Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Fake flash player updates
Message
<blockquote data-quote="Taylor" data-source="post: 209119" data-attributes="member: 23658"><p>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2014 01</p><p>Ran by Taylor (administrator) on TAYLOR-PC on 12-06-2014 23:25:57</p><p>Running from C:\Users\Taylor\Downloads</p><p>Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)</p><p>Internet Explorer Version 11</p><p>Boot Mode: Normal</p><p></p><p>The only official download link for FRST:</p><p>Download link for 32-Bit version: <a href="http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/" target="_blank">http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/</a> </p><p>Download link for 64-Bit Version: <a href="http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/" target="_blank">http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/</a> </p><p>Download link from any site other than Bleeping Computer is unpermitted or outdated.</p><p>See tutorial for FRST: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a></p><p></p><p>==================== Processes (Whitelisted) =================</p><p></p><p>(AMD) C:\Windows\System32\atiesrxx.exe</p><p>(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe</p><p>(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe</p><p>(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe</p><p>(Malwarebytes Corporation) D:\Malwarebytes Anti-Malware\mbamscheduler.exe</p><p>(Malwarebytes Corporation) D:\Malwarebytes Anti-Malware\mbamservice.exe</p><p>(AMD) C:\Windows\System32\atieclxx.exe</p><p>() C:\Windows\SysWOW64\PnkBstrA.exe</p><p>(Malwarebytes Corporation) D:\Malwarebytes Anti-Malware\mbam.exe</p><p>(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe</p><p>(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe</p><p>(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe</p><p>(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe</p><p>(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe</p><p>(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe</p><p>(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe</p><p>(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe</p><p>(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p></p><p></p><p>==================== Registry (Whitelisted) ==================</p><p></p><p>HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6468712 2012-03-20] (Realtek Semiconductor)</p><p>HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)</p><p>HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)</p><p>HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)</p><p>HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641664 2012-04-06] (Advanced Micro Devices, Inc.)</p><p>HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-02-21] ()</p><p>HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)</p><p>HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)</p><p>HKU\S-1-5-21-1032574745-3010756029-3868841863-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)</p><p>HKU\S-1-5-21-1032574745-3010756029-3868841863-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2993376 2014-05-08] (Nota Inc.)</p><p>HKU\S-1-5-21-1032574745-3010756029-3868841863-1000\...\MountPoints2: {35eebb4c-999d-11e3-8c7c-806e6f6e6963} - E:\Bin\ASSETUP.exe</p><p></p><p>==================== Internet (Whitelisted) ====================</p><p></p><p>HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://www.google.co.uk/" target="_blank">http://www.google.co.uk/</a></p><p>HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = <a href="http://uk.msn.com/?ocid=iehp" target="_blank">http://uk.msn.com/?ocid=iehp</a></p><p>HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x17E4829BB02DCF01</p><p>HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb</p><p>BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)</p><p>BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)</p><p>BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)</p><p>BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)</p><p>BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)</p><p>BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)</p><p>BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)</p><p>BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)</p><p>BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)</p><p>BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)</p><p>Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)</p><p>Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)</p><p>Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)</p><p>Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)</p><p>Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)</p><p>Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)</p><p>Tcpip\Parameters: [DhcpNameServer] 192.168.0.1</p><p></p><p>FireFox:</p><p>========</p><p>FF Plugin: @microsoft.com/GENUINE - disabled No File</p><p>FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)</p><p>FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)</p><p>FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)</p><p>FF Plugin-x32: @microsoft.com/GENUINE - disabled No File</p><p>FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Taylor\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)</p><p>FF Plugin HKCU: electronicarts.com/GameFacePlugin - C:\Users\Taylor\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)</p><p>FF HKLM\...\Thunderbird\Extensions: [<a href="mailto:eplgTb@eset.com">eplgTb@eset.com</a>] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird</p><p>FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-02-19]</p><p>FF HKLM-x32\...\Thunderbird\Extensions: [<a href="mailto:eplgTb@eset.com">eplgTb@eset.com</a>] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird</p><p>FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-02-19]</p><p></p><p>Chrome: </p><p>=======</p><p>CHR HomePage: </p><p>CHR DefaultSearchKeyword: google.co.uk</p><p>CHR Extension: (Google Drive) - C:\Users\Taylor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-19]</p><p>CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Taylor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]</p><p>CHR Extension: (YouTube) - C:\Users\Taylor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-19]</p><p>CHR Extension: (Google Search) - C:\Users\Taylor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-19]</p><p>CHR Extension: (Google Wallet) - C:\Users\Taylor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-19]</p><p>CHR Extension: (Gmail) - C:\Users\Taylor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-19]</p><p>CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]</p><p></p><p>==================== Services (Whitelisted) =================</p><p></p><p>S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-03-22] () [File not signed]</p><p>R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)</p><p>R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)</p><p>R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)</p><p>R2 MBAMScheduler; D:\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)</p><p>R2 MBAMService; D:\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)</p><p>R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-28] ()</p><p></p><p>==================== Drivers (Whitelisted) ====================</p><p></p><p>R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)</p><p>U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)</p><p>R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)</p><p>R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)</p><p>R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)</p><p>R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)</p><p>R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)</p><p>R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-12] (Malwarebytes