Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Tae Youn (administrator) on TAE on 10-01-2015 01:31:08
Running from C:\Users\Tae Youn\Downloads
Loaded Profile: Tae Youn (Available profiles: Tae Youn)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer
Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(
AVAST
Software) C:\Program Files\
AVAST
Software\
Avast
\AvastSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\MpkingAcpoiscines\MpkingAcpoiscines.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\
Norton Online Backup
\NOBuAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
() C:\Program Files (x86)\MpkingAcpoiscines\MpkingAcpoiscinesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
() C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\
Norton Online
Backup\NOBuClient.exe
(
AVAST
Software) C:\Program Files\
AVAST
Software\
Avast
\avastui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\
HP Software Update
\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\HDD Accelerator\THAccelSvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-25] (Realtek Semiconductor)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
HKLM-x32\...\Run: [
Norton Online
Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
HKLM-x32\...\Run: [
HP Software Update
] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-575280890-2764862635-724835175-1001\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [1435136 2014-10-03] ()
HKU\S-1-5-21-575280890-2764862635-724835175-1001\...\Run: [BitTorrent] => C:\Users\Tae Youn\AppData\Roaming\BitTorrent\BitTorrent.exe [1381208 2014-12-15] (BitTorrent Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * bootdelete
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-575280890-2764862635-724835175-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-575280890-2764862635-724835175-1001] => http=127.0.0.1:9880
HKU\S-1-5-21-575280890-2764862635-724835175-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
http://msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL =
http://www.default-search.net/search?sid=476&aid=100&itype=n&ver=14733&tm=586&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL =
http://www.default-search.net/search?sid=476&aid=100&itype=n&ver=14733&tm=586&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-575280890-2764862635-724835175-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL =
http://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-575280890-2764862635-724835175-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Tae Youn\AppData\Roaming\Mozilla\Firefox\Profiles\026mgjs4.default-1420720268969
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-14]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-08] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-08] (Avast Software)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 MpkingAcpoiscines; C:\Program Files (x86)\MpkingAcpoiscines\MpkingAcpoiscines.exe [4316160 2015-01-07] () [File not signed] <==== ATTENTION
R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [214928 2013-10-17] (TOSHIBA CORPORATION)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-08] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-08] (AVAST Software)
S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2013-12-16] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-08] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-24] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-24] (Windows (R) Win 7 DDK provider)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation )
R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [111488 2013-10-15] (TOSHIBA Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-08] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-10 01:31 - 2015-01-10 01:31 - 00013994 _____ () C:\Users\Tae Youn\Downloads\FRST.txt
2015-01-10 01:29 - 2015-01-10 01:29 - 02124288 _____ (Farbar) C:\Users\Tae Youn\Downloads\FRST64.exe
2015-01-10 01:23 - 2015-01-10 01:23 - 15782229 _____ (Malwarebytes Corp.) C:\Users\Tae Youn\Downloads\mbar-1.08.2.1001(3).exe
2015-01-10 01:20 - 2015-01-10 01:21 - 00000197 _____ () C:\WINDOWS\system32\2015-01-10-09-20-23.053-AvastVBoxSVC.exe-2764.log
