Jump to content

PUP.Optional.Spigot.A Quarantined still shows up on check scan


Recommended Posts

Hi & :welcome:

My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully. :excl:

  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
frst.pngfrstscan.png

Please download Farbar Recovery Scan Tool and save it to your Desktop.

(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)

  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.
Link to post
Share on other sites


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01

Ran by David (administrator) on DAVIDS-LAPTOP on 16-07-2014 22:31:36

Running from C:\Users\David\Downloads

Platform: Windows 8 Pro (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe

() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe

(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe

(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Intel Corporation) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe

(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe

(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Spotify Ltd) C:\Users\David\AppData\Roaming\Spotify\spotify.exe

(Spotify Ltd) C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe

() C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

() C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

() C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe

() C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe

(Webroot) C:\Program Files\Webroot\WRSA.exe

(Webroot) C:\Program Files\Webroot\WRSA.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

() C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [79376 2013-07-31] (Intel Corporation)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)

HKLM\...\Run: [bTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7830328 2013-05-21] (Motorola Solutions, Inc.)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-07-10] (ASUSTek Computer Inc.)

HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)

HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [767152 2014-07-16] (Webroot)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer: [NoFolderOptions] 0

HKLM\...\Policies\Explorer: [NoViewOnDrive] 0

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0

HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0

HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0

HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0

HKLM\...\Policies\Explorer: [NoViewContextMenu] 0

HKLM\...\Policies\Explorer: [NoShellSearchButton] 0

HKLM\...\Policies\Explorer: [NoFind] 0

HKLM\...\Policies\Explorer: [NoFile] 0

HKLM\...\Policies\Explorer: [HideClock] 0

HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0

HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0

HKLM\...\Policies\Explorer: [NoSetFolders] 0

HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKLM\...\Policies\Explorer: [NoSetTaskbar] 0

HKLM\...\Policies\Explorer: [NoDeletePrinter] 0

HKLM\...\Policies\Explorer: [NoDFSTab] 0

HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0

HKLM\...\Policies\Explorer: [NoLogoff] 0

HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0

HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0

HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKLM\...\Policies\Explorer: [NoResolveSearch] 0

HKLM\...\Policies\Explorer: [NoSaveSettings] 0

HKLM\...\Policies\Explorer: [NoHardwareTab] 0

HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKLM\...\Policies\Explorer: [NoDesktop] 0

HKU\.DEFAULT\...\Policies\system: [DisableCMD] 0

HKU\.DEFAULT\...\Policies\system: [NoDispAppearancePage] 0

HKU\.DEFAULT\...\Policies\system: [NoDispBackgroundPage] 0

HKU\.DEFAULT\...\Policies\system: [NoDispSettingsPage] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoViewOnDrive] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0

HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0

HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0

HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0

HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoViewContextMenu] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoShellSearchButton] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoFind] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0

HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoTrayContextMenu] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoTrayItemsDisplay] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoWindowsUpdate] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0

HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0

HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0

HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0

HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0

HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0

HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0

HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0

HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0

HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0

HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0

HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0

HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0

HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0

HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0

HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\system: [DisableCMD] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\system: [NoDispAppearancePage] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\system: [NoDispBackgroundPage] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\system: [NoDispSettingsPage] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoViewOnDrive] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoViewContextMenu] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoShellSearchButton] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoFile] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [HideClock] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoTrayContextMenu] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoSetFolders] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoSetTaskbar] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoDeletePrinter] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoDFSTab] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoChangeStartMenu] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoLogoff] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoWindowsUpdate] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoEncryptOnMove] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoResolveSearch] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoSaveSettings] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoHardwareTab] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Run: [spotify] => C:\Users\David\AppData\Roaming\Spotify\Spotify.exe [6162488 2014-07-07] (Spotify Ltd)

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Run: [spotify Web Helper] => C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-07] (Spotify Ltd)

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Run: [GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Run: [Kies3PDLR.exe] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [844360 2014-05-22] (Samsung)

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Run: [Facebook Update] => C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-07-07] (Facebook Inc.)

