Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by eric (administrator) on ERIC-HOME-SLI on 08-10-2013 21:32:12
Running from C:\downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Safe Mode (with Networking)

==================== Processes (Whitelisted) =================

(Google Inc.) C:\Users\eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Orbitdownloader.com) C:\Program Files (x86)\Orbitdownloader\orbitdm.exe
(Orbitdownloader.com) C:\Program Files (x86)\Orbitdownloader\orbitnet.exe
(Google Inc.) C:\Users\eric\AppData\Local\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgscana.exe
(Google Inc.) C:\Users\eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\eric\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [PrnStatusMX] - C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe [1240064 2012-07-04] (Marvell Semiconductor, Inc.)
HKCU\...\Run: [CtxfiReg] - CTXFIREG.exe /FAIL2
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [241789 2009-07-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [CTxfiHlp] - C:\Windows\\SysWOW64\CTXFIHLP.EXE [24576 2011-08-11] (Creative Technology Ltd)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-08-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Nation toolbar\vprot.exe [2403144 2013-10-01] ()

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000DM003-9YN162_Z1D0HKMVXXXXZ1D0HKMV&ts=1372200703
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000DM003-9YN162_Z1D0HKMVXXXXZ1D0HKMV&ts=1372200703
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000DM003-9YN162_Z1D0HKMVXXXXZ1D0HKMV&ts=1372200703
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000DM003-9YN162_Z1D0HKMVXXXXZ1D0HKMV&ts=1372200703
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000DM003-9YN162_Z1D0HKMVXXXXZ1D0HKMV&ts=1372200703
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.portaldosites.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000DM003-9YN162_Z1D0HKMVXXXXZ1D0HKMV&ts=4456497
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.portaldosites.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000DM003-9YN162_Z1D0HKMVXXXXZ1D0HKMV&ts=4456497
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.portaldosites.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000DM003-9YN162_Z1D0HKMVXXXXZ1D0HKMV&ts=4456497
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.portaldosites.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000DM003-9YN162_Z1D0HKMVXXXXZ1D0HKMV&ts=4456497
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
BHO-x32: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: PSafe ClikSeguro - {802D2971-E7C7-4219-8D5C-AFDCD0DA939E} - C:\Program Files (x86)\PSafe\ClikSeguro\ClikSeguro.dll No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll (Banco Real)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
Toolbar: HKLM-x32 -  No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll [1529400 2013-08-19] (Banco Real)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