2015-01-10 01:19 - 2015-01-10 01:19 - 00000000 ____D () C:\Users\Tae Youn\AppData\Local\VirtualStore
2015-01-10 01:19 - 2015-01-10 01:19 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-01-10 00:43 - 2015-01-10 00:02 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-01-10 00:03 - 2015-01-09 23:58 - 00017762 _____ () C:\zoek-results2015-01-10-075851.log
2015-01-10 00:02 - 2015-01-10 00:02 - 01295360 _____ () C:\Users\Tae Youn\Downloads\zoek(3).exe
2015-01-09 23:42 - 2015-01-09 21:59 - 00012123 _____ () C:\zoek-results2015-01-10-055950.log
2015-01-09 23:39 - 2015-01-09 23:40 - 01295360 _____ () C:\Users\Tae Youn\Downloads\zoek(2).exe
2015-01-09 23:37 - 2015-01-09 23:37 - 01295360 _____ () C:\Users\Tae Youn\Downloads\zoek(1).exe
2015-01-09 22:35 - 2015-01-09 22:35 - 00000247 _____ () C:\WINDOWS\system32\2015-01-10-06-35-18.071-aswFe.exe-180.log
2015-01-09 22:22 - 2015-01-09 22:35 - 00000247 _____ () C:\WINDOWS\system32\2015-01-10-06-22-41.047-aswFe.exe-5484.log
2015-01-09 22:22 - 2015-01-09 22:22 - 00000197 _____ () C:\WINDOWS\system32\2015-01-10-06-22-37.022-AvastVBoxSVC.exe-5340.log
2015-01-09 22:09 - 2015-01-09 22:09 - 01687760 _____ (Malwarebytes Corp.) C:\Users\Tae Youn\Downloads\mbar-1.08.2.1001(2).exe
2015-01-09 22:08 - 2015-01-09 22:08 - 00605900 _____ (Malwarebytes Corp.) C:\Users\Tae Youn\Downloads\mbar-1.08.2.1001(1).exe
2015-01-09 22:07 - 2015-01-09 22:07 - 00124100 _____ () C:\Users\Tae Youn\Downloads\mbar-1.08.2.1001.exe
2015-01-09 21:26 - 2015-01-08 14:14 - 00020874 _____ () C:\zoek-results2015-01-08-221445.log
2015-01-09 21:25 - 2015-01-09 21:25 - 01295360 _____ () C:\Users\Tae Youn\Downloads\zoek.exe
2015-01-09 15:55 - 2015-01-09 15:55 - 00000197 _____ () C:\WINDOWS\system32\2015-01-09-23-55-37.037-AvastVBoxSVC.exe-4168.log
2015-01-09 15:52 - 2014-11-08 01:12 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-08 14:06 - 2015-01-08 13:51 - 00021035 _____ () C:\zoek-results2015-01-08-215111.log
2015-01-08 13:43 - 2015-01-10 01:20 - 00006625 _____ () C:\zoek-results.log
2015-01-08 13:40 - 2015-01-09 21:49 - 00000000 ____D () C:\zoek_backup
2015-01-08 13:04 - 2015-01-08 13:05 - 00000600 _____ () C:\Users\Tae Youn\PUTTY.RND
2015-01-08 09:30 - 2015-01-10 01:31 - 00000000 ____D () C:\FRST
2015-01-08 09:25 - 2015-01-08 09:26 - 00000197 _____ () C:\WINDOWS\system32\2015-01-08-17-25-59.036-AvastVBoxSVC.exe-3756.log
2015-01-08 08:45 - 2015-01-08 08:45 - 00043664 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2015-01-08 08:44 - 2015-01-09 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-01-08 08:44 - 2015-01-09 15:47 - 00000000 ____D () C:\Program Files\HitmanPro
2015-01-08 08:44 - 2015-01-08 08:44 - 00001876 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2015-01-08 08:42 - 2015-01-08 08:43 - 11222744 _____ (SurfRight B.V.) C:\Users\Tae Youn\Downloads\HitmanPro_x64(2).exe
2015-01-08 08:39 - 2015-01-08 08:40 - 10284408 _____ (SurfRight B.V.) C:\Users\Tae Youn\Downloads\HitmanPro.exe
2015-01-08 08:38 - 2015-01-08 08:39 - 08324532 _____ (SurfRight B.V.) C:\Users\Tae Youn\Downloads\HitmanPro_x64(1).exe
2015-01-08 08:36 - 2015-01-08 08:37 - 00000197 _____ () C:\WINDOWS\system32\2015-01-08-16-36-42.094-AvastVBoxSVC.exe-1184.log
2015-01-08 05:48 - 2015-01-08 05:48 - 00000247 _____ () C:\WINDOWS\system32\2015-01-08-13-48-23.025-aswFe.exe-4812.log
2015-01-08 05:41 - 2015-01-08 05:48 - 00000247 _____ () C:\WINDOWS\system32\2015-01-08-13-41-13.077-aswFe.exe-3464.log
2015-01-08 05:41 - 2015-01-08 05:41 - 00000197 _____ () C:\WINDOWS\system32\2015-01-08-13-41-09.068-AvastVBoxSVC.exe-5988.log
2015-01-08 05:16 - 2015-01-08 05:16 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-08 05:14 - 2015-01-09 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-08 05:14 - 2015-01-09 15:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-08 05:14 - 2015-01-08 05:14 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-08 05:14 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-08 05:14 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-08 05:14 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-08 05:13 - 2015-01-08 05:13 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Tae Youn\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-08 05:11 - 2015-01-08 05:11 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-01-08 04:49 - 2015-01-08 04:50 - 02191360 _____ () C:\Users\Tae Youn\Downloads\adwcleaner_4.107.exe