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\system: [DisableCMD] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\system: [NoDispAppearancePage] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\system: [NoDispBackgroundPage] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\system: [NoDispSettingsPage] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoViewOnDrive] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [DisableLocalMachineRun] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [DisableCurrentUserRun] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoViewContextMenu] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoShellSearchButton] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoFile] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [HideClock] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoTrayContextMenu] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoTrayItemsDisplay] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoSetFolders] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoSetTaskbar] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoDeletePrinter] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoDFSTab] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoChangeStartMenu] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoLogoff] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoWindowsUpdate] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoEncryptOnMove] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoResolveSearch] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoSaveSettings] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoHardwareTab] 0

HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoStartMenuSubFolders] 0

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)

AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-12-10] (NVIDIA Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk

ShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk

ShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)

ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=BDT3&ocid=BDT3DHP

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS

SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)

BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)

BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)

BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)

BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)

Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:

========

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\David\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

 

Chrome: 

=======

CHR HomePage: 

CHR StartupUrls: "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP", "hxxp://search.yahoo.com/?type=599486&fr=spigot-yhp-ch"

CHR Extension: (Google Docs) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-30]

CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-30]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-01]

CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-30]

CHR Extension: (Adblock Plus) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-07]

CHR Extension: (Google Search) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-30]

CHR Extension: (HTTPS Everywhere) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-05-07]

CHR Extension: (Webroot Filtering Extension) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-05-07]

CHR Extension: (Ghostery) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-05-07]

CHR Extension: (Google Wallet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-07]

CHR Extension: (ScriptSafe) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2014-05-07]

CHR Extension: (Webroot Password Manager) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab [2014-07-03]

CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-30]

CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.32.crx [2014-04-09]

CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2014-04-09]

 

==================== Services (Whitelisted) =================

 

R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]

R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [283296 2013-07-26] (Intel Corporation)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2279608 2014-05-21] (Microsoft Corporation)

R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83032 2013-07-31] (Intel Corporation)

R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [100032 2013-07-31] (Intel Corporation)

R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [84568 2013-07-31] (Intel Corporation)

R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92864 2013-07-31] (Intel Corporation)

R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2011-09-06] ()

R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-31] (Intel Corporation)

R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-08-15] (Intel Corporation)

S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-31] (Intel Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [767152 2014-07-16] (Webroot)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

 

==================== Drivers (Whitelisted) ====================

 

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70416 2013-09-04] (ASUS Corporation)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)

R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2013-08-01] (Motorola Solutions, Inc.)

S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)

S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)

R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [68072 2013-07-31] (Intel Corporation)

R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [57216 2013-07-31] (Intel Corporation)

R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [120256 2013-07-31] (Intel Corporation)

R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [200808 2013-07-31] (Intel Corporation)

R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [113096 2013-08-06] (Intel Corporation)

R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-16] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)

R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)

S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation)

R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows ® Win 7 DDK provider)

R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-06-20] (Windows ® Win 7 DDK provider)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)

R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [115744 2014-07-16] (Webroot)

U0 SR; 

U2 srservice; 

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-07-16 22:31 - 2014-07-16 22:33 - 00040164 _____ () C:\Users\David\Downloads\FRST.txt

2014-07-16 22:31 - 2014-07-16 22:32 - 00000000 ____D () C:\FRST

2014-07-16 22:30 - 2014-07-16 22:30 - 02086912 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe

2014-07-13 23:14 - 2014-07-16 11:37 - 00000000 ____D () C:\WINDOWS\Minidump

2014-07-10 15:32 - 2014-07-10 15:32 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2014-07-09 15:11 - 2014-04-13 22:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll

2014-07-09 10:59 - 2014-06-30 17:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2014-07-09 10:59 - 2014-06-28 02:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2014-07-09 10:59 - 2014-06-28 02:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2014-07-08 22:58 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-07-08 22:58 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-07-08 22:58 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-07-08 22:58 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-07-08 22:58 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-07-08 22:58 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-07-08 22:58 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-07-08 22:58 - 2014-06-18 18:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-07-08 22:58 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-07-08 22:58 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-07-08 22:58 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-07-08 22:58 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-07-08 22:58 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2014-07-08 22:58 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2014-07-08 22:58 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-07-08 22:58 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2014-07-08 22:58 - 2014-06-18 17:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2014-07-08 22:58 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-07-08 22:58 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-07-08 22:58 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-07-08 22:58 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-07-08 22:58 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-07-08 22:58 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-07-08 22:58 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-07-08 22:58 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-07-08 22:58 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-07-08 22:58 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-07-08 22:58 - 2014-06-16 17:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe

2014-07-08 22:58 - 2014-06-16 17:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe

2014-07-08 22:58 - 2014-06-06 09:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-07-08 22:58 - 2014-05-29 22:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys

2014-07-08 22:58 - 2014-05-29 07:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2014-07-08 22:58 - 2014-05-29 02:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll

2014-07-08 22:58 - 2014-05-29 01:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll

2014-07-08 22:58 - 2014-05-29 01:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll

2014-07-08 22:58 - 2014-05-29 00:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll

2014-07-08 22:58 - 2014-05-29 00:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2014-07-08 22:57 - 2014-06-06 08:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll

2014-07-08 22:57 - 2014-06-06 07:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll

2014-07-08 22:57 - 2014-05-31 05:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2014-07-08 22:57 - 2014-05-31 05:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2014-07-08 22:57 - 2014-05-30 22:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-07-08 22:57 - 2014-05-30 22:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2014-07-08 22:57 - 2014-05-30 22:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-08 22:57 - 2014-05-30 22:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2014-07-08 22:57 - 2014-05-30 22:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2014-07-08 22:57 - 2014-05-30 22:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-08 22:57 - 2014-05-30 21:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2014-07-08 22:57 - 2014-05-30 21:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2014-07-08 22:57 - 2014-05-30 21:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2014-07-08 22:57 - 2014-05-30 21:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

2014-07-08 22:57 - 2014-05-30 21:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2014-07-08 22:57 - 2014-05-30 21:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll

2014-07-08 22:57 - 2014-05-30 21:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2014-07-08 22:55 - 2014-07-08 22:55 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe

2014-07-07 15:07 - 2014-07-16 12:12 - 00000956 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-322845217-1241388301-3331846307-1002UA.job

2014-07-07 15:07 - 2014-07-14 15:12 - 00000934 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-322845217-1241388301-3331846307-1002Core.job

2014-07-07 15:07 - 2014-07-07 15:07 - 00501248 _____ (Facebook Inc.) C:\Users\David\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe

2014-07-07 15:07 - 2014-07-07 15:07 - 00003804 _____ () C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-322845217-1241388301-3331846307-1002UA

2014-07-07 15:07 - 2014-07-07 15:07 - 00003454 _____ () C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-322845217-1241388301-3331846307-1002Core

2014-07-07 15:07 - 2014-07-07 15:07 - 00000000 ____D () C:\Users\David\AppData\Local\Facebook

2014-07-03 12:59 - 2014-07-16 11:32 - 00000062 _____ () C:\Users\David\AppData\Roaming\sp_data.sys

2014-07-03 00:56 - 2014-07-03 00:56 - 00000000 ____D () C:\Users\David\Doctor Web

2014-07-03 00:53 - 2014-07-03 00:56 - 151641568 _____ () C:\Users\David\Downloads\injd6xie.exe

2014-07-03 00:32 - 2014-07-12 08:05 - 00000000 ____D () C:\Users\David\AppData\Local\lptmp746254350