==================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
S2 Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2627920 2011-03-03] (Diskeeper Corporation)
S2 GbpSv; C:\PROGRA~2\GbPlugin\GbpSv.exe [409144 2013-08-19] (GAS Tecnologia)
S2 OneTouch 4.0 Monitor; C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe [221184 2010-11-02] (Visioneer Inc.)
S2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [186136 2013-08-16] (TMRG,  Inc.)
S2 vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1733448 2013-10-01] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-01] (AVG Technologies)
S3 DKRtWrt; C:\Windows\System32\DRIVERS\DKRtWrt.sys [44624 2011-02-14] (Diskeeper Corporation)
S0 GbpKm; C:\Windows\SysWow64\drivers\gbpkm.sys [47856 2012-09-18] (GAS Tecnologia)
S3 PcaSp50; C:\Windows\System32\Drivers\PcaSp50.sys [45624 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA))
S3 prwntdrv; C:\Windows\system32\prwntdrv.sys [16776 2010-08-25] ()
S3 prwntdrv; C:\Windows\system32\prwntdrv.sys [16776 2010-08-25] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 SaiH075C; C:\Windows\System32\DRIVERS\SaiH075C.sys [326784 2006-07-27] (Saitek)
S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft)
S3 ECSIoDriver_1_1_0_0; \??\D:\ECSIoDriverX64.sys [x]
S0 GbpKm; system32\drivers\gbpkm.sys [x]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-08 21:31 - 2013-10-08 21:31 - 00000000 ____D C:\FRST
2013-10-08 21:26 - 2013-10-08 21:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-08 21:08 - 2013-10-08 21:10 - 00000426 _____ C:\Windows\system32\avgrep.txt
2013-10-07 10:58 - 2013-09-30 19:32 - 00130403 _____ C:\Windows\system32\config\systemprofile\Desktop\Bookmarks.bak
2013-10-07 10:56 - 2013-10-01 20:49 - 00130403 _____ C:\Windows\system32\config\systemprofile\Desktop\Bookmarks
2013-10-07 09:43 - 2013-09-25 10:52 - 69092352 _____ C:\Windows\system32\config\systemprofile\Desktop\Outlook.pst
2013-10-07 09:41 - 2013-10-08 17:59 - 00000000 ____D C:\Windows\SysWOW64\cache
2013-10-07 09:40 - 2013-10-08 08:33 - 00000168 _____ C:\Windows\setupact.log
2013-10-07 09:40 - 2013-10-07 09:40 - 00000000 _____ C:\Windows\setuperr.log
2013-10-03 12:31 - 2013-10-03 12:31 - 00000000 ____D C:\Windows\system32\%LOCALAPPDATA%
2013-09-27 22:14 - 2013-10-01 20:47 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-09-27 22:14 - 2013-10-01 20:47 - 00000000 ____D C:\Program Files (x86)\AVG Nation toolbar
2013-09-22 10:58 - 2013-09-22 10:58 - 00000000 ____D C:\Program Files\iTunes
2013-09-22 10:58 - 2013-09-22 10:58 - 00000000 ____D C:\Program Files\iPod
2013-09-22 10:58 - 2013-09-22 10:58 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-21 21:42 - 2013-09-21 21:42 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2013-09-21 21:42 - 2013-09-21 21:42 - 00000000 ____D C:\Program Files (x86)\NCH Software
2013-09-21 21:41 - 2013-09-21 21:41 - 00000000 ____D C:\Program Files (x86)\NCH Swift Sound
2013-09-17 10:52 - 2013-08-10 02:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-17 10:52 - 2013-08-10 02:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-17 10:52 - 2013-08-10 02:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-17 10:52 - 2013-08-10 02:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-17 10:52 - 2013-08-10 02:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-17 10:52 - 2013-08-10 02:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-17 10:52 - 2013-08-10 02:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-17 10:52 - 2013-08-10 02:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-17 10:52 - 2013-08-10 02:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-17 10:52 - 2013-08-10 02:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-17 10:52 - 2013-08-10 02:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-17 10:52 - 2013-08-10 02:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-17 10:52 - 2013-08-10 02:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-17 10:52 - 2013-08-10 02:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-17 10:52 - 2013-08-10 00:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-17 10:52 - 2013-08-10 00:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-17 10:52 - 2013-08-10 00:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-17 