2015-01-08 04:11 - 2015-01-08 04:11 - 00000000 __SHD () C:\Program Files (x86)\MpkingAcpoiscines
2015-01-08 02:54 - 2015-01-08 02:54 - 02053640 _____ () C:\Users\Tae Youn\Desktop\u_14_04.zip
2014-12-30 21:10 - 2015-01-09 23:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-17 19:09 - 2014-12-17 19:14 - 00000197 _____ () C:\WINDOWS\system32\2014-12-18-03-09-01.095-AvastVBoxSVC.exe-2124.log
2014-12-17 04:42 - 2014-12-17 04:43 - 00000197 _____ () C:\WINDOWS\system32\2014-12-17-12-42-24.004-AvastVBoxSVC.exe-4452.log
2014-12-12 22:05 - 2014-12-12 22:05 - 00000197 _____ () C:\WINDOWS\system32\2014-12-13-06-05-26.015-AvastVBoxSVC.exe-2840.log
2014-12-12 22:03 - 2014-11-26 13:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-12 22:03 - 2014-11-26 13:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 22:00 - 2014-12-12 22:00 - 00000000 ____D () C:\WINDOWS\system32\appraiser
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-10 01:27 - 2014-11-12 07:29 - 00000000 ____D () C:\Users\Tae Youn\AppData\Roaming\BitTorrent
2015-01-10 01:26 - 2014-03-24 01:21 - 00003774 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0E750434-667E-464D-B455-06D74C555142}
2015-01-10 01:22 - 2014-03-24 01:06 - 01498611 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-10 01:21 - 2013-08-14 20:03 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-10 01:19 - 2013-08-22 06:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-10 01:19 - 2013-07-14 19:55 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-10 01:18 - 2013-11-13 23:20 - 00232672 _____ () C:\WINDOWS\PFRO.log
2015-01-10 01:00 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-10 00:50 - 2013-07-14 19:55 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-10 00:47 - 2013-07-14 19:58 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-575280890-2764862635-724835175-1001
2015-01-09 23:44 - 2013-07-16 11:39 - 00000000 ____D () C:\Users\Tae Youn\AppData\Local\CrashDumps
2015-01-09 21:57 - 2013-08-22 05:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-09 15:54 - 2013-08-22 05:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-09 15:53 - 2014-11-08 01:13 - 00001951 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-09 15:49 - 2014-03-24 00:52 - 00000000 ____D () C:\Users\Tae Youn
2015-01-09 15:47 - 2014-11-15 01:49 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2015-01-09 15:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\registration
2015-01-09 15:25 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-08 20:53 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-08 09:02 - 2014-03-26 00:21 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-08 08:32 - 2013-08-22 05:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI(44)
2015-01-08 05:15 - 2013-11-13 23:28 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-08 05:01 - 2014-08-06 02:22 - 00000000 ____D () C:\AdwCleaner
2015-01-08 05:01 - 2012-11-14 21:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-08 04:46 - 2013-07-14 19:55 - 00000000 ____D () C:\Users\Tae Youn\AppData\Local\Google
2015-01-08 04:46 - 2013-07-14 19:55 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-28 20:50 - 2013-08-22 06:46 - 00290240 _____ () C:\WINDOWS\setupact.log
2014-12-25 01:16 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\tracing
2014-12-19 08:47 - 2012-07-25 23:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 03:39 - 2014-04-17 22:23 - 00240640 ___SH () C:\Users\Tae Youn\Downloads\Thumbs.db
2014-12-14 00:19 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-12 22:00 - 2014-07-11 10:25 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-12 22:00 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-12 22:00 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-12 22:00 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-12 22:00 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2014-12-11 05:02 - 2013-07-18 02:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-11 04:57 - 2013-07-17 02:42 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-08 10:15
==================== End Of Log ============================