2014-07-02 03:28 - 2014-07-02 03:28 - 00000000 ____D () C:\Program Files\SAMSUNG

2014-07-02 02:29 - 2014-07-02 02:29 - 00000000 ____D () C:\Users\Public\Documents\CrashDump

2014-07-02 02:26 - 2014-07-02 03:40 - 00000000 ____D () C:\Users\David\Documents\SelfMV

2014-07-02 02:26 - 2014-07-02 02:26 - 00001987 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk

2014-07-02 02:25 - 2014-07-02 02:25 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log

2014-07-02 02:23 - 2014-07-03 12:58 - 00000000 ____D () C:\Program Files (x86)\MarkAny

2014-07-02 02:23 - 2014-07-03 01:53 - 00000000 ____D () C:\Users\David\AppData\Roaming\Samsung

2014-07-02 02:23 - 2014-07-03 01:53 - 00000000 ____D () C:\Users\David\AppData\Local\Samsung

2014-07-02 02:23 - 2014-07-02 03:42 - 00000000 ____D () C:\Users\David\Documents\samsung

2014-07-02 02:22 - 2014-04-11 03:39 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys

2014-07-02 02:22 - 2014-04-11 03:39 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys

2014-07-02 02:21 - 2014-07-02 02:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec

2014-07-02 02:20 - 2014-07-03 01:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung

2014-07-02 02:20 - 2014-07-02 02:20 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec

2014-07-02 02:20 - 2014-04-30 19:43 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll

2014-07-02 02:20 - 2014-04-30 19:43 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll

2014-07-02 02:19 - 2014-07-03 01:53 - 00000000 ____D () C:\ProgramData\Samsung

2014-07-02 02:19 - 2014-07-03 01:53 - 00000000 ____D () C:\Program Files (x86)\Samsung

2014-07-02 02:18 - 2014-07-02 02:18 - 74796544 _____ () C:\Users\David\Downloads\Samsung Kies.msi

2014-07-02 02:18 - 2014-07-02 02:17 - 00022492 _____ () C:\Users\David\Downloads\0x0409.ini

2014-07-02 02:18 - 2014-07-02 02:17 - 00003584 _____ () C:\Users\David\Downloads\1033.MST

2014-07-02 02:09 - 2014-07-02 02:09 - 00000000 ____D () C:\Users\David\AppData\Local\Downloaded Installations

2014-07-02 02:08 - 2014-07-02 02:08 - 75709216 _____ (Samsung Electronics Co., Ltd.) C:\Users\David\Downloads\KiesSetup.exe

2014-07-02 02:04 - 2014-07-02 02:08 - 377477237 _____ () C:\Users\David\Downloads\adt-bundle-windows-x86_64-20140624.zip

2014-07-02 02:04 - 2014-07-02 02:04 - 02011769 _____ () C:\Users\David\Downloads\droidAtScreen-1.1.jar

2014-07-02 02:00 - 2014-07-02 02:00 - 00000000 ____D () C:\Users\David\AppData\Roaming\TeamViewer

2014-07-02 01:59 - 2014-07-02 01:59 - 06214104 _____ (TeamViewer GmbH) C:\Users\David\Downloads\TeamViewer_Setup_en.exe

2014-07-02 01:36 - 2014-07-02 01:36 - 01421291 _____ (TightVNC Group ) C:\Users\David\Downloads\Unconfirmed 27011.crdownload

2014-07-02 01:36 - 2014-07-02 01:36 - 01421291 _____ (TightVNC Group ) C:\Users\David\Downloads\tightvnc-1.3.10-setup.exe

2014-07-02 01:34 - 2014-07-02 01:34 - 01421291 _____ (TightVNC Group ) C:\Users\David\Downloads\Unconfirmed 935383.crdownload