Corporation)</p><p>R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p></p><p>==================== One Month Created Files and Folders ========</p><p></p><p>2014-06-12 14:52 - 2014-06-08 10:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll</p><p>2014-06-12 14:52 - 2014-06-08 10:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll</p><p>2014-06-12 14:52 - 2014-05-30 11:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll</p><p>2014-06-12 14:52 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb</p><p>2014-06-12 14:52 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll</p><p>2014-06-12 14:52 - 2014-05-30 10:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll</p><p>2014-06-12 14:52 - 2014-05-30 10:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll</p><p>2014-06-12 14:52 - 2014-05-30 10:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll</p><p>2014-06-12 14:52 - 2014-05-30 10:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll</p><p>2014-06-12 14:52 - 2014-05-30 10:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll</p><p>2014-06-12 14:52 - 2014-05-30 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll</p><p>2014-06-12 14:52 - 2014-05-30 10:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll</p><p>2014-06-12 14:52 - 2014-05-30 10:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe</p><p>2014-06-12 14:52 - 2014-05-30 10:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe</p><p>2014-06-12 14:52 - 2014-05-30 10:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll</p><p>2014-06-12 14:52 - 2014-05-30 10:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</p><p>2014-06-12 14:52 - 2014-05-30 10:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe</p><p>2014-06-12 14:52 - 2014-05-30 10:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll</p><p>2014-06-12 14:52 - 2014-05-30 10:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll</p><p>2014-06-12 14:52 - 2014-05-30 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb</p><p>2014-06-12 14:52 - 2014-05-30 09:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe</p><p>2014-06-12 14:52 - 2014-05-30 09:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe</p><p>2014-06-12 14:52 - 2014-05-30 09:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl</p><p>2014-06-12 14:52 - 2014-05-30 09:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll</p><p>2014-06-12 14:52 - 2014-05-30 09:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll</p><p>2014-06-12 14:52 - 2014-05-30 08:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</p><p>2014-06-12 14:52 - 2014-05-30 08:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll</p><p>2014-06-12 14:52 - 2014-05-30 08:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll</p><p>2014-06-12 14:52 - 2014-05-30 08:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll</p><p>2014-06-12 14:52 - 2014-05-30 08:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl</p><p>2014-06-12 14:52 - 2014-05-30 08:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll</p><p>2014-06-12 14:52 - 2014-05-30 08:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</p><p>2014-06-12 14:52 - 2014-05-30 08:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll</p><p>2014-06-12 14:52 - 2014-05-30 08:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</p><p>2014-06-12 14:52 - 2014-05-30 08:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll</p><p>2014-06-12 14:52 - 2014-05-30 08:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll</p><p>2014-06-12 14:52 - 2014-05-30 08:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll</p><p>2014-06-12 14:52 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll</p><p>2014-06-12 14:52 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll</p><p>2014-06-12 14:52 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys</p><p>2014-06-12 14:52 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS</p><p>2014-06-12 14:52 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll</p><p>2014-06-12 14:52 - 2014-03-26 15:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll</p><p>2014-06-12 14:52 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll</p><p>2014-06-12 14:52 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll</p><p>2014-06-12 14:52 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll</p><p>2014-06-12 14:52 - 2014-03-26 15:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll</p><p>2014-06-12 14:52 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll</p><p>2014-06-12 14:52 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll</p><p>2014-06-11 17:23 - 2014-06-11 17:23 - 00031467 _____ () C:\Users\Taylor\Downloads\Addition.txt</p><p>2014-06-11 17:22 - 2014-06-12 23:25 - 00012731 _____ () C:\Users\Taylor\Downloads\FRST.txt</p><p>2014-06-11 17:22 - 2014-06-12 23:25 - 00000000 ____D () C:\FRST</p><p>2014-06-11 17:22 - 2014-06-11 17:22 - 02081792 _____ (Farbar) C:\Users\Taylor\Downloads\FRST64.exe</p><p>2014-06-11 16:52 - 2014-06-11 16:52 - 00000000 ____D () C:\Users\Taylor\AppData\Roaming\Gyazo</p><p>2014-06-11 16:50 - 2014-06-11 17:50 - 00000000 ____D () C:\Program Files (x86)\Gyazo</p><p>2014-06-11 16:50 - 2014-06-11 16:50 - 00003752 _____ () C:\Windows\System32\Tasks\GyazoUpdateTaskMachine</p><p>2014-06-11 16:50 - 2014-06-11 16:50 - 00000986 _____ () C:\Users\Public\Desktop\Gyazo.lnk</p><p>2014-06-11 16:50 - 2014-06-11 16:50 - 00000986 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk</p><p>2014-06-11 16:50 - 2014-06-11 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo</p><p>2014-06-11 16:49 - 2014-06-11 16:49 - 11698864 _____ (Nota Inc. ) C:\Users\Taylor\Downloads\GyazoSetup.exe</p><p>2014-06-10 22:47 - 2014-06-12 23:21 - 00003024 _____ () C:\Windows\setupact.log</p><p>2014-06-10 22:47 - 2014-06-12 23:21 - 00001468 _____ () C:\Windows\PFRO.log</p><p>2014-06-10 22:47 - 2014-06-10 22:47 - 00000000 _____ () C:\Windows\setuperr.log</p><p>2014-06-10 22:41 - 2014-06-10 22:41 - 01333465 _____ () C:\Users\Taylor\Downloads\adwcleaner_3.212 (1).exe</p><p>2014-06-10 22:39 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll</p><p>2014-06-10 22:38 - 2014-06-12 23:20 - 00000000 ____D () C:\AdwCleaner</p><p>2014-06-10 22:38 - 2014-06-10 22:38 - 01333465 _____ () C:\Users\Taylor\Downloads\adwcleaner_3.212.exe</p><p>2014-06-10 21:29 - 2014-06-10 21:29 - 04748896 _____ (Piriform Ltd) C:\Users\Taylor\Downloads\ccsetup414.exe</p><p>2014-06-10 21:29 - 2014-06-10 21:29 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC</p><p>2014-06-10 21:29 - 2014-06-10 21:29 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk</p><p>2014-06-10 21:29 - 2014-06-10 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner</p><p>2014-06-10 21:29 - 2014-06-10 21:29 - 00000000 ____D () C:\Program Files\CCleaner</p><p>2014-06-10 21:18 - 2014-06-12 23:21 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys</p><p>2014-06-10 21:18 - 2014-06-10 21:18 - 00000623 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk</p><p>2014-06-10 21:18 - 2014-06-10 21:18 - 00000000 ____D () C:\ProgramData\Malwarebytes</p><p>2014-06-10 21:18 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys</p><p>2014-06-10 21:18 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys</p><p>2014-06-10 21:18 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys</p><p>2014-06-10 21:17 - 2014-06-10 21:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Taylor\Downloads\mbam-setup-2.0.2.1012.exe</p><p>2014-06-10 21:17 - 2014-06-10 21:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Taylor\Downloads\mbam-setup-2.0.2.1012 (1).exe</p><p>2014-06-10 20:33 - 2014-06-10 20:29 - 00000030 _____ () C:\AVScanner.ini</p><p>2014-06-10 20:29 - 2014-06-10 20:29 - 00000000 ____D () C:\ProgramData\McAfee</p><p>2014-06-06 16:07 - 2014-06-06 16:07 - 06688648 _____ (SpeedyPC Software) C:\Users\Taylor\Downloads\SpeedyPC Pro Installer_c8c0db9_.exe</p><p>2014-06-06 16:07 - 2014-06-06 16:07 - 06688648 _____ (SpeedyPC Software) C:\Users\Taylor\Downloads\SpeedyPC Pro