 - 2014-05-25 11:10 - 02066944 _____ (Farbar) C:\Users\Frankie\Downloads\FRST64.exe
  430. 2014-05-25 11:09 - 2013-10-29 12:30 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  431. 2014-05-25 11:08 - 2009-07-14 01:10 - 02030261 _____ () C:\Windows\WindowsUpdate.log
  432. 2014-05-25 11:06 - 2013-05-11 18:22 - 00000000 ____D () C:\Users\Frankie\Documents\ORBA
  433. 2014-05-25 11:01 - 2012-01-10 03:03 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
  434. 2014-05-25 11:00 - 2013-10-29 12:30 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  435. 2014-05-25 10:57 - 2014-05-17 20:30 - 00000948 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
  436. 2014-05-25 10:57 - 2014-05-17 20:30 - 00000944 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
  437. 2014-05-25 10:57 - 2013-07-26 16:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
  438. 2014-05-25 10:57 - 2012-02-18 14:30 - 00000000 ____D () C:\ProgramData\LogMeIn
  439. 2014-05-25 10:57 - 2012-02-13 16:50 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2055394165-2191592282-3138062650-1001UA.job
  440. 2014-05-25 10:57 - 2012-02-13 16:50 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2055394165-2191592282-3138062650-1001Core.job
  441. 2014-05-24 11:13 - 2014-05-24 10:42 - 00010257 _____ () C:\Users\Frankie\Documents\Timberview Trail Inventory.xlsx
  442. 2014-05-24 10:42 - 2014-05-24 10:42 - 00000165 ____H () C:\Users\Frankie\Documents\~$Timberview Trail Inventory.xlsx
  443. 2014-05-24 10:28 - 2009-07-14 00:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  444. 2014-05-24 10:28 - 2009-07-14 00:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  445. 2014-05-24 10:17 - 2013-05-21 22:05 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
  446. 2014-05-23 21:59 - 2009-07-14 00:51 - 00071315 _____ () C:\Windows\setupact.log
  447. 2014-05-23 15:29 - 2012-09-13 23:26 - 00000000 ____D () C:\Users\Frankie\AppData\Roaming\TS3Client
  448. 2014-05-23 15:22 - 2013-05-04 14:57 - 00000000 ____D () C:\Users\Frankie\Documents\Patriot
  449. 2014-05-23 13:45 - 2014-05-23 13:45 - 00013915 ____N () C:\Users\Frankie\Documents\Attach.txt
  450. 2014-05-23 13:44 - 2014-05-23 13:44 - 00036854 ____N () C:\Users\Frankie\Documents\DDS.txt
  451. 2014-05-23 13:43 - 2014-05-23 13:43 - 00036854 ____N () C:\Users\Frankie\Desktop\dds.txt
  452. 2014-05-23 13:43 - 2014-05-23 13:43 - 00013915 ____N () C:\Users\Frankie\Desktop\attach.txt
  453. 2014-05-23 13:39 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
  454. 2014-05-23 13:38 - 2014-05-23 13:38 - 00688992 ____R (Swearware) C:\Users\Frankie\Desktop\dds.com
  455. 2014-05-23 13:37 - 2011-01-25 11:41 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
  456. 2014-05-23 13:33 - 2014-05-23 13:33 - 00000000 ____D () C:\Program Files (x86)\Cobian Backup 11
  457. 2014-05-23 13:32 - 2014-05-23 13:30 - 19709440 ____N (Luis Cobian, CobianSoft) C:\Users\Frankie\Downloads\cbSetup.exe
  458. 2014-05-22 23:12 - 2012-01-11 15:30 - 00000132 _____ () C:\Users\Frankie\AppData\Roaming\Adobe PNG Format CS5 Prefs
  459. 2014-05-22 22:59 - 2012-01-10 01:32 - 00000000 ____D () C:\Users\Frankie\AppData\Local\VirtualStore
  460. 2014-05-22 12:29 - 2013-10-29 12:42 - 00002185 ____N () C:\Users\Public\Desktop\Google Chrome.lnk
  461. 2014-05-21 10:51 - 2014-05-20 16:28 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
  462. 2014-05-20 16:55 - 2014-05-20 16:28 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
  463. 2014-05-20 16:29 - 2014-05-20 16:29 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
  464. 2014-05-20 16:29 - 2014-05-20 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
  465. 2014-05-20 16:28 - 2014-05-20 16:28 - 00001397 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
  466. 2014-05-20 16:28 - 2014-05-20 16:28 - 00001385 ____N () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