2014-07-02 01:28 - 2014-07-02 03:12 - 00000000 ____D () C:\Users\David\.android

2014-07-02 01:25 - 2014-07-02 01:25 - 00478212 _____ () C:\Users\David\Downloads\ADB Tool - Kayles Blog.zip

2014-07-02 01:25 - 2014-07-02 01:25 - 00000000 ____D () C:\Users\David\Downloads\ADB Tool - Kayles Blog

2014-07-02 01:24 - 2014-07-02 01:24 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe

2014-07-02 01:24 - 2014-07-02 01:24 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe

2014-07-02 01:24 - 2014-07-02 01:24 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe

2014-07-02 01:24 - 2014-07-02 01:24 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2014-07-02 01:24 - 2014-07-02 01:24 - 00000000 ____D () C:\ProgramData\Sun

2014-07-02 01:24 - 2014-07-02 01:24 - 00000000 ____D () C:\ProgramData\Oracle

2014-07-02 01:24 - 2014-07-02 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-02 01:24 - 2014-07-02 01:24 - 00000000 ____D () C:\Program Files (x86)\Java

2014-07-02 01:22 - 2014-07-02 01:22 - 00918952 _____ (Oracle Corporation) C:\Users\David\Downloads\chromeinstall-7u60.exe

2014-07-02 01:21 - 2014-07-02 01:21 - 00707238 _____ () C:\Users\David\Downloads\DroidAtScreen - Kayles Blog.zip

2014-07-02 01:15 - 2014-07-02 01:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

2014-06-28 07:52 - 2014-06-28 07:52 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-06-28 07:51 - 2014-06-28 07:51 - 04812672 _____ (Piriform Ltd) C:\Users\David\Downloads\ccsetup415.exe

2014-06-25 22:25 - 2013-02-28 16:27 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\WINDOWS\system32\roboot64.exe

2014-06-24 07:48 - 2014-07-16 22:28 - 01783581 _____ () C:\WINDOWS\WindowsUpdate.log

2014-06-23 22:17 - 2014-06-23 22:17 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-20 19:02 - 2014-06-20 19:02 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler

2014-06-20 17:25 - 2014-06-20 17:25 - 00000000 ___RD () C:\Users\David\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App

 

==================== One Month Modified Files and Folders =======

 

2014-07-16 22:33 - 2014-07-16 22:31 - 00040164 _____ () C:\Users\David\Downloads\FRST.txt

2014-07-16 22:32 - 2014-07-16 22:31 - 00000000 ____D () C:\FRST

2014-07-16 22:32 - 2014-04-09 17:01 - 00000000 ____D () C:\Users\David\AppData\Roaming\Spotify

2014-07-16 22:31 - 2014-04-09 16:49 - 00000000 ____D () C:\ProgramData\WRData

2014-07-16 22:30 - 2014-07-16 22:30 - 02086912 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe

2014-07-16 22:30 - 2014-04-30 21:46 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{86828333-CB11-42C3-9E41-FEF1D88E832C}

2014-07-16 22:28 - 2014-06-24 07:48 - 01783581 _____ () C:\WINDOWS\WindowsUpdate.log

2014-07-16 22:27 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-07-16 13:52 - 2014-05-07 11:37 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-07-16 12:32 - 2014-04-09 16:20 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-07-16 12:12 - 2014-07-07 15:07 - 00000956 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-322845217-1241388301-3331846307-1002UA.job

2014-07-16 12:00 - 2013-11-16 17:02 - 00003474 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update1

2014-07-16 12:00 - 2013-11-16 17:02 - 00003464 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update2

2014-07-16 11:47 - 2014-04-09 16:20 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-322845217-1241388301-3331846307-1002

2014-07-16 11:41 - 2014-04-09 16:50 - 00154824 _____ (Webroot) C:\WINDOWS\SysWOW64\WRusr.dll

2014-07-16 11:41 - 2014-04-09 16:50 - 00115744 _____ (Webroot) C:\WINDOWS\system32\Drivers\WRkrn.sys