Installer_c8c0db2_.exe</p><p>2014-06-05 15:34 - 2014-06-05 15:34 - 00000008 _____ () C:\Users\Taylor\Documents\guy.txt</p><p>2014-06-03 18:53 - 2014-06-03 18:53 - 00000202 _____ () C:\Users\Taylor\Desktop\Villagers and Heroes.url</p><p>2014-06-01 20:51 - 2014-06-03 18:53 - 00000000 ____D () C:\Users\Taylor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam</p><p>2014-06-01 20:51 - 2014-06-01 20:51 - 00000202 _____ () C:\Users\Taylor\Desktop\The Stomping Land.url</p><p>2014-06-01 19:34 - 2014-06-01 19:34 - 01809304 _____ () C:\Users\Taylor\Downloads\Outlook.com.zip</p><p>2014-05-26 11:48 - 2014-05-26 11:48 - 00000073 _____ () C:\Users\Taylor\Documents\noob returns.txt</p><p>2014-05-25 22:17 - 2014-05-25 22:17 - 02337865 _____ () C:\Windows\SysWOW64\pbsvc.exe</p><p>2014-05-25 21:49 - 2014-05-25 21:51 - 00000000 ____D () C:\Users\Taylor\AppData\Roaming\.minecraft</p><p>2014-05-25 21:49 - 2014-05-25 21:49 - 00675988 _____ () C:\Users\Taylor\Downloads\Minecraft.exe</p><p>2014-05-25 21:49 - 2014-05-25 21:49 - 00675988 _____ () C:\Users\Taylor\Desktop\Minecraft.exe</p><p>2014-05-25 16:07 - 2014-05-25 16:07 - 00546657 _____ () C:\Users\Taylor\Downloads\lollolololololololl.htm</p><p>2014-05-25 16:07 - 2014-05-25 16:07 - 00546489 _____ () C:\Users\Taylor\Downloads\dat win.htm</p><p>2014-05-25 16:07 - 2014-05-25 16:07 - 00000000 ____D () C:\Users\Taylor\Downloads\lollolololololololl_files</p><p>2014-05-25 16:07 - 2014-05-25 16:07 - 00000000 ____D () C:\Users\Taylor\Downloads\dat win_files</p><p>2014-05-23 19:07 - 2014-05-23 19:07 - 00000310 _____ () C:\Users\Taylor\Documents\coaches for vm.txt</p><p>2014-05-21 18:07 - 2014-05-21 18:07 - 00000172 _____ () C:\Users\Taylor\Documents\team tranning vm.txt</p><p>2014-05-20 21:38 - 2014-05-20 21:38 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information</p><p>2014-05-20 21:38 - 2014-05-20 21:38 - 00000000 ___HD () C:\ProgramData\CanonBJ</p><p>2014-05-20 21:38 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAS.DLL</p><p>2014-05-19 08:15 - 2014-05-19 08:15 - 00000000 ____D () C:\Users\Taylor\Documents\New folder</p><p>2014-05-14 16:00 - 2014-04-12 03:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys</p><p>2014-05-14 16:00 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys</p><p>2014-05-14 16:00 - 2014-04-12 03:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll</p><p>2014-05-14 16:00 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll</p><p>2014-05-14 16:00 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe</p><p>2014-05-14 16:00 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll</p><p>2014-05-14 16:00 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll</p><p>2014-05-14 16:00 - 2014-04-12 03:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll</p><p>2014-05-14 16:00 - 2014-04-12 03:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll</p><p>2014-05-14 16:00 - 2014-03-25 03:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll</p><p>2014-05-14 16:00 - 2014-03-25 03:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe</p><p>2014-05-14 16:00 - 2014-03-04 10:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe</p><p>2014-05-14 16:00 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe</p><p>2014-05-14 16:00 - 2014-03-04 10:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe</p><p>2014-05-14 16:00 - 2014-03-04 10:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll</p><p>2014-05-14 16:00 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll</p><p>2014-05-13 18:51 - 2014-05-25 22:18 - 00000000 ____D () C:\Users\Taylor\Documents\My Games</p><p>2014-05-13 18:51 - 2014-05-13 18:51 - 00000000 ____D () C:\Users\Taylor\AppData\Local\CDWLauncher</p><p></p><p>==================== One Month Modified Files and Folders =======</p><p></p><p>2014-06-12 23:26 - 2014-06-11 17:22 - 00012731 _____ () C:\Users\Taylor\Downloads\FRST.txt</p><p>2014-06-12 23:26 - 2014-02-19 20:54 - 00000000 ____D () C:\Users\Taylor\AppData\Local\Temp</p><p>2014-06-12 23:25 - 2014-06-11 17:22 - 00000000 ____D () C:\FRST</p><p>2014-06-12 23:22 - 2014-02-20 14:18 - 00000000 ____D () C:\Users\Taylor\AppData\Roaming\Skype</p><p>2014-06-12 23:21 - 2014-06-10 22:47 - 00003024 _____ () C:\Windows\setupact.log</p><p>2014-06-12 23:21 - 2014-06-10 22:47 - 00001468 _____ () C:\Windows\PFRO.log</p><p>2014-06-12 23:21 - 2014-06-10 21:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys</p><p>2014-06-12 23:21 - 2014-02-19 23:09 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job</p><p>2014-06-12 23:21 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT</p><p>2014-06-12 23:20 - 2014-06-10 22:38 - 00000000 ____D () C:\AdwCleaner</p><p>2014-06-12 23:20 - 2014-02-19 20:54 - 01406530 _____ () C:\Windows\WindowsUpdate.log</p><p>2014-06-12 23:12 - 2009-07-14 06:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI</p><p>2014-06-12 23:11 - 2009-07-14 05:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0</p><p>2014-06-12 23:11 - 2009-07-14 05:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0</p><p>2014-06-12 23:09 - 2014-02-19 23:09 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job</p><p>2014-06-12 14:53 - 2014-03-09 12:47 - 00000000 ____D () C:\ProgramData\Microsoft Help</p><p>2014-06-12 14:52 - 2014-05-06 16:49 - 00000000 ___SD () C:\Windows\system32\CompatTel</p><p>2014-06-11 17:50 - 2014-06-11 16:50 - 00000000 ____D () C:\Program Files (x86)\Gyazo</p><p>2014-06-11 17:23 - 2014-06-11 17:23 - 00031467 _____ () C:\Users\Taylor\Downloads\Addition.txt</p><p>2014-06-11 17:22 - 2014-06-11 17:22 - 02081792 _____ (Farbar) C:\Users\Taylor\Downloads\FRST64.exe</p><p>2014-06-11 16:52 - 2014-06-11 16:52 - 00000000 ____D () C:\Users\Taylor\AppData\Roaming\Gyazo</p><p>2014-06-11 16:50 - 2014-06-11 16:50 - 00003752 _____ () C:\Windows\System32\Tasks\GyazoUpdateTaskMachine</p><p>2014-06-11 16:50 - 2014-06-11 16:50 - 00000986 _____ () C:\Users\Public\Desktop\Gyazo.lnk</p><p>2014-06-11 16:50 - 2014-06-11 16:50 - 00000986 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk</p><p>2014-06-11 16:50 - 2014-06-11 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo</p><p>2014-06-11 16:49 - 2014-06-11 16:49 - 11698864 _____ (Nota Inc. ) C:\Users\Taylor\Downloads\GyazoSetup.exe</p><p>2014-06-10 22:47 - 2014-06-10 22:47 - 00000000 _____ () C:\Windows\setuperr.log</p><p>2014-06-10 22:41 - 2014-06-10 22:41 - 01333465 _____ () C:\Users\Taylor\Downloads\adwcleaner_3.212 (1).exe</p><p>2014-06-10 22:38 - 2014-06-10 22:38 - 01333465 _____ () C:\Users\Taylor\Downloads\adwcleaner_3.212.exe</p><p>2014-06-10 21:35 - 2014-03-16 20:01 - 00000000 ____D () C:\Windows\Minidump</p><p>2014-06-10 21:35 - 2014-02-20 04:36 - 00000000 ____D () C:\Windows\Panther</p><p>2014-06-10 21:29 - 2014-06-10 21:29 - 04748896 _____ (Piriform Ltd) C:\Users\Taylor\Downloads\ccsetup414.exe</p><p>2014-06-10 21:29 - 2014-06-10 21:29 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC</p><p>2014-06-10 21:29 - 2014-06-10 21:29 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk</p><p>2014-06-10 21:29 - 2014-06-10 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner</p><p>2014-06-10 21:29 - 2014-06-10 21:29 - 00000000 ____D () C:\Program Files\CCleaner</p><p>2014-06-10 21:18 - 2014-06-10 21:18 - 00000623 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk</p><p>2014-06-10 21:18 - 2014-06-10 21:18 - 00000000 ____D () C:\ProgramData\Malwarebytes</p><p>2014-06-10 21:17 - 2014-06-10 21:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Taylor\Downloads\mbam-setup-2.0.2.1012.exe</p><p>2014-06-10 21:17 - 2014-06-10 21:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Taylor\Downloads\mbam-setup-2.0.2.1012 (1).exe</p><p>2014-06-10 20:33 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup</p><p>2014-06-10 20:29 - 2014-06-10 20:33 - 00000030 _____ () C:\AVScanner.ini</p><p>2014-06-10 20:29 - 2014-06-10 20:29 - 00000000 ____D () C:\ProgramData\McAfee</p><p>2014-06-08 10:13 - 2014-06-12 14:52 