10:52 - 2013-08-10 00:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-17 10:52 - 2013-08-10 00:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-17 10:52 - 2013-08-10 00:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-17 10:52 - 2013-08-10 00:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-17 10:52 - 2013-08-10 00:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-17 10:52 - 2013-08-10 00:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-17 10:52 - 2013-08-10 00:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-17 10:52 - 2013-08-10 00:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-17 10:52 - 2013-08-10 00:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-17 10:52 - 2013-08-10 00:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-17 10:52 - 2013-08-10 00:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-17 10:52 - 2013-08-10 00:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-17 10:52 - 2013-08-09 23:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-17 10:52 - 2013-08-09 23:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-17 10:44 - 2013-08-07 22:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-17 10:44 - 2013-08-04 23:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-17 10:44 - 2013-08-01 23:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-17 10:44 - 2013-08-01 23:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-17 10:44 - 2013-08-01 23:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-17 10:44 - 2013-08-01 23:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-17 10:44 - 2013-08-01 23:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-17 10:44 - 2013-08-01 23:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-17 10:44 - 2013-08-01 23:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-17 10:44 - 2013-08-01 23:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-17 10:44 - 2013-08-01 23:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 23:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-17 10:44 - 2013-08-01 22:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-17 10:44 - 2013-08-01 22:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-17 10:44 - 2013-08-01 22:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-17 10:44 - 2013-08-01 22:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-17 10:44 - 2013-08-01 22:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 22:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-17 10:44 - 2013-08-01 21:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-17 10:44 - 2013-08-01 21:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-17 10:44 - 2013-08-01 21:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-17 10:44 - 2013-08-01 21:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-17 10:44 - 2013-08-01 21:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-17 10:44 - 2013-08-01 21:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 21:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 21:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-17 10:44 - 2013-08-01 21:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-17 10:44 - 2013-07-25 23:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-17 10:44 - 2013-07-25 23:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-17 10:44 - 2013-07-25 22:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-17 10:44 - 2013-07-25 22:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-15 20:35 - 2013-09-15 20:35 - 00000000 ____D C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
2013-09-12 16:37 - 2013-08-16 19:02 - 00859416 _____ (TMRG,  Inc.) C:\Windows\system32\rlls64.dll
2013-09-12 16:37 - 2013-08-16 19:02 - 00593688 _____ (TMRG,  Inc.) C:\Windows\SysWOW64\rlls.dll
2013-09-10 23:07 - 2013-09-12 17:55 - 00000000 ____D C:\Program Files (x86)\RelevantKnowledge
2013-09-09 20:15 - 2013-09-09 20:15 - 00003423 _____ C:\Windows\LDPINST.LOG
2013-09-09 20:15 - 2013-09-09 20:15 - 00000000 ____D C:\Program Files (x86)\Logitech
2013-09-09 19:46 - 2013-09-13 19:32 - 00010930 _____ C:\Windows\system32\lvcoinst.log
2013-09-09 19:46 - 2013-09-09 20:15 - 00000000 ____D C:\Program Files\Common Files\logishrd
2013-09-09 16:43 - 2013-09-09 16:43 - 00000000 ____D C:\Windows\SysWOW64\spool