2014-07-16 11:41 - 2014-04-09 16:50 - 00105384 _____ (Webroot) C:\WINDOWS\system32\WRusr.dll

2014-07-16 11:37 - 2014-07-13 23:14 - 00000000 ____D () C:\WINDOWS\Minidump

2014-07-16 11:32 - 2014-07-03 12:59 - 00000062 _____ () C:\Users\David\AppData\Roaming\sp_data.sys

2014-07-16 11:31 - 2014-04-30 20:19 - 00000000 __RDO () C:\Users\David\OneDrive

2014-07-16 11:30 - 2014-05-07 11:37 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-07-16 01:51 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-07-16 01:42 - 2014-02-01 04:29 - 00000000 ____D () C:\Users\David\Documents\Decks

2014-07-15 11:24 - 2014-01-25 04:21 - 01345024 ___SH () C:\Users\David\Desktop\Thumbs.db

2014-07-14 17:38 - 2014-04-30 19:51 - 00000000 ____D () C:\Users\David

2014-07-14 15:12 - 2014-07-07 15:07 - 00000934 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-322845217-1241388301-3331846307-1002Core.job

2014-07-14 11:44 - 2014-04-09 17:02 - 00000000 ____D () C:\Users\David\AppData\Local\Spotify

2014-07-14 11:40 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-07-13 00:54 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2014-07-12 08:05 - 2014-07-03 00:32 - 00000000 ____D () C:\Users\David\AppData\Local\lptmp746254350

2014-07-10 22:11 - 2013-08-22 09:44 - 00370904 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-07-10 15:32 - 2014-07-10 15:32 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2014-07-10 15:32 - 2014-03-18 04:45 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-10 15:32 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-07-10 15:32 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-10 15:32 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-10 15:32 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore

2014-07-10 02:40 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2014-07-09 15:15 - 2014-04-27 16:11 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-07-09 15:12 - 2014-04-27 16:11 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-07-09 15:12 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-07-08 22:55 - 2014-07-08 22:55 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe

2014-07-08 21:57 - 2014-04-17 00:33 - 00000000 ____D () C:\Users\David\AppData\Roaming\vlc

2014-07-07 15:07 - 2014-07-07 15:07 - 00501248 _____ (Facebook Inc.) C:\Users\David\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe

2014-07-07 15:07 - 2014-07-07 15:07 - 00003804 _____ () C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-322845217-1241388301-3331846307-1002UA

2014-07-07 15:07 - 2014-07-07 15:07 - 00003454 _____ () C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-322845217-1241388301-3331846307-1002Core

2014-07-07 15:07 - 2014-07-07 15:07 - 00000000 ____D () C:\Users\David\AppData\Local\Facebook

2014-07-07 02:39 - 2014-03-18 05:03 - 00892386 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-07-05 19:03 - 2014-04-30 19:44 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV

2014-07-05 19:03 - 2014-04-30 19:44 - 00000000 ____D () C:\WINDOWS\system32\NV

2014-07-05 19:03 - 2014-04-30 19:44 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-07-03 12:58 - 2014-07-02 02:23 - 00000000 ____D () C:\Program Files (x86)\MarkAny

2014-07-03 01:53 - 2014-07-02 02:23 - 00000000 ____D () C:\Users\David\AppData\Roaming\Samsung

2014-07-03 01:53 - 2014-07-02 02:23 - 00000000 ____D () C:\Users\David\AppData\Local\Samsung

2014-07-03 01:53 - 2014-07-02 02:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung

2014-07-03 01:53 - 2014-07-02 02:19 - 00000000 ____D () C:\ProgramData\Samsung

2014-07-03 01:53 - 2014-07-02 02:19 - 00000000 ____D () C:\Program Files (x86)\Samsung

2014-07-03 01:53 - 2013-11-16 16:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-07-03 00:56 - 2014-07-03 00:56 - 00000000 ____D () C:\Users\David\Doctor Web