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll</p><p>2014-06-08 10:08 - 2014-06-12 14:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll</p><p>2014-06-06 16:07 - 2014-06-06 16:07 - 06688648 _____ (SpeedyPC Software) C:\Users\Taylor\Downloads\SpeedyPC Pro Installer_c8c0db9_.exe</p><p>2014-06-06 16:07 - 2014-06-06 16:07 - 06688648 _____ (SpeedyPC Software) C:\Users\Taylor\Downloads\SpeedyPC Pro Installer_c8c0db2_.exe</p><p>2014-06-05 15:34 - 2014-06-05 15:34 - 00000008 _____ () C:\Users\Taylor\Documents\guy.txt</p><p>2014-06-03 18:53 - 2014-06-03 18:53 - 00000202 _____ () C:\Users\Taylor\Desktop\Villagers and Heroes.url</p><p>2014-06-03 18:53 - 2014-06-01 20:51 - 00000000 ____D () C:\Users\Taylor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam</p><p>2014-06-01 20:51 - 2014-06-01 20:51 - 00000202 _____ () C:\Users\Taylor\Desktop\The Stomping Land.url</p><p>2014-06-01 19:34 - 2014-06-01 19:34 - 01809304 _____ () C:\Users\Taylor\Downloads\Outlook.com.zip</p><p>2014-05-31 21:15 - 2014-02-22 13:16 - 00000024 _____ () C:\Users\Taylor\random.dat</p><p>2014-05-31 21:11 - 2014-02-22 13:16 - 00000045 _____ () C:\Users\Taylor\jagex_cl_runescape_LIVE.dat</p><p>2014-05-30 11:21 - 2014-06-12 14:52 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll</p><p>2014-05-30 11:02 - 2014-06-12 14:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb</p><p>2014-05-30 11:02 - 2014-06-12 14:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll</p><p>2014-05-30 10:45 - 2014-06-12 14:52 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll</p><p>2014-05-30 10:39 - 2014-06-12 14:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll</p><p>2014-05-30 10:39 - 2014-06-12 14:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll</p><p>2014-05-30 10:38 - 2014-06-12 14:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll</p><p>2014-05-30 10:28 - 2014-06-12 14:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll</p><p>2014-05-30 10:27 - 2014-06-12 14:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll</p><p>2014-05-30 10:24 - 2014-06-12 14:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll</p><p>2014-05-30 10:21 - 2014-06-12 14:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe</p><p>2014-05-30 10:21 - 2014-06-12 14:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe</p><p>2014-05-30 10:20 - 2014-06-12 14:52 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll</p><p>2014-05-30 10:18 - 2014-06-12 14:52 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</p><p>2014-05-30 10:11 - 2014-06-12 14:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe</p><p>2014-05-30 10:08 - 2014-06-12 14:52 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll</p><p>2014-05-30 10:06 - 2014-06-12 14:52 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll</p><p>2014-05-30 10:02 - 2014-06-12 14:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb</p><p>2014-05-30 09:55 - 2014-06-12 14:52 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll</p><p>2014-05-30 09:49 - 2014-06-12 14:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll</p><p>2014-05-30 09:46 - 2014-06-12 14:52 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll</p><p>2014-05-30 09:44 - 2014-06-12 14:52 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll</p><p>2014-05-30 09:44 - 2014-06-12 14:52 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll</p><p>2014-05-30 09:43 - 2014-06-12 14:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll</p><p>2014-05-30 09:42 - 2014-06-12 14:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll</p><p>2014-05-30 09:38 - 2014-06-12 14:52 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</p><p>2014-05-30 09:35 - 2014-06-12 14:52 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe</p><p>2014-05-30 09:34 - 2014-06-12 14:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll</p><p>2014-05-30 09:33 - 2014-06-12 14:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll</p><p>2014-05-30 09:30 - 2014-06-12 14:52 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll</p><p>2014-05-30 09:29 - 2014-06-12 14:52 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll</p><p>2014-05-30 09:28 - 2014-06-12 14:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe</p><p>2014-05-30 09:27 - 2014-06-12 14:52 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll</p><p>2014-05-30 09:24 - 2014-06-12 14:52 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll</p><p>2014-05-30 09:23 - 2014-06-12 14:52 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl</p><p>2014-05-30 09:16 - 2014-06-12 14:52 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll</p><p>2014-05-30 09:10 - 2014-06-12 14:52 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll</p><p>2014-05-30 09:06 - 2014-06-12 14:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll</p><p>2014-05-30 09:04 - 2014-06-12 14:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll</p><p>2014-05-30 09:02 - 2014-06-12 14:52 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll</p><p>2014-05-30 08:56 - 2014-06-12 14:52 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</p><p>2014-05-30 08:56 - 2014-06-12 14:52 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll</p><p>2014-05-30 08:54 - 2014-06-12 14:52 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll</p><p>2014-05-30 08:50 - 2014-06-12 14:52 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll</p><p>2014-05-30 08:49 - 2014-06-12 14:52 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl</p><p>2014-05-30 08:43 - 2014-06-12 14:52 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll</p><p>2014-05-30 08:40 - 2014-06-12 14:52 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</p><p>2014-05-30 08:30 - 2014-06-12 14:52 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll</p><p>2014-05-30 08:21 - 2014-06-12 14:52 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</p><p>2014-05-30 08:15 - 2014-06-12 14:52 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll</p><p>2014-05-30 08:13 - 2014-06-12 14:52 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll</p><p>2014-05-30 08:13 - 2014-06-12 14:52 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll</p><p>2014-05-28 22:16 - 2014-03-08 18:05 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe</p><p>2014-05-28 22:14 - 2014-03-08 18:05 - 00291128 _____ () C:\Windows\SysWOW64\PnkBstrB.exe</p><p>2014-05-26 11:48 - 2014-05-26 11:48 - 00000073 _____ () C:\Users\Taylor\Documents\noob returns.txt</p><p>2014-05-25 22:18 - 2014-05-13 18:51 - 00000000 ____D () C:\Users\Taylor\Documents\My Games</p><p>2014-05-25 22:17 - 2014-05-25 22:17 - 02337865 _____ () C:\Windows\SysWOW64\pbsvc.exe</p><p>2014-05-25 21:51 - 2014-05-25 21:49 - 00000000 ____D () C:\Users\Taylor\AppData\Roaming\.minecraft</p><p>2014-05-25 21:49 - 2014-05-25 21:49 - 00675988 _____ () C:\Users\Taylor\Downloads\Minecraft.exe</p><p>2014-05-25 21:49 - 2014-05-25 21:49 - 00675988 _____ () C:\Users\Taylor\Desktop\Minecraft.exe</p><p>2014-05-25 19:00 - 2014-03-08 18:09 - 00291128 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr</p><p>2014-05-25 16:07 - 2014-05-25 16:07 - 00546657 _____ () C:\Users\Taylor\Downloads\lollolololololololl.htm</p><p>2014-05-25 16:07 - 2014-05-25 16:07 - 00546489 _____ () C:\Users\Taylor\Downloads\dat win.htm</p><p>2014-05-25 16:07 - 2014-05-25 16:07 - 00000000 ____D () C:\Users\Taylor\Downloads\lollolololololololl_files</p><p>2014-05-25 16:07 - 2014-05-25 16:07 - 00000000 ____D () C:\Users\Taylor\Downloads\dat win_files</p><p>2014-05-25 12:11 - 2014-03-08 18:05 - 00291128 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0</p><p>2014-05-24 22:10 - 2014-02-19 23:10 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk</p><p>2014-05-24 18:12 - 2014-03-01 01:15 - 00000000 ____D () C:\Users\Taylor\Downloads\tayb97 on Instagram_files</p><p>2014-05-24 11:48 - 2014-02-19 23:09 - 00000000 ____D () C:\Users\Taylor\AppData\Local\Google</p><p>2014-05-23 19:07 - 2014-05-23 19:07 - 00000310 _____ () C:\Users\Taylor\Documents\coaches for vm.txt</p><p>2014-05-21 18:07 - 2014-05-21 18:07 - 00000172 _____ () C:\Users\Taylor\Documents\team tranning vm.txt</p><p>2014-05-21 17:46 - 2014-02-20 14:18 - 00000000 ___RD () C:\Program Files (x86)\Skype</p><p>2014-05-21 17:46 - 2014-02-20 14:18 - 00000000 ____D () C:\ProgramData\Skype</p><p>2014-05-20 21:38 - 2014-05-20 21:38 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information</p><p>2014-05-20 21:38 - 2014-05-20 21:38 - 00000000 ___HD () C:\ProgramData\CanonBJ</p><p>2014-05-19 08:15 - 2014-05-19 08:15 - 00000000 ____D () C:\Users\Taylor\Documents\New folder</p><p>2014-05-16 21:14 - 2014-02-20 00:53 - 00000000 ____D () C:\Windows\rescache</p><p>2014-05-14 22:27 - 2014-02-19 20:54 - 00000000 ___RD () C:\Users\Taylor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup</p><p>2014-05-14 22:27 - 2014-02-19 20:54 - 00000000 ___RD () C:\Users\Taylor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools</p><p>2014-05-13 18:51 - 2014-05-13 18:51 - 00000000 ____D () C:\Users\Taylor\AppData\Local\CDWLauncher</p><p></p><p>Files to move or delete:</p><p>====================</p><p>C:\Users\Taylor\jagex_cl_oldschool_LIVE.dat</p><p>C:\Users\Taylor\jagex_cl_runescape_LIVE.dat</p><p>C:\Users\Taylor\jagex_cl_runescape_LIVE1.dat</p><p>C:\Users\Taylor\jagex_cl_runescape_LIVE2.dat</p><p>C:\Users\Taylor\random.dat</p><p></p><p></p><p>Some content of TEMP:</p><p>====================</p><p>C:\Users\Taylor\AppData\Local\Temp\Quarantine.exe</p><p></p><p></p><p>==================== Bamital & volsnap Check =================</p><p></p><p>C:\Windows\System32\winlogon.exe => File is digitally signed</p><p>C:\Windows\System32\wininit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\wininit.exe => File is digitally signed</p><p>C:\Windows\explorer.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\explorer.exe => File is digitally signed</p><p>C:\Windows\System32\svchost.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\svchost.exe => File is digitally signed</p><p>C:\Windows\System32\services.exe => File is digitally signed</p><p>C:\Windows\System32\User32.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\User32.dll => File is digitally signed</p><p>C:\Windows\System32\userinit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\userinit.exe => File is digitally signed</p><p>C:\Windows\System32\rpcss.dll => File is digitally signed</p><p>C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p></p><p>LastRegBack: 2014-06-08 21:06</p><p></p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="Taylor, post: 209119, member: 23658"] Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2014 01 Ran by Taylor (administrator) on TAYLOR-PC on 12-06-2014 23:25:57 Running from C:\Users\Taylor\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: [url]http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/[/url] Download link for 64-Bit Version: [url]http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/[/url] Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: [url]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/url] ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (Malwarebytes Corporation) D:\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) D:\Malwarebytes Anti-Malware\mbamservice.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Malwarebytes Corporation) D:\Malwarebytes Anti-Malware\mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6468712 2012-03-20] (Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641664 2012-04-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-02-21] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKU\S-1-5-21-1032574745-3010756029-3868841863-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.) HKU\S-1-5-21-1032574745-3010756029-3868841863-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2993376 2014-05-08] (Nota Inc.) HKU\S-1-5-21-1032574745-3010756029-3868841863-1000\...\MountPoints2: {35eebb4c-999d-11e3-8c7c-806e6f6e6963} - E:\Bin\ASSETUP.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.google.co.uk/[/url] HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [url]http://uk.msn.com/?ocid=iehp[/url] HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x17E4829BB02DCF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Taylor\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: electronicarts.com/GameFacePlugin - C:\Users\Taylor\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts) FF HKLM\...\Thunderbird\Extensions: [[email]eplgTb@eset.com[/email]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-02-19] FF HKLM-x32\...\Thunderbird\Extensions: [[email]eplgTb@eset.com[/email]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-02-19] Chrome: ======= CHR HomePage: CHR DefaultSearchKeyword: google.co.uk CHR Extension: (Google Drive) - C:\Users\Taylor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-19] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Taylor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24] CHR Extension: (YouTube) - C:\Users\Taylor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-19] CHR Extension: (Google Search) - C:\Users\Taylor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-19] CHR Extension: (Google Wallet) - C:\Users\Taylor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-19] CHR Extension: (Gmail) - C:\Users\Taylor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-19] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11] ==================== Services (Whitelisted) ================= S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-03-22] () [File not signed] R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET) R2 MBAMScheduler; D:\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; D:\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-28] () ==================== Drivers (Whitelisted) ==================== R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET) U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET) R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-12] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-12 14:52 - 2014-06-08 10:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-12 14:52 - 2014-06-08 10:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-12 14:52 - 2014-05-30 11:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-12 14:52 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-12 14:52 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-12 14:52 - 2014-05-30 10:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-12 14:52 - 2014-05-30 10:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-12 14:52 - 2014-05-30 10:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-12 14:52 - 2014-05-30 10:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-12 14:52 - 2014-05-30 10:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-12 14:52 - 2014-05-30 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-12 14:52 - 2014-05-30 10:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-12 14:52 - 2014-05-30 10:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-12 14:52 - 2014-05-30 10:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-12 14:52 - 2014-05-30 10:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-12 14:52 - 2014-05-30 10:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-12 14:52 - 2014-05-30 10:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-12 14:52 - 2014-05-30 10:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-12 14:52 - 2014-05-30 10:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-12 14:52 - 2014-05-30 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-12 14:52 - 2014-05-30 09:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-12 14:52 - 2014-05-30 09:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-12 14:52 - 2014-05-30 09:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-12 14:52 - 2014-05-30 09:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-12 