  467. 2014-05-20 15:55 - 2014-05-20 15:51 - 46392680 ____N (Safer-Networking Ltd. ) C:\Users\Frankie\Downloads\spybot-2.3.exe
  468. 2014-05-18 23:48 - 2014-05-18 23:40 - 140752896 ____N () C:\Users\Frankie\Downloads\vehicles.img
  469. 2014-05-18 18:47 - 2013-10-29 20:46 - 00000000 ____D () C:\Program Files (x86)\Steam
  470. 2014-05-18 17:23 - 2014-05-17 21:11 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
  471. 2014-05-18 00:24 - 2014-05-18 00:24 - 00000000 ____D () C:\Users\Frankie\Desktop\Old Firefox Data
  472. 2014-05-17 23:59 - 2012-02-07 22:41 - 00000327 _____ () C:\Windows\Brownie.ini
  473. 2014-05-17 23:59 - 2012-01-10 01:32 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
  474. 2014-05-17 23:30 - 2014-01-21 14:16 - 00001006 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
  475. 2014-05-17 23:30 - 2011-01-25 13:20 - 00000000 ____D () C:\ProgramData\NVIDIA
  476. 2014-05-17 23:03 - 2011-01-25 13:17 - 00364874 _____ () C:\Windows\PFRO.log
  477. 2014-05-17 23:03 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
  478. 2014-05-17 23:03 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system
  479. 2014-05-17 21:53 - 2013-04-03 13:39 - 00000000 ____D () C:\Users\Frankie\Downloads\tkit
  480. 2014-05-17 21:10 - 2014-05-17 21:10 - 00001108 ____N () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
  481. 2014-05-17 21:10 - 2014-05-17 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
  482. 2014-05-17 21:10 - 2014-05-17 21:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
  483. 2014-05-17 21:10 - 2014-05-17 21:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
  484. 2014-05-17 21:10 - 2014-05-17 21:09 - 17305616 ____N (Malwarebytes Corporation ) C:\Users\Frankie\Downloads\mbam-setup-2.0.1.1004.exe
  485. 2014-05-17 21:03 - 2011-01-25 11:37 - 00002531 ____N () C:\freefallprotection.log
  486. 2014-05-17 21:03 - 2011-01-25 11:35 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
  487. 2014-05-17 20:51 - 2014-05-17 20:42 - 00000000 ____D () C:\AdwCleaner
  488. 2014-05-17 20:49 - 2012-10-15 15:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
  489. 2014-05-17 20:49 - 2012-01-10 03:03 - 00000000 ____D () C:\ProgramData\AVG2012
  490. 2014-05-17 20:43 - 2012-08-22 16:09 - 00000000 ____D () C:\Users\Frankie\AppData\Roaming\uTorrent
  491. 2014-05-17 20:41 - 2014-05-17 20:40 - 00929416 ____N (CNET Download.com) C:\Users\Frankie\Downloads\cbsidlm-cbsi188-AdwCleaner-SEO-75851221.exe
  492. 2014-05-17 20:30 - 2014-05-17 20:30 - 00003946 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
  493. 2014-05-17 20:30 - 2014-05-17 20:30 - 00003692 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
  494. 2014-05-17 20:15 - 2014-05-17 20:08 - 00000396 __RSH () C:\ProgramData\ntuser.pol
  495. 2014-05-17 20:09 - 2014-05-17 20:09 - 00000000 ____D () C:\Program Files (x86)\MSR
  496. 2014-05-17 20:08 - 2014-05-17 20:08 - 02271768 ____N () C:\Users\Frankie\Downloads\The.Wolf.of.Wall.Street.2013.720p.BluRay.X264-AMIABLE_[PublicHD].exe
  497. 2014-05-17 20:08 - 2014-05-17 20:08 - 00003250 _____ () C:\Windows\System32\Tasks\GPUpdate
  498. 2014-05-17 20:08 - 2014-05-17 20:08 - 00000000 ____D () C:\Users\Frankie\AppData\Roaming\wi_upd
  499. 2014-05-17 20:08 - 2014-05-17 20:08 - 00000000 ____D () C:\Users\Frankie\AppData\Roaming\GetPrivate
  500. 2014-05-17 20:08 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
  501. 2014-05-17 20:08 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
  502. 2014-05-17 12:56 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
  503. 2014-05-16 00:46 - 2014-05-16 00:45 - 00000000 ____D () C:\Users\Frankie\Documents\ELS
  504. 2014-05-15 11:39 - 2014-05-04 23:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
  505. 2014-05-15 11:27 - 2012-01-10 01:32 - 00000000 ___RD () C:\Users\Frankie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