2014-07-03 00:56 - 2014-07-03 00:53 - 151641568 _____ () C:\Users\David\Downloads\injd6xie.exe

2014-07-02 03:42 - 2014-07-02 02:23 - 00000000 ____D () C:\Users\David\Documents\samsung

2014-07-02 03:40 - 2014-07-02 02:26 - 00000000 ____D () C:\Users\David\Documents\SelfMV

2014-07-02 03:28 - 2014-07-02 03:28 - 00000000 ____D () C:\Program Files\SAMSUNG

2014-07-02 03:12 - 2014-07-02 01:28 - 00000000 ____D () C:\Users\David\.android

2014-07-02 02:29 - 2014-07-02 02:29 - 00000000 ____D () C:\Users\Public\Documents\CrashDump

2014-07-02 02:26 - 2014-07-02 02:26 - 00001987 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk

2014-07-02 02:25 - 2014-07-02 02:25 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log

2014-07-02 02:21 - 2014-07-02 02:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec

2014-07-02 02:20 - 2014-07-02 02:20 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec

2014-07-02 02:18 - 2014-07-02 02:18 - 74796544 _____ () C:\Users\David\Downloads\Samsung Kies.msi

2014-07-02 02:17 - 2014-07-02 02:18 - 00022492 _____ () C:\Users\David\Downloads\0x0409.ini

2014-07-02 02:17 - 2014-07-02 02:18 - 00003584 _____ () C:\Users\David\Downloads\1033.MST

2014-07-02 02:09 - 2014-07-02 02:09 - 00000000 ____D () C:\Users\David\AppData\Local\Downloaded Installations

2014-07-02 02:08 - 2014-07-02 02:08 - 75709216 _____ (Samsung Electronics Co., Ltd.) C:\Users\David\Downloads\KiesSetup.exe

2014-07-02 02:08 - 2014-07-02 02:04 - 377477237 _____ () C:\Users\David\Downloads\adt-bundle-windows-x86_64-20140624.zip

2014-07-02 02:04 - 2014-07-02 02:04 - 02011769 _____ () C:\Users\David\Downloads\droidAtScreen-1.1.jar

2014-07-02 02:00 - 2014-07-02 02:00 - 00000000 ____D () C:\Users\David\AppData\Roaming\TeamViewer

2014-07-02 01:59 - 2014-07-02 01:59 - 06214104 _____ (TeamViewer GmbH) C:\Users\David\Downloads\TeamViewer_Setup_en.exe

2014-07-02 01:36 - 2014-07-02 01:36 - 01421291 _____ (TightVNC Group ) C:\Users\David\Downloads\Unconfirmed 27011.crdownload

2014-07-02 01:36 - 2014-07-02 01:36 - 01421291 _____ (TightVNC Group ) C:\Users\David\Downloads\tightvnc-1.3.10-setup.exe

2014-07-02 01:34 - 2014-07-02 01:34 - 01421291 _____ (TightVNC Group ) C:\Users\David\Downloads\Unconfirmed 935383.crdownload

2014-07-02 01:25 - 2014-07-02 01:25 - 00478212 _____ () C:\Users\David\Downloads\ADB Tool - Kayles Blog.zip

2014-07-02 01:25 - 2014-07-02 01:25 - 00000000 ____D () C:\Users\David\Downloads\ADB Tool - Kayles Blog

2014-07-02 01:24 - 2014-07-02 01:24 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe

2014-07-02 01:24 - 2014-07-02 01:24 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe

2014-07-02 01:24 - 2014-07-02 01:24 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe

2014-07-02 01:24 - 2014-07-02 01:24 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2014-07-02 01:24 - 2014-07-02 01:24 - 00000000 ____D () C:\ProgramData\Sun

2014-07-02 01:24 - 2014-07-02 01:24 - 00000000 ____D () C:\ProgramData\Oracle

2014-07-02 01:24 - 2014-07-02 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-02 01:24 - 2014-07-02 01:24 - 00000000 ____D () C:\Program Files (x86)\Java