14:52 - 2014-05-30 09:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-12 14:52 - 2014-05-30 09:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-12 14:52 - 2014-05-30 09:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-12 14:52 - 2014-05-30 09:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-12 14:52 - 2014-05-30 09:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-12 14:52 - 2014-05-30 09:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-12 14:52 - 2014-05-30 09:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-12 14:52 - 2014-05-30 09:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-12 14:52 - 2014-05-30 09:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-12 14:52 - 2014-05-30 09:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-12 14:52 - 2014-05-30 09:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-12 14:52 - 2014-05-30 09:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-12 14:52 - 2014-05-30 09:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-12 14:52 - 2014-05-30 09:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-12 14:52 - 2014-05-30 09:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-12 14:52 - 2014-05-30 09:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-12 14:52 - 2014-05-30 09:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-12 14:52 - 2014-05-30 09:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-12 14:52 - 2014-05-30 08:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-12 14:52 - 2014-05-30 08:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-12 14:52 - 2014-05-30 08:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-12 14:52 - 2014-05-30 08:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-12 14:52 - 2014-05-30 08:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-12 14:52 - 2014-05-30 08:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-12 14:52 - 2014-05-30 08:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-12 14:52 - 2014-05-30 08:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-12 14:52 - 2014-05-30 08:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-12 14:52 - 2014-05-30 08:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-12 14:52 - 2014-05-30 08:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-12 14:52 - 2014-05-30 08:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-12 14:52 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-12 14:52 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-12 14:52 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-12 14:52 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-12 14:52 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-12 14:52 - 2014-03-26 15:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-12 14:52 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-12 14:52 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-12 14:52 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-12 14:52 - 2014-03-26 15:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-12 14:52 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-12 14:52 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-11 17:23 - 2014-06-11 17:23 - 00031467 _____ () C:\Users\Taylor\Downloads\Addition.txt 2014-06-11 17:22 - 2014-06-12 23:25 - 00012731 _____ () C:\Users\Taylor\Downloads\FRST.txt 2014-06-11 17:22 - 2014-06-12 23:25 - 00000000 ____D () C:\FRST 2014-06-11 17:22 - 2014-06-11 17:22 - 02081792 _____ (Farbar) C:\Users\Taylor\Downloads\FRST64.exe 2014-06-11 16:52 - 2014-06-11 16:52 - 00000000 ____D () C:\Users\Taylor\AppData\Roaming\Gyazo 2014-06-11 16:50 - 2014-06-11 17:50 - 00000000 ____D () C:\Program Files (x86)\Gyazo 2014-06-11 16:50 - 2014-06-11 16:50 - 00003752 _____ () C:\Windows\System32\Tasks\GyazoUpdateTaskMachine 2014-06-11 16:50 - 2014-06-11 16:50 - 00000986 _____ () C:\Users\Public\Desktop\Gyazo.lnk 2014-06-11 16:50 - 2014-06-11 16:50 - 00000986 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk 2014-06-11 16:50 - 2014-06-11 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo 2014-06-11 16:49 - 2014-06-11 16:49 - 11698864 _____ (Nota Inc. ) C:\Users\Taylor\Downloads\GyazoSetup.exe 2014-06-10 22:47 - 2014-06-12 23:21 - 00003024 _____ () C:\Windows\setupact.log 2014-06-10 22:47 - 2014-06-12 23:21 - 00001468 _____ () C:\Windows\PFRO.log 2014-06-10 22:47 - 2014-06-10 22:47 - 00000000 _____ () C:\Windows\setuperr.log 2014-06-10 22:41 - 2014-06-10 22:41 - 01333465 _____ () C:\Users\Taylor\Downloads\adwcleaner_3.212 (1).exe 2014-06-10 22:39 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-06-10 22:38 - 2014-06-12 23:20 - 00000000 ____D () C:\AdwCleaner 2014-06-10 22:38 - 2014-06-10 22:38 - 01333465 _____ () C:\Users\Taylor\Downloads\adwcleaner_3.212.exe 2014-06-10 21:29 - 2014-06-10 21:29 - 04748896 _____ (Piriform Ltd) C:\Users\Taylor\Downloads\ccsetup414.exe 2014-06-10 21:29 - 2014-06-10 21:29 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-06-10 21:29 - 2014-06-10 21:29 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-06-10 21:29 - 2014-06-10 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-06-10 21:29 - 2014-06-10 21:29 - 00000000 ____D () C:\Program Files\CCleaner 2014-06-10 21:18 - 2014-06-12 23:21 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-10 21:18 - 2014-06-10 21:18 - 00000623 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-06-10 21:18 - 2014-06-10 21:18 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-10 21:18 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-06-10 21:18 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-06-10 21:18 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-06-10 21:17 - 2014-06-10 21:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Taylor\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-10 21:17 - 2014-06-10 21:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Taylor\Downloads\mbam-setup-2.0.2.1012 (1).exe 2014-06-10 20:33 - 2014-06-10 20:29 - 00000030 _____ () C:\AVScanner.ini 2014-06-10 20:29 - 2014-06-10 20:29 - 00000000 ____D () C:\ProgramData\McAfee 2014-06-06 16:07 - 2014-06-06 16:07 - 06688648 _____ (SpeedyPC Software) C:\Users\Taylor\Downloads\SpeedyPC Pro Installer_c8c0db9_.exe 2014-06-06 16:07 - 2014-06-06 16:07 - 06688648 _____ (SpeedyPC Software) C:\Users\Taylor\Downloads\SpeedyPC Pro Installer_c8c0db2_.exe 2014-06-05 15:34 - 2014-06-05 15:34 - 00000008 _____ () C:\Users\Taylor\Documents\guy.txt 2014-06-03 18:53 - 2014-06-03 18:53 - 00000202 _____ () C:\Users\Taylor\Desktop\Villagers and Heroes.url 2014-06-01 20:51 - 2014-06-03 18:53 - 00000000 ____D () C:\Users\Taylor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-06-01 20:51 - 2014-06-01 20:51 - 00000202 _____ () C:\Users\Taylor\Desktop\The Stomping Land.url 2014-06-01 19:34 - 2014-06-01 19:34 - 01809304 _____ () C:\Users\Taylor\Downloads\Outlook.com.zip 2014-05-26 11:48 - 2014-05-26 11:48 - 00000073 _____ () C:\Users\Taylor\Documents\noob returns.txt 2014-05-25 22:17 - 2014-05-25 22:17 - 02337865 _____ () C:\Windows\SysWOW64\pbsvc.exe 2014-05-25 21:49 - 2014-05-25 21:51 - 00000000 ____D () C:\Users\Taylor\AppData\Roaming\.minecraft 2014-05-25 21:49 - 2014-05-25 21:49 - 00675988 _____ () C:\Users\Taylor\Downloads\Minecraft.exe 2014-05-25 21:49 - 2014-05-25 21:49 - 00675988 _____ () C:\Users\Taylor\Desktop\Minecraft.exe 2014-05-25 16:07 - 2014-05-25 16:07 - 00546657 _____ () C:\Users\Taylor\Downloads\lollolololololololl.htm 2014-05-25 16:07 - 2014-05-25 16:07 - 00546489 _____ () C:\Users\Taylor\Downloads\dat win.htm 2014-05-25 16:07 - 2014-05-25 16:07 - 00000000 ____D () C:\Users\Taylor\Downloads\lollolololololololl_files 2014-05-25 16:07 - 2014-05-25 16:07 - 00000000 ____D () C:\Users\Taylor\Downloads\dat win_files 2014-05-23 19:07 - 2014-05-23 19:07 - 00000310 _____ () C:\Users\Taylor\Documents\coaches for vm.txt 2014-05-21 18:07 - 2014-05-21 18:07 - 00000172 _____ () C:\Users\Taylor\Documents\team tranning vm.txt 2014-05-20 21:38 - 