==================== One Month Modified Files and Folders =======

2013-10-08 21:31 - 2013-10-08 21:31 - 00000000 ____D C:\FRST
2013-10-08 21:26 - 2013-10-08 21:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-08 21:10 - 2013-10-08 21:08 - 00000426 _____ C:\Windows\system32\avgrep.txt
2013-10-08 21:02 - 2012-05-19 20:41 - 02029963 _____ C:\Windows\WindowsUpdate.log
2013-10-08 20:53 - 2012-05-19 17:14 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1668779431-2791829902-819445095-1001UA.job
2013-10-08 20:51 - 2009-07-14 02:13 - 00730596 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-08 20:35 - 2012-09-13 17:36 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-08 20:35 - 2012-06-29 11:26 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-08 20:35 - 2012-05-19 17:14 - 00001022 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1668779431-2791829902-819445095-1001Core.job
2013-10-08 18:33 - 2012-08-23 15:28 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1668779431-2791829902-819445095-1001UA.job
2013-10-08 18:18 - 2012-06-29 11:26 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-08 18:18 - 2012-05-19 20:18 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-08 18:18 - 2012-05-19 20:18 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-08 18:11 - 2012-09-13 17:36 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-08 17:59 - 2013-10-07 09:41 - 00000000 ____D C:\Windows\SysWOW64\cache
2013-10-08 17:59 - 2012-08-23 15:28 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1668779431-2791829902-819445095-1001Core.job
2013-10-08 08:41 - 2009-07-14 01:45 - 00020528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-08 08:41 - 2009-07-14 01:45 - 00020528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-08 08:33 - 2013-10-07 09:40 - 00000168 _____ C:\Windows\setupact.log
2013-10-08 08:33 - 2013-07-05 01:48 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\SysWOW64\Drivers\gbpndisrd.sys
2013-10-08 08:33 - 2013-07-05 01:48 - 00010266 _____ C:\Windows\SysWOW64\Drivers\ndisrd.cat
2013-10-08 08:33 - 2013-07-05 01:48 - 00001402 _____ C:\Windows\SysWOW64\Drivers\gas.cer
2013-10-08 08:33 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-07 16:53 - 2012-08-15 08:19 - 00000000 ____D C:\Program Files (x86)\Origin
2013-10-07 13:16 - 2012-05-19 20:38 - 30556160 _____ C:\Windows\system32\config\RegBack\SYSTEM
2013-10-07 13:16 - 2012-05-19 20:38 - 01015808 _____ C:\Windows\system32\config\RegBack\DEFAULT
2013-10-07 13:16 - 2012-05-19 20:38 - 00028672 _____ C:\Windows\system32\config\RegBack\SAM
2013-10-07 13:15 - 2012-05-19 20:38 - 72974336 _____ C:\Windows\system32\config\RegBack\SOFTWARE
2013-10-07 13:15 - 2012-05-19 20:38 - 00028672 _____ C:\Windows\system32\config\RegBack\SECURITY
2013-10-07 12:48 - 2009-07-14 02:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-10-07 09:40 - 2013-10-07 09:40 - 00000000 _____ C:\Windows\setuperr.log
2013-10-07 08:32 - 2012-05-22 15:54 - 00003246 _____ C:\Windows\System32\Tasks\SidebarExecute
2013-10-07 08:18 - 2012-06-29 11:08 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2013-10-03 12:50 - 2012-05-28 15:39 - 00000418 _____ C:\Windows\ODBC.INI
2013-10-03 12:33 - 2013-08-17 18:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-03 12:31 - 2013-10-03 12:31 - 00000000 ____D C:\Windows\system32\%LOCALAPPDATA%
2013-10-01 20:49 - 2013-10-07 10:56 - 00130403 _____ C:\Windows\system32\config\systemprofile\Desktop\Bookmarks
2013-10-01 20:47 - 2013-09-27 22:14 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-10-01 20:47 - 2013-09-27 22:14 - 00000000 ____D C:\Program Files (x86)\AVG Nation toolbar
2013-09-30 19:32 - 2013-10-07 10:58 - 00130403 _____ C:\Windows\system32\config\systemprofile\Desktop\Bookmarks.bak
2013-09-27 22:23 - 2013-01-23 08:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-25 10:52 - 2013-10-07 09:43 - 69092352 _____ C:\Windows\system32\config\systemprofile\Desktop\Outlook.pst
2013-09-22 10:58 - 2013-09-22 10:58 - 00000000 ____D C:\Program Files\iTunes
2013-09-22 10:58 - 2013-09-22 10:58 - 00000000 ____D C:\Program Files\iPod
2013-09-22 10:58 - 2013-09-22 10:58 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-21 21:42 - 2013-09-21 21:42 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2013-09-21 21:42 - 2013-09-21 21:42 - 00000000 ____D C:\Program Files (x86)\NCH Software
2013-09-21 21:41 - 2013-09-21 21:41 - 00000000 ____D C:\Program Files (x86)\NCH Swift Sound
2013-09-21 21:37 - 2009-07-13 23:34 - 00000512 _____ C:\Windows\win.ini
2013-09-21 15:01 - 2013-03-14 18:36 - 00000000 ____D C:\Program Files (x86)\Brother
2013-09-20 11:03 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache
2013-09-17 21:10 - 2012-07-21 14:24 - 00735282 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-09-17 10:56 - 2009-07-14 01:45 - 02312136 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-17 10:52 - 2013-07-17 08:12 - 00000000 ____D C:\Windows\system32\MRT
2013-09-17 10:48 - 2012-07-23 18:00 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-15 20:35 - 2013-09-15 20:35 - 00000000 ____D C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
2013-09-13 19:32 - 2013-09-09 19:46 - 00010930 _____ C:\Windows\system32\lvcoinst.log
2013-09-12 17:59 - 2010-11-21 00:47 - 00193548 _____ C:\Windows\PFRO.log
2013-09-12 17:55 - 2013-09-10 23:07 - 00000000 ____D C:\Program Files (x86)\RelevantKnowledge
2013-09-09 20:15 - 2013-09-09 20:15 - 00003423 _____ C:\Windows\LDPINST.LOG
2013-09-09 20:15 - 2013-09-09 20:15 - 00000000 ____D C:\Program Files (x86)\Logitech
2013-09-09 20:15 - 2013-09-09 19:46 - 00000000 ____D C:\Program Files\Common Files\logishrd
2013-09-09 16:47 - 2013-01-01 17:01 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-09-09 16:43 - 2013-09-09 16:43 - 00000000 ____D C:\Windows\SysWOW64\spool

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-07 13:15

==================== End Of Log ============================