2014-07-02 01:22 - 2014-07-02 01:22 - 00918952 _____ (Oracle Corporation) C:\Users\David\Downloads\chromeinstall-7u60.exe

2014-07-02 01:21 - 2014-07-02 01:21 - 00707238 _____ () C:\Users\David\Downloads\DroidAtScreen - Kayles Blog.zip

2014-07-02 01:15 - 2014-07-02 01:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

2014-07-01 01:14 - 2014-04-17 23:07 - 00000000 ____D () C:\ProgramData\CanonIJPLM

2014-06-30 17:45 - 2014-07-09 10:59 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2014-06-28 08:15 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Vss

2014-06-28 07:52 - 2014-06-28 07:52 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-06-28 07:52 - 2014-05-07 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2014-06-28 07:52 - 2014-05-07 11:45 - 00000000 ____D () C:\Program Files\CCleaner

2014-06-28 07:51 - 2014-06-28 07:51 - 04812672 _____ (Piriform Ltd) C:\Users\David\Downloads\ccsetup415.exe

2014-06-28 02:48 - 2014-07-09 10:59 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2014-06-28 02:07 - 2014-07-09 10:59 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2014-06-26 15:55 - 2013-08-22 10:38 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-06-26 15:55 - 2013-08-22 10:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-06-23 22:17 - 2014-06-23 22:17 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-23 22:17 - 2014-04-09 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-06-23 22:17 - 2014-04-09 16:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-06-20 19:02 - 2014-06-20 19:02 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler

2014-06-20 17:25 - 2014-06-20 17:25 - 00000000 ___RD () C:\Users\David\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App

2014-06-19 23:47 - 2014-05-07 11:37 - 00003896 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2014-06-19 23:47 - 2014-05-07 11:37 - 00003660 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2014-06-19 00:45 - 2014-04-09 22:40 - 00000000 ____D () C:\Program Files\Microsoft Office 15

2014-06-19 00:39 - 2014-04-14 01:44 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-06-18 20:39 - 2014-07-08 22:58 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-06-18 19:48 - 2014-07-08 22:58 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-06-18 19:16 - 2014-07-08 22:58 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-06-18 19:09 - 2014-07-08 22:58 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-06-18 18:51 - 2014-07-08 22:58 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-06-18 18:50 - 2014-07-08 22:58 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-06-18 18:48 - 2014-07-08 22:58 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-06-18 18:46 - 2014-07-08 22:58 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-06-18 18:39 - 2014-07-08 22:58 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-06-18 18:33 - 2014-07-08 22:58 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-06-18 18:32 - 2014-07-08 22:58 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-06-18 18:27 - 2014-07-08 22:58 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-06-18 18:12 - 2014-07-08 22:58 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2014-06-18 17:59 - 2014-07-08 22:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2014-06-18 17:58 - 2014-07-08 22:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-06-18 17:58 - 2014-07-08 22:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2014-06-18 17:57 - 2014-07-08 22:58 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2014-06-18 17:52 - 2014-07-08 22:58 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-06-18 17:51 - 2014-07-08 22:58 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-06-18 17:49 - 2014-07-08 22:58 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-06-18 17:45 - 2014-07-08 22:58 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-06-18 17:35 - 2014-07-08 22:58 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-06-18 17:34 - 2014-07-08 22:58 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-06-18 17:15 - 2014-07-08 22:58 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-06-18 17:13 - 2014-07-08 22:58 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-06-18 17:09 - 2014-07-08 22:58 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-06-18 17:07 - 2014-07-08 22:58 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-06-18 15:45 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-06-16 17:26 - 2014-07-08 22:58 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe

2014-06-16 17:24 - 2014-07-08 22:58 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-07-16 02:22

 

==================== End Of Log ============================

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.