2014-05-20 21:38 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information 2014-05-20 21:38 - 2014-05-20 21:38 - 00000000 ___HD () C:\ProgramData\CanonBJ 2014-05-20 21:38 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAS.DLL 2014-05-19 08:15 - 2014-05-19 08:15 - 00000000 ____D () C:\Users\Taylor\Documents\New folder 2014-05-14 16:00 - 2014-04-12 03:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-14 16:00 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-14 16:00 - 2014-04-12 03:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-14 16:00 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-14 16:00 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-14 16:00 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-14 16:00 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-14 16:00 - 2014-04-12 03:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-05-14 16:00 - 2014-04-12 03:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-14 16:00 - 2014-03-25 03:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-14 16:00 - 2014-03-25 03:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-14 16:00 - 2014-03-04 10:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-14 16:00 - 2014-03-04 10:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-14 16:00 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-14 16:00 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-14 16:00 - 2014-03-04 10:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-14 16:00 - 2014-03-04 10:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-14 16:00 - 2014-03-04 10:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-14 16:00 - 2014-03-04 10:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-14 16:00 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-14 16:00 - 2014-03-04 10:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-14 16:00 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-14 16:00 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-14 16:00 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-14 16:00 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-14 16:00 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-14 16:00 - 2014-03-04 10:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-14 16:00 - 2014-03-04 10:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-14 16:00 - 2014-03-04 10:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-14 16:00 - 2014-03-04 10:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-14 16:00 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-14 16:00 - 2014-03-04 10:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-14 16:00 - 2014-03-04 10:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-14 16:00 - 2014-03-04 10:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-14 16:00 - 2014-03-04 10:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-14 16:00 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-05-14 16:00 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-05-14 16:00 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-05-14 16:00 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-14 16:00 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-14 16:00 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-05-14 16:00 - 2014-03-04 10:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-14 16:00 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-05-13 18:51 - 2014-05-25 22:18 - 00000000 ____D () C:\Users\Taylor\Documents\My Games 2014-05-13 18:51 - 2014-05-13 18:51 - 00000000 ____D () C:\Users\Taylor\AppData\Local\CDWLauncher ==================== One Month Modified Files and Folders ======= 2014-06-12 23:26 - 2014-06-11 17:22 - 00012731 _____ () C:\Users\Taylor\Downloads\FRST.txt 2014-06-12 23:26 - 2014-02-19 20:54 - 00000000 ____D () C:\Users\Taylor\AppData\Local\Temp 2014-06-12 23:25 - 2014-06-11 17:22 - 00000000 ____D () C:\FRST 2014-06-12 23:22 - 2014-02-20 14:18 - 00000000 ____D () C:\Users\Taylor\AppData\Roaming\Skype 2014-06-12 23:21 - 2014-06-10 22:47 - 00003024 _____ () C:\Windows\setupact.log 2014-06-12 23:21 - 2014-06-10 22:47 - 00001468 _____ () C:\Windows\PFRO.log 2014-06-12 23:21 - 2014-06-10 21:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-12 23:21 - 2014-02-19 23:09 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-12 23:21 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-12 23:20 - 2014-06-10 22:38 - 00000000 ____D () C:\AdwCleaner 2014-06-12 23:20 - 2014-02-19 20:54 - 01406530 _____ () C:\Windows\WindowsUpdate.log 2014-06-12 23:12 - 2009-07-14 06:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-12 23:11 - 2009-07-14 05:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-12 23:11 - 2009-07-14 05:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-12 23:09 - 2014-02-19 23:09 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-12 14:53 - 2014-03-09 12:47 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-12 14:52 - 2014-05-06 16:49 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-11 17:50 - 2014-06-11 16:50 - 00000000 ____D () C:\Program Files (x86)\Gyazo 2014-06-11 17:23 - 2014-06-11 17:23 - 00031467 _____ () C:\Users\Taylor\Downloads\Addition.txt 2014-06-11 17:22 - 2014-06-11 17:22 - 02081792 _____ (Farbar) C:\Users\Taylor\Downloads\FRST64.exe 2014-06-11 16:52 - 2014-06-11 16:52 - 00000000 ____D () C:\Users\Taylor\AppData\Roaming\Gyazo 2014-06-11 16:50 - 2014-06-11 16:50 - 00003752 _____ () C:\Windows\System32\Tasks\GyazoUpdateTaskMachine 2014-06-11 16:50 - 2014-06-11 16:50 - 00000986 _____ () C:\Users\Public\Desktop\Gyazo.lnk 2014-06-11 16:50 - 2014-06-11 16:50 - 00000986 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk 2014-06-11 16:50 - 2014-06-11 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo 2014-06-11 16:49 - 2014-06-11 16:49 - 11698864 _____ (Nota Inc. ) C:\Users\Taylor\Downloads\GyazoSetup.exe 2014-06-10 22:47 - 2014-06-10 22:47 - 00000000 _____ () C:\Windows\setuperr.log 2014-06-10 22:41 - 2014-06-10 22:41 - 01333465 _____ () C:\Users\Taylor\Downloads\adwcleaner_3.212 (1).exe 2014-06-10 22:38 - 2014-06-10 22:38 - 01333465 _____ () C:\Users\Taylor\Downloads\adwcleaner_3.212.exe 2014-06-10 21:35 - 2014-03-16 20:01 - 00000000 ____D () C:\Windows\Minidump 2014-06-10 21:35 - 2014-02-20 04:36 - 00000000 ____D () C:\Windows\Panther 2014-06-10 21:29 - 2014-06-10 21:29 - 04748896 _____ (Piriform Ltd) C:\Users\Taylor\Downloads\ccsetup414.exe 2014-06-10 21:29 - 2014-06-10 21:29 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-06-10 21:29 - 2014-06-10 21:29 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-06-10 21:29 - 2014-06-10 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-06-10 21:29 - 2014-06-10 21:29 - 00000000 ____D () C:\Program Files\CCleaner 2014-06-10 21:18 - 2014-06-10 21:18 - 00000623 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-06-10 21:18 - 2014-06-10 21:18 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-10 21:17 - 2014-06-10 21:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Taylor\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-10 21:17 - 2014-06-10 21:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Taylor\Downloads\mbam-setup-2.0.2.1012 (1).exe 2014-06-10 20:33 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup 2014-06-10 20:29 - 2014-06-10 20:33 - 00000030 _____ () C:\AVScanner.ini 2014-06-10 20:29 - 2014-06-10 20:29 - 00000000 ____D () C:\ProgramData\McAfee 2014-06-08 10:13 - 2014-06-12 14:52 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-08 10:08 - 2014-06-12 14:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-06 16:07 - 2014-06-06 16:07 - 06688648 _____ (SpeedyPC Software) C:\Users\Taylor\Downloads\SpeedyPC Pro Installer_c8c0db9_.exe 2014-06-06 16:07 - 2014-06-06 16:07 - 06688648 _____ (SpeedyPC Software) C:\Users\Taylor\Downloads\SpeedyPC Pro Installer_c8c0db2_.exe 2014-06-05 15:34 - 2014-06-05 15:34 - 00000008 _____ () C:\Users\Taylor\Documents\guy.txt 2014-06-03 18:53 - 