  506. 2014-05-15 11:27 - 2012-01-10 01:32 - 00000000 ___RD () C:\Users\Frankie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
  507. 2014-05-15 04:14 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
  508. 2014-05-15 03:35 - 2009-07-14 00:45 - 05265512 _____ () C:\Windows\system32\FNTCACHE.DAT
  509. 2014-05-15 03:32 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
  510. 2014-05-15 03:15 - 2012-01-10 01:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
  511. 2014-05-14 22:01 - 2014-01-12 14:07 - 00002441 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
  512. 2014-05-14 11:17 - 2014-02-17 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CarveWright
  513. 2014-05-14 11:17 - 2013-12-26 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filter Forge 4
  514. 2014-05-14 11:17 - 2012-03-19 22:34 - 00000000 ____D () C:\Users\Frankie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
  515. 2014-05-14 11:17 - 2012-01-25 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memorex exPressit Label Design Studio
  516. 2014-05-14 00:45 - 2013-07-26 16:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
  517. 2014-05-14 00:45 - 2012-07-03 15:54 - 00692400 ____N (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
  518. 2014-05-14 00:45 - 2012-02-17 13:15 - 00070832 ____N (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
  519. 2014-05-12 17:54 - 2012-01-10 01:20 - 00219048 _____ () C:\Users\Frankie\AppData\Local\GDIPFONTCACHEV1.DAT
  520. 2014-05-12 04:13 - 2014-01-11 13:07 - 00003128 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Retry
  521. 2014-05-11 22:36 - 2014-05-11 22:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
  522. 2014-05-08 17:12 - 2013-10-29 12:30 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
  523. 2014-05-08 17:12 - 2013-10-29 12:30 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
  524. 2014-05-06 00:40 - 2014-05-15 03:12 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
  525. 2014-05-06 00:17 - 2014-05-15 03:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
  526. 2014-05-05 23:25 - 2014-05-15 03:11 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
  527. 2014-05-05 23:07 - 2014-05-15 03:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
  528. 2014-05-05 23:00 - 2014-05-15 03:12 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
  529. 2014-05-05 22:10 - 2014-05-15 03:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
  530. 2014-04-28 19:04 - 2014-04-28 19:04 - 00000000 __SHD () C:\Users\Frankie\AppData\Local\EmieUserList
  531. 2014-04-28 19:04 - 2014-04-28 19:04 - 00000000 __SHD () C:\Users\Frankie\AppData\Local\EmieSiteList
  532. 2014-04-28 00:49 - 2014-04-28 00:47 - 26077891 ____N () C:\Users\Frankie\Downloads\caged09full.wmv
  533. 2014-04-25 00:12 - 2014-01-29 17:46 - 00000000 ____D () C:\Users\Frankie\AppData\Local\ArmA 2 OA
  534.  
  535. ==================== Bamital & volsnap Check =================
  536.  
  537. C:\Windows\System32\winlogon.exe => MD5 is legit
  538. C:\Windows\System32\wininit.exe => MD5 is legit
  539. C:\Windows\SysWOW64\wininit.exe => MD5 is legit
  540. C:\Windows\explorer.exe => MD5 is legit
  541. C:\Windows\SysWOW64\explorer.exe => MD5 is legit
  542. C:\Windows\System32\svchost.exe => MD5 is legit
  543. C:\Windows\SysWOW64\svchost.exe => MD5 is legit
  544. C:\Windows\System32\services.exe => MD5 is legit
  545. C:\Windows\System32\User32.dll => MD5 is legit
  546. C:\Windows\SysWOW64\User32.dll => MD5 is legit
  547. C:\Windows\System32\userinit.exe => MD5 is legit
  548. C:\Windows\SysWOW64\userinit.exe => MD5 is legit
  549. C:\Windows\System32\rpcss.dll => MD5 is legit
  550. C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
  551.  
  552.  
  553. LastRegBack: 2014-05-09 18:42
  554.  
  555. ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!