2014-06-03 18:53 - 00000202 _____ () C:\Users\Taylor\Desktop\Villagers and Heroes.url 2014-06-03 18:53 - 2014-06-01 20:51 - 00000000 ____D () C:\Users\Taylor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-06-01 20:51 - 2014-06-01 20:51 - 00000202 _____ () C:\Users\Taylor\Desktop\The Stomping Land.url 2014-06-01 19:34 - 2014-06-01 19:34 - 01809304 _____ () C:\Users\Taylor\Downloads\Outlook.com.zip 2014-05-31 21:15 - 2014-02-22 13:16 - 00000024 _____ () C:\Users\Taylor\random.dat 2014-05-31 21:11 - 2014-02-22 13:16 - 00000045 _____ () C:\Users\Taylor\jagex_cl_runescape_LIVE.dat 2014-05-30 11:21 - 2014-06-12 14:52 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-30 11:02 - 2014-06-12 14:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-30 11:02 - 2014-06-12 14:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-05-30 10:45 - 2014-06-12 14:52 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-05-30 10:39 - 2014-06-12 14:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-05-30 10:39 - 2014-06-12 14:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-05-30 10:38 - 2014-06-12 14:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-05-30 10:28 - 2014-06-12 14:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-05-30 10:27 - 2014-06-12 14:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-05-30 10:24 - 2014-06-12 14:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-05-30 10:21 - 2014-06-12 14:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-05-30 10:21 - 2014-06-12 14:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-05-30 10:20 - 2014-06-12 14:52 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-05-30 10:18 - 2014-06-12 14:52 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-30 10:11 - 2014-06-12 14:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-30 10:08 - 2014-06-12 14:52 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-05-30 10:06 - 2014-06-12 14:52 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-05-30 10:02 - 2014-06-12 14:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-30 09:55 - 2014-06-12 14:52 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-05-30 09:49 - 2014-06-12 14:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-05-30 09:46 - 2014-06-12 14:52 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-30 09:44 - 2014-06-12 14:52 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-30 09:44 - 2014-06-12 14:52 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-05-30 09:43 - 2014-06-12 14:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-30 09:42 - 2014-06-12 14:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-30 09:38 - 2014-06-12 14:52 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-30 09:35 - 2014-06-12 14:52 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-05-30 09:34 - 2014-06-12 14:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-30 09:33 - 2014-06-12 14:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-30 09:30 - 2014-06-12 14:52 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-30 09:29 - 2014-06-12 14:52 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-05-30 09:28 - 2014-06-12 14:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-30 09:27 - 2014-06-12 14:52 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-30 09:24 - 2014-06-12 14:52 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-05-30 09:23 - 2014-06-12 14:52 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-05-30 09:16 - 2014-06-12 14:52 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-30 09:10 - 2014-06-12 14:52 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-30 09:06 - 2014-06-12 14:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-30 09:04 - 2014-06-12 14:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-30 09:02 - 2014-06-12 14:52 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-30 08:56 - 2014-06-12 14:52 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-30 08:56 - 2014-06-12 14:52 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-05-30 08:54 - 2014-06-12 14:52 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-30 08:50 - 2014-06-12 14:52 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-05-30 08:49 - 2014-06-12 14:52 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-30 08:43 - 2014-06-12 14:52 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-05-30 08:40 - 2014-06-12 14:52 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-30 08:30 - 2014-06-12 14:52 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-05-30 08:21 - 2014-06-12 14:52 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-30 08:15 - 2014-06-12 14:52 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-30 08:13 - 2014-06-12 14:52 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-05-30 08:13 - 2014-06-12 14:52 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-05-28 22:16 - 2014-03-08 18:05 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-05-28 22:14 - 2014-03-08 18:05 - 00291128 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-05-26 11:48 - 2014-05-26 11:48 - 00000073 _____ () C:\Users\Taylor\Documents\noob returns.txt 2014-05-25 22:18 - 2014-05-13 18:51 - 00000000 ____D () C:\Users\Taylor\Documents\My Games 2014-05-25 22:17 - 2014-05-25 22:17 - 02337865 _____ () C:\Windows\SysWOW64\pbsvc.exe 2014-05-25 21:51 - 2014-05-25 21:49 - 00000000 ____D () C:\Users\Taylor\AppData\Roaming\.minecraft 2014-05-25 21:49 - 2014-05-25 21:49 - 00675988 _____ () C:\Users\Taylor\Downloads\Minecraft.exe 2014-05-25 21:49 - 2014-05-25 21:49 - 00675988 _____ () C:\Users\Taylor\Desktop\Minecraft.exe 2014-05-25 19:00 - 2014-03-08 18:09 - 00291128 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2014-05-25 16:07 - 2014-05-25 16:07 - 00546657 _____ () C:\Users\Taylor\Downloads\lollolololololololl.htm 2014-05-25 16:07 - 2014-05-25 16:07 - 00546489 _____ () C:\Users\Taylor\Downloads\dat win.htm 2014-05-25 16:07 - 2014-05-25 16:07 - 00000000 ____D () C:\Users\Taylor\Downloads\lollolololololololl_files 2014-05-25 16:07 - 2014-05-25 16:07 - 00000000 ____D () C:\Users\Taylor\Downloads\dat win_files 2014-05-25 12:11 - 2014-03-08 18:05 - 00291128 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-05-24 22:10 - 2014-02-19 23:10 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-05-24 18:12 - 2014-03-01 01:15 - 00000000 ____D () C:\Users\Taylor\Downloads\tayb97 on Instagram_files 2014-05-24 11:48 - 2014-02-19 23:09 - 00000000 ____D () C:\Users\Taylor\AppData\Local\Google 2014-05-23 19:07 - 2014-05-23 19:07 - 00000310 _____ () C:\Users\Taylor\Documents\coaches for vm.txt 2014-05-21 18:07 - 2014-05-21 18:07 - 00000172 _____ () C:\Users\Taylor\Documents\team tranning vm.txt 2014-05-21 17:46 - 2014-02-20 14:18 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-05-21 17:46 - 2014-02-20 14:18 - 00000000 ____D () C:\ProgramData\Skype 2014-05-20 21:38 - 2014-05-20 21:38 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information 2014-05-20 21:38 - 2014-05-20 21:38 - 00000000 ___HD () C:\ProgramData\CanonBJ 2014-05-19 08:15 - 2014-05-19 08:15 - 00000000 ____D () C:\Users\Taylor\Documents\New folder 2014-05-16 21:14 - 2014-02-20 00:53 - 00000000 ____D () C:\Windows\rescache 2014-05-14 22:27 - 2014-02-19 20:54 - 00000000 ___RD () C:\Users\Taylor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-14 22:27 - 2014-02-19 20:54 - 00000000 ___RD () C:\Users\Taylor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-13 18:51 - 2014-05-13 18:51 - 00000000 ____D () C:\Users\Taylor\AppData\Local\CDWLauncher Files to move or delete: ==================== C:\Users\Taylor\jagex_cl_oldschool_LIVE.dat C:\Users\Taylor\jagex_cl_runescape_LIVE.dat C:\Users\Taylor\jagex_cl_runescape_LIVE1.dat C:\Users\Taylor\jagex_cl_runescape_LIVE2.dat C:\Users\Taylor\random.dat Some content of TEMP: ==================== C:\Users\Taylor\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-